Please click on any Training title below to see pricing and full description.
Note: Please read all Registration Terms and Conditions carefully.
Training courses include full access to the Business Hall, Sponsored Workshops, Sponsored Sessions, and Arsenal. Briefings are not included with the purchase of a Training pass; however, you may purchase a Briefings pass to complement your Training course/s once you register. All Briefings and Trainings will be presented in English.
This hands-on training teaches concepts, tools, and techniques to analyze and hunt malwares by combining two powerful techniques malware analysis and memory forensics.This course will introduce attendees to basics of malware analysis, reverse engineering, Windows internals and memory forensics, it then gradually progresses deep into more advanced concepts of malware analysis & memory forensics. This course uses hands-on labs using real world malware samples and infected memory images (Crimewares, APT malwares, Rootkits, etc.) to help attendees gain a better understanding of the subject. The training also shows how these techniques can be incorporated in a sandbox to automate malware analysis. After taking this course, attendees will be equipped with the skill to analyze, investigate and respond to malware related incidents.
The fast-paced course teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. The course will cover advanced penetration techniques to achieve exploitation against these platforms:
From mind-bending XSS attacks, to exploitation of CSRF vulnerabilities, to advanced SQL injection attacks, Advanced Web Attacks and Exploitation (AWAE) will broaden your knowledge of web application hacking and help you identify and circumvent various protection mechanisms in use on the web today. Every year this course has been offered, multiple students have left the class with 0-day exploits discovered during the training.
Upgrade your red team engagements with bleeding-edge Tactics, Techniques, and Procedures (TTPs) used by attackers in real-world breaches. This course will teach students how to infiltrate networks, gather intelligence, and covertly persist in a network like an advanced adversary.
In this course you will:
Dark Side Ops II: Adversary Simulation is the combination of sophisticated, red team trade craft and cutting-edge, offensive development to simulate real-world adversary activities. Challenge yourself to move beyond reliance on the typical "low-hanging exploitable fruit" from 1999 and start thinking, persisting, pivoting, and operating like a sophisticated adversary. Application whitelisting got you down? No problem. Can't catch that callback? Been there. No touching disk? No worries. Dark Side Ops II: Adversary Simulation helps participants up their offensive game by sharing the latest in initial access and post-exploitation, defensive countermeasure bypasses, and unique malware code execution techniques.
Too often, beginner courses assume an already high level of skill and understanding of the subject matter being taught. This course is different in that we start with no assumption, rather getting you ready to learn how attackers compromise targets, as well as ensuring you get to do the same thing. As the title suggests, it provides an ideal training ground for our other SensePost Training courses, further self-study, or other hacking courses.
Making & Breaking Machine Learning Systems is a fast paced session on machine learning from the Infosec professional's point of view. In this training, students will not only get hands-on experience with developing intelligent, learning security applications, but also learn the techniques for training, tuning, and evaluating such systems. The course is positioned for security professionals who are interested in machine learning, but may not have any practical experience with it. Machine learning is becoming increasingly ubiquitous in a variety of fields, and security professionals educated in this subject matter are better positioned to assess the (often lacking) security postures of machine learning algorithms and systems. This class does not promise that students immediately become machine learning experts, but does ensure that all applications and techniques learnt can be directly and immediately applicable to the work done by security engineers, penetration testers, application developers, and infosec enthusiasts alike.
This Offensive OSINT training program focuses on a wide range of tools and techniques for performing real-world reconnaissance in order to launch targeted attacks.
We will take a deep-dive into various methodologies for extracting useful information from the internet. Furthermore, we will cover how this extracted information can be used in attack scenarios and social engineering campaigns. Topics like attack surface mapping, unconventional search engines, employee profiling, SOCMINT, metadata extraction, phishing framework integration, TOR, etc. will be covered using different OSINT tools like DataSploit, Maltego, Foca, etc. along with custom scripts.
This 2-day course takes a hands-on approach to indulge the participants into real-time scenarios, simulated lab environment, and case studies in order to get a comprehensive understanding of the techniques. A private lab access will also be provided to each participant where they can practice the skills learned during the course.
Practical IoT Hacking: Basic Edition is a research backed and unique 2-day course which offers security professionals, a good understanding of the core of IoT Technology i.e. IoT protocols, sensor tech and their underlying weaknesses. The extensive hands-on labs enable attendees to master the art, tools and techniques to find-n-exploit or find-n-fix the vulnerabilities in IoT, not just on emulators but on real smart devices as well.
Attacks against computer systems continue to increase in frequency and sophistication. In order to effectively defend data and intellectual property, organizations must have the ability to rapidly detect and respond to threats. This intensive two-day course is designed to teach the fundamental investigative techniques needed to respond to today's threat. The class is built upon a series of hands-on labs that highlight the phases of a targeted attack, key sources of evidence, and the forensic analysis know-how required to analyze them. This class will primarily focus on analyzing Windows-based systems and servers; however, the techniques and investigative processes are applicable to all systems and applications. Students will learn how to conduct rapid triage on a system to determine if it is compromised, uncover evidence of initial attack vectors, recognize persistence mechanisms, investigate an incident throughout the enterprise, and much more.
