loader image
img not found!

Introduction to Binary Exploitation in Windows x86 Environments – By Ángel Gangas (MANDIANT)


Introduction to Binary Exploitation in Windows x86 Environments

This workshop provides a solid, practical, and technically deep introduction to binary exploitation in Windows x86 environments, covering the essential fundamentals needed for participants to continue progressing toward modern and advanced exploit development techniques.

Although the course is designed as an introduction, its approach goes beyond the basics, providing a comprehensive technical foundation on x86 architecture, memory management, vulnerability analysis, and exploit development. This enables attendees to truly understand the exploitation process and continue their learning independently.

During the workshop, participants will set up their lab environment, review the current state of exploit development, and gain solid knowledge about the stack, registers, execution flow control, and exploitation conditions. Through guided practical exercises, techniques such as fuzzing, buffer overflow exploitation, and Structured Exception Handler (SEH) manipulation will be applied, developing functional exploits in controlled real-world scenarios.

The course maintains an eminently practical focus, integrating theoretical fundamentals with progressive labs, allowing attendees to build a strong technical foundation for advancing to techniques like bypassing modern mitigations, ROP, and advanced exploit development.


Workshop Contents

  • Welcome and Environment Setup
  • The Current State of Exploit Development
  • Module 1: Introduction
    • Basic concepts of the stack, registers, and vulnerabilities
  • Module 2: Fuzzing
    • Exercises
    • Group resolution
  • Module 3: Buffer Overflow
    • Exercises
    • Group resolution
  • Module 4: Structured Exception Handler (SEH)
    • Exercises
    • Group resolution
  • Closing the workshop
  • How to deepen your knowledge?

Learning Objectives

By the end of the course, participants will be able to:

  • Understand the internal workings of x86 architecture in Windows.
  • Analyze vulnerabilities at the memory level.
  • Apply fuzzing techniques to identify exploitable conditions.
  • Develop basic buffer overflow exploits.
  • Exploit vulnerabilities based on Structured Exception Handler (SEH).
  • Understand the full cycle of exploit development.

Target Audience

  • Advanced students in computer science and security.
  • Pentesters and security analysts.
  • Cybersecurity professionals interested in binary exploitation.
  • Security researchers.