Black Hat USA Training 2008
Caesars Palace Las Vegas • August 2-7
A Certificate of Completion offered for each class.
See the
Training Schedule.
Menu
Course Offerings
The stakes are high for today's network defenders.
Black Hat USA 2008 brings together the best minds in security to define tomorrow’s information security landscape. Featuring many new tracks and new training sessions, Black Hat USA is the biggest and best conference we've ever presented.
Application Security
Advanced Asp.Net Exploits and Countermeasures
IOActive
Advanced level: Push Asp.Net to the limit. See how Asp.Net applications and environments can be exploited by skilled attackers, and how those same techniques can be used to protect the targeted assets.
Advanced Web Application Penetration Testing:
Black Hat Edition
Aspect Security
Advanced Course – Hands on 2-Day intensive – learn how to test web applications for security flaws like the experts.
Application Security - An Enterprise Approach
Security Compass
A major case study and various hands-on components are used to guide executives and information security managers in understanding how they can improve their organization's overall security posture.
Hacking Oracle PL/SQL
David Litchfield
Delves deeply into Oracle server security and complements the Advanced Database Security Assessment Course
Building and Testing Secure Web Applications
Aspect Security
Hands-on exercises where the students get to perform security analysis and testing on a live web application.
Effective Fuzzing: Using the Peach Fuzzing Platform
Michael Eddington, Leviathan
Blake Frantz, Leviathan
The first comprehensive hands-on fuzzing course centered on the industry standard Peach Fuzzing Platform. Lean how to fuzz just about anything with Peach. No coding required, but recommended.
ModSecurity: Bootcamp Training Black Hat Edition
Breach Security
Designed for those people who want to quickly learn how to build, deploy, and use ModSecurity in the most effective manner possible.
SAP (In)security
Mariano Nuñez Di Croce, CYBSEC
How to secure an SAP system? How to perform a security assessment of an SAP system? These are the two questions that this course tries to answer.
Web Application (In)security
NGS Software
If you are concerned with the security of web applications and the insecurity they introduce to your back end information systems this is the workshop for you.
Auditing and Assessment
Advanced Database Security Assessment
NGS Software
Discover flaws in database security and effectively develop strategies to keep attackers out.
This Course is Closed. No seats are available.
Hacking by Numbers: Cadet
SensePost
Novice level. A highly practical course that teaches method-based hacker thinking, skills and techniques.
Hacking by Numbers: Bootcamp
SensePost
Novice level. A highly practical course that teaches method-based hacker thinking, skills and techniques.
Hacking by Numbers: Combat Training
SensePost
Advanced level. This course is all hack, no talk.
Hacking by Numbers: Web 2.0
SensePost
Web 2.0 is a whole new world and Hacking By Numbers - Web 2.0 Edition is a course designed to prepare you for it.
Hands on Penetration Testing with BackTrack 3: 0wning the Network
Mati Aharoni, Offensive Security
This is an intensive, hardcore, hands on Security class by the creators of Backtrack especially designed for delivery in BlackHat Trainings. The course is an interesting amalgamation between our entrylevel course (Offensive Security 101) and expert level course (BackTrack to the Max).
Source Code Review - J2EE
Security Compass
Roll up your sleeves and dive in to this hands-on tutorial on how to discover vulnerabilities in your J2EE code using static source code analysis.
TCP/IP Weapons School: Black Hat Edition
Richard Bejtlich, TaoSecurity
Learn how networks can be abused and subverted, while analyzing the attacks, methods, and traffic that make it happen.
Ultimate Hacking: Black Hat Edition
Foundstone
The definitive training regimen for assessing and securing your networks.
Ultimate Hacking: Expert
Foundstone
In depth coverage of current security topics. Not for Beginners.
Certification
Certified Ethical Hacker (C|EH) Version 6
EC-Council
Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.
ECSA/LPT Certification Preparation
EC-Council
The ECSA course equips one with the knowledge and know-hows to become an EC-Council Licensed Penetration Tester.
NSA InfoSec Assessment Methodology Course (IAM) - Level 1
Security Horizon
You will need this course before you can take the IEM course. Earn NSA Certification.
NSA InfoSec Assessment Methodology Course (IEM) - Level 2
Security Horizon
The followup course to the IAM. Earn NSA certification.
Cryptography
Cryptographic Primitives: A Close Look Inside
Andrew Lindell
In this course, students will gain an in-depth understanding of how cryptographic primitives are constructed and broken.
Development
The Exploit Laboratory
Saumil Udayan Shah
Learn how to expose the inner mechanisms of exploits and how they work. The class is highly hands-on and very lab intensive.
