[Article]-Course Review: Offensive Security AWE (Advanced Wi

Viewing 3 reply threads
  • Author
    • #8645
      Don Donzal

      This is a blog post. To read the original post, please click here »

      In terms of training, Offensive Security is best known for their Pentesting with BackTrack/Kali (PWK) and Cracking the Perimeter (CTP) courses. While PWK and CTP have reputations for being intense, grueling courses that require months of sacrifice and dedication, the word “Advanced” is conspicuously absent from their titles. This fact alone should emphasize where Offensive Security AWE falls in relation to these other courses.

      After registering for the course, the student must complete a reversing challenge to ensure he or she has a basic understanding of the foundation concepts that are required to digest the course content. The material in the course is far more advanced than the challenge, and successfully completing the challenge is no guarantee that the student is fully prepared for the course. However, if the student is unable to complete this challenge, or has extreme difficulty with it, there is a significant gap in requisite knowledge, and it is recommended to pursue the course at a later date after additional preparation. Did I mention “Advanced?”

    • #53762

      Nice review, dynamic, thanks for the write-up! Although AWE covers some different topics than corelan’s training, could you give a comparison of these two courses?

      Again, congrats on the pass! 🙂

    • #53763

      Good question. Someone else asked me this on LinkedIn, so I’m sure others are curious as well.

      The Corelan course is designed to be a boot camp that’ll take someone from a complete novice to being competent with many common exploitation techniques. I personally think it’d be best if someone had a basic understanding of assembly and CPU/memory operations prior to taking the course since that is A LOT of material to understand and retain over two days. However, the course will indeed start with the absolute basics, and there are technically no prerequisites. AWE is, of course, the polar opposite, and has an enormous amount of prerequisites.

      There are several other key differences. The Corelan course is 32-bit only, and it focuses on userland exploitation. Therefore, 64-bit and kernel exploitation will be new in AWE. Corelan also revolves largely around the use of Mona.py (which is awesome). This mimics real-world exploit development in that you’d want to automate as many tedious and repetitive tasks as possible. Note: the concepts behind each technique are thoroughly explain, so it’s not like you’re just running a command that magically gives you an exploit. You still learn how everything works behind the scenes. However, per typical OffSec style, nothing in AWE is automated; they make you suffer through everything manually to truly ingrain the concepts and techniques. Actually, they do give you one ROP script that helps you find bricks. Unfortunately, it’s partially broken, and they literally make you find the error and fix it yourself 😮

      As I mentioned in the review, OffSec went way out of their way to find convoluted vulnerabilities that not only covered a given technique but also brought tears to your eyes in the process. Therefore, heap spraying on the Corelan course focuses largely on that technique itself, while in the AWE course, you have to disassemble the binary with IDA and review the source code on top of that.

      Comparing these two courses is really comparing apples and oranges. They each focus on unique areas and target different skill levels, and there’s no point in trying to determine which one is “better”. I think they compliment each other well, and it makes a lot of sense to do Corelan first and then move to an advanced course like AWE. I absolutely loved the Corelan course, and I would do things in the same order if I had to do everything again. It was undeniably a critical component of my AWE preparation.

      Also, like the OffSec team, it was absolutely a privilege to spend that time with Peter. Despite being another leader in the field, he was completely humble and awesome to interact with. I picked up a lot of neat tips and tricks just from chatting with him during breaks and asking random questions during the course. Even if you think you have a good handle on the boot camp material, you’ll probably still get a lot out of the overall experience.

      Finally, Corelan might have OffSec beat in terms of per-day intensity. He covers an insane amount of material in two days, and we went 14-16 hours each day (bring Red Bull, for both you and Peter). Peter is an absolute beast, and he was still energetic and wanting to do exercises at 10PM the second day, despite having a 6AM flight back to Belgium the next morning. Unfortunately, he had succeeded in reducing our brains to pudding at that point, and we had to draw the line there 🙂

    • #53764
      Master Of Puppets

      Congrats on this great achievement!

Viewing 3 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?