Professional Exploit Development Training

Testimonials


Took one of our classes?

If you have taken one of the Corelan classes and if you would like to share some feedback about your experience, we very much welcome your testimonial. Please click the button below to access the form.


Testimonials

The Corelan Advanced class is an exhilarating journey into the realm of exploit development and research. Under the expert guidance of instructor Peter Van Eeckhoutte, participants engage in a fast-paced, immersive experience complemented by comprehensive takeaway materials and stimulating homework assignments. Peter’s patient approach encourages active participation, fostering a deeper understanding of complex concepts. With its dynamic structure and expert instruction, the Corelan Advanced class provides participants with a solid foundation for navigating the challenging landscape of exploit development, setting them on a path to success in just a few sessions.

HS
Sydney, NSW (Australia)
February 2024
Corelan Advanced

Peter delivered the training in a very digestible manner and kept us engaged with his enthusiasm and natural ability to teach. I’d recommend his courses to people who want a good understanding of the underlying heap internals for Windows 11/10/7 x64/x32 as well giving you a good dive into heap exploitation techniques. If you want to know more about windows and windows exploitation I highly recommend taking the Corelan courses.

Thomas Pitt
Sydney
2024
Corelan Advanced

This training is a deep technical binary exploitation course with a focused approach towards the Windows Internals, the Stack Internals, and the Heap Internals.

The instructor’s thought process as an experienced exploit developer changes your worldview about how you approach software/bugs/exploitation, what questions you ask, and developing a methodology.

The instructor can clearly illustrate visual diagrams of how memory corruption exploitations occur on a conceptual level as well as what happens given a specific case study of a CVE.

The instructor questions and challenges your thinking, stepping through the debugger, and building your understand of the instruction and interaction with the system.

The instructor provides a systematic, thorough, and realistic list of CVEs/exercises, across OS versions, that covers what was taught in the class and more, even pushing you into starting your own research.

You get the opportunity to meet and network with other individual invested in doing deep technical work, which may be rare.

There are few to no other courses that offers this level of technical depth that is being covered, at least not publicly.

Testimonials that give you a good sense of what the course is like beyond the page of the course content description :
Voidsec
Wiebe Willems
Matteo Malvica
Gershom Rogers
Rikkert Ten Klooster
Mario Kornab
Nick
Kapil Khot

Attended the combo; Bootcamp and Advanced Training.

John
PwC Sydney
02 2024
Corelan Advanced

I had the privilege of attending both the Bootcamp and Advanced training sessions, and I must say that the two weeks were incredibly intensive yet thoroughly enjoyable.

For those wishing to venture into the art of exploit writing, the Corelan Bootcamp serves as a solid initial step. The Corelan Advanced Exploit Development training stands out among my experiences in exploit development education. In contrast to many courses that focus solely on exploitation techniques, this program provides a comprehensive foundation by beginning with the fundamentals of memory management in Windows. It then delves into the exploitation of heap-related vulnerabilities and methods to bypass modern memory protections. This approach equips learners with a deep understanding of these concepts, empowering them to conduct thorough research on both known and future memory features and protections. Mastering heap exploitation is a significant endeavor, and this course serves as an exceptional starting point. I highly recommend it to anyone seeking to excel in this domain.

What truly sets Peter apart is not just his technical prowess but also his exceptional training skills. He is not only an excellent teacher but also a funny and passionate individual who is deeply committed to his work and strives for excellence. I highly recommend his training programs. Come and experience it for yourself – you won’t be disappointed!

Rohan
Sydney
02 2024
Corelan Advanced

I came into the class feeling underprepared. I had no clue what LFH, FEA or BEA stood for, let alone what they did. In part, this was due to a lack of online resources for understanding the Windows Heap. The ones that did exist were either intimidating whitepapers, or very old guides. That’s not to say they weren’t good. In fact, Peter Van Eeckhoutte has written some great free resources. However, I knew I couldn’t get a good understanding of the Windows Heap solely relying on them, so I signed up for Peter’s class with VERY high hopes – that somehow, in a mere 4 days, he could teach me the Windows Heap up to a point where I could continue on my own.

Peter not only met my expectations, he THOROUGHLY exceeded them.

Peter is the rarest kind of teacher I’ve met: Someone with world-class expertise, a great knack for teaching, yet still down-to-earth. In REALTIME, I felt myself going from “What IS the LFH?” to “This makes so much sense!”; the whole time, realizing that reaching this level on my own, would have taken YEARS.

Not only is Peter sharp – he answered any questions I had without missing a beat, he’s also transparent in sharing the mistakes he made during his own research so WE could avoid them. In a world where complex findings are often presented as effortless, learning that Peter’s expertise did not stem from natural-born talent, but rather solitary persistence over 15+ years was a breath of fresh air.

I learned what subsystems make up the Windows Heap Manager, how they work, and what attacks I could perform on Win7 up to the latest build of Win11. More importantly, I learned a GENERIC methodology to use when doing my own research in future Windows versions. Peter admits that by teaching this, he risks losing repeat business. When I asked why he chose to do so, he said he prioritizes his students’ understanding over how much money he can make.

Of course, finishing the live training is just the tip of the iceberg. Post-course, I’m “blessed” with TWO years’ worth of homework to hone the skills I’ve learned. I also have access to a private Slack channel, where I can ask Peter and fellow Corelan Alumni any questions.

Despite Peter’s legendary reputation, I feel his courses are underrated. I think this is because he spends most of his time improving his courses instead of marketing them. I hope this short post I’ve written can illuminate WHY his courses are so good, and help readers decide if the training is right for them.

Jael Koh
Barangaroo, Sydney (Australia)
Feb 2024
Corelan Advanced

Well,

if I would write out this testimonial the way it deserves to be written, the length of the string would trigger a buffer overflow.

The fact that I understand what that exactly means is a testimonial by itself. I came in on Friday with zero exploit knowledge, and left on Monday with a million more questions – all of them derived from an actual understanding of the mechanics of the system, the logic behind the exploits, and the methods of delivery.

Having a wide, deep understanding of the topic he is teaching, Peter delivers high speed, very precise, very technical lectures that are accompanied by real case demos and challenging labs. There is no answer given, and there are no promises made – none save one – by the end of the class, you WILL write your first exploit.

Get a good night’s sleep, grab a VM or two, and start your exploit journey now.

Igor Krainović
A1Hrvatska d.o.o.
Deep conference - Zagreb
10/2023
Corelan Bootcamp

I recently completed a 4-day boot camp with Peter, and I must say that, among all the similar courses I’ve taken on this topic, nothing quite compares to this one in terms of the breadth and depth of knowledge imparted in such a short span. Peter is an exceptionally motivated technology enthusiast with an amazing ability to simplify highly complex subjects, making them easily understandable. Admittedly, due to the nature of the topics covered in the boot camp, you might feel mentally taxed, but the wealth of knowledge gained is truly remarkable. I can’t recommend taking any of his classes enough. Now, it’s time to connect all the dots Peter delivered to me, and after that, I’m looking forward to enrolling in the advanced class next year.

