Exploit Writing & Advance Exploitation



Exploits are proof that the computer science, or software programming, community still does not have an understanding (or, more importantly, firm knowledge) of how to design, create, and implement secure code. Like it or not, all exploits are a product of poorly constructed software programs and talented software hackers – and not the good type of hackers that trick out an application with interesting configurations.These programs may have multiple deficiencies such as stack overflows, heap corruption, format string bugs, and race conditions—the first three commonly being referred to as simply buffer overflows.
If you are the ambitious and eager type, looking ahead to the next big challenge, then we welcome and invite you to attend this training and to prepare you for a long journey in exploit writing.To manage expectations, we do not believe you will be an uber-hacker or exploit writer after this training, but you will have the tools and knowledge afterward to read, analyze, modify, and write custom exploits and enhance security tools with little or no assistance.This is an advance course based on writing your own security tools and exploits using Python & Shell Coding. This course is an asset for those candidates who want to write something of their own in penetration testing market.


Candidates who have understanding of Windows and/or Linux Operating System, Assembly Language, Kernel Basics, Different kind of Attacks on Network & Web Application or have attended training on CPTP.

Course Content:

  • My First Simple Shellcode
  • Shellcode for Windows Command Execution
  • Message Box
  • Function Hash Generation
  • Metasploit Shellcode
  • DNS Tunneling
  • Reverse DNS Tunneling
  • Windows Shellcode
  • Linux Shellcode
  • FreeBSD Shellcode
  • Cisco IOS Exploitation
  • Libemu & PDF Extraction
  • Heap Spray
  • Writing Bufferoverflows
  • EggHunters/Omlete w32
  • Python Scripting Basics
  • Python Language for Linux
  • Python for Windows
  • Python for iPhone
  • Python for Androids
  • Python for Routers
  • File and Directory Access
  • IPC
  • Raw Socket basics
  • Sniffers
  • Packet Injectors
  • Web Application Fuzzers
  • Scraping Web Applications
  • Web Browser Emulation
  • Attacking Web Services
  • Application Proxies and Data Mangling
  • SQL Injection, XSS
  • Immunity Debuggers and Libs
  • Writing plugins in Python
  • Binary data analysis

Duration: 4 Days

Materials Provided:

  • Exploit Writing & Advance Exploitation Lab Guide


"The Intro Sessions and Advanced Attacking phase are awesome and with the added bonus of Lab Book you take the cake!  I love the practical sessions!"
    - Jodie L. Johnson, Senior Software Engineer, Amazon, USA

"I am very happy with all your training sessions. I recommend CPTP course for anyone, who is willing to start career in penetration testing."
    - G. Joseph, Security Analyst, Verizon, USA


" Advance ethical hacking course was really worth learning, CPTP exam is setting new trend in infoSec industry."
  - Mark Waller, US Dept. of Defense

"Mr. Aatif is very knowledgeable about the course content, I would recommend CPTP Course who wants to get deep in Ethical Hacking."
 - Patrick Cooper, System Engineer, Sony Corporation of America

"Lab exercises along with trainer helped me to understand ethical hacking in much better & easier way."
 - Daniel Miller, U.S Army