Monthly Archives: June 2016

Exploiting the forensic investigator (AWE course training)

This summer i am attending the Advanced Windows Exploitation (AWE) course of Offensive PhotoRec-logoSecurity. The AWE course has been on my wishlist for a long time, because the previous courses (OSCP and OSCE) were amazing. One of the requirements for the AWE course, according to offsec, is a will to suffer intensely.

After completing OSCE, i’ve spend quite some time on exploit development. My thesis was to discover previously unknown vulnerabilities and exploit them. During this thesis i discovered a vulnerability in Wireshark (CVE-2014-2299).

However, this is around three years ago. To get ready for the AWE course, i really have to refresh my exploit development skills. So far, i wrote the following exploits to get ready for AWE:

Continue reading