Filip Buketa
Diverto d.o.o.
Deep Conference - Zagreb
2023
Corelan Bootcamp

As stated in the title: this is a very challenging class. Due to Peter’s golden standard of teaching, you will be rewarded immensely for the effort you take in understanding the course material. Not only does the course provide you with a lot of exercises afterwards, you also get to understand the methodology & tooling to do your own research and apply what you learned about the Windows Heap Manager to other custom heap implementations. Extremely recommended if you want to learn about heap exploitation on Windows.

Wiebe Willems
NVISO
BruCON 0x0F Mechelen
September 2023
Corelan Advanced

Awasome training! If you want to move from stack based exploitations to heap based exploitations, this is the way to go. Training is just the first phase. There is a lot of homework waiting for you afterwards. And by the way Peter is a great teacher. Highly recommended!

Marek Alakša
Binary House
Brucon Mechelen 2023
September 2023
Corelan Advanced

I brought my team to Corelan Advanced to solidify our understanding of heap management and exploitation. I believe that an intricate subject like this one is best learned immersively (initially, anyway—vs. tackling solely through self-study). Peter’s teaching style is clear and engaging; he has a way of taking a complex topic and saying, “When look at it _this_ way, it’s really not so hard to understand!” While this course focuses exclusively on Windows, I’ve found the fundamental concepts taught here have helped my team understand other operating systems’ heap internals more quickly. Do yourself a favor and book a seat in the next available course.

noperator
Columbia, MD
Jun '23
Corelan Advanced

Peter’s Corelan Advanced Class was an exceptional training. With his extensive experience evident in his teaching style, Peter masterfully explained complex concepts, making the learning curve associated with advanced exploit development more manageable.

After covering the theoretical foundations of Windows heap internals, practical exploitation exercises allowed to put the newly acquired knowledge to a test. The foundations provided and Peter’s targeted advice made the challenges approachable and overall strengthened our exploit development skills.

Maximilian Beckmann
Exploit Labs GmbH
Private
05 2023
Corelan Advanced

If you really want to learn exploit writing instead of just talking about it this is the course you have to take. In 3 days i learned so much deep operating system stuff and debuggers, that an advanced SANS course seems to be a skript kiddie/rookie course compared with this one. Peter is a true legend in the security community and also an absolutely cool and unbelievable modest person, With mona he also developed THE industrial standard when it comes to exploit writing and i still can’t believe he gives that tool away for free. Thank you peter for an amazing expierence that let my brain melt and inspired me to work harder on my own skills. It was an honor to meet a true hacker. I hope i will be prepared quick enough to visit your Advanced class to complete my knowledge ;-).

Dennis Peter Wölk
Continental
Mechelen (Belgium)
04/2023
Corelan Bootcamp

I can only recommend the course. Peter is very professional and explains each concept with passion and experience.
In addition to up-to-date content, students leave with many exercises to do at home and support from the slack group in case of problems.
I can say that I had a great time with this course and I can only recommend it.

David Bloom
Approach Belgium
Brucon Mechelen
19/04/2023
Corelan Bootcamp

The Corelan Bootcamp training was one of the most interesting trainings I have ever taken. The instructor really knows how to transfer his extensive knowledge from the past years (decades!) in a very structured way. I went from having opened a debugger only a handful of times in my life to constructing a whole ROP Chain bypassing Data Execution Prevention on real applications for existing CVEs. I would 100% recommend this training to anyone working in cyber security having an interest in general Windows internals and willing to write working exploits. With the amount of homework for post-training exercises, I’m preparing for the advanced class already!

Wiebe Willems
NVISO
BruCON Spring Training - Mechelen
April 2023
Corelan Bootcamp

This class definitely lives through the trainer. The knowledge is imparted in an extremely comprehensible way and focusing on understanding the workings behind and not just firing off exploits. To summarize: Awesome trainer, great class, definitely recommendable.

Guy with a beard
Munich
03/2023
Corelan Advanced

After many years of reschedules I was finally able to take this class. It exceeded my expectations a lot just as much as the amount of information Peter heaped into my head. No day goes by without any new insight and new knowledge. To craft course content around years of experience leaves to the imagination the cache Peter is yet to share to the world. Having lasted the final day is not the end; there’s a lot of homework. Don’t worry, Peter will give enough material to guide you through.

Jerowin
SINCON
02/2023
Corelan Advanced

I had high expectations, but the course still managed to surpass them! This course is great for anyone who is planning on upgrading their exploit development toolset from the typical stack overflows and ROPs to more advanced heap-based exploits. The material would be very difficult to self-study to the same detail that Peter was able to provide during the four intensive days of teaching. Despite the course being “advanced”, Peter was able to adjust the “level of teaching” perfectly for our group and focus on the right details. The given exercises and homework tasks challenge the students and provide a lot of value even by themself. I would highly recommend taking this class if you have some experience about exploit development on Windows and want to learn more about how the heaps on Windows work!

OP
Private
Jan 2023
Corelan Advanced

After finishing one course in late 2019, I immediately signed up for the other one. Unfortunately, the following year brought some… complications. Peter offered a refund when travel restrictions caused delays, but I can confidently say that this training is worth waiting 3 years for.

The course structure, pace, and content are all impeccable. The examples, exercises, and homework use actual CVEs from real software. The importance of being able to easily ask questions at any time cannot be understated. Finally, I don’t know of any other course that offers the same level of post-training support from the instructor.

David De Lille
CyberCX
Sydney, NSW (Australia)
October 2022
Corelan Bootcamp

To be honest, It has been my second training experience but I guess it’s safe to claim that this class is above average.
At some point, I wasn’t sure how all that information was relevant to apply to exploit dev tasks but then something clicked and everything become clear. So, I don’t know how Peter does it, but he’s a great storyteller and teacher. If you are interested in windows user mode exploitation then I could recommend this course for sure.

Daeh0f
Brucon
09.2022
Corelan Advanced

Peter is a very inspirational teacher. He really loves the subject of heap based exploitation and his years of effort in researching the heap in various versions of Windows have resulted in an in-depth knowledge of the subject. His passion and his natural aptitude to teaching has really motivated me to start my own journey in the exciting world of researching the heap. I’m confident that Peter has given me all the tools that I need to start this journey with confidence. His commitment to create an environment of learning, also after attending the course, further strengthens my confidence. Peter is without a doubt one of the best teachers in the field.

B
Brucon 22
September 2022
Corelan Advanced

Peter takes you on a stroll across all the quirks and functionalities of the Windows Heap Manager so you have all fundamental information you need to understand modern heap exploitation. Then you deep dive into heap exploitation with hands-on exercises on Windows 7 and Windows 10/11.
Besides Peter being an excellent teacher with great humor, the course content is well structured and complete. And don’t think it ends there, afterwards you have homework to do that can take you a whole year.
This training was amazing and I totally recommend it!

João Domingos
Siemens
BruCON
October 2022
Corelan Advanced

Simply a great class!

For anyone that seeks a future; professionally, academically or for any other reason, in Windows exploitation, this is for you!

