Most people interact with systems they will never understand. They accept the abstraction. They trust the interface. They never ask what executes beneath the syscall boundary. These trainings exist for the ones who refuse that arrangement.

Windows Driver Internals. Reverse Engineering, Debugging, and Exploitation.

Two days inside the architecture of Windows drivers. Kernel-mode, user-mode, minifilters, KMDF, UMDF, legacy WDM. You will reverse engineer driver binaries (.sys, .dll), reconstruct undocumented structures from raw disassembly, attach a kernel debugger to a live system, trace IRPs through the device stack, and identify exploitable flaws in IOCTL handlers. Every driver model is covered. Loading mechanisms, signature enforcement, IRP dispatch, filter manager internals, UMDF host isolation, pool internals, vulnerability identification, rootkit techniques, crash dump analysis. Nothing is abstracted. Nothing is skipped.

2 days. 1500 EUR.

Windows Exploit Mitigations. Understanding, Attacking, and Bypassing.

Two days breaking through the defenses that modern Windows puts between an attacker and code execution. DEP, ASLR, CFG, CIG, ACG, CET, stack cookies, heap hardening, and others. You will study how each mitigation is implemented at the binary and kernel level, where its trust boundaries are, and how they have been bypassed. ROP chain construction, JIT spraying against ACG, CFG bitmap corruption, ASLR entropy reduction, stack pivot techniques, return address overwrites against CET shadow stacks. Every mitigation examined for what it actually enforces and what it fails to prevent.

2 days. 2000 EUR.

Contact: kasper_vreyshk on Discord.

More trainings will follow. When they are ready.