A modern, Windows 11-focused deep dive into userland stack exploitation, created & taught by an experienced exploit developer and instructor. You’ll gain a clear, evidence-based understanding of how things really work — from fundamentals all the way to full ROP mastery. You’ll learn not just what works, but why it works — the Corelan way. Corelan Stack, step 1 towards CCED.
Your browser does not support HTML5 video.
Architecture & Memory Management, Registers, Assembly, WoW64
WinDBG/WinDBGX Learn mona.py from the author
In depth coverage.Precision & control, the Corelan way
Using egghunters in modern Windows versions
Identifying & avoiding bad chars
Write and port exploits to Metasploit framework
ASLR bypasses and ROP mastery
Stack buffer overflows on x64
Peter is a fantastic instructor – probably the best I’ve ever had. He takes complex topics and explains them in a way anyone can understand. When focusing on sections I was already familiar with, Peter filled critical gaps in my understanding of the subject. The exercises are just challenging enough to be fun without feeling forced or unrealistic.
Peter is one of the finest and most attentive trainers I’ve ever met. If you’re looking for a refresher or solid introduction to Win32 exploit development, Corelan Bootcamp is an excellent choice. Peter will break you of any bad exploit dev habits you have. 😉
I took the training because I was really interested in exploit development and ROP, I had quite a few gaps in my knowledge and this training not only closed the gaps but added a whole new world. Peter is in my opinion one the few who really knows this topic and can explain this in a funny and good way. Everything is really well explained and very pace, looking forward in doing the homework.
The decision to do this training in person is indeed mandatory and this has an extra added value which can’t be achieved through video training so I if you can make it to the training go for it… you won’t regret this!!!
So I have been interested in learning exploit development for some time, but never had the motivation to start from scratch on my own by reading blog posts on the Internet. This training is exactly what I needed to, in 4 very efficient days, get me started on what seemed important to me for this discipline:
– getting some knowledge about modern operating systems and applications that is relevant for exploit development – understanding various protection mechanisms, why they have been adopted over the years and how to bypass them – learning to use the right tools to debug programs and extract useful information for exploits – practicing exploit development by manually going through the necessary steps to write an exploit – being aware of the multiple options that could be used to solve given problems – having information about what is considered good practice as well as good tips for exploit development
This training is very well put together: It is clear, to the point, has a nice flow, has a good balance between theory and practice, ultimately allowing to get a good overview of the subject as well as understanding the important details.
The course just ended, now I need to put things into (more) practice to consolidate everything.
First I would like to start by thanking Peter for his patience and dedication to answer every question in great details. What separate Peter from other instructors is his methodological and logical approach in delivering the course materials. Hands down, this is the best security training I attended.
Every step is explained with backing theory and clear logical reasons on why we were doing what we were doing to create the exploits. There were no vague answers.
The way Peter puts ideas and concepts together is an inspiration. You may not master every topic discussed right away (as you have to practice, practice and practice) but the main take away is that you have to apply yourself and work hard.
I specifically liked the exercises as they were well-thought out. You will see yourself grasping ideas as you do the exercises yourself (with little help along the way from Peter) which I liked because you will earn knowledge the hard and the right way.
Thank you for a great learning opportunity. What a great person to be around.
I’ve been to various trainings until now and always left disappointed in the lack of technical depth. Peter is what I call a master of his domain. In bootcamp he teaches you how the OS works, how memory works, and all other inner workings of a computer (relevant to Exploit development), then and only then he goes into exploitation. Be comfortable with Assembly, python and prepare for a hardcore training if you are a beginner.
Peter is 1/ an expert in communication, 2/an expert in exploitation and 3/ an expert in teaching skills
He loves what he does and you can see it clearly. I would give him 10 stars if I could. As an advice, if you are a beginner in exploitation and want to learn as much as possible, do at least 5-10 simple exploits before coming to the training, the pace is brutal. Thank you for a great training Peter
If you are looking to learn stack exploitation and love to be challenged, this training is perfect for you. The amount of knowledge that you are able to obtain in such a short time is insane. If you walk in with limited to no knowledge, you will definitely walk out with a new skill and be able to use it in practice.
Peter will refute about every single thing you might have learned so far related to the topic in other courses (such as OSCP and eLearnSecurity), and then teach you it the right way from the ground up.
