{"id":19065,"date":"2026-04-02T15:31:00","date_gmt":"2026-04-02T13:31:00","guid":{"rendered":"https:\/\/www.corelan.be\/?p=19065"},"modified":"2026-04-02T15:50:01","modified_gmt":"2026-04-02T13:50:01","slug":"exploit-writing-tutorial-part-1-the-video","status":"publish","type":"post","link":"https:\/\/www.corelan.be\/index.php\/2026\/04\/02\/exploit-writing-tutorial-part-1-the-video\/","title":{"rendered":"Exploit Writing Tutorial Part 1 - The Video"},"content":{"rendered":"

Hi everyone,<\/p>\n

We are super excited and proud to announce the start of a great initiative.<\/p>\n

17 years ago, Peter Van Eeckhoutte<\/a> (aka corelanc0d3r<\/a>) began publishing his exploit development tutorials<\/a> on the Corelan website.<\/p>\n

Those tutorials were groundbreaking and paved the way for how entire generations of security researchers learned exploit development.\u00a0 They became a global reference point for both aspiring and experienced exploit developers, and even for trainers building their own courses. His work has been cited in books, referenced in research, and quietly influenced how people approach vulnerability analysis and exploitation at a fundamental level.<\/p>\n

Even today \u2014 despite changes in operating systems, mitigations, and tooling \u2014 the underlying techniques documented in those blog posts remain highly relevant.<\/p>\n

And yet, one question kept coming back:<\/p>\n

\u201cCan we see this in action?\u00a0 Can you make a video so we can follow along?\u201d<\/p><\/blockquote>\n

\ud83c\udfa5 Bringing Corelan to Life<\/h2>\n

So we decided to do exactly that.<\/p>\n

I\u2019ve teamed up with Corelan to turn these legendary write-ups into a video-based series, where we walk through the original material step by step \u2014 but this time, live, visual, and on modern systems.<\/p>\n

This is not a replacement for the original content, it\u2019s an extension. A way to bridge theory and execution.<\/p>\n

\ud83d\ude80 Part 1 \u2014 Stack-Based Buffer Overflows (Windows 11 x64)<\/h2>\n

We\u2019re kicking things off with Part 1 of the original series:<\/p>\n

\ud83d\udc49 Exploit Writing Tutorial Part 1<\/a><\/p>\n

In the first video, we exploit a stack-based buffer overflow on a modern Windows 11 x64 environment.<\/p>\n

By the end of the tutorial, you will have learned:<\/p>\n

    \n
  • What a stack-based buffer overflow really is<\/li>\n
  • The role of registers and key assembly instructions<\/li>\n
  • How to identify the steps and strategy to go from memory corruption to building an exploit<\/li>\n
  • How to find and use reliable trampoline pointers<\/li>\n
  • When and how to deploy shellcode<\/li>\n
  • How to turn a proof of concept into a working exploit<\/li>\n<\/ul>\n

    We\u2019ll also be using tools such as WinDBG and mona.py throughout the process \u2014 all based on the original Corelan workflow, but using modern systems and tooling.<\/p>\n

    If you need help setting up and using WinDBG, please take a moment to review this post<\/a>.\u00a0 Also, feel free to use the CorelanVMInstall.ps1<\/a> script to help set up WinDBG, Python, Visual Studio Express and other tools on your Windows 11 machine.<\/p>\n

    The video<\/h2>\n

    You can watch the video here<\/a>:
    \n