Peter throws a lot of information at you very quickly but gives exercises that really drive the information home so it is absorbed.
This class blew my mind on multiple levels. I'd recommend it not just to people interested in exploit development and infosec, but also to low-level programmers interested in security, or general developers wanting to have a REAL challenge. I really mean it. I didn't think things like ASLR/DEP bypass could be as simple and elegant as he showed. The material was relevant, recent, and had NOTHING but real world exercises.
But more than that, I was personally inspired by this class too. Peter represents the absolute finest breed of hacker: not just an exploit developer, but an individual who is dedicated to sharing and learning. It's rare to find, let alone be taught by such people. I've spent significant time and research in my own fields, and watching someone display enthusiasm like that is always incredible. If Peter could have gone for another 13 hours straight on Day 1, I think he would have.
Your brain will be on fire and deflated like a balloon, just by the end of day 1. And that's the easy day. But again: mind blowing, incredibly detailed and taught by a great individual. I couldn't recommend something like this enough to my peers. Do not ever miss an opportunity to be taught by this guy.
This class is excellent and covers everything you need to know to exploit modern buffer overflows effectively and efficiently within two days. The previous testimonials are absolutely correct in that this class is not for the faint of heart. You should expect to put in a full day each day dealing with computer software at its lowest levels.
Peter is an amazing (and highly dedicated) teacher. He'll have you up and running, making exploits with his exercises in no time. He's willing to work all night if you want!
He's got great insight into exploit development as a whole. You'll be crying in tears by the end of it but you'll have absorbed years of knowledge in just a couple of days. I'd highly recommend this course for anyone who is dedicated to learning the tips and tricks of the Win32 exploit development trade! Thanks again Peter, it was a pleasure.
No bullshit, Peter knows the game. This training is top-notch and to-the-point. I would recommend it for every hacker who wants to improve his exploit writing skills.
It was amazing! This is definitely the best course I have done to date. Peter is extremely knowledgeable and shows great passion for the course. The teaching rate and style is perfect for quick pick up and the course is very hands-on oriented so you start developing exploits very early on in the class. Everything is explained extremely well and the hands-on aspect quickly cements the concepts. I would recommend it to anyone who is interested in the subject or would like to start out in this kind of development. I went from a general understanding in a very vague way to being able to start comprehending the intricacies of the interactions and I very much enjoyed the topics on bypassing the newer protections in windows. All in all, something that was painfully slow to do before hand when I was looking at OSCP, now seems extremely easy.
This class is a must!
As a fairly seasoned exploit developer pre vista, this was an excellent brushup to overcoming recent countermeasures. Peter is a rock solid instructor, and the format of the course is great - He explains some basic concepts and lets you apply them shortly thereafter, eventually popping shells left and right. I would not recommend this class for absolute beginners or people with hangovers, if you lose track you are pretty lost. Having read most material on the subject and having some of it fly over my head, I discovered that some of the material I struggled with made sense after the class, which was a great delight.
I went in without ever practicing this subject before, beyond paper examples, and left with a great set of pointers and tools that allowed me to slowly chew on the huge amount of material exposed to us in just a few days.
Several months later and all the hints and tips (not to mention methods) that Peter exposed to us throughout the training are still fresh when confronted to difficult problems, be it while going through the training again or practicing on other targets. If at the end you think you didn't understand anything, try doing everything all over again at your own pace, you'll see what I mean.
If you have the will to sweat and learn, and find the time to practice, Peter will set a clear progression path for you, even if you don't have any reference points.
Final words? Totally worth it!
Very hard work but well worth it
An excellent course that more than delivered on its promise of content.
Running for over 12 hours each day the course is not for the faint hearted and certainly not for someone completely new to how an OS works and how an application is put together. However with just some basic scripting skills you'll move from simple stack overflows to full DEP and ASLR bypass in a well paced but full on class.
The really hard bit starts when you get home and have to start to practice it for real.
For my full review see http://www.digininja.org/blog/corelan.php
As somebody who doesn't do exploit development in my day to day work I'd always struggled with some of the more advanced concepts. Even after attending a few classes on the subject the material refused to stick with me.
Peter's class was different however. The pacing and explanations where perfect, leaving enough time to really play with the labs and build a real understanding of the topics instead of rushing through them to try and keep up with the class.
I can highly recommend Peter's class to anybody looking to really understand this stuff. It's scary what you can learn in 2 days given the right instructor, information and support!
A+++ would train with again!
Training reviews posted on third party websites:
- http://www.s3cur1ty.de/review-corelan-live (in German)