What you'll learn

Buffer overflows remain a core exploitation technique for any offensive security practitioner—and a foundational skill for eCPPT and the OSED (EXP-301) exploit development pathway. In this course, Buffer Overflow for Offensive Security Professionals, you’ll go from a vulnerable application to a working reverse shell using a clear, repeatable six-step methodology. First, you’ll build the mental model you need: how the call stack manages memory and why unchecked input creates exploitable conditions. Next, you’ll work hands-on through each step—: Fuzzing, crash replication, offset discovery, EIP control, bad character identification, and return address selection. Finally, you’ll weaponise a complete exploit using msfvenom shellcode and catch a live reverse shell. When you’re finished, you’ll have the skills and knowledge to confidently identify and exploit classic stack-based buffer overflows, and a solid foundation for tackling the more advanced exploit development techniques covered in OSED and the OSCE³ certification track.