Learn the ins and outs of the heap mechanisms of Windows, as well as ways to exploit the most common related issues.

What I appreciated most with this class is the fact that Peter gives you the tools and the mechanisms not to simply solve your tasks, but to develop the mindset necessary to develop your very own exploits.

Totally recommend it!

Evangelos Daravigkas
Genius Sports
BruCON 2022
09/2022
Corelan Advanced

Peter manages to teach a mindset instead of just the trick. He goes in depth about how different problems can be approached and solved as if you’re doing the research on your own. Not only does this class teach you how to exploit different vulnerabilities, it actually gives you in-depth knowledge about how heap management works exactly. This is by far the best in-person training I have done.

k
BruCon
09/2022
Corelan Advanced

Peter is a phenomenal instructor and has created a great curriculum. While lots of information, the Advanced class covers the material in an manner that is easy to understand. The course is extremely technical and teaches by doing. I highly recommend this course if you are interested in exploit development or vulnerability research.

Ian
Columbia Md
2022
Corelan Advanced

It is very difficult to find good learning resources in this field.
The material in this course is up-to-date and covers modern techniques that work in the real world.
Highly recommended.

LQ
Columbia, MD
Sept 5-8, 2022
Corelan Advanced

The Corelan Bootcamp was by far the best stack based exploitation course I have ever taken. The instructor was incredibly knowledgeable and presented the course material in a clear and digestible format. The labs were excellent and were all based on real world scenarios. I would definitely recommend this training to anyone working in the vulnerability research and exploitation field.

Chris Cullinan
Columbia, MD
07/2022
Corelan Bootcamp

Peter is a fantastic instructor – probably the best I’ve ever had. He takes complex topics and explains them in a way anyone can understand. When focusing on sections I was already familiar with, Peter filled critical gaps in my understanding of the subject. The exercises are just challenging enough to be fun without feeling forced or unrealistic.

Kyle Avery
H-E-B
Baltimore, MD (USA)
July 2022
Corelan Bootcamp

If you are looking to learn stack exploitation and love to be challenged, this training is perfect for you.
The amount of knowledge that you are able to obtain in such a short time is insane.
If you walk in with limited to no knowledge, you will definitely walk out with a new skill and be able to use it in practice.

Peter will refute about every single thing you might have learned so far related to the topic in other courses (such as OSCP and eLearnSecurity), and then teach you it the right way from the ground up.

Keanu Nys
Spotit
Brucon Spring Training 2022
April 2022
Corelan Bootcamp

best training I’ve ever had.
Reasons are:
– I understood every, and I mean every, concept Peter explained during the training: he did a great job to deliver every concept verbally, visually, examples at the whiteboard and most important by interacting with students, so we were able to assimilate stuff in our own preferred way
– Peter is really a nice guy to interact with, you never feel the “fear” to ask something – he’s going to answer you anyway
– training it’s not only about techniques, internals but also exercises: every single exercise is meant to give you an experience of what is that particular topic about in “real life”
– last but not least, we have now his methodology to aid us starting our journey in the exploitation field, but is up to us now, no silver bullet. This is what I feel is the most valuable knowledge Peter was able to transfer us.
If you are unsure about taking this course, please do yourself a favour and take it.

a guy
brucon
2021
Corelan Advanced

It was a real pleasure to be able to see first hand the recommendations that were made to me about this course. It greatly exceeded my expectations, besides the fact that the content that Peter has prepared in an exhaustive and methodical way is very good, the ability he has to transmit his knowledge in a dynamic way, which gets you hooked no matter how many hours go by, makes it especially unique.

If you want to know in detail how the heap works, this course provides you with clarity on all the modern heap exploitation techniques.

Alejandro
BruCON
October 2021
Corelan Advanced

If you want to dive into modern exploitation, this course is exactly what you are searching for.
During my career, I’ve taken many different courses, but I can tell you, there is no match for Peter; the Advanced Exploit Development class is absolutely the best training I’ve ever done. Unlike many other courses, Peter spends a very good amount of time on the fundamentals of memory management and Windows Internals (demystifying “obscure” concepts), then he dives into the exploitation of modern heap-related vulnerabilities (Use After Free, Type Confusion, Memory Leak etc.).
Mastering heap exploitation is a long journey and this course is the best training on the market to have as a starting point. The quality of the labs is excellent and does not focus only on ad-hoc exercises; be ready to dive into past real browser’s vulnerabilities, especially with the companion “take-home” exercises.
The approach Peter uses to transfer his knowledge is highly professional: you’ll be able to “follow” him verbally and graphically as he uses both the slides and a sketching pad to visually represent memory layouts and such; he’ll give you all the knowledge needed to conduct your own research.
Peter is not just amazing from a technical point of view, he’s also very humble and patient. He is an excellent (and funny) trainer who definitely have passion for what he does and that strive for the best. I can’t recommend him enough, just come to the training and see it by yourself.

Paolo Stagno
VoidSec
Brucon
10/2021
Corelan Advanced

This is a thoughtfully designed course which forces you to push the boundaries. You get to learn from more than decade of research in just four days (not just a theory but hands on too) and it’s just the beginning of your Heap Exploitation journey.

Rather than explaining how some of the famous Heap Exploits work, the focus is on analysing Windows Heap Manager’s behaviour that helps you in exploit development. And it doesn’t stop there, Peter wants you to grow, use the methodology/tips/tricks you learned to do your own research and you get all the support you need.

You get 25-30 real world assignments for which you have to develop an exploit from given PoC. These are very intense exercises and you learn a lot in the process. I started working on these exercises one year after I attended the class and I still get the support when needed.

You will never get direct answers but Peter will point you in the right direction. I’m really glad that I took this course and I’m planning to take the Bootcamp course too!

Peter, thank you for a great course!

Kapil Khot (SlidingWindow)
Dubai, UAE
12/2019
Corelan Advanced

This was my first exploit dev course and before entering the room on the first day I thought I already knew a bit about how stack buffer overflow worked.
The truth is : I didn’t. With Peter’s training you don’t only write exploits, you understand all the underlying mechanisms.
II’m now able to say that I know what a stack buffer overflow is, I know what happens when a shell pops in metasploit.
After taking Peter’s bootcamp, NOP sleds won’t be part of your life anymore !

Julien
Randorisec
Paris
09 2021
Corelan Bootcamp

The Corelan Advanced training was very well structured. Peter spends a great amount of time going over the heap and heap internals before touching a single exploit (over half of the class covers the heap internals) to make sure you have a very thorough understanding of the bug class, and the exploit. If are interested in the Windows Heap I HIGHLY recommend taking this course. Finally unlike a lot of other courses that just give you a few bugs and 1 or 2 labs, Peter provides students with roughly 2 years worth of “homework” assignments where you get to apply the knowledge you gained from the class into real world exploitation scenarios.

Ali S. Ahmad
Columbia, Md
July 2021
Corelan Advanced

If you’re going to take the bootcamp please note that it is intense. Peter does an excellent job of thoroughly going through all of the concepts. He makes it’s a priority to answers all of your questions — was very supportive throughout the entire boot camp.

