NextGen Infosec Training

Exploiting Simple Buffer Overflows on Win32

This course provides a beginner friendly introduction to the world of exploit research and bug hunting! We spend over 6+ hrs of video time learning the basics of buffer overflows on 32-bit Windows and exploiting over 10+ real world and staged application to illustrate various concepts.

– Vivek Ramachandran

Founder, and Pentester Academy

Question?Promotional Pricing – Enroll Now!


1. What is the Exploiting Simple Buffer Overflows on Win32 course about?

As Pentesters, we’ve all used some of the awesome exploits that come packaged with tools like Metasploit but what does it really take to write your own? How do you start that journey? What background knowledge do you need? Which tools? Where do you begin? This course aims at answering all these questions and getting you started with writing your own exploits.

This course starts from the very basics of how to begin exploiting buffer overflows on 32-bit Windows. We focus on imparting the basic concepts, techniques and tools of the trade to the student. It is important to note that this introductory course will be looking at exploitation of buffer overflows in the absence of exploit mitigation techniques such as DEP and ASLR. We will be creating separate courses for these and offer them soon.

This course is meant for beginners and does not assume any prior knowledge of Exploitation Techniques, Debuggers, Disassembly etc. We will be teaching everything from the very basics. 

2. Course Syllabus and Software Requirements

A non-exhaustive list of topics to be covered include:


  • Course Introduction
  • Stack basics
  • Tampering with the Return Address
  • Returning to Shellcode
  • Overwriting the Stack – Local and Remote
  • Using Patterns to Calculate Offsets
  • Exploit to Meterpreter
  • Understanding Bad Characters
  • Finding Bad Characters
  • JMP/CALL ESP Technique
  • JMP/CALL EAX Technique
  • Exploiting Echo Server v1/2/3
  • Local Exploitation
  • Remote Exploitation
  • Real World Apps Examples


Software Requirements: You will require a Windows XP SP3 machine running within Virtualbox/VMware to follow this course.


Promotional Pricing – Enroll Now!

3. Can I see some sample videos from the course? 

The course is fully hands-on and you will be spending almost 90% of the time doing exercises with the instructor. The course starts from the very basics and slowly takes you to more complicated topics, making it ideal for self-paced learning. Below are a couple of sample videos from the course:

1. Course Introduction

2. The Stack

3. Tampering with the Return Address

4. Exploiting Echo Server v3 Part 1

5. Finding Bad Characters

6. Bad Character Hunting: MicroP

The course contains over 6+ hours of Videos where the student will be doing exercises.

Promotional Pricing – Enroll Now!

4. What do I get as a registered student? 

A registered student will get the following:

  • Over 6+ hours of HD Videos
  • PDF Slides of the full course
  • Course Exercise files – EXEs, Python scripts etc.

Please note that there is no student forum associated with this low-priced course.

Promotional Pricing – Enroll Now!

5. What is the course duration? when does it start / stop ?

This course is completely self-paced, self-study course. There is no duration of the course or expiry period.

6. I am a student of Pentester Academy. Will this course be posted there?

We are already posting the videos of this course on Pentester Academy as they are being created.


7. Student Testimonials from our other courses

SecurityTube Certifications are currently taken by students from over 73+ countries around the world! Here is what our students have to say about us:

I found the SecurityTube Linux Assembly Expert course to be unique as it challenges the trainee to research and write implementations himself rather than just learning a book. This is also reflected by the exam which requires the user to go hands and which, in my opinion, tests the skills of the user a lot better than a multiple choice exam can. I also liked the fact there weren’t any time constraints on when to take the exam, which made it infinitely easier to plan in with regards to my job. The fact you also get a complete GDB course as an extra is a real bonus (Vivek wants to make sure you really know how to use your basic tools). The best part of the SLAE was the price, there are little other trainings of the same quality with the same price.

– Lucas Kauffman
IT Security Advisor, Ernst & Young

SecurityTube and Vivek Ramachandran are making a significant contribution and impact in the field of Information Security Education. My experience completing SecurityTube Wireless Security Expert has been fun and highly satisfying. The SWSE Course content is of high-quality, hands-on & crystal-clear to understand. Vivek has the unique gift of transferring his knowledge seemingly casually yet very effectively. The technique of breaking topics into delicious small-chunks make them easy to absorb irrespective of the complexity of the subject.

After passing the SWSE, I am having fun doing SecurityTube Python Scripting Expert course!

– Sarveshwar Rao
Sr. Security Product Manager, Alcatel-Lucent

Though I’ve been working with Python for automating security related tasks for almost two years now, this course enhanced my understanding of the language to new depths. I’ve already recommended the SecurityTube Python Scripting Expert to all my friends, as trainer gives very clear and interesting explanations during lectures and in attached PDF materials. But still, if you want to know the subject better, you constantly need to do a lot of research yourself. And this course does really help in that! 🙂

– Andriy Brukhovetskyy
CyberSecurity Professional at S21secSpain



Enroll Now!


8. Why Choose SecurityTube Certifications?

Our Certifications are taken by students from over 73+ countries and are Globally recognized. The Flags in the image to the left are countries from where our students belong. In addition, SecurityTube Certifications provide:

  • High Quality Content at an Affordable Cost
  • The most Comprehensive Course Coverage in the Industry
  • Uses Open Content for Course Evaluation
  • Concept Oriented, Practical Content rather than only Theory


Promotional Pricing – Enroll Now!

9. Course Instructor

Vivek Ramachandran is the Founder and Chief Trainer at He discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. He is also the author of the book “Backtrack 5 Wireless Penetration Testing“.

Vivek currently runs the SecurityTube Wi-Fi Security Expert (SWSE), the SecurityTube Metasploit Framework Expert (SMFE), SecurityTube Python Scripting Expert (SPSE) and the SecurityTube iOS Security Expert (SISE) online course and certifications which is currently being taken by students from over 73+ countries around the world. He also conducts in-person trainings in the US, Europe and Asia.

In a past life, he was one of the programmers of the 802.1x protocol and Port Security in Cisco’s 6500 Catalyst series of switches. He was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He has also published multiple research papers in the field of DDoS, ARP Spoofing Detection and Anomaly based Intrusion Detection Systems.

Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Blackhat USA and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc.

Enroll Now!

10. Course Enrollment and Payment



Please submit the Paypal powered form below to make a payment to “Binary Security Innovative Solutions Pvt. Ltd.“, the parent company of SecurityTube to enroll for the course. You will receive a confirmation email from our team within 1 Working Day of your payment.

Student Name:

If you cannot use Paypal, please drop us an email at feedback [] for alternate options for payment.

11. Contact Us

We have compiled a FAQ below:

Click to Expand FAQ…

Please use the form below if you have any additional questions not answered by this page and we will get back to your ASAP:

Enroll Now!