Exploits 101
Allen Harper
Working through lab examples and real world vulnerabilities to take you to the next level
Forensics
Discover the Hidden: Steganography Investigator Training
WetStone Technologies
A comprehensive course for investigating the suspected use of digital steganography
Incident Response: Black Hat Edition
Kevin Mandia, MANDIANT
Specifically designed for information security professionals and analysts who respond to computer security incidents.
Inside Hacking and Malware
WetStone Technologies
The most effective approach to get into the mind of cyber criminals is to utilize their tools and technologies in a hands-on environment and become familiar with the fundamental hacking process. This four day course is structured with interactive lab environments to allow students to work together and experience real investigative scenarios. Learn how to become the lead investigator in your office and learn to stay one step ahead of the criminals.
Live Digital Investigation – Investigating the Enterprise
WetStone Technologies
"Live" enterprise investigation training.
Memory Forensics in Incident Response
James (“Jamie”) Butler II
This class will focus on the use of freeware and open source tools to perform advanced memory analysis.
Hardware
Hands-On Hardware Hacking and Reverse Engineering Techniques: Black Hat Edition
Joe Grand
This course is the first of its kind and focuses entirely on hardware hacking.
Lock Picking and Physical Security: From Beginner to Expert
Deviant Ollam
This workshop is geared towards security professionals whose duties and responsibilities include guiding security decisions for whole departments or even entire companies.
SCADA Defense: Protecting Critical Infrastructure
IOActive
This course is designed to provide process control professionals with a fundamental understanding of the steps needed to effectively defend their critical infrastructure assets.
Side Channel Analysis and Countermeasures
Riscure
Learn how to protect embedded and smart card technology against side channel analysis
Malware Analysis
Advanced Malware Deobfuscation
Jason Geffner & Scott Lambert
No Source? No Symbols? No Problem.
Malware Analysis: Black Hat Edition
MANDIANT
This introductory course is for those interested in entering the field of malicious software analysis.
Understanding Stealth Malware
Joanna Rutkowska and Alexander Tereshkin
An in-depth understanding of how advanced stealth malware works, how it interacts with the operating system, underlying harware and network.
Managerial
Enterprise Security From Day 1 to Completion: A Practical Approach to Developing an Information Security Program
Chris Conacher
A practical, step-by-step approach to securing an entire organization.
Leading, Planning, and Executing an Application Security Initiative
Aspect Security
For executives and managers - get the education and practical guidance you need to ensure that your software projects properly address security in this collaborative workshop 2 day session.
Network
Building a Better Mouse Trap: The Art of Developing Effective Intrusion Detection/Prevention Signatures
Rohit Dhamankar & Rob King
Learn how to implement effective network intrusion prevention.
Infrastructure Attacktecs™ & Defentecs™: Cisco Voice Over IP
Steve Dugan & Rodney Thayer
A new hands-on course offering from the creator of Hacking Cisco Networks.
This Course is Closed. No seats are available.
Infrastructure Attacktecs™ & Defentecs™: Hacking Cisco Networks
Steve Dugan
Extremely popular and intense hands-on course.
Tactical VoIP: Applied VoIPhreaking
the Grugq
Learn how to attack VoIP
Reverse Engineering
Analyzing Software for Security Vulnerabilities
Halvar Flake
Intense course encompassing binary analysis, reverse engineering and bug finding.
The IDA Pro Class: Reverse Engineering with IDA Pro
Chris Eagle
Essential background material for effective reverse engineering.
Reverse Engineering on Windows:
Pedram Amini and Ero Carrera
This class is meant to impart cutting-edge understanding of malicious code analysis upon attendees, ultimately taking them to an advanced level of reverse engineering skills applicable to other security domains.
Reverse Engineering Rootkits
Greg Hoglund, HBGary
Rich Cummings, HBGary
This two day class will cover useful techniques and methods for incident response in the field when machines are suspected of intrusion with stealthy malware.
Systems Administration
Microsoft Ninjitsu: Black Belt Edition
Timothy Mullen, Jim Harrison & Dr. Thomas Shinder
This one-of-a-kind training course will arm attendees with the skills needed to design, deploy, maintain and secure even the most sophisticated Microsoft infrastructures. This "special edition" course will also include the development and design of ISA Server DMZ configurations and deployments to further secure your Microsoft installations
Wireless
Invisible Network, Invisible Risk
Adam Laurie
Wireless Security Class... Hot!
Ultimate Hacking: Wireless Edition
Foundstone
Knowledge is power and you do not want the hackers to know more about your wireless networks than you do…