Size: 2.85 GB


This is a continuation of the HeapLAB Part 1 course, a.k.a Linux Heap Exploitation – Part 1.

If you haven’t taken the above course, I highly recommend you do so before embarking on this one.

HeapLAB Part 2 is the same hands-on, practical heap exploitation, just with more new techniques for you to learn!

We’re covering some more Houses, including the rather complex House of Rabbit and the oldschool House of Spirit. If you didn’t break a sweat during Part 1’s One-Byte challenge, in which we exploited a single byte overflow, I’ve built a single null-byte overflow challenge for you to test your skills against. We’ll also be learning about the tcache, the Tcache Dup technique, some more obscure malloc internals such as the glibc tunables, and plenty more besides. Check out the primary learning objectives for further details.

If you already have an exploit development environment set up from Part 1, you’ll be able to start right away. Hack the planet!

You can stop reading now, this part is only here because Udemy seem to think their time is best spent enforcing arbitrary limits on the length of course descriptions and telling us we can’t have text in our course images rather than improving their appalling instructor experience.

Who this course is for:

  • Exploit developers
  • Capture The Flag (CTF) players
  • Those wishing to improve upon the skills they learned in Part 1
  • Anyone interested in weird machines


  • Familiarity with the Linux command line environment
  • Basic debugging skills
  • A Linux VM or Host
  • Some knowledge from Part 1 is assumed

What you’ll learn

  • The House of Spirit technique
  • The House of Lore technique
  • Leveraging single null byte overflows for code execution
  • The House of Einherjar technique
  • The Google Poison Null Byte technique
  • The House of Rabbit technique
  • Heap Feng Shui
  • The Tcache Dup technique


Free Download Link-

Note: Comment below if you find the download link dead.


Leave a Reply

Your email address will not be published. Required fields are marked *