If you’re going to take the bootcamp please note that it is intense. Peter does an excellent job of thoroughly going through all of the concepts. He makes it’s a priority to answers all of your questions — was very supportive throughout the entire boot camp.
Highly recommend!!
The Corelan Stack course provided an in-depth understanding of buffer overflows and exploit development. The hands-on approach and expert guidance helped me sharpen my skills in real-world exploitation techniques. It also filled in gaps in my understanding of common misconceptions about stack and memory management, clarifying key concepts that were previously unclear. I highly recommend this course to anyone serious about mastering exploit development.
I can only recommend the course. Peter is very professional and explains each concept with passion and experience. In addition to up-to-date content, students leave with many exercises to do at home and support from the slack group in case of problems. I can say that I had a great time with this course and I can only recommend it.
First of all I would like to thank Peter, for the incredibly cool 3 days in Paris. Thank you very much for your patience in answering questions and the opportunity to share your extraordinary knowledge with us!
After participating in the bootcamp in April of this year in Belgium (BruCON Spring 2019), participation in the advanced course was only the logical consequence.
What makes the course so special, is the methodical and logical structure based on Peter’s practical experience.
Why you should not miss BOTH courses and participate? Very easily:
– Theoretical bases, their implementations as well as common “halftruths” or “mistakes” are explained in a practice-oriented way. – No matter what level of knowledge each participant brings, Peter answers every question and never tires of explaining everything in an understandable way. – Extensive training material, with a huge amount of valuable information (for offense and defense). – Many private solutions which never been published by Peter.
Both courses will be definitely be part of our company training program as a “MUST” for anyone.
Conclusion: “Learn from the best, or die like the rest”
Peter, you are definitely one of the best!
This training is a deep technical binary exploitation course with a focused approach towards the Windows Internals, the Stack Internals, and the Heap Internals.
The instructor’s thought process as an experienced exploit developer changes your worldview about how you approach software/bugs/exploitation, what questions you ask, and developing a methodology.
The instructor can clearly illustrate visual diagrams of how memory corruption exploitations occur on a conceptual level as well as what happens given a specific case study of a CVE.
The instructor questions and challenges your thinking, stepping through the debugger, and building your understand of the instruction and interaction with the system.
The instructor provides a systematic, thorough, and realistic list of CVEs/exercises, across OS versions, that covers what was taught in the class and more, even pushing you into starting your own research.
You get the opportunity to meet and network with other individual invested in doing deep technical work, which may be rare.
There are few to no other courses that offers this level of technical depth that is being covered, at least not publicly.
Testimonials that give you a good sense of what the course is like beyond the page of the course content description : Voidsec Wiebe Willems Matteo Malvica Gershom Rogers Rikkert Ten Klooster Mario Kornab Nick Kapil Khot
Attended the combo; Bootcamp and Advanced Training.
Well,
if I would write out this testimonial the way it deserves to be written, the length of the string would trigger a buffer overflow.
The fact that I understand what that exactly means is a testimonial by itself. I came in on Friday with zero exploit knowledge, and left on Monday with a million more questions – all of them derived from an actual understanding of the mechanics of the system, the logic behind the exploits, and the methods of delivery.
Having a wide, deep understanding of the topic he is teaching, Peter delivers high speed, very precise, very technical lectures that are accompanied by real case demos and challenging labs. There is no answer given, and there are no promises made – none save one – by the end of the class, you WILL write your first exploit.
Get a good night’s sleep, grab a VM or two, and start your exploit journey now.
The Corelan Bootcamp was by far the best stack based exploitation course I have ever taken. The instructor was incredibly knowledgeable and presented the course material in a clear and digestible format. The labs were excellent and were all based on real world scenarios. I would definitely recommend this training to anyone working in the vulnerability research and exploitation field.
I completed my OSCP and was looking for the next step in my education. The quality of the class easily exceeded my expectations.
The material might be extremely dense for some, but I felt that Peter does a great job of breaking it down. Based on what I observed from other students, I believe it’s helpful to have some Python experience since a lot of the lab material required creating Python scripts. Creating the Python scripts on my own helped solidify my understanding of the material. I look forward to take the advanced class. Keep up the good work, Peter!
