{"product_id":"advanced-windows-binary-exploitation-kolja-grassmann-florian-schweins-dctlv2026","title":"Advanced Windows Binary Exploitation - Kolja Grassmann \u0026 Florian Schweins - DCTLV2026","description":"\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eName of Training\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e Advanced Windows Binary Exploitation\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eTrainer(s)\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e Kolja Grassmann \u0026amp; Florian Schweins\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eDates\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eAugust 10-11, 2026\u003cbr\u003e\u003c\/span\u003e\u003cspan\u003e\u003cstrong\u003eTime:\u003c\/strong\u003e 8\u003c\/span\u003e\u003cspan\u003e:00 am to 5:00 pm \u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eVenue\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eLas Vegas Convention Center\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eCost\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e: \u003c\/strong\u003e$2,500 (USD)\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eShort Summary:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eMemory corruption bugs are alive! In this course you'll learn about all the mitigations Windows has in place to prevent you from exploiting them - and how you'll still succeed as an attacker.\u003cbr\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eCourse Description: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis training dives deep into the art of binary exploitation for Windows systems. Designed for security professionals eager to elevate their skills, the course starts with foundational techniques for identifying and analyzing buffer overflow vulnerabilities. The training starts with a concise refresher on x86 assembly and tools like x64dbg and Ghidra. Afterwards, using pre-configured systems, attendees will analyze and exploit example Windows binaries.\u003c\/p\u003e\n\u003cp\u003eThen, the training progresses to exploit development, covering shellcode crafting, stack smashing, and advanced topics like circumventing stack canaries, ASLR bypasses, and mastering Return-Oriented Programming (ROP). Participants will experience modern attack and defense strategies firsthand, culminating in the exploitation of real-world applications.\u003c\/p\u003e\n\u003cp\u003eBy the end of the course, attendees will have the skills and confidence to craft their own Windows exploits for memory corruption bugs.\u003c\/p\u003e\n\u003cp\u003e\u003cspan\u003e\u003cstrong\u003eCourse Outline: \u003c\/strong\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cspan style=\"text-decoration: underline;\"\u003eDay 1: Fundamentals of Exploitation (PWNing)\u003c\/span\u003e\u003c\/p\u003e\n\u003cp\u003e- Brief refresher\u003cbr\u003e    - Assembly, x64dbg, and Ghidra.\u003cbr\u003e    - Hands-on Challenges: Debugging and reversing binaries.\u003cbr\u003e- Pwntools\u003cbr\u003e    - Overview of Pwntools: Automating interactions with binaries.\u003cbr\u003e    - Demo: Writing simple scripts and crafting basic exploits.\u003cbr\u003e    - Hands-on Challenges: Automating binary interactions.\u003cbr\u003e- Shellcode Development\u003cbr\u003e    - Crafting shellcode: techniques, use cases, and examples.\u003cbr\u003e    - Hands-on Challenges: Writing and using shellcode with examples.\u003cbr\u003e- Smashing the Stack\u003cbr\u003e    - Fundamentals of buffer overflows and stack behavior.\u003cbr\u003e    - Demo: Developing a stack-smashing exploit.\u003cbr\u003e    - Hands-on Challenges: Exploit a stack-overflow vulnerability in practice.\u003cbr\u003e- Lab + Q\u0026amp;A Session\u003cbr\u003e    - Work on lab exercises.\u003cbr\u003e    - Discuss challenges and consolidate learning from Day 1.\u003c\/p\u003e\n\u003cp\u003e\u003cspan style=\"text-decoration: underline;\"\u003eDay 2: Advanced Exploitation Techniques\u003c\/span\u003e\u003c\/p\u003e\n\u003cp\u003e- Bypassing Stack Canaries\u003cbr\u003e    - Overview of stack canaries: Protection mechanisms and bypassing strategies.\u003cbr\u003e    - Hands-on Challenges: Develop an exploit to bypass stack canaries.\u003cbr\u003e- Address Space Layout Randomization (ASLR)\u003cbr\u003e    - Understanding ASLR and techniques for bypassing it.\u003cbr\u003e    - Demo: Analyzing ASLR-protected binaries.\u003cbr\u003e    - Hands-on Challenges: Exploit an ASLR-protected binary.\u003cbr\u003e- Return-Oriented Programming (ROP)\u003cbr\u003e    - Basics of ROP: Purpose, techniques, and crafting payloads.\u003cbr\u003e    - Hands-on Challenges: Exploit a binary using a basic ROP chain.\u003cbr\u003e- Advanced ROP Challenges\u003cbr\u003e    - Build and execute ROP chains to exploit vulnerabilities.\u003cbr\u003e    - Challenge: Create complex ROP payloads to bypass mitigations.\u003cbr\u003e- Lab + Q\u0026amp;A Session\u003cbr\u003e    - Work on lab exercises.\u003cbr\u003e    - Wrap-up of advanced exploitation techniques with open discussion.