Register

Date

Saturday 21st Feb until Tuesday 24th Feb (2026) - 9AM until 6PM

Price

€4.000,00 (euro)

Location

Manchester piccadilly, United Kingdom (exact location will be sent to you after registration)

How to signup?

To signup, you should send an email to “[email protected]”

Course Objectives

This 4-day training course will teach you how to exploit advanced .NET enterprise targets, bypass mitigations, chain bugs and pop shells! We will be exploiting more than 15 remote code execution chains (total of 25 single bugs): these vulnerabilities will all be unique in their style and target real world software.

During the class, we’ll walk you through bypassing mitigations, discovering and chaining complex vulnerabilities, the tricks and techniques based on each target and many more exciting subjects. This is going to be 32 hours of intensive reverse engineering and exploitation to develop your intuition for finding and exploiting bugs in .NET environments.

Syllabus

• Day 1: Foundation of .NET Exploitation

  • .NET Basic Reverse Engineering and Debugging
  • Defeating Obfuscations
  • Easily Debugging Annoying .NET Targets
  • Mapping the attack surface of different .NET environments
  • Attacking .NET Remote communication stacks part 1
  • Discovering, and Writing Exploit for 2 LPE Issues (Real world softwares)
  • Discovering, bypassing and Writing Exploit for 2 RCE Chains (Real world softwares)

• Day 2: Advanced .NET Exploitation Techniques

  • Attacking .NET Remote communication stacks part 2
  • Attacking .NET Remote communication stacks part 3
  • Exploiting 2 RCE Chains (Real world softwares)

• Day 3: Deep Dive into Deserialization Exploitation

  • .NET Deserialization basic to advanced, covering 8 .NET deserializers
  • Exploiting 4 RCE Chains which include deserialization issues (Real world softwares)
  • Bypassing Deserialization Protections
  • Covert Red Teaming Techniques in .NET Environments

• Day 4: Exploitation Challenges and Edge Case Bypasses

  • Finding Target Specific Gadget Chains
  • Exploiting 2 LPE Chains (Real world softwares)
  • Exploiting 4 RCE Chains (Real world softwares)
  • Bypassing Mitigations part 1
  • Bypassing Mitigations part 2

Required Skills

A good attitude towards learning and basic knowledge of reverse engineering, although the course is about reverse engineering managed code, having prior reversing experience (x86, etc) has a big advantage.

• Basic familiarity with a scripting language like Python, Bash, etc.
• Medium familiarity with any language that is .NET based (C#, F#, etc)
• Basic knowledge of “any” reverse engineering is required (x86, etc)
• A good attitude towards learning 🙂

What to Bring?

• 300GB free disk space
• 16GB of ram or more
• A x64 windows host operating system (no linux, no mac)
• do not use a ARM based machine for this workshop
• VMWare Workstation Pro (make sure its the Latest Version)
• Basic familiarity with a scripting language like Python, Bash, etc.
• Medium familiary with any language that is .NET based, (C#, F#, etc)
• basic knowledge of “any” reverse engineering is required (x86, etc)
• A decent internet connection (hotspot, etc)

What you’ll be provided in the training

All targets, tools, virtual machines will be provided to you during the training