I recently completed a 4-day boot camp with Peter, and I must say that, among all the similar courses I’ve taken on this topic, nothing quite compares to this one in terms of the breadth and depth of knowledge imparted in such a short span. Peter is an exceptionally motivated technology enthusiast with an amazing ability to simplify highly complex subjects, making them easily understandable. Admittedly, due to the nature of the topics covered in the boot camp, you might feel mentally taxed, but the wealth of knowledge gained is truly remarkable. I can’t recommend taking any of his classes enough. Now, it’s time to connect all the dots Peter delivered to me, and after that, I’m looking forward to enrolling in the advanced class next year.
In short, this course is fantastic!
It’s a 4-day bootcamp style course, fairly priced, covering Win32 exploit development on Windows 10. Some topics include: stack buffer overflows, SEH overwrites, bad character analysis and encoders, basic shellcoding, egghunters, writing your own Metasploit exploit modules, ASLR partial overwrite bypass, and wrapping it up with an almost full day of ROP for DEP bypass.
After some initial background material on hardware, OS and memory management, from then on you are heads-down and hands-on-keyboard in Immunity debugger, mona, and Python all day every day. There’s also some Ruby in the Metasploit section where you learn to write your own custom Metasploit modules for several of the exploits you just learned.
The class provided lots of extra time, often starting early and ending late, giving students at every level the opportunity to get the most out of the course.
The quality of the labs was excellent, not giving away too much so you can learn on your own, but providing hints and solutions if you get stuck. There are also several supplemental “take home” exploit labs in the material you could work on outside of class or after the training ends to continue to sharpen your skills. Another excellent value add is that after the course ends, there’s an available support forum and Slack channel that all students can join for ongoing help in continuing to develop skills.
Whether you’re just starting out in exploit dev or have covered this material before and would like a great in-depth refresher, this is the class for you.
Peter has many years of experience writing exploits and is the author of mona, so during his step by step walkthroughs you will definitely pick up a lot of his tricks along the way that will help you save time when writing your own exploits. Although he is very knowledgeable, he is also very approachable, humble, patient and is excellent at teaching very complex topics in a way that students at all levels can understand.
If you’ve always wanted to learn how to write exploits, modify exploits, and understand how they work, but felt a little intimidated signing up for such a technical class like this, this is my advice: If you have a passion to learn exploit dev and are willing to put in the time, devote yourself to completing the labs even if it means staying late in class or taking the work back with you to the hotel room to work on it at night, then I can’t think of a better instructor and a better course to kick that off than this one.
Personally, I can’t wait to sign up for the Advanced Class which is the one that follows this one and looking forward to whatever newer classes may be released by Corelan Training in the future.
I completed Peter’s recent Bootcamp/Advanced Exploit Development training held in Sydney, 2019. Having worked in the computer security field for many years I wasn’t sure how much I was going to get out of the training but I am so glad I decided to attend as these two training courses were without doubt two of the best training experiences I have had in my career.
Peter’s ability to teach students of different knowledge/skill level is second to none and his humour and enthusiasm make the long days (i.e.9:00 – 10pm) seem to fly by.
His depth of knowledge on Windows heap internals is world class and he provides enough training material and exercises to keep you busy for a least a year!
I have no hesitation in recommending both courses to people interested in the field, experienced security professionals and anyone else who wants to experience a truly great educator.
After finishing one course in late 2019, I immediately signed up for the other one. Unfortunately, the following year brought some… complications. Peter offered a refund when travel restrictions caused delays, but I can confidently say that this training is worth waiting 3 years for.
The course structure, pace, and content are all impeccable. The examples, exercises, and homework use actual CVEs from real software. The importance of being able to easily ask questions at any time cannot be understated. Finally, I don’t know of any other course that offers the same level of post-training support from the instructor.
The training was awesome, despite non being a completely “noob” in exploit development I choose to take the bootcamp in order to be sure to have the right foundations before moving to the advance course; to my surprise I learned lots of things which are now very clear in my mind. I understood some “obscure” windows internals and why they works in this manner, there is no more space for NOPs now that I really understand what I’m doing. Peter is not just amazing from a technical point of view, he’s also a really excellent (and funny) trainer who definitely have passion for what he does and that strive for the best. I can’t recommend him enough, just come to the training and see it by yourself.