Highly recommend!!

Kolby Wheeler
Maryland Innovation Security Institute
Linthicum, Maryland
June 2021
Corelan Bootcamp

Can’t speak highly enough of Peter’s trainings. I picked up tricks in his advanced heap course that clearly came from decades of hands on exploit writing experience. Something unique in an industry often preoccupied with hoarding knowledge or packaging/selling impractical academic info an autodidact could find on google on their own.

Forest Orr
CyberArk
Columbia, MD
May 2021
Corelan Advanced

 

I attended Peter’s advanced training in Columbia, MD. Nowhere else will you find an instructor capable of expressing complex topics in such a painlessly comprehensible manner. My newfound understanding of Windows’ heap has made what was once a cryptic headache feel elementary.

Peter’s hands-on guidance helps to reinforce the learned material with real-world practice. If you are interested in building a thorough foundation of knowledge and skills in the realm of Windows heap exploitation, then I can’t recommend this course enough.

This was unquestionably the best course I had the honor of attending.

 

Fabius
Columbia, MD
May 2021
Corelan Advanced

 

Peter’s 4-day class in Columbia, MD was a truly unique experience. The class is designed exceptionally well, and Peter himself is an exemplary instructor.

Peter designed this class such that you start out from fundamentals, and then progress to much more complex topics in a very incremental, easy-to-understand manner. He provided us with all the theory required to ignite our curiosity to ask the right questions of ourselves, plus with all the tools necessary to be able to answer those questions. We exercised knowledge of this theory to answer practical questions, plus he provided us with many meaningful exercises that pave the path towards becoming a more capable exploit developer. Some exercises were during class, some during evenings after class, and some for the years to come. :)

I’ve heard from some folks about why he doesn’t jump straight into newer Windows OS 64-bit programs (which he does provide theory about later in the course), but it’s important to realize that this teaching methodology is WHY you are able to eventually understand more modern stuff towards the end. I honestly would not have it any other way, because by the end of the class, I had all the theory and tooling required to figure out Win10 64-bit heap / program functionality, even though he started with Win7 32-bit programs. Moreover, he taught the theory of how memory allocators might work in general, and how we would go about investigating its behavior, regardless of which OS, # of bits, custom memory manager, etc… He taught it perfectly.

Thanks for the great times and lessons, Peter. It was truly an honor to attend this course.

 

Faisal
Columbia, MD
May 2021
Corelan Advanced

 

I attended Peters Bootcamp session in Stockholm. My expectations were high for this course and they were met and surpassed!

The entire course is focused on 32bit (last day had a session on more 64bit specifics) and is a excellent primer for those who wants to get into exploit development on Windows.

Peter managed to demystify ROPs and the MONA tool. Peters teaching skills are top notch and documentation and labs are one of the best.

I can highly recommend this course. I am looking forward to attend to the Advanced course.

 

Michael
Stockholm
Dec 2020
Corelan Advanced

 

I had a pleasure of attending an extraordinary #Corelan_Bootcamp by Peter Van Eeckhoutte in partnership with Hackers Academy, Telecommunications Regulatory Authority, Dubai Electronic Security Center & GISEC

Peter is indeed an inspiration for all of us in the #Cybersecurity community and learning directly from the creator of #mona is an honor. Little I knew about the life’s work which is out there in the wild without due recognition.

I truly admire peter’s courage to teach a live course effortlessly in this #pandemic era.

Peter not only made Exploit Development easy for us to understand but he actually rewired our brains on Windows Internals.

The course material was carefully prepared and appropriately placed with challenges that makes us run for our lives. Thank you so much peter for your time and amazing knowledge I can only say #w00tw00t. Corelan Team

 

Shahid Ahmed
Dubai
Nov 2020
Corelan Bootcamp

 

This was my first course to start my exploit development track. I have been reading around internet for a while and got lost in some places. Then decided to get a professional training. Going through internet and getting people reviews there were couple of options. Finally, decided to go through corelan bootcamp based on a fair comparison with other courses.

Guest What !! This is the best place to start with. Very detailed explanation in very simple terms. Peter has all the answers to the questions I had and he can go as deep as you ask. But in very simple words and examples which makes it easy to understand.

Many thanks to Corelan and Peter for this amazing training.

 

Mohammed Al Baqari
Dubai
Nov 2020
Corelan Bootcamp

 

Peter is simply amazing in explaining complex concepts and operating system internals in a very understandable and engaging way. His enthusiasm for the subject works really contagiously.

This course will give you a solid foundation and a boatload of exercises to take home with you to get you started in heap exploitation.

 

Bob
BruCON Gent
Oct 2020
Corelan Bootcamp

I took the training because I was really interested in exploit development and ROP, I had quite a few gaps in my knowledge and this training not only closed the gaps but added a whole new world.
Peter is in my opinion one the few who really knows this topic and can explain this in a funny and good way.
Everything is really well explained and very pace, looking forward in doing the homework.

The decision to do this training in person is indeed mandatory and this has an extra added value which can’t be achieved through video training so I if you can make it to the training go for it… you won’t regret this!!!

Jerco Veltjen
Brucon Gent
Sept 2020
Corelan Bootcamp

 

The Corelan Bootcamp is a good start for the craft of exploit writing. Peter is a fantastic teacher with a deep knowledge and fine sense of humour. Peter explains the basics and after three days you should not only know what you are doing, but why you are doing it and why NOPs kill kittens. ;-)

I already had some experience in stack buffer overflows before the training, but I learned a ton of new things.

I highly recommend this training.

Thank you Peter for a wonderful time!

 

Mick
Zurich
March 2020
Corelan Bootcamp

 

I’ve been to various trainings until now and always left disappointed in the lack of technical depth. Peter is what I call a master of his domain. In bootcamp he teaches you how the OS works, how memory works, and all other inner workings of a computer (relevant to Exploit development), then and only then he goes into exploitation. Be comfortable with Assembly, python and prepare for a hardcore training if you are a beginner.

Peter is 1/ an expert in communication, 2/an expert in exploitation and 3/ an expert in teaching skills

He loves what he does and you can see it clearly. I would give him 10 stars if I could.   As an advice, if you are a beginner in exploitation and want to learn as much as possible, do at least 5-10 simple exploits before coming to the training, the pace is brutal.   Thank you for a great training Peter

 

Madalin
Zurich
March 2020
Corelan Bootcamp

 

This training is amazing. Peter starts with the foundation of all exploiting: the OS and how it talks to the CPU/memory, and how that is important to exploitation. His way of describing complex concepts in simple drawings is amazing and really makes you understand what you are doing.

We wrote exploits for all sorts of stuff, and what seemed like magic has been neatly reduced to comprehensible, understandable steps.

Long story short, great training, great material, attend if you can.

 

Martin
Zurich
March 2020
Corelan Bootcamp

 

The training was awesome, despite non being a completely “noob” in exploit development I choose to take the bootcamp in order to be sure to have the right foundations before moving to the advance course; to my surprise I learned lots of things which are now very clear in my mind. I understood some “obscure” windows internals and why they works in this manner, there is no more space for NOPs now that I really understand what I’m doing.
Peter is not just amazing from a technical point of view, he’s also a really excellent (and funny) trainer who definitely have passion for what he does and that strive for the best. I can’t recommend him enough, just come to the training and see it by yourself.

