Two courses covering the full exploitation stack — from AFL++ fuzzing and userland memory corruption through kernel-level vulnerability research and privilege escalation. The only curriculum that goes this deep. 2 certifications. 90-day lab access. Pre-configured ARM64 devices.
A pre-configured ARM64 Android device with AFL++, Syzkaller, and all fuzzing toolchains ready. No hardware. No setup. Just start fuzzing.
Fuzzer, harnesses, and corpus ready. Write your first harness in minutes.
Kernel syscall fuzzer configured and targeting real driver code.
GDB, ASan, crash triage scripts — everything for root cause analysis.
Cloud-hosted Corellium device. Full kernel and filesystem access.
Included with enrollment. Extend if you need more time.
CAED (userland) + CASR (kernel). Prove real exploitation skill.
Course previews
Sample lessons from each course in the bundle — from userland fuzzing to kernel-level exploitation.
ARM64 fuzzing with AFL++, crash triage, and building working exploits for real-world Android applications.
Live demonstration of fuzzing Android native libraries — from writing a harness to triaging crashes and confirming exploitability.
Privilege escalation through kernel memory corruption — from vulnerability discovery to root on Android devices.
Tour of the cloud-based ARM64 lab with pre-configured Android devices for fuzzing and exploitation. No hardware needed.
What's included
From fuzzing your first native library to escalating privileges through the kernel. Both courses. Both certifications. One bundle price.
Why this bundle
The only mobile security training with a full AFL++ fuzzing curriculum. Write harnesses, fuzz native libraries, crash targets, and turn crashes into exploits.
Cloud-based ARM64 lab devices ready in your browser. No physical hardware. No emulator setup. No environment configuration. Log in and start exploiting.
Full exploitation chain: identify a vulnerability, fuzz it, analyze the crash, build a working proof-of-concept. Heap overflows, type confusion, use-after-free.
Go beyond userland. Learn kernel vulnerability classes, privilege escalation techniques, and the research methodology used by professional kernel exploit developers.
CAED (Certified Android Exploit Developer) and CASR (Certified Android Security Researcher). Practical, hands-on exams — no multiple choice. Both included.
Everything runs in the cloud. ARM64 devices, toolchains, debuggers, fuzzers — all pre-configured. Works on any machine with a browser. 90-day access for both courses.
Who this is for
You already know mobile app security. This bundle takes you from identification to full exploitation — userland and kernel.
You can find vulnerabilities. Now you want to exploit them. This bundle teaches you to go from a crash to a working PoC — and then go deeper into the kernel.
You've worked with native code. You want to add AFL++ fuzzing and kernel-level research to your methodology. This is the only curriculum that covers both.
You've done the mobile security assessments. The OWASP checklist is second nature. This bundle is the step after — real exploitation, real fuzzing, real kernel work.
How it compares
| Feature | MHL Bundle | SANS SEC575 | 8kSec Training | Courses Separately |
|---|---|---|---|---|
| AFL++ fuzzing curriculum | ✓ Full curriculum | ✗ | Partial | ✓ (userland only) |
| Kernel exploitation | ✓ Full course | ✗ | ✓ | ✓ (separate purchase) |
| Certifications included | 2 (CAED + CASR) | GIAC (extra cost) | 0 | 2 (separate cost) |
| Lab environment | Cloud ARM64 devices | Physical device | Student-managed | Cloud ARM64 |
| Price | €2,500 | $8,000+ | $4,000+ | €4,574 |
Common questions
You should have a solid foundation in mobile application security — APK analysis, dynamic instrumentation, and basic vulnerability identification. Familiarity with Linux command line and some exposure to reverse engineering is helpful. This bundle is designed for researchers who already know app security and want to move into exploitation and kernel research. If you can comfortably work through a mobile pentest, you have the foundation.
Basic familiarity with C is recommended since the courses deal with native code, memory corruption, and kernel internals. You don't need to be a systems programmer — the courses build context progressively. Students with scripting backgrounds (Python, shell scripting) who understand pointers and memory layout have completed the userland course successfully. The kernel course does go deeper, so more comfort with C will help there.
Every lab runs on a pre-configured ARM64 device that you access through your browser. The toolchains, debuggers, fuzzers, and target binaries are all set up and ready. No physical hardware to buy, no emulators to configure, no environment setup. You get 90 days of lab access for both courses. Log in, launch a lab, and start working. Labs are available 24/7.
CAED (Certified Android Exploit Developer) validates your ability to fuzz, crash, and exploit Android native code — you're given a real target in a lab and must produce working exploits. CASR (Certified Android Security Researcher) validates kernel-level exploitation and advanced security research skills. Both are practical, hands-on exams with no multiple choice. Both exam attempts are included in this bundle.
The Full Chain Bundle covers a broader range of mobile security topics. This Exploitation Bundle is a pure exploitation path — it focuses exclusively on AFL++ fuzzing, memory corruption, heap exploitation, and kernel-level security research. If you already know mobile app security and want maximum depth on exploitation specifically, this bundle goes deeper on that axis. Less breadth, more depth.
AFL++ fuzzing, memory corruption, heap exploitation, privilege escalation, kernel research. Two certifications. One bundle. 45% off.
Lifetime course content access. 90-day lab access. No hardware required.