Even though I was initially planning to register only for the Advanced Course (due to already possessing relevant advanced certifications on exploit development), I am so glad that I made the decision to attend the BootCamp course as well. It definitely filled in certain gaps I had (which the other certs did not truly cover), and prepared me mentally for the next step.
I enjoyed every minute of the course, but even though it’s now over, I feel that this is the start of a new beginning due to the eye-opening towards certain concepts.
Peter has been a truly inspiring mentor during the course, who did not hesitate to devote extra hours, without which I personally would need more time to get to the point myself and the class was, and he made a true effort so that we really understand the root cause of what we were doing.
I have already registered for the Advanced Course, and looking forward to more exciting times ahead!
Thanks a lot Peter.
I took the Stack course in May of 2024. I had always meant to get around to learning more about buffer overflows and stack based exploitation, but never found the time. I will admit that I felt I was struggling to grasp a lot of the concepts initially, but Peter did an exceptional job of helping make sure we all understood everything he was teaching. You could tell Peter’s heart was in teaching the material and never once did I feel like he was “getting through the material just for the sake of getting over it” as I have in many other classes. Even though it was only 4 days, I feel that I am miles ahead of where I begun the week at and have no hesitation in recommending this course to anyone able to take it. I am signed up for an upcoming Heap course and am super excited for all that I will learn there!
**Testimonial for Corelan’s Stack Overflow Course**
“The Corelan Expert- Level Stack course is nothing short of transformative. As a professional in cybersecurity and reverse engineering, I have taken my fair share of technical training, but this course stands out for its clarity, depth, and hands-on approach. Peter have an unparalleled ability to demystify complex concepts, turning a seemingly daunting topic like stack overflows into something manageable and empowering.
The balance between theory and practice is exceptional. The detailed explanations of memory structures, exploitation techniques, and real-world applications are immediately reinforced through guided labs that mirror real-world scenarios. By the end of the course, I felt confident not only in identifying vulnerabilities but also in crafting exploit code responsibly and efficiently.
What sets this course apart is the passion for knowledge-sharing and their focus on fostering a deep understanding rather than rote learning. This is not just a course; it’s a career-enhancing experience. Whether you’re a penetration tester, a reverse engineer, or simply someone eager to understand exploitation at its core, I wholeheartedly recommend this course. Corelan’s training doesn’t just teach you how to do something—it equips you with the why, which is invaluable in this field.”
The Corelan Bootcamp is a good start for the craft of exploit writing. Peter is a fantastic teacher with a deep knowledge and fine sense of humour. Peter explains the basics and after three days you should not only know what you are doing, but why you are doing it and why NOPs kill kittens. 😉
I already had some experience in stack buffer overflows before the training, but I learned a ton of new things.
I highly recommend this training.
Thank you Peter for a wonderful time!
I took the Bootcamp training in March 2019 and I was impressed by how Peter explained highly complex topics with ease, patience, and enthusiasm. No matter what’s your level of experience in debugging/exploitation, you will learn a lot! 0-day exploitation will become much easier to you once you know the foundations Peter teaches.
As far as I know, there are no better (or even comparable) courses than the ones offered by Corelan’s, which deeply explain exploitation techniques. Hey! Don’t you know that Peter is the developer of the **popular** exploitation module: mona.py! So, you’re getting your knowledge right from the mouth of a guy who spent all of his life developing and researching this science!
Once I practice and master the Bootcamp’s materials/exercises, I will DEFINITELY attend the Advance training.