 

Paolo
Zurich
March 2020
Corelan Bootcamp

 

I was skeptical to learn new things in the bootcamp, I was totally wrong.

The way of teaching that Peter use is amazing.

There is no place for luck or nopsled, you understand really what you are doing and he share so much tips, tricks that you can’t found elsewhere. His approach is always different than all other materials I can found.

Even if you think you have the level to take the advanced class, I still recommend to take the bootcamp first.

Jonathan B.
Private location
Jan 2020
Corelan Bootcamp

 

The Advanced Exploit Development training is the best training I’ve ever done so far. Unlike many training about exploit development, this course starts with the fundamentals of memory management on Windows and then dive into exploitation of heap-related vulnerabilities, bypassing modern memory protections. This approach will give you all the knowledge needed to understand how to conduct your proper research on known and future memory features/protections. Mastering heap exploitation is a long journey, and, without hesitation, this course is the best starting point. I highly recommend the Corelan Advanced Exploit Development training.

 

Christophe De La Fuente
Austin, TX (USA)
Feb 2020
Corelan Advanced

 

This training was awesome! I did a few security trainings before, but this is definitely my favourite so far!

Peter was very very well prepared and had a lot of patience to answer all questions. The training starts gradually with windows 7 and then builds up to windows 10 and latest heap exploitation techniques.

Very intensive, even though I had a bit of experience about these topics previously. After the 3rd day was felling quite tired of and day 4 was complete brain meltdown!

Loved it!

 

Adrian
Athens, Greece
Jan 2020
Corelan Advanced

 

Amazing training ! Peter is an excellent trainer that wins your respect from the very first moment! I learned lots of things which are now very clear in my mind. I strongly recommend this course to anyone who wants to dive into low level concepts ! Excellent quality ! Thank you Peter, for such a powerful training course!

 

Xenofon Vassilakopoulos
Athens, Greece
Jan 2020
Corelan Advanced

 

The Corelan Advanced Exploit Development was an amazing experience.

It let you understand in a very detailed way how Heap works on Windows 7 and Windows 10 and how to use some techniques to correctly exploit it.

Peter is a very good instructor, He is able to explain everything in a very clear and easy way. Peter also gives to you a “point of view” that you can use in every scenario and every version of Windows. At the end of the course, you will be provided with a lot of exercises.

If you want to understand how Windows Heap works, how to exploit it and how to “think in the right way”, this course is what you are looking for.”

 

Raffaele Sabato
Athens, Greece
Jan 2020
Corelan Advanced

Once you are done with all the basic exploitation tutorials and trainings, you should get this one.

The training is amazing

Peter is one of the most knowledgeable people for the subject and it shows from the first minutes. The content is great, organized and has a great learning curve. It builds up until everything is very clear on your head regarding windows heap exploitation. Once the training is done you feel like you are one step away from researching and building your own exploits. All it remains is to dedicate time to do it. You are going to have all the tools and knowledge needed.

 

GK
Athens, Greece
Jan 2020
Corelan Advanced

 

Great, in depth, analysis of Windows memory management and ingenious ways of using its inner-workings to build working exploits bypassing modern controls.

Peter is a great researcher and trainer. A hard to find combination that makes this course an absolute value for money!

 

Yiannis Koukouras
Twelvesec
Athens, Greece
Jan 2020
Corelan Advanced

 

Thank you for conducting such an amazing training on modern windows exploitation, i can’t describe the amount of knowledge i gained in those 4 days. I would highly recommend corelan advanced training. The most important thing to take away from the training is you don’t get to think about one specific vulnerability but rather a mindset on how to tackle issues on runtime which is worth way more than poping a shell for just one vulnerability. It is not some course that just copies public research/vulns and hands over exploit, rather one will deep dive into heaps and memory management (which by the way is the foundation for any exploit on modern windows OS).

It is worth every single penny spent !

 

Owais
Dubai
Dec 2019
Corelan Advanced

 

The Corelan Advanced Exploit Development is a great investment and it is certainly very challenging.

I learned heaps for heaps by exploiting my brain with huge amount of information.

The Technics/tricks you will learn can be applied in any version of Windows OS even in future editions! The actual challenge begins after the completion of the course homework for months…

I highly recommend this course if you know how to exploit the stack and you looking to explore the wild heap structures and exploit them.

 

Vpappas
Sydney, Australia
Nov 2019
Corelan Advanced

 

Having completed the OSCP, I thought I knew stack overflows pretty well.. until I realised how little I really understood about stack ‘buffer’ overflows and in particular ‘Saved Return Pointer’ overwrite exploits. Peter is an excellent teacher and explains the exploit development process in such depth that makes these complex concepts almost too easy to understand. The knowledge of this course stretches far far far past what was covered in the OSCP in regards to windows exploit development and is definitely an excellent course to take your skills to the next level.

 

 

Chris Whipp
Sydney, Australia
Nov 2019
Corelan Bootcamp

 

I completed Peter’s recent Bootcamp/Advanced Exploit Development training held in Sydney, 2019. Having worked in the computer security field for many years I wasn’t sure how much I was going to get out of the training but I am so glad I decided to attend as these two training courses were without doubt two of the best training experiences I have had in my career.

Peter’s ability to teach students of different knowledge/skill level is second to none and his humour and enthusiasm make the long days (i.e.9:00 – 10pm) seem to fly by.

His depth of knowledge on Windows heap internals is world class and he provides enough training material and exercises to keep you busy for a least a year!

I have no hesitation in recommending both courses to people interested in the field, experienced security professionals and anyone else who wants to experience a truly great educator.

 

Paul Quirk
Sydney, Australia
Nov 2019
Corelan Advanced, Corelan Bootcamp

 

Peter’s ability to explain complex concepts in a simple and pragmatic way is exceptional. His Windows Exploit Development training is of the highest standard and will help newcomers and seasoned security testers alike understand modern memory corruption techniques.

I’ve completed both the Bootcamp and Advanced courses now, along with OSCP and OSCE and I’ve learned invaluable lessons from each.

If you’re interested in Windows Exploit Development, ROP and heap exploitation, then you should definitely prioritise Corelan training. It’s truly a privilege to take part in.

I’ve learned a tonne, but the real learning comes with the exercises that are included as homework during and after the course.

 

Rick
Sydney, Australia
Nov 2019
Corelan Advanced, Corelan Bootcamp

 

I have no doubt stating that Corelan Advanced has been the best infosec training I had so far.
Peter is an excellent instructor who’s able to convey his experience and communicate passion about the topics and give you the tools/primitives to investigate and explore yourself how to deal with exploit development in 2019.
The training homework will keep me busy for the next 6 months/a year for sure, but now I do feel more comfortable and ready exploring and researching modern bug classes.

If you want to dive into modern exploitation, this is for you.

