Please click on any Training title below to see pricing and full description.
Note: Please read all Registration Terms and Conditions carefully.
Training courses include full access to the Business Hall, Sponsored Workshops, Sponsored Sessions, and Arsenal. Briefings are not included with the purchase of a Training pass; however, you may purchase a Briefings pass to complement your Training course/s once you register. All Briefings and Trainings will be presented in English.
This hands-on training teaches concepts, tools and techniques to analyze and hunt malwares by combining two powerful techniques malware analysis and memory forensics.This course will introduce attendees to basics of malware analysis,reverse engineering, Windows internals and memory forensics, it then gradually progresses deep into more advanced concepts of malware analysis & memory forensics. This course uses hands-on labs using real world malware samples and infected memory images (crimewares, APT malwares, Rootkits, fileless Malwares etc) to help attendees gain better understanding of the subject. The training also demonstrates how these techniques can be incorporated in a sandbox to automate malware analysis. After taking this course attendees will be equipped with skill to analyze, investigate and respond to malware related incidents.
The fast-paced course teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. The course will cover advanced penetration techniques to achieve exploitation against these platforms:
This interactive training identifies and demonstrates multiple free online resources that break through traditional search roadblocks. Participants will be shown how to "dig" into the internet for personal information about any target. While popular sites such as Twitter, Instagram, and Facebook are covered in detail (including techniques that legally access some "hidden" content), the presentation goes much deeper into the vast resources available for researching personal information. Aside from social networks, other technologies such as meta-data, reverse cellular info extraction, mobile app exploitation, and Application Programming Interfaces (APIs) will be explained. All resources can also be used to conduct thorough background checks on potential employees or to locate client vulnerabilities. All resources can be applied to domestic and international investigations. Many custom tools will be shared with the audience for free lifetime use. A custom Linux operating system pre-configured for immediate use will be provided.
This is not your traditional SCADA/ICS/IoT security course! How many courses send you home with your own PLC and a set of hardware/RF hacking tools?!? This course teaches hands-on penetration testing techniques used to test individual components of a control system, including embedded electronic field devices, network protocols, RF communications, Human Machine Interfaces (HMIs), and various forms of master servers and their ICS applications. Skills you will learn in this course will apply directly to systems such as the Smart Grid, PLCs, RTUs, smart meters, building management, manufacturing, Home Area Networks (HAN), smart appliances, SCADA, substation automation, and synchrophasors.
This course teaches the attendees a wealth of hacking techniques to compromise the security of various web application components. The course starts from the very basic and gradually builds up to the level where attendees can not only use the tools and techniques to hack various components involved in web hacking, but also walk away with a solid understanding of the concepts on which these tools work.
As this is a fast-paced course, attendees will be granted free 30 days lab access to allow sufficient time to practice all the concepts taught during the class.
Our Master course is aimed at existing penetration testers and people with a solid and technical understanding of penetration testing tools and techniques. Using Nmap, metasploit and getting a webshell should not be new concepts.
The course objectives are to teach students how to hack like APT29; strong offensive focus drawing on the techniques employed in recent industry compromises . Strong with regards to new methods/vulnerabilities (current year - 3 years, including the latest Shadow Brokers leak) and how to use them to their full potential. From wide pc/mobile botnet farming to targeted deployment of Gaudox loader with intent to persist, locate and extrude valuable data. Master will give insights in to how the Russian underground market operates, taking students through a preparation phase and execution of a targeted APT scenario, which will cover a wide range of techniques in their logical attack sequence; from target context enumeration to delivery vector and payload preparation, using tools and techniques employed by the darker side.
This 2-day training will teach you how to identify and exploit crypto vulnerabilities and how to use the strongest forms of state-of-the-art cryptography to secure modern systems (like IoT or mobile applications). Beyond that it will also bring you up to speed on the latest and greatest developments in the world of cryptography, such as TLS 1.3, blockchains, and post-quantum crypto.
During the lectures you'll acquire a solid knowledge of the fundamentals, from randomness over authenticated encryption to timing attacks, and you will learn how cryptography is used in applications such as secure messaging protocols or blockchain systems. Throughout the course, we'll give examples of real-world failures and how they could have been avoided.
The hands-on sessions will put into practice the notions and tools encountered previously and you will be challenged to find, exploit, and fix vulnerabilities in cryptographic software. The tasks will consist of a mix of made up problems and examples of real vulnerabilities found in widely deployed systems.
Both trainers have a PhD in cryptography and have found vulnerabilities in major cryptographic software (TLS implementations, industrial systems, secure messaging applications, etc.).
Dark Side Ops II: Adversary Simulation is the combination of sophisticated, red team trade craft and cutting-edge, offensive development to simulate real-world adversary activities. Challenge yourself to move beyond reliance on the typical "low-hanging exploitable fruit" from 1999 and start thinking, persisting, pivoting, and operating like a sophisticated adversary. Application whitelisting got you down? No problem. Can't catch that callback? Been there. No touching disk? No worries. Dark Side Ops II: Adversary Simulation helps participants up their offensive game by sharing the latest in initial access and post-exploitation, defensive countermeasure bypasses, and unique malware code execution techniques.
The ability to quickly sift through forensic evidence in order to find signs of compromise and malware is required to effectively combat modern threats. As attackers currently have the toolkits and capabilities necessary to quickly compromise all critical assets of a network, so must defenders be able to quickly find and eradicate threats. During this course, students will learn how to target the key forensic artifacts that contain traces of attackers and their malware. These sources include many components of the file system, such as the registry and event logs, as well as the data contained in volatile memory (RAM). By the end of the course students will have learned and performed a repeatable process for quickly locating and identifying anomalous artifacts on suspected systems. They will then be able to apply these skills to real world proactive threat hunting and incident response investigations.
This intensive two-day course is designed to teach the fundamental investigative techniques needed to respond to today's landscape of threat actors and intrusion scenarios. The class is built upon a series of hands-on labs that highlight the phases of a targeted attack, key sources of evidence, and the forensic analysis know-how required to analyze them.
Interested in hardware hacking, but don't know where to start? This class, taught by world-renowned engineer and hacker Joe Grand, brings you through the techniques commonly used to reverse engineer and defeat the security of electronic devices. Having premiered in 2005, it is the longest running hardware hacking training in the industry and is continually updated to reflect current trends.
This comprehensive introductory class covers the hardware hacking process, including product teardown, component identification, circuit board reverse engineering, soldering and desoldering, signal monitoring and analysis, and memory extraction. It concludes with a final challenge where you'll attempt to defeat the security mechanism of a custom electronic device.
