Black Hat Digital Self Defense USA 2005

Note: if the class is overfilled, then you will be wait-listed until there are enough students to fill a second class. You will be contacted should this occur.


Black Hat USA Training 2005
Caesars Palace Las Vegas • July 23-24

Course Length: 2 days

Cost: US $1800 or or before July 1, 2005, or US $2000 after July 1, 2005
NOTE: this is a two day course. A Blackhat Certificate of Completion will be offered.


Two Day Course

July 23-24

Unethical Hacking - Targeted Malice

Dyad Labs

What to bring:
Participants are requested to bring their own Unix (Slackware Linux preferred) laptops.

This class will focus on massively scalable and demonstrably effective ways to attack systems. This class comprises one part Vulnerability Finding, one part Tool & Exploit development, and one part Attack Amplification. We will cover attacking COTS Discretionary Access Control based Unix systems. We will also have a special section on attacking a Mandatory Access Control based systems. The class will conclude with a session detailing how to protect your environment from the attacks covered in the class.

The class will have working exploit and tool code as examples, but the focus of the class is to demystify the entire process. Our motto is "To be; not to appear". It is our hope that our students will become functional in all subjects covered as they apply what they learned from the class.

If you come to this class, you will learn or see examples of:

  • Vulnerability & Target Finding:
    • How to write fault injection software for automated Application Testing.
    • How to use and develop scalable tools to find targets and deliver custom payloads.
  • Tool & Exploit Development:
    • How to use available software libraries to write custom attack tools:
    • Clustered Attack Servers
    • Protocol Layer Attacks
    • Application Layer Attacks
  • Attack Amplification
    • Attacking Mandatory Access Control based systems.
    • How to scale your attacks to every IP in the IPv4 space.
    • How to go undetected by common forensics tactics.
    • How to bypass IDS/IPS.
    • How to maintain control of a machine through an OS Reinstall (hardware dependent).

Who Should Attend:

  • Programmers & Security Researchers: You are our primary target for this class and will take away the most value from it.
  • Security Auditors & Seasoned "Pen-Testers": Be sure to brush up on C before you come. Your customers will really appreciate your new found knowledge after taking this class.
  • Government: Any Red Team member will definitely learn from and enjoy this class.

Special Notes:
You need to come with a Unix (Slackware Linux preferred) laptop that is fairly recent. If you are not a programmer, we will try to make sure you still take away valuable knowledge. Get plenty of sleep. We know it's hard for a computer class to compete with the Vegas night life, but this one may require your full attention.

Students are eligible to receive 16 Continuing Professional Education (CPE) credits upon completion of class. Black Hat will automatically forward your information to ISC2.

Course Length: 2 days

Cost: US $1800 on or before July 1, 2005, or US $2000 after July 1, 2005
NOTE: this is a two day course. A Blackhat Certificate of Completion will be offered.




Robert E. Lee serves as Dyad Labs's Chief Executive Officer. Robert's primary roles include technology and software development, security research, and education program initiatives. Robert functions as the primary contact interfacing with clients for Dyad Labs.

Jack Louis is a Senior Security Researcher for Dyad Labs. He has a background in core networking technologies, systems programming, and electronics. Jack is the lead programmer behind unicornscan, a distributed data information engine for the the OSACE project. Jack is also the lead author of cruiser, a web application testing tool in the OSACE suite.

Black Hat Logo
(c) 1996-2007 Black Hat