\u003cbr\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eDifficulty Level:\u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eAdvanced Definition - The student is expected to have significant practical experience with the tools and technologies that the training will focus on.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eSuggested Prerequisites:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e- Basic knowledge of low-level programming (e.g. C\/C++)\u003cbr\u003e- Basic understanding of x86 assembly\u003cbr\u003e- Familiarity with Windows memory layout (stack, heap, ...)\u003cbr\u003e- Experience with at least one Windows debugger (e.g., x64dbg)\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat Students Should Bring: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eA laptop with an up to date browser to access the browser-based lab\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat the Trainer Will Provide:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cspan style=\"font-family: -apple-system, BlinkMacSystemFont, 'San Francisco', 'Segoe UI', Roboto, 'Helvetica Neue', sans-serif; font-size: 0.875rem;\"\u003eCourse material as PDF. Access to the challenge lab.\u003c\/span\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTrainer(s) Bio:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eKolja \u003c\/strong\u003eis a Security Researcher and Trainer at Neodyme. He specializes in Windows and Active Directory security. He has found vulnerabilities in widely used security products and has extensive exploit development, pentesting, and red teaming experience.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eFlorian\u003c\/strong\u003e is a Security Researcher and Trainer at Neodyme, specializing in fuzzing, reverse engineering, and Windows security. He brings experience from both academic research and hands-on penetration testing and has identified vulnerabilities across a wide range of software, including the Windows operating system.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eProficiency Exam Option:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cmeta charset=\"utf-8\"\u003eThis course has the option for a proficiency certificate add-on. \u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eTo earn the proficiency certificate, students must solve at least three of the challenges during the course.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003ePlease reach out to training@defcon.org for any questions related to the proficiency exam and certificate option.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eRegistration Terms and Conditions: \u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTrainings are refundable before July 11, 2026, minus a non-refundable processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBetween July 11, 2026 and August 5, 2026 partial refunds will be granted, equal to 50% of the course fee minus a processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll trainings are non-refundable after August 5, 2026.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTraining tickets may be transferred to another student. Please email us at training@defcon.org for specifics.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eIf a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eFailure to attend the training without prior written notification will be considered a no-show. No refund will be given.\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eDEF CON Training may share student contact information, including names and emails, with the course instructor(s) to facilitate sharing of pre-work and course instructions. Instructors are required to safeguard this information and provide appropriate protection so that it is kept private. Instructors may not use student information outside the delivery of this course without the permission of the student.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBy purchasing this ticket you agree to abide by the \u003c\/span\u003e\u003ca href=\"https:\/\/defcon.org\/html\/links\/dc-code-of-conduct.html\"\u003e\u003cspan\u003eDEF CON Training Code of Conduct\u003c\/span\u003e\u003c\/a\u003e\u003cspan\u003e and the registration terms and conditions listed above.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eSeveral breaks will be included throughout the day. Please note that food is not included.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll courses come with a certificate of completion, contingent upon attendance at all course sessions. Some courses offer an option to upgrade to a certificate of proficiency, which requires an additional purchase and sufficient performance on an end-of-course evaluation.\u003c\/span\u003e\u003c\/p\u003e","brand":"Las Vegas 2026","offers":[{"title":"Course only - Aug 10-11","offer_id":47691867160794,"sku":null,"price":2500.0,"currency_code":"USD","in_stock":true},{"title":"Course + Proficiency Exam - Aug 10-11","offer_id":47691867193562,"sku":null,"price":2800.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0629\/2088\/4442\/files\/kolja.jpg?v=1774179685","url":"https:\/\/training.defcon.org\/products\/advanced-windows-binary-exploitation-kolja-grassmann-florian-schweins-dctlv2026","provider":"defcontrainings","version":"1.0","type":"link"}