Thanks, Peter
Attending the Corelan Expert-level Stack Exploit Development class was the best decision that I have made to date on my Exploit Development journey. I came into the course already familiar with many of the core concepts on the course agenda. Having had exposure to them as I am also taking the OSED class and preparing to take the certification exam as well. Prior to taking Peter’s course, my exploit knowledge had been 100% self-directed study. Self-study filled with highs and lows. Periods where motivation was high as some concepts were easy to grasp. And other periods where motivation was low due to not understanding the “why’s” or “how’s” on self-directed course material. And when I couldn’t get to a definitive answer on why something worked vs when it didn’t. Peter’s class is a great opportunity for those who are completely new to exploit development and for those that are initiated but still have doubts. Taking this course has allowed me to learn the methodology and best practices from someone who has been doing this for a long time (over 20 years). Introducing concepts and ideas in a way that the material builds on itself explaining every step of the way, the “why’s” and “how’s” of stack based exploit development. Peter’s teaching style is of the no non-sense, direct, straight-to-business type. Encouraging growth and self-mastery of the material. Much like Morpheus from “The Matrix”, Peter teaches from a perspective and with insights that will challenge any preconceived notions that are not based on fact or empirical evidence. Peter stresses that exploit development is a science. Always knowing your why to what you are doing, aka follow the methodology. The best value for taking the course are the additional lab exercises and continued support once the class over. Allowing for true mastery of the material through lots and lots of practice. I have already signed up to take Peter’s Heap Exploitation Masterclass in Sydney having seen the attention to detail and the passion/mastery Peter has in the material I know I can expect much of the same high quality training.
I was skeptical to learn new things in the bootcamp, I was totally wrong.
The way of teaching that Peter use is amazing.
There is no place for luck or nopsled, you understand really what you are doing and he share so much tips, tricks that you can’t found elsewhere. His approach is always different than all other materials I can found.
Even if you think you have the level to take the advanced class, I still recommend to take the bootcamp first.
Having completed the OSCP, I thought I knew stack overflows pretty well.. until I realised how little I really understood about stack ‘buffer’ overflows and in particular ‘Saved Return Pointer’ overwrite exploits. Peter is an excellent teacher and explains the exploit development process in such depth that makes these complex concepts almost too easy to understand. The knowledge of this course stretches far far far past what was covered in the OSCP in regards to windows exploit development and is definitely an excellent course to take your skills to the next level.
I had a pleasure of attending an extraordinary #Corelan_Bootcamp by Peter Van Eeckhoutte in partnership with Hackers Academy, Telecommunications Regulatory Authority, Dubai Electronic Security Center & GISEC
Peter is indeed an inspiration for all of us in the #Cybersecurity community and learning directly from the creator of #mona is an honor. Little I knew about the life’s work which is out there in the wild without due recognition.
I truly admire peter’s courage to teach a live course effortlessly in this #pandemic era.
Peter not only made Exploit Development easy for us to understand but he actually rewired our brains on Windows Internals.
The course material was carefully prepared and appropriately placed with challenges that makes us run for our lives. Thank you so much peter for your time and amazing knowledge I can only say #w00tw00t. Corelan Team
The Corelan Stack Exploit Development course was a truly high-level learning experience. Every concept is explained clearly and systematically, with nothing left to chance. Peter doesn’t just teach deep technical skills—he teaches a way of thinking that sticks with you. The materials are incredibly well-prepared, the exercises are numerous and progressively challenging, and they really push you to understand what you’re doing instead of just following along. You can feel the passion and experience behind every slide, every demo, every explanation. It’s a solid, hands-on, and thoroughly practical course.
The Corelan Bootcamp training was one of the most interesting trainings I have ever taken. The instructor really knows how to transfer his extensive knowledge from the past years (decades!) in a very structured way. I went from having opened a debugger only a handful of times in my life to constructing a whole ROP Chain bypassing Data Execution Prevention on real applications for existing CVEs. I would 100% recommend this training to anyone working in cyber security having an interest in general Windows internals and willing to write working exploits. With the amount of homework for post-training exercises, I’m preparing for the advanced class already!
If you really want to learn exploit writing instead of just talking about it this is the course you have to take. In 3 days i learned so much deep operating system stuff and debuggers, that an advanced SANS course seems to be a skript kiddie/rookie course compared with this one. Peter is a true legend in the security community and also an absolutely cool and unbelievable modest person, With mona he also developed THE industrial standard when it comes to exploit writing and i still can’t believe he gives that tool away for free. Thank you peter for an amazing expierence that let my brain melt and inspired me to work harder on my own skills. It was an honor to meet a true hacker. I hope i will be prepared quick enough to visit your Advanced class to complete my knowledge ;-).
Peter’s ability to explain complex concepts in a simple and pragmatic way is exceptional. His Windows Exploit Development training is of the highest standard and will help newcomers and seasoned security testers alike understand modern memory corruption techniques.
I’ve completed both the Bootcamp and Advanced courses now, along with OSCP and OSCE and I’ve learned invaluable lessons from each.
