Train to become OSED certified
EXP-301: Windows User Mode Exploit Development
Starting at $1,749
Level
300885h of content
- Learn advanced exploit development techniques, including reverse engineering, writing shellcode, and bypassing modern mitigations
- Earn the OffSec Exploit Developer (OSED) certification
Becoming OSED certified
-
48-hour proctored
All exams are proctored by an OffSec employee in a private VPN
-
Hands-on labs
Identify, exploit, and report real-world vulnerabilities in live lab systems
-
3 independent exploit tasks
Reverse engineer to discover vulnerabilities, craft exploits t0 bypass security mitigations, and create custom shellcode
-
Obtain a shell and proof.txt file
From the shell, a proof.txt file located on the desktop of the administrator user must be retrieved
OSED certification
About the OSED exam
The OffSec Exploit Developer certification validates expertise in advanced exploit development techniques, including reverse engineering, writing shellcode, and bypassing modern mitigations
Offensive Security Mastery
About the OSCE³ certification
Achieving the OSCE³ certification showcases your dedication to the offensive security field and your ability to tackle complex security challenges after you earn your OSWE, OSED, and OSEP certifications.
Start learning with OffSec
$2,749/year*
Best value
Learn One
Includes one year of access to one 200 or 300-level course, the associated labs, and two exam attempts
$1,749/once
Most popular
Course + Cert Bundle
Includes 90 days of access to one 200 or 300-level course, the associated labs, and a single exam attempt
Train your team with OffSec
$6,099/year*
All access
Learn Unlimited
Unlimited OffSec Learning Library access plus unlimited exam attempts for one year
Get a quote
Large teams
Learn Enterprise
Unlimited OffSec Learning Library access with flexible terms and volume discounts available
Validate your expertise.
Amplify your impact.
-
Mindset & work ethic
Instill a relentless problem-solving mindset that employers value highly in security professionals
-
Globally recognized certification
OffSec certs build elite, hands-on skills trusted by the world's top companies
-
Organization value & trust
Trusted to train skilled, consistent, and reliable security teams
-
Certified candidates win
91% of respondents prefer to hire candidates with certifications (Fortinet, 2024 Cybersecurity Skills Gap Report)

Realistic lab environments
Built to sharpen skills through practical, immersive learning
Request a free trial
-
On-demand lab access
Train anytime in up-to-date, practical, cutting-edge labs
-
Structured learning modules
Progress through clear, goal-driven topics
-
Challenge-based learning
Build skills through real-world, hands-on challenges
-
AI-powered learning assisstant
Get instant, guided help with complex topics
Success stories from the field
Finally OSED! After 36 hours of no sleep I finally succeed. This is, by far, the most challenging (and fun) exam of Offensive Security I have done so far, but It was worth the time; the content is extremely well structured :)
My journey has taken me through the intricacies of reverse engineering, crafting custom shellcode, and tackling complex topics such as stack overflow, SEH Overflow, DEP and ASLR bypass, etc. What an amazing journey it's been—grueling yet thrilling in equal measure.
It was so tough that you have to combine everything taught in the course: stack/SEH overflow, reverse engineering, custom shellcode, egghunter, ASLR/DEP bypass, and custom ROP chains. That was a challenge that kept me awake for 48 hours with almost no sleep but it's all worth it.
The OSED journey has been 3 months of intense sweat, tears, but overall much fun and learning. Everything that I learned will be helpful in my malware reverse engineering path. I want to thank...the great community in Discord, where there were always people happy to help you think and understand.
My journey has taken me through the intricacies of reverse engineering, crafting custom shellcode... I'm grateful for my dedication and curiosity about cybersecurity, and the resilience I've developed along the way.