Training

This class is designed to equip you with the expertise needed to bypass defenses in modern enterprise environments. Delving deep into the techniques to bypass endpoint countermeasures like EDRs. You will gain a comprehensive understanding of Windows and EDR internals (user-mode / kernel-mode components, EDRs internals and telemetries)

A full-spectrum dive into anti-forensics across Windows and Linux (with a tad of MacOS, if time permits), centered on real incidents and modern attacker behavior.
The course walks through classic log wiping, deeper filesystem tricks, PowerShell, timestomping, sandbox artifacts, memory-only execution, endpoint solution blind spots, and advanced Linux log manipulation.

A modern, Windows 11-focused deep dive into userland stack exploitation, created & taught by an experienced exploit developer and instructor.  You’ll gain a clear, evidence-based understanding of how things really work from fundamentals all the way to full ROP mastery. You’ll learn not just what works, but why it works — the Corelan way. Corelan Stack, step 1 towards CCED.

This is a hands-on, two-day deep dive into real-world Linux persistence techniques. Learn how adversaries maintain access, simulate attacks using PANIX, and build effective detections with the Elastic Stack, guided by two Elastic Security Labs researchers. No theory-only slides: expect live simulations, obscure techniques, and practical detection engineering throughout.

This is an in-depth, hands-on course designed for developers, DevOps engineers, and security professionals who want to master the core principles behind intelligent agents and multi-agent (autonomous) systems, but we won’t shy away from the required, sometimes theoretical concepts, to grasp the technology but also the security dynamics in play. This course goes far beyond basic prompt engineering and does explore the low-level mechanics of LLM integration, agent chaining, and the architecture behind autonomous AI systems and security implications.