What to bring:

Just Yourself. All necessary equipment will be provided, including pre-configured laptops, tools and utilities.

Black Hat USA 2010 Weekend Training Session

//CANCELLED

Black Hat USA 2010 Weekday Training Session

July 26 - 27

Hacking by Numbers: Combat Training

SensePost


Register Button


Overview

Hacking By Numbers Combat Edition is SensePost’s flagship course. Combat is an unique new concept – a series of carefully crafted Capture-The-Flag ‘missions’, each designed to teach a specific hacking skill or concept. This course is all hack, no talk. Combat has been described as ‘Zen’ for hackers.

Overview:

This course is the flagship course of the established Hacking by Numbers series. From the first hour to the final minutes students are placed in different attacker scenarios as they race the clock to "capture the flag". In the SensePost tradition, the solutions lie much more in technique and an out-of-box thought process than in the use of scripts or tools. Each exercise is designed to teach a specific lesson and will be discussed in detail after it is completed. In this way you learn from your instructors, your colleagues and your own successes and failures.

The "Capture the Flag" exercises have all been designed to replicate real-life scenarios with real-life-hacker stumbling blocks along the way. Students will have to deal with multiple firewalls, IDS devices and home spun red herrings in their quests to complete the challenge. During the exercises SensePost's leading technical specialists will discuss possible attacks, possible alternatives and even possible defenses for the scenario in question.

The exercises range from simple layer one attacks to more complex attacks requiring combinations of web application vulnerabilities and TCP/IP covert channels. All tools, documentation and required reading material will be provided to the students.

Prerequisites: SensePost will provide fully configured laptop computers as well as CDs with all the tools and materials used in the course. Students need to ensure they have the necessary level of skill. Combat is a course for experienced pentesters and technical analysts. A solid understanding and technical experience of hacking tools, skills and techniques is an absolute prerequisite.

Students without the requisite technical skills are encouraged to consider ‘Bootcamp Edition’.

Context: This course follows directly on from ‘Bootcamp Edition’ and serves as warm-up training the Combat Edition Grading, where students are actually rated on their performance in the exercises. As always, the course can also be taken without any of the others.


Who Should Attend: Combat Edition is a course for technical security professionals. It is expected that people attending this course are most likely to be involved in some form of technical penetration testing for at least one-third of their professional time.

Free additional tools workshop: After the first day of the course SensePost offers a free additional workshop on using their suite of hacking tools, including Wikto, Aura, Suru, Crowbar, BidiBLAH and others, copies of which will be distributed to all students. The tools workshop is open to all attendees of any SensePost course and run in the evening after training on Saturday 28 and Monday 30 July. Precise times and locations will be announced during the training courses.


Course Length: Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered.



Trainers:

SensePost proposes to use experienced world-class technicians with extensive training experience. The course will be presented by one of the following course leaders:

Bradley Jayanath joined SensePost as the team leader for the assessment team after 9 years in the Networking and security industry. He has extensive experience on all types of security assessments and has completed major security projects in the Americas. Bradley has been involved in the training course material since appointment has got extensive experience that he brings to each training course.


Nicholas Arvanitis is an Associate at SensePost, where he leads SensePost's security assessment and penetration testing team. Nicholas has spoken and trained throughout South Africa, Europe and the United States, including at prestigious events such as the Black Hat Briefings and Defcon. His area of expertise is in web application assessment, network security assessment and vulnerability management.


Marco Slaviero (MSc) is an associate at SensePost focused on providing penetration testing services to global clients in the financial services, mining and telecommunications sectors. Marco specializes in web application assessments with a side interest in thick applications and network assessments. His background is academic and he finds the security industry a little bewildering if complete fun.


Ian de Villiers is an associate security analyst for SensePost. Coming from a development background, his areas of expertise are in application and web application assessments. Ian has spent considerable time researching application frameworks, and has published a number of advisories relating to portal platforms. He has also provided training on web application security at prestiguous events such as the BlackHat briefings in the USA and spoken at security conferences on this topic.


Super Early:
Ends Apr 1
Early:
Ends May 15

Regular:
Ends Jun 15

Late:
Ends Jul 23

Onsite:

$2400

$2600

$2800

$3000

$3300