If you’re interested in Windows Exploit Development, ROP and heap exploitation, then you should definitely prioritise Corelan training. It’s truly a privilege to take part in.
I’ve learned a tonne, but the real learning comes with the exercises that are included as homework during and after the course.
This training is amazing. Peter starts with the foundation of all exploiting: the OS and how it talks to the CPU/memory, and how that is important to exploitation. His way of describing complex concepts in simple drawings is amazing and really makes you understand what you are doing.
We wrote exploits for all sorts of stuff, and what seemed like magic has been neatly reduced to comprehensible, understandable steps.
Long story short, great training, great material, attend if you can.
One of the most gruelling yet beneficial training courses that I have ever attended in my entire ofsec career! This course is definitely a good start for those who really want to get well acquainted with the basics of exploit development. On top of that, Peter is such an amazing instructor in terms of delivering his content and sharing us some tips and tricks when facing problems during the lab exercises. I would personally recommend his training to anyone who wants to start off basic exploit development.
This was my first exploit dev course and before entering the room on the first day I thought I already knew a bit about how stack buffer overflow worked. The truth is : I didn’t. With Peter’s training you don’t only write exploits, you understand all the underlying mechanisms. II’m now able to say that I know what a stack buffer overflow is, I know what happens when a shell pops in metasploit. After taking Peter’s bootcamp, NOP sleds won’t be part of your life anymore !
This was my first course to start my exploit development track. I have been reading around internet for a while and got lost in some places. Then decided to get a professional training. Going through internet and getting people reviews there were couple of options. Finally, decided to go through corelan bootcamp based on a fair comparison with other courses.
Guest What !! This is the best place to start with. Very detailed explanation in very simple terms. Peter has all the answers to the questions I had and he can go as deep as you ask. But in very simple words and examples which makes it easy to understand.
Many thanks to Corelan and Peter for this amazing training.
Coming into this course I expected to be taught a methodology for exploitation of stack and heap vulnerabilities in Windows. Not only did Peter teach this to a high degree, he also explained how the technology worked in an engaging and detailed manner, enabling the class to not just understand how to exploit a vulnerability, but why it works and how we can enable our own creativity to solve problems without following a “tutorial”. I firmly believe this type of teaching is what students need to stand out in such a competitive industry.
I had the dream for years to start learning binary exploitation and eventually learn how to triage and exploit a crash from a fuzzer. I had long heard amazing things from Corelan classes, how knowledgeable Peter was and how hardcore the classes were. The Stack class was really great, 4 days of lots of information and background, from fundamentals to feeling comfortable with ROP chains. I had prior to the class little experience with assembly and in general the binary world, and hands down the explanation was the best I ever had seen. Great slides, great tips, cool exercises in real software. I was expecting a great class, but it was hands down the best security related class I’ve ever attended.
Peter is simply amazing in explaining complex concepts and operating system internals in a very understandable and engaging way. His enthusiasm for the subject works really contagiously.
This course will give you a solid foundation and a boatload of exercises to take home with you to get you started in heap exploitation.
Personalized verbose courseware
Real skills, insights and inspiration
Your own personal lab. No costs or subscription fees
Additional challenges and exercises to keep you going
Additional bonus content
FREE post-training support (unique in the industry)
Bring Your Own Device
Get ready to focus and learn.Skills needed:
Confidentiality / NDA
Our courses are built on decades of research, real-world experience, and hundreds of hands-on exercises. We push hard to deliver as much value as possible in just a few days — but we also know that no one becomes an expert overnight. True mastery requires practice, repetition, and exploration long after the class ends. That’s why your learning doesn’t stop when the class is over. You take home the full courseware, your own lab environment, a collection of exercises, bonus content and the freedom to learn and refine your skills at your own pace. And when new questions arise — we’re here to help. Every student receives FREE post-training support. This long-term support system is unique in the industry and one of the best ways to protect the investment you made in a Corelan class, and in your own future.
Taken Corelan Stack and Heap? Then the door is wide open to take on the certification exam that truly sets you apart. Will you earn the prestigious title of Corelan Certified Exploit Developer (CCED)? That part is entirely up to you 😉. Taken Corelan Stack, but not Corelan Heap?It’s the natural next step on your path — and your final preparation before CCED.