 

Matteo Malvica
BruCON Gent
Oct 2019
Corelan Advanced

 

This course was amazing, Peter set an incredible pace from the very start and didn’t let up until the end.

I now feel like I know the various Windows Heap internals more intimately that I thought possible and I have the means and materials to take that further.

I can now explore everything up to up-to-date 64bit Windows 10 and know that I have the grounding to actually craft exploits on those systems.

I can’t recommend this course enough, if you’re thinking of taking it, do it.

M0rv4i
BruCON Gent
Oct 2019
Corelan Advanced

 

Let me start with a background I have not done a ton of active exploit dev. I was very nervous and excited, at the same time to start something I loved from the start of my InfoSec career. (Not to mention getting ready to be crushed by a tank of Win heap knowledge)
Finally, I brought my body to the training ground, started churning into the vast & deep knowledge Peter has handcrafted in these 4 days. Each day I felt overwhelmed, empowered with teachings and the training enthusiast Peter has in him. Despite my dumbness, I feel so inspired to continue my interest and turn into a passion for exploit development all credit goes to Peter. Now that I know so much that I started spending my nights at win heap stores and for sure years to come I will make it less frustrating :).
To give you guys what felt, I ran myself into exploit motions at the airport layover, on plane & now back home. If you want to eat, drink, sleep with windbg, browser heap, memory leaks, and poop exploits you are in THE RIGHT PLACE.

 

Rohit Mual
Columbia, MD
Oct 2019
Corelan Advanced

 

If you’re comfortable with ROP and if you want to take a deep dive into the world of heap exploitation, I can highly recommend this course. Peter is an excellent and inspiring teacher and researcher that’s able to explain even the most complex aspects of the heap in a structured manner. He really cares whether his students understand the material in class and he even provides exercises that should last for months after the class has finished.

This is the best hands-on experience you can get and if you’re willing to learn, this is for you.

Mister1337
BruCON Gent
Oct 2019
Corelan Advanced

 

This is a course for engineers who are already experienced in binary exploitation and want to deepen their knowledge by taking a hands on class with one of the best teachers in the subject.

As a instructor Peter (Corelan) is a very experienced person which has written a lot about windows exploitation and explains very well each one of the topics in the class, giving you all the material you need if you want to take you time and study on your own.

The course is well structured, and each one of the topics has a set of exercises so you can practice and understand the underlying concepts on a variety of topics such as windows debugging, memory layouts, ROP and even browser exploitation.

Filipe Paz Rodrigues
Columbia, MD
Oct 2019
Corelan Advanced

 

First of all, I would like to thank Peter for a really extraordinary experience, his passion and dedication are a real inspiration for everyone!

I was really looking forward to pushing my knowledge in exploit development to the next level and finally going for the heap, without having any prior experience related to that, in terms of exploit development. The outcome is that I now feel really comfortable in diving into heap exploits and really understanding them.

Took the Corelan Advanced course at Brucon2019. Scrolling trough all the testimonials and knowing the Corelan team’s publicly available work, led me to some high expectations when I enrolled for the class. I’m really happy to say that the training lived up and even exceeded them in some aspects.

Peter is really great at explaining basically everything, the course structure and materials are very well organised and they are facilitating a consistent learning curve. The in-depth level of analysis and the granularity in understanding the course content are key takeaways. I would describe the training as a combined practical-theoretical experience with a focus on deep understanding for Windows Internals, exploit development and Windows heap concepts. The whole training helps you in building a strong knowledge base in which you can later invest your time into. Plus, the received support after the training session, all the “homeworks” :) and the mindset obtained for looking at things as an exploit developer perspective are priceless.

I hope Peter will come up with other trainings in the future as well, really looking forward to it!

Thanks again Peter for all the knowledge and for truly inspiring me!

Highly recommend it, well worth the investment!

 

Stefan Nicula
BruCON Gent
Oct 2019
Corelan Advanced

 

This course was by far one of the most challenging courses I have taken so far, but Corelan does an excellent job of removing the fear of these more advanced topics and won’t leave you in the dark during and after the course. I’ve been utilizing Corelans free research since I got into Exploit Development and when I discovered he offered this course I knew the moment I had the opportunity I had to take it.

I had expectations before going in and all where exceeded. Then again what more can you expect from the man who invented Mona.py and continues to publish research?

Don’t think twice!

 

wetw0rk
Columbia, MD
Sept 2019
Corelan Advanced

 

The Corelan Advanced Exploit Development (CAED) is one of the most challenging and courses I have taken. The depth of information provides a nice baseline for understanding the underlying technologies required to leverage the techniques for successful exploitation. The amount of information covered in the course could fill a semester-long class at a graduate-level CompSci program.

Peter did a great job of organizing and delivering this information. The course will give you the knowledge, resource, and examples to further expound your knowledge in Advanced Exploit development.

My favorite part of the course is the 6months+ worth of homework along with all the resources like the forums.

Well worth the investment!

 

Gershom Rogers
Columbia, MD
Sept 2019
Corelan Advanced

 

Peter is a really knowleadable and enthusiastic teacher. The information you are gonna get in this training will save you tons of personal research on Windows internals.
The quality of the material and teaching is absolutely stellar: heap management on both Win7 and Win10, in-depth analysis of specific vulnerabilities to consolidate concepts, tons (literally tons) of PoCs to hint you during your research after the training. I feel this course gave me material for years to come, and Peter will give you all the necessary tools to continue on after the training.

On top of this all I’ve really enjoyed Peter as a person: dedicated and willing to support his students all the way, during the classes and afterwards, he is a true legend. What you even get after the course is an incredible amount of guidance and support from alumni and Peter himself!

I really would not know what to ask more for!

 

Andrea
Hack In Paris
June 2019
Corelan Advanced

 

I have just finished the Corelan advanced training done by Peter Van Eeckhoutte. What can I say, best training I have attended so far. Peter is dedicated, passionate and the way he teaches you is great. There is no such way of learning something than trying. Nothing is given during the training, you will fail many times but once you achieve something you will know why it worked and how it works behind the scene. You don’t just learn how to launch a bunch of tools. Painful experiences are always better remembered ;)

 

Grégory DRAPERI
Hack In Paris
June 2019
Corelan Advanced

 

First of all I would like to thank Peter, for the incredibly cool 3 days in Paris. Thank you very much for your patience in answering questions and the opportunity to share your extraordinary knowledge with us!

After participating in the bootcamp in April of this year in Belgium (BruCON Spring 2019), participation in the advanced course was only the logical consequence.

What makes the course so special, is the methodical and logical structure based on Peter’s practical experience.

Why you should not miss BOTH courses and participate? Very easily:

– Theoretical bases, their implementations as well as common “halftruths” or “mistakes” are explained in a practice-oriented way.
– No matter what level of knowledge each participant brings, Peter answers every question and never tires of explaining everything in an understandable way.
– Extensive training material, with a huge amount of valuable information (for offense and defense).
– Many private solutions which never been published by Peter.

Both courses will be definitely be part of our company training program as a “MUST” for anyone.

Conclusion: “Learn from the best, or die like the rest”

Peter, you are definitely one of the best!

