The Exploit Laboratory: Advanced Browser Exploitation

Instructors: Saumil Shah
Dates: 15-16 June 2015
Capacity: 25 Seats

Learn advanced browser exploitation techniques, DEP and ASLR bypass, ROP chaining and Use-After-Free bugs in this intermediate/advanced level exploit development training. Exploit Laboratory: Advanced Browser Exploitation is the next step for those who have already taken an introductory class in exploit development and want to take their red team skills to the next level. Our lab environment will be made available to all attendees to take with them and continue learning after the two days are complete! Can be combined with Exploit Lab: Master as a 4-day class.

The Exploit Laboratory: Advanced Browser Exploitation is an intense 2-day course carefully crafted to provide students with a practical hands-on approach to exploiting modern day operating systems. The focus of the class is to bring participants up to speed on the complexities of exploit writing required for defeating modern exploit mitigation techniques.

The class begins with an introduction to browser and PDF exploits and moves quickly onto defeating exploit mitigation techniques like DEP and ASLR. Topics covered in the class include stack overflows, vtable pointer overwrites, advanced heap spraying, Return Oriented Programming (ROP) and Use-After-Free (UAF) bugs.

We end the class with a mini "Capture The Flag" contest where you shall put your newly acquired exploit writing skills to test in a near-real-world environment.

As with the popular Exploit Laboratory, all topics are delivered in a down-to-earth, learn-by-example methodology. The same trainers who brought you The Exploit Laboratory for over 10 years have been working hard in putting together advanced material based on past feedback.


Teaching Style

Daily class outline

Day 1

Day 2

Learning objectives

Who should attend?

Class Requirements




The Exploit Laboratory: Red Team edition is an advanced class. If your concepts are a bit rusty, we have prepared three tutorials that we HIGHLY recommend before coming to the class.

Hardware Requirements:

Minimum Software to install:


Saumil Shah is the founder and CEO of Net-Square, providing cutting edge information security services to clients around the globe. Saumil is an internationally recognized speaker and instructor, having regularly presented at conferences like Blackhat, RSA, CanSecWest, PacSec, EUSecWest,, Hack-in-the-box and others. He has authored two books titled "Web Hacking: Attacks and Defense" and "The Anti-Virus Book".

Saumil graduated with an M.S. in Computer Science from Purdue University, USA and a B.E. in Computer Engineering from Gujarat University. He spends his leisure time breaking software, flying kites, traveling around the world and taking pictures.

Additional information

The Exploit Lab Blogs

Exploit Lab Twitter

To Register

Click here to register.