EXP-401 course icon

EXP-401: Advanced Windows Exploitation

OSEE Certification

Modern exploits for Windows-based platforms require modern bypass methods to circumvent Microsoft’s defenses. In Advanced Windows Exploitation (EXP-401), OffSec challenges learners to develop creative solutions that work in today’s increasingly difficult exploitation environment.

The case studies in AWE are large, well-known applications that are widely deployed in enterprise networks. The course dives deep into topics ranging from security mitigation bypass techniques to complex heap manipulations and 64-bit kernel exploitation.

AWE is a particularly demanding penetration testing course. It requires a significant amount of learner-instructor interaction. Therefore, we limit AWE courses to an in-person, hands-on environment.

This is the hardest course we offer and it requires a significant time investment. Learners need to commit to reading case studies and reviewing the provided reading material each evening.

Need to have a large group trained from your organization? OffSec’s In-House Training can bring our Advanced Windows Exploitation course to you. Contact us to find out more.

72-hour exam

72-hour exam

Live training with student-instructor interaction

Live training with student-instructor interaction

Develop expert-level Windows exploits

Develop expert-level Windows exploits

Becoming an OSEE

Becoming an OSEE

The OSEE is the most difficult exploit development certification you can earn. We recommend completing the 300-level certifications before registering for this course.

Students who complete EXP-401 and pass the exam will earn the Offensive Security Exploitation Expert (OSEE) certification. The OSEE exam assesses not only the course content, but also the ability to think laterally and adapt to new challenges.

The virtual lab environment has a limited number of target systems. The software within contains specific, unknown vulnerabilities. Students have 72 hours to develop and document exploits. The exam requires a stable, high-speed internet connection.

You must submit a comprehensive penetration test report as part of the exam. It should contain in-depth notes and screenshots detailing the steps taken and the exploit methods used.

Real world benefits

exp 401

OSEEs can analyze vulnerable software, find problematic code, and develop a functioning exploit for various modern Windows operating systems.

More details

Topics covered

40 (ISC)2 CPE credits


Computer lab requirements