 

Mario Kornab
Hack In Paris
June 2019
Corelan Advanced

 

I had a blast when attending the Corelan Advanced training. I learned heaps about heap management in Windows and exploitation. Furthermore, during the training a lot of concepts became a part of my reversing / exploitation skills such as: vtables, pointers, IAT and ASLR. Although I was familiar with most of these concepts, during the training they became more clear to me, since they were building blocks for the heap exploitation course. The training is provided at a fast pace and Peter is able to create a great environment for learning. I did not only learn how the Windows heap works, but was able to use the learned concepts to understand the basics about the Linux heap manager. Within a week of the training, I solved my first Linux heap CTF challenge, without any previous knowledge of how the Linux heap worked :)

 

Rikkert Ten Klooster
Hack In Paris
June 2019
Corelan Advanced

 

I completed my OSCP and was looking for the next step in my education. The quality of the class easily exceeded my expectations.

The material might be extremely dense for some, but I felt that Peter does a great job of breaking it down. Based on what I observed from other students, I believe it’s helpful to have some Python experience since a lot of the lab material required creating Python scripts. Creating the Python scripts on my own helped solidify my understanding of the material. I look forward to take the advanced class. Keep up the good work, Peter!

 

Darren Shu
Columbia, MD
July 2019
Corelan Bootcamp

 

In short, this course is fantastic!

It’s a 4-day bootcamp style course, fairly priced, covering Win32 exploit development on Windows 10. Some topics include: stack buffer overflows, SEH overwrites, bad character analysis and encoders, basic shellcoding, egghunters, writing your own Metasploit exploit modules, ASLR partial overwrite bypass, and wrapping it up with an almost full day of ROP for DEP bypass.

After some initial background material on hardware, OS and memory management, from then on you are heads-down and hands-on-keyboard in Immunity debugger, mona, and Python all day every day. There’s also some Ruby in the Metasploit section where you learn to write your own custom Metasploit modules for several of the exploits you just learned.

The class provided lots of extra time, often starting early and ending late, giving students at every level the opportunity to get the most out of the course.

The quality of the labs was excellent, not giving away too much so you can learn on your own, but providing hints and solutions if you get stuck. There are also several supplemental “take home” exploit labs in the material you could work on outside of class or after the training ends to continue to sharpen your skills. Another excellent value add is that after the course ends, there’s an available support forum and Slack channel that all students can join for ongoing help in continuing to develop skills.

Whether you’re just starting out in exploit dev or have covered this material before and would like a great in-depth refresher, this is the class for you.

Peter has many years of experience writing exploits and is the author of mona, so during his step by step walkthroughs you will definitely pick up a lot of his tricks along the way that will help you save time when writing your own exploits. Although he is very knowledgeable, he is also very approachable, humble, patient and is excellent at teaching very complex topics in a way that students at all levels can understand.

If you’ve always wanted to learn how to write exploits, modify exploits, and understand how they work, but felt a little intimidated signing up for such a technical class like this, this is my advice: If you have a passion to learn exploit dev and are willing to put in the time, devote yourself to completing the labs even if it means staying late in class or taking the work back with you to the hotel room to work on it at night, then I can’t think of a better instructor and a better course to kick that off than this one.

Personally, I can’t wait to sign up for the Advanced Class which is the one that follows this one and looking forward to whatever newer classes may be released by Corelan Training in the future.

 

DeckerXL
Anaheim, CA (USA)
May 2019
Corelan Bootcamp

 

So I have been interested in learning exploit development for some time, but never had the motivation to start from scratch on my own by reading blog posts on the Internet. This training is exactly what I needed to, in 4 very efficient days, get me started on what seemed important to me for this discipline:

– getting some knowledge about modern operating systems and applications that is relevant for exploit development
– understanding various protection mechanisms, why they have been adopted over the years and how to bypass them
– learning to use the right tools to debug programs and extract useful information for exploits
– practicing exploit development by manually going through the necessary steps to write an exploit
– being aware of the multiple options that could be used to solve given problems
– having information about what is considered good practice as well as good tips for exploit development

This training is very well put together: It is clear, to the point, has a nice flow, has a good balance between theory and practice, ultimately allowing to get a good overview of the subject as well as understanding the important details.

The course just ended, now I need to put things into (more) practice to consolidate everything.

Raphaël
Anaheim, CA (USA)
May 2019
Corelan Bootcamp

 

Peter is one of the finest and most attentive trainers I’ve ever met. If you’re looking for a refresher or solid introduction to Win32 exploit development, Corelan Bootcamp is an excellent choice. Peter will break you of any bad exploit dev habits you have. ;)

 

wvu
Rapid7
Anaheim, CA (USA)
May 2019
Corelan Bootcamp

 

First I would like to start by thanking Peter for his patience and dedication to answer every question in great details. What separate Peter from other instructors is his methodological and logical approach in delivering the course materials. Hands down, this is the best security training I attended.

Every step is explained with backing theory and clear logical reasons on why we were doing what we were doing to create the exploits. There were no vague answers.

The way Peter puts ideas and concepts together is an inspiration. You may not master every topic discussed right away (as you have to practice, practice and practice) but the main take away is that you have to apply yourself and work hard.

I specifically liked the exercises as they were well-thought out. You will see yourself grasping ideas as you do the exercises yourself (with little help along the way from Peter) which I liked because you will earn knowledge the hard and the right way.

Thank you for a great learning opportunity. What a great person to be around.

 

Omar Asali
Dubai
April 2019
Corelan Bootcamp

 

I took the Bootcamp training in March 2019 and I was impressed by how Peter explained highly complex topics with ease, patience, and enthusiasm. No matter what’s your level of experience in debugging/exploitation, you will learn a lot! 0-day exploitation will become much easier to you once you know the foundations Peter teaches.

As far as I know, there are no better (or even comparable) courses than the ones offered by Corelan’s, which deeply explain exploitation techniques. Hey! Don’t you know that Peter is the developer of the **popular** exploitation module: mona.py! So, you’re getting your knowledge right from the mouth of a guy who spent all of his life developing and researching this science!

Once I practice and master the Bootcamp’s materials/exercises, I will DEFINITELY attend the Advance training.

Thanks, Peter

B@N
Singapore
March 2019
Corelan Bootcamp

 

One of the most gruelling yet beneficial training courses that I have ever attended in my entire ofsec career! This course is definitely a good start for those who really want to get well acquainted with the basics of exploit development. On top of that, Peter is such an amazing instructor in terms of delivering his content and sharing us some tips and tricks when facing problems during the lab exercises. I would personally recommend his training to anyone who wants to start off basic exploit development.

Hamzah
Singapore
March 2019
Corelan Bootcamp

 

Just got back from the training and still trying to process everything. I will be busy for months working through what Peter has provided us with.

If you are thinking about attending the training, but you are unsure because it “only” deals with Win32, IE on Win7, let me tell you one thing: It doesn’t matter. This has nothing to do with “before you run, you have to learn how to walk”.

In this training, Peter explains the process of developing exploits on modern systems.

