Next cohort · TODO: dates
Training for people who have to fix it on Monday
Four-day, lab-driven courses in kernel internals, reverse engineering and incident response. Taught by practitioners who ship the research they teach. Twelve seats per room.
Book a seat See the catalogCatalog
TODO: 6 courses · season
Placeholder content. Courses below are samples showing the
layout. Replace each row and its detail page under courses/.
Windows Kernel Exploitation
TODO: Instructor Name · Company
Kernel internals, memory management and privilege elevation. Driver attack surface, pool grooming, and what modern mitigations actually cost an attacker.
Modern x64 Reverse Engineering
TODO: Instructor Name · Company
Foundations for reading 64-bit binaries without guessing. Ghidra, x64dbg and WinDbg, plus how to challenge an AI tool's output instead of trusting it.
Enterprise Incident Response
TODO: Instructor Name · Company
Investigative tradecraft for Windows intrusions. Scope backwards from a triaged host to the whole estate, and write the finding so it survives review.
Practical Web Application Testing
TODO: Instructor Name · Company
For analysts moving into offensive work. Find and exploit real vulnerabilities in modern apps and APIs through guided labs.
Who this is for
- Vulnerability researchers moving from user mode into kernel internals.
- Detection engineers and blue teamers who need exploit mechanics to build behavioural signatures that hold.
- Reverse engineers working on driver interfaces and undocumented structures.
- Incident responders who own the scoping call at 2am.
Not an introduction. If you have never used a debugger, start elsewhere and come back.