The course aims to teach you how to think and how the heap works. It does not matter if you don’t write exploits for Edge on x64, trust me. In order to do that, you have to put in the work first and understand how the low level mechanisms and data structures work and at the end of the day, most of the content you learn will (with modifications) also apply to Win10.

It was one of the best technical trainings I was ever able to attend. Thanks Peter!

Bernd
BruCON Gent
Oct 2018
Corelan Advanced

 

Peter is among the best exploit developers and researchers there are. The knowledge you will learn in this class will save you months of independent effort in addition to putting you at a distinct advantage when performing your own research.

It is extremely difficult to get this knowledge in a form which is well structured and professionally written, making this course an absolute gem. After this course, you will be able to, at the very least, understand even the most seemingly perplexing binary exploitation write ups often published by the likes of ZDI. In the best case, you’ll be able to apply this knowledge to broaden or kick-start your research aspirations. You’ll also come away with notes and material that are invaluable – this information will not appear after a few quick google searches.

Thank you for the training, Peter. Can’t say enough good things about it.

 

Dan
BruCON Gent
Oct 2018
Corelan Advanced

 

Loads of excellent reviews. Mine would not be different. Peter has a very rare talent to break/research the stuff and even more rare talent to be a great teacher. He can explain very complicated things in a clear way and guide you through more complex situations. The aim of this course is not to show tips and tricks, but build fundamental knowledge how to attack heap. Loads of exercises will give you a chance to master exploit dev skills. I also enjoyed his insights and thoughts about research, ways to upskill and other things.

Thank you Peter for doing great job! All the best!

Denis
BruCON Gent
Oct 2018
Corelan Advanced

 

The training was very consequent and well edited. The harmony of theorems and exercises and the details of the explanations tells about a lot of experience and care of the profession. Also, Peter is very friendly and helpful. This is The Place where you can get real knowledge and mindset for your own research.

Thank you for the training, Peter!

 

Appleakator
BruCON Gent
Oct 2018
Corelan Advanced

 

Just got back from the training and still trying to process everything. I will be busy for months working through what Peter has provided us with. If you are thinking about attending the training, but you are unsure because it “only” deals with Win32, IE on Win7, let me tell you one thing: It doesn’t matter. This has nothing to do with “before you run, you have to learn how to walk”. In this training, Peter explains the process of developing exploits on modern systems. The course aims to teach you how to think and how the heap works. It does not matter if you don’t write exploits for Edge on x64, trust me. In order to do that, you have to put in the work first and understand how the low level mechanisms and data structures work and at the end of the day, most of the content you learn will (with modifications) also apply to Win10. It was one of the best technical trainings I was ever able to attend. Thanks Peter!

 

Bernd
BruCON Gent
Oct 2018
Corelan Advanced

 

Peter is among the best exploit developers and researchers there are. The knowledge you will learn in this class will save you months of independent effort in addition to putting you at a distinct advantage when performing your own research.

It is extremely difficult to get this knowledge in a form which is well structured and professionally written, making this course an absolute gem. After this course, you will be able to, at the very least, understand even the most seemingly perplexing binary exploitation write ups often published by the likes of ZDI. In the best case, you’ll be able to apply this knowledge to broaden or kick-start your research aspirations. You’ll also come away with notes and material that are invaluable – this information will not appear after a few quick google searches.

Thank you for the training, Peter. Can’t say enough good things about it.

Dan
BruCON Gent
Oct 2018
Corelan Advanced

 

Peter (the man on the other side of the rabbit hole) shared with us his years of experience (undocumented research & no google results) in 3 days.

The advanced course is extremely worth the investment (luckily my company paid for it). The thought process is the most critical part of the exploit development.

Peter is extremely caring for all students to make sure that no students are left behind.

It’s extremely rare to find the personalities of an expert exploit developer and a teacher combine into one person. And of course he shared with us some of his ‘proprietary’ materials. Lastly his technical guide comes along with his genius humor.

Looking forward to Bootcamp in SG 2019.

 

Louis
Singapore
April 2018
Corelan Advanced

 

I enjoyed this course a lot and and it opened my mind for the journey towards finding and exploiting browser heap related bugs and not only! One of the most important aspects I found; is that the course is focused to create a way of thinking in how to approach finding and exploiting a certain class of bugs relating to the heap. I believe at this moment, that Peter’s class is the fastest way into opening the path towards this journey and I think it is an excellent designed course. In addition, care ensuring that no student gets left behind throughout the days is at the uppermost level, The examples used for the bug exploitation are perfectly chosen and not last the teaching skills and the continuous support impressed me extremely.

I would highly recommend this course anytime!

 

Alex
Singapore
April 2018
Corelan Advanced

 

I spent a lot of time improving my skills in Win32 exploit development and Peter’s blog was an important source of knowledge. However, I did not have knowledge about Win32 Heap and I wanted to know how exactly my skills were. That is the reason why I took the Advanced course.

Peter’s training was exactly the kind of training I was hoping to have: a large amount of structured knowledge in many domains. Peter did not just provide theoretical concepts: he also provided many exercises, pushing everyone to do the best. Exercises were clearly not easy, but Peter was not here to give exercises with solutions: he was here to train us to find solutions by ourselves.

The course was long, intense, but above all extremely rewarding.

Thanks Peter!

 

Sebastien
Hack In Paris
June 2017
Corelan Advanced

 

Peter managed to exceed my expectations that I had out of this course.

I had previously attended the Bootcamp training, with the intention to continue with the Advanced course so as to level-up my skills, but more importantly to improve my thought processes into exploit development.

We delved into how heap management works, and leveraging its functionality to exploit bugs mainly in browser software. We explored proof of concepts of Use-After-Free conditions, Memory Leaks, Heap Feng Shui and precise Heap Spraying by performing quite intense, long, and instrumental labs.

Personally, the real journey begins after the end of this training, as Peter provided the tools/ ideas/ examples/ thought-process/ inspiration for further research on the exciting path of modern software exploitation.

Peter has been a truly inspiring mentor during the course and made everything possible to ensure that the core concepts are understood by the whole class.

I am very glad that I had the opportunity to attend the Advanced Course, and I would definitely attend any other future training done by Peter. Many thanks Peter!

 

Nick
Hack In Paris
June 2017
Corelan Advanced

 

Even though I was initially planning to register only for the Advanced Course (due to already possessing relevant advanced certifications on exploit development), I am so glad that I made the decision to attend the BootCamp course as well. It definitely filled in certain gaps I had (which the other certs did not truly cover), and prepared me mentally for the next step.

I enjoyed every minute of the course, but even though it’s now over, I feel that this is the start of a new beginning due to the eye-opening towards certain concepts.

Peter has been a truly inspiring mentor during the course, who did not hesitate to devote extra hours, without which I personally would need more time to get to the point myself and the class was, and he made a true effort so that we really understand the root cause of what we were doing.

I have already registered for the Advanced Course, and looking forward to more exciting times ahead!

Thanks a lot Peter.

 

Nick
BruCON Gent
April 2017
Corelan Bootcamp

External reviews

Training reviews posted on third party websites: