Please click on any Training title below to see pricing and full description.
Note: Please read all Registration Terms and Conditions carefully.
Training courses include full access to the Business Hall, Sponsored Workshops, Sponsored Sessions, and Arsenal. Briefings are not included with the purchase of a Training pass; however, you may purchase a Briefings pass to complement your Training course/s once you register. All Briefings and Trainings will be presented in English.
From CEO to IT SysAdmin ninja, if you're looking to get some hands on experience with the tools and techniques the bad guys are using, this is the class for you. We'll take you from zero to hero using Metasploit to familiarize you with its capabilities and get you ready to take the Metasploit Mastery course.
Already cut your teeth with the beginners course? Just want to increase your Metasploit ninja skills? If you're looking to get some hands on experience with the tools and techniques the bad guys are using, this is the class for you. In this class you'll go from simply using Metasploit to molding it to do things you never imagined it could do.
Active Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between.
Challenge yourself in a fully simulated enterprise environment, complete with domain services, security controls, misconfigurations, and vulnerable applications. You will learn to effectively create devastating attack paths to gain access to the crown jewels and demonstrate risk posed to the organization. This fast-paced course will teach you how to leverage penetration testing toolsets developed from our tester's experience on hundreds of engagements. You will learn how to conduct effective, in-depth penetration tests, focused on demonstrating the business impact of a breach.
In this course you will:
Learn sophisticated, offensive operational tradecraft to attack enterprise environments while evading modern defensive capabilities. Just like high-end adversaries, this course will teach you to compromise a high-security network in a full-scope assessment, utilizing cutting-edge attack techniques. Throughout, you will face live incident responders attempting to detect and remove your presence from the enterprise. Challenge yourself to operate like the enemy. Only through advanced tradecraft will you be able to remain silent while conducting deep penetration into the network.
In this course you will:
Real-world cloud security is most definitely not business as usual. The fundamental abstraction and automation used to build cloud platforms upends much of how we implement security. The same principles may apply, but *how* they apply is dramatically different, especially at enterprise scale.
This highly technical course expands off the basics of our Cloud Security Hands on Training and delves deep into practical cloud security and applied SecDevOps, which is really the only way to survive when operating in the cloud.
This course brings you a whole new level of hardware hacking imagine being able to break an AES-128 bootloader in a few minutes, or glitching past password checks in otherwise secure devices. Based on the open-source ChipWhisperer, this course uses the hands-on experience by providing each student with a ChipWhisperer-Lite board (which they keep) and bringing them through a variety of attacks against real encryption and security code examples.
Anyone specifying or developing embedded systems needs to understand these attacks, as they might allow an attacker to compromise your otherwise secure system.
****More Seats Added!****
The fast-paced course teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. The course will cover advanced penetration techniques to achieve exploitation against these platforms:
****More Seats Added!****
The fast-paced course teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. The course will cover advanced penetration techniques to achieve exploitation against these platforms:
Malware authors sometimes take deliberate steps to thwart the reverse engineering of their malware. This course is focused on advanced topics related to combating malware defense mechanisms. Designed for the experience d malware analyst, a robust skill set in x86 architecture and the Windows APIs is essential. Students will learn how to specifically combat against anti-disassembly, anti-debugging and anti-virtual machine techniques. Students will also learn how to defeat packed and armored executables and will be challenged to demonstrate these skills several times throughout the course.
Additional topics covered will include malware stealth techniques, such as process injection and rootkit technology; analyses of samples written in alternate programming languages, such as Delphi and C++; and a review of available tools and techniques. All concepts and materials presented are reinforced with demonstrations, real-world case studies, follow-along exercises, and student labs to allow students to practice what they have learned. This class is taught by senior FLARE Malware Analysts who are experienced in fighting through the state-of-the-art malware armor.
This interactive training identifies and demonstrates multiple free online resources that can aid internet searchers with breaking through traditional search roadblocks. Participants will be shown how to "dig" into the internet for personal information about any target. While popular sites such as Twitter, Instagram, and Facebook are covered in detail (including techniques that legally access some "hidden" content), the presentation goes much deeper into the vast resources available for researching personal information.
Aside from social networks, other technologies such as meta-data, reverse cellular info extraction, mobile app exploitation, and Application Programming Interfaces (APIs) will be explained. All resources can also be used to conduct thorough background checks on potential employees or to locate client vulnerabilities. All resources can be applied to domestic and international investigations. Many custom tools will be shared with the audience for free lifetime use. A custom Linux operating system pre-configured for immediate use will be provided.
Cutting edge tradecraft employs a minimalist strategy, whereby the attacker relies primarily upon the built-in tools and technology already present in a target environment. In a modern Windows enterprise, PowerShell is the embodiment of these principles and a core operating system feature that cannot be ignored. PowerShell offers an attacker a multitude of advantages in nearly all phases of an operation. Learn how to leverage this powerful administration tool against your targets in this four day deep dive taught by the foremost experts on offensive PowerShell.
In this course you will learn:
This course will teach you how to clean up your digital footprint and take privacy to the extreme. The instructor has spent that past five years investigating methods for disappearing from all known databases while maintaining a "normal" existence. He has also researched the best ways to protect your data, communications, and overall online presence. This presentation of successes (and failures) will help you establish your own strategy for disappearing from public view. Overall, this course will explain how to be invisible. You will make your communications private, internet connections anonymous, computers hardened, identity guarded, purchases secret, accounts secured, and home address hidden. You will legally create and strengthen aliases that will be used more often than your true identity. You will remove all personal details from public view and will reclaim your right to privacy. You will no longer give away your intimate details and you will remove yourself from the system. When taken to the extreme, you will be impossible to compromise.
As we learned in my first class, there are almost always bugs in code. We found them by auditing, fuzzing, and reversing code. Then we crafted exploits. To counter this reality, vendors have developed a variety of protections.
In this class we continue the battle. We describe a number of modern day protections: things like EMET, Isolated Heap, and CFG. We then perform hands-on lab work to show how bypasses can be constructed. This build-and-break teaching style provides the tools for vulnerability researchers, security engineers, and developers to perform cutting edge work.
The second half of the class is all about the kernel. You will learn how to debug, audit, fuzz, and exploit kernel code. The class is fast pasted, but low stress and fun. Prepare to learn!
From mind-bending XSS attacks, to exploitation of CSRF vulnerabilities, to advanced SQL injection attacks, Advanced Web Attacks and Exploitation will broaden your knowledge of web application hacking and help you identify and circumvent various protection mechanisms in use on the web today. Every year this course has been offered, multiple students have left the class with 0day exploits discovered during the training.
The authors of Aircrack-NG (most popular tool for Wi-Fi Pentesting) and the best selling book "Kali / Backtrack 5 Wireless Penetration Testing" (sold over 14,000+ copies worldwide) have teamed up to create this absolutely advanced course on Wireless Pentesting!
Advanced Windows Exploitation provides an in-depth and hardcore drill down into topics ranging from precision heap spraying to DEP and ASLR bypass techniques to real-world 64-bit kernel exploitation. This course is extremely hands-on and includes a lab environment that is tailored to challenge and bring the most out of you. The case studies covered include vulnerabilities discovered by our research team or exploits written by Offensive Security.
Adversary Hunting and Incident Response: Network Edition offers practical experience for an often underutilized incident response practice-- hunting. Hunting is the proactive search of a network for threats that may go unidentified by intrusion detection, AV, and other security systems. Hunting provides opportunities for organizations to find unknown threats while gaining deeper understanding of their networks. This course will teach you how to hunt through network data and identify threats commonly seen from nation-state adversaries, organized criminal syndicates, and hacktivists using a variety of free and open source tools.
Learn how to thoroughly lock down Linux and UNIX systems from Jay Beale, the creator of Bastille Linux and other tools. In this fully hands-on course, you'll harden Linux systems and the programs that run on them. You'll learn how to repel, detect and contain attacks, using configuration and free tools, including SELinux, Docker and LXD containers, OSSEC, ModSecurity, FWKnopd, and AppArmor.
This course will focus on the techniques and tools for testing the security of Android mobile applications. During this course the students will learn about important topics such as the Android Security model, the Android runtime, how to perform static analysis, traffic manipulation, memory dumps, debugging , code modification and dynamic analysis from zero knowledge of the APK to full exploitation. Students of this course will learn how to operate and make the best of the AppUse custom VM for Android application penetration testing, from its own creators.
By taking this course you will be able to perform penetration testing on Android mobile applications and expose potential vulnerabilities in the tested application such as insecure storage, traffic manipulation, malicious intents, authentication and authorization problems, client side SQLi, bad cryptography, and more.
There are four technical skills required by security researchers, software quality assurance and test engineers, or developers concerned about security: Source code auditing, fuzzing, reverse engineering, and exploitation. Each of these domains is covered in detail. C/C++ code has been plagued by security errors resulting from memory corruption for a long time. Problematic code is discussed and searched for in lectures and labs. Fuzzing is a topic book author DeMott knows about well. Mutation file fuzzing and framework definition construction (Sulley and Peach) are just some of the lecture and lab topics. When it comes to reversing C/C++ (Java and others are briefly discussed) IDA pro is the tool of choice. Deep usage of this tool is covered in lecture and lab. Exploitation discussions and labs are the exciting final component. You'll enjoy exploitation basics, and will also use the latest techniques.
This course introduces and explores attacks on several different relatively accessible interfaces on x86 systems. Attendees will get hands-on experience implementing and deploying a number of low-cost hardware devices to enable access, privilege, and deception which is in some cases imperceptible from software.
This is not your traditional SCADA/ICS/IoT security course! How many courses send you home with your own PLC and a set of hardware/RF hacking tools?!? This course teaches hands-on penetration testing techniques used to test individual components of a control system, including embedded electronic field devices, network protocols, RF communications, Human Machine Interfaces (HMIs), and various forms of master servers and their ICS applications. Skills you will learn in this course will apply directly to systems such as the Smart Grid, PLCs, RTUs, smart meters, building management, manufacturing, Home Area Networks (HAN), smart appliances, SCADA, substation automation, and synchrophasors.
This two day course will take a deep-dive into the fundamentals of SCADA security and provide students with the knowledge that they need to safely perform penetration testing against live SCADA environments. The course will also provide students with methodologies through which security research may be performed against SCADA devices in order to identify 0day flaws in some of the world's most critical systems. During the course, students will have the opportunity to engage in live attacks against programmable logic controllers (PLC's) and other industrial control systems, to include activities such as SCADA RTOS firmware reversing, ICS hardware hacking and SCADA protocol fuzzing.
****More Seats Added!****
This is an entry level course and is a recommended pre-requisite for our Advanced Infrastructure Hacking course. This class familiarises the attendees with the basics of network hacking. A number of tools and techniques will be taught during the 2 days class. As this is a fast-paced course, attendees will be granted free 30 days lab access to allow sufficient time to practice all the concepts taught during the class.
If you want to step into the world of ethical hacking/pentesting, then this is the right course for you.
Too often, beginner courses assume an already high level of skill and understanding of the subject matter being taught. Our beginner's course is different in that we start at the beginning, and assume you are here to learn how attackers compromise targets, as well as ensuring you get to do the same thing. As the title suggests, it provides an ideal training ground for our other SensePost Training courses, further self-study, or other hacking courses.
This training is designed to give students a breadth of cryptographic knowledge for implementation and protocol review, along with a deep understanding of how exploitable cryptographic vulnerabilities and problematic designs arise. Rather than focus on individual attacks and teach people how to perform carbon-copy exploitation in contrived scenarios - we've gone a level deeper and taken the common underpinnings of them. What do Lucky13, hash length extensions, and Bitlocker bypass attacks have in common? Recognize the fundamental issue in them, and then start finding novel attacks in new situations.
Our Master course is aimed at existing penetration testers and people with a solid and technical understanding of penetration testing tools and techniques. Using Nmap, metasploit and getting a webshell should not be new concepts.
The course objectives are to teach students how to hack like a russian criminal network; strong offensive focus drawing on the techniques employed in recent industry hacks. Strong with regards to new vulnerabilities (current year - 3 years) and how to use them to their full potential. From deploying Dridex and Betabot to maintaining access and harvesting data, this course takes you through the TTP's used by criminals.
Hands-On Training of Vehicle Networking Systems, Vehicle Embedded Systems, and the Security Systems Enabled to Prevent Manipulation of These Systems.
This course provides a solid foundation in cloud security, and includes a full day of hands-on labs to apply the principles in practice. It also includes new, expanded material for advanced students. We cover all the material needed to pass the Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK) exam, but add a pragmatic approach to immediate kick start your cloud security projects. For Black Hat, we also add expanded material to show you how to take cloud security to the next level by leveraging DevOps techniques and the characteristics of the cloud.
If you constantly find yourself wondering if there's a better or more efficient way of doing your job, then this course is for you! This course is designed to take those with little or no programming experience to the next level. Students will learn the fundamentals of the Python and Powershell programming languages and gain first hand experience applying these powerful tools to solve commonly experienced security problems. By taking this course you will develop the skills necessary to automate manual and time consuming security tasks, build your own security tools, seamlessly incorporate the results from open source tools into your team's workflows, and develop the glue necessary to bind your disparate security tools and datasets into a cohesive platform. Completion of this course will also open up other Black Hat training courses that require beginner to intermediate programming skills.
Jonathan Trull – SecOps Labs & Optiv
This interactive course will teach network security professionals how to use data science techniques to quickly write scripts to manipulate and analyze network data. Students will learn techniques to rapidly write scripts to improve their work. Participants will learn now to read in data in a variety of common formats, then analyze that data.
Even when crypto is correctly implemented, it is notoriously difficult to use correctly. In this course, participants will obtain a deep understanding of famous attacks like BEAST, CRIME, Lucky13 and many more, will gain the skills to understand newly released attacks, and will learn how to deploy crypto properly and thereby avoid making similar mistakes. In short, we will study how crypto works, how to use it properly, and how to stay clear of crypto misuses that will leave you wide open to attack.
Dark Side Ops: Custom Penetration Testing focuses on using stealthy techniques, advanced attacks, and custom malware to conduct realistic, targeted penetration tests. An intensive, hands-on lab environment with tons of code samples provides participants with a structured and challenging approach to bypass the very latest in offensive countermeasures. Participants will also receive and compile source code to create several custom shells and backdoors as they learn to plan, exploit, pivot, persist, and evade detection in even the most secure networks.
Digital forensics and incident response are two of the key fields that organizations and security personnel must master if they wish to detect and respond to modern threats. This course is designed to teach students the basics through advanced concepts involving acquiring and analyzing a wide range of system activity. Upon completion of the course, students will know how to track malware, malicious insider activity, and remote attackers throughout disk and volatile memory. This understanding will not only come from hands-on experience with the mostly widely used tools in the industry, but also from understanding how and why forensics artifacts manifest on Windows systems.
This training will empower you to understand which are the most critical security threats affecting your SAP platform. Learn how to assess your organization for SAP-specific vulnerabilities using opensource tools, and use exploits in a controlled environment to better understand and communicate the potential business risk. Learn how to mitigate existing vulnerabilities to protect yourself against the most common as well as the latest attack vectors. No previous SAP expertise required!
Take your organization from compliance driven security awareness training to the next level of maturity with a comprehensive Security Culture Program. Security professionals who are responsible for training, phishing, and other employee behavior related functions will benefit from this step by step course to improve the measurements and ROI of your security awareness program. Your employee base is your largest attack surface, and a Security Culture Program is a critical piece to any Blue Team's defense-in-depth strategy. If you need to make your employees care about security, this course is your roadmap.
Learn how to write advanced exploits for browsers, bypass DEP and ASLR, build ROP chains and dig deep into Use-After-Free bugs in this intermediate/advanced level exploit development training. Exploit Laboratory: Black Belt is the next step for those who have already taken an introductory class in exploit development and want to take their red team skills to the next level. Our lab environment will be made available to all attendees to take with them and continue learning after the two days are complete!
CAN BE COMBINED WITH EXPLOIT LAB: MASTER AS A 4-DAY TRAINING PACKAGE.
Take your exploit development skills to the max with this highly advanced level class. First introduced in 2015, the Exploit Laboratory: Master returns to Blackhat USA 2016 with topics such as advanced ROP chains, an in-depth analysis of infoleak bugs, one-byte memory overwrite ownage, heap spraying on modern Javascript engines, server side heap spraying and a special section on practical 64-bit exploitation. Our lab environment will be made available to all attendees to take with them and continue learning after the two days are complete!
CAN BE COMBINED WITH EXPLOIT LAB: BLACK BELT AS A 4-DAY TRAINING PACKAGE.
Fuzzing For Vulnerabilities is a two-day hands-on course where students learn the skills necessary to design and implement custom fuzzers. This course will walk students through the basics of setting up a fuzzing environment, writing a fuzzer, and analyzing the fuzzer to determine the scope of code covered during a fuzzing session. Students will leave this course with practical knowledge gained from developing a fuzzer for a real-world application with millions of installations worldwide. If your goal is to learn fuzzing to enhance the security of your own software or to find vulnerabilities in others software, this course will provide you with the knowledge to succeed.
Want to write memory corruption vulnerabilities but don't know where to start? Do you secretly aspire to Pwn2Own glory and a life as a freelance bug hunter? So many tutorials assume a certain amount of previous knowledge, or the example programs are so hard to find and setup so you can follow along. This course will get you started on that path with hands-on exercises in exploit development starting with the basics. In this course we will learn how memory corruption vulnerabilities work, how to find them, exploit them, and deal with problems such as lack of space and character set issues.
This course teaches hardware hacking and reverse engineering techniques and skills commonly used against electronic products and embedded systems. It is a combination of lecture and hands-on exercises covering the hardware hacking process, proper use of tools and test measurement equipment, circuit board analysis and modification, embedded security, and common hardware attack vectors. The course concludes with a final hardware hacking challenge in which students must apply what they've learned in the course to defeat the security mechanism of a custom circuit board.
Tired of watching hardware products getting hacked every day without having your part of fun ? Don't worry it will not be the case anymore! This training teaches you hardware hacking in its most pragmatic aspects by using both theory and practice (hands-on). It follows a simple (but efficient) training methodology based on a "Discover / Analyze / Attack & Protect" guideline that can be applied to any kind of hardware product (Internet of Insecure Things included). This course smartly mix methods and tools in order to give you all the necessary knowledge to be able to perform hardware security audits by yourself. The last part but not least our exclusive "Capture The Drone" hands-on to complete the training by practicing what you have learned in an attack/defense scenario featuring our favorite small flying things. Each student will receive a Hardsploit hardware hacking tool, with a value of 300
Hunting for zero-day malware is difficult enough when looking at one system that you have physically sitting in front of you. But, doing it across the network, at scale, across an entire enterprise produces certain challenges. In this course we will cover first how to hunt of undetected malware on a single system, and then how to script that so that you can remotely hunt across large numbers of computers. This course will be completely based on employing built-in OS and freeware tools and scripting in batch and powershell.
This intensive two-day course is designed to teach the fundamental investigative techniques needed to respond to today's landscape of threat actors and intrusion scenarios. The class is built upon a series of hands-on labs that highlight the phases of a targeted attack, key sources of evidence, and the forensic analysis know-how required to analyze them.
Almost every computer incident involves a trojan, backdoor, virus, or rootkit. Incident responders must be able to perform rapid analysis on the malware encountered in an effort to cure current infections and prevent future ones. This course provides a rapid introduction to the tools and methodologies used to perform malware analysis on executables found on Windows systems using a practical, hands-on approach.
Air, sea, land, space, and now cyber. Cyberspace has been named an operational domain by the U.S. Department of Defense. This designation and subsequent application of U.S. doctrine to cyberspace operations has shed light on new tactics and techniques for network defense based on military doctrine developed over millennia; techniques you can use now to improve the defense of your network. This course will introduce you to the intricacies of this complex new landscape through discussion and hands-on exercises developed by career Army officers with a combined 50+ years of experience.
I'm sure there's an app for that!!
As mobile phone usage continues to grow at an outstanding rate, this course shows you how you'd go about testing Android and iOS and to some degree Windows Mobile, mobile platforms, and installed applications to ensure they have been developed in a secure manner.
This course will give you insight and practical window into the methods used when attacking mobile platforms. This course is ideal for penetration testers who are new to the mobile area and need to understand how to analyze and audit applications on various mobile platforms using a variety of tools and platforms. Our mobile course uses a mixture of lectures, hands-on-labs, demonstrations, and group exercises.
The days of running grep to find simple stack overflows are gone. Finding exploitable vulnerabilities, such as use-after-frees, often requires a thorough understanding of more complex code patterns such as reference counting and garbage collection. This two-day course teaches students how to dive into large C/C++ source code projects and find exploitable memory corruption vulnerabilities armed with nothing more than a text editor. Students will learn the necessary skills by focusing on real world vulnerabilities found in open source web browsers.
From the author of "Network Forensics: Tracking Hackers Through Cyberspace" (Prentice Hall, 2012) comes Network Forensics: Continuous Monitoring and Instrumentation. This fast-paced, intensive class includes traffic and flow record analysis, cloud-based network forensics, next-generation firewall, DLP and SIEM analysis, wireless and mobile network forensics, and malware network behavior analysis all packed into a dense 4 days, with hands-on technical labs throughout the class.
After the previous year SOLD OUT training at Black Hat US, we are offering a much Advanced and "Offensive" Internet of Things (IoT) Exploitation class. It's a two-day action packed course full of hands-on exercises and labs on both simulated and real environments.
We have added tons of new exercises, new devices, new attack techniques and completely customized new VM.
You'll get to play with some real devices, find vulnerabilities and write exploits for them using some cutting edge techniques and tools. Some of the things that we will cover in the class are:
Battle tested, industry approved, and by popular demand - Penetration Testing With Kali Linux returns to Black Hat Vegas. The one and only official training by the creators of Kali Linux, this intense, hands-on security class by Offensive Security has provided the foundation of knowledge for many in the security community. Year after year this class always sells out fast, so if you want to attend you better sign up quick.
Those who attend this session will leave with a full awareness of how to best protect buildings and grounds from unauthorized access, as well as how to compromise most existing physical security in order to gain access themselves. Distinguish good locks and access control from poor ones and become well-versed in picking and bypassing in order to assess your own company's security posture or augment your career as a penetration tester.
A practical look of known MITM attacks. Every administrator/pentester/security researcher/hacker knows several protocols/ways to do MITM attacks, but normally they don´t have the opportunity to play with this techniques. This training is a lab, where every student will practice BGP rerouting, RIP injection, pass-the-hash attacks, advanced SSLStriping, and a lot of more in IPv4 and IPv6 networks. On some exercises, the student will code his own tools (python), work with the configuration of routers and study how some protocols works.
Intensive lab-based course aiming to expand your exploitation ability to include the ARM processor architecture. Students will learn under "real world" circumstances through multiple lab exercises and challenges covering code auditing, advanced heap exploitation and more.
Its time to put your intelligence and security skills to the test! Our completely revamped "Practical Threat Intelligence" training course has a highly technical focus supported by automated attacks across 2,000 systems infiltrating 90 virtual organisations.
Students will be provided with an in-depth understanding of how to implement Cyber Threat Intelligence systems within their virtual organisations to efficiently identify and prioritise threats, attacks and security breaches.
Focusing on key Threat Actors and their Intent to harm your organisation, students learn the Attack Techniques that hackers use to remotely infiltrate your systems, Intelligence Techniques to gather and analyse the Indicators of Compromise, and what you need to do to Share Intelligence and respond in order to stay ahead of the attackers.
Regardless if you are a penetration tester or on the defense - this course focuses on the types of attacks that are happening right now and how to defend against them. Immerse yourself in a completely simulated corporate environment - learn how to attack systems, bypass todays cutting edge technology - but focus on how to best detect these attacks through hunt teaming and analysis. This course focuses on both offense and defense to understand how to best secure an enterprise.
This course provides training in knowledge factors and functional requirements established for Entry and Intermediate Level Risk Analysts and addresses professional processes and policy requirements established within the federal Risk Management Framework (RMF). Specific focus is directed on identifying, implementing and integrating management, acquisition and administrative risk methodologies for securing critical information infrastructures and establishing standards necessary to help protect the confidentiality, maintain the integrity and ensure the availability of critical organizational computing resources within a risk managed framework.
Looking to expand your malware analysis skills to include the software powering critical internet infrastructure? Then take this class and develop skills analyzing Cisco IOS Firmware! You'll practice using a live router in a lab environment and perform hands-on analysis of a backdoored Cisco IOS image. You'll learn how to statically analyze a Cisco IOS image, obtain and analyze memory core dumps, and perform dynamic analysis of a running router.
An introduction to digital signal processing, software radio, and the powerful tools that enable the growing array of SDR projects within the hacker community, this course takes a unique "software radio for hackers" approach, building on the participants' knowledge of computer programming and introducing them to the forefront of digital radio technology. Participants will learn how to transmit, receive, and analyze radio signals and will be prepared to use this knowledge in the research of wireless communication security. Each student will receive a HackRF One software defined radio transceiver, a $300 value.
Software Exploitation via Hardware Exploits is a hands-on course covering tools and methods for manipulating, modifying, debugging, reverse engineering, interacting with, and exploiting the software and hardware of embedded systems. Students will learn how to use and develop tools and techniques for exploiting embedded devices from mobiles to off-the-shelf-consumer electronics.
Tactical Exploitation: Attacking UNIX focuses on the UNIX portion of our most popular multi-platform class, Tactical Exploitation (taught at BlackHat, BruCon, Countermeasure, etc.). Students will become immersed in a unique offensive school of thought at the post exploitation stage. A mind set seen in real world attacks vs penetration testing. Students learn how to compromise systems without depending on standard exploits and how to keep from getting caught. By abusing features provided by standard UNIX tools and trusts, students get hands on experience attacking a virtual enterprise network. This class is designed to help students achieve success in any environment.
Tactical Exploitation: Attacking Windows focuses on the Windows portion of our most popular multi-platform class, Tactical Exploitation (taught at BlackHat, BruCon, Countermeasure, etc.). Students will become immersed in a unique offensive school of thought at the post exploitation stage. A mind set seen in real world attacks vs penetration testing. Students learn how to compromise systems without depending on standard exploits and how to keep from getting caught. By abusing features provided by standard Windows tools, students get hands on experience attacking a virtual enterprise network. By using standard tools, students learn how to become effective in any environment regardless of Windows versions.
The highly popular course, "The Shellcode Lab" is back! With feedback like "By far the best course I've taken at Black Hat", this is the training that takes your penetration testing and low level technical skills to the next level!
Students start with basic knowledge, and by the end of the first day write their own Mac OS X 64-bit Port Bind shellcode from scratch to remotely compromise a server.
In this exciting and hands on training, you will:
This course is presented by the author of the Web Application Hacker's Handbook. It has a strong practical focus: there are only 136 slides in the whole course. We will help you unlock the full potential of Burp Suite, speed up your testing workflow, and give you access to over 400 lab examples to practice on covering the whole topic. Lab examples keep beginners and advanced penetration testers busy, as they range from basic / proof of concept to unusual edge cases requiring some puzzling out, as you would on a real penetration test. Unlike a real test, there will be an instructor on hand to hint, advise or demonstrate. The course ends with an always-popular CTF.
So if you've wondered how to write a successful Macro, how Burp Collaborator works, or what all the options in Burp Intruder do, here's your chance to experiment.
This course will propel you into the world of open source intelligence feet first. Expect to be shocked out at how much data is 'out there' and what people can do with it as well as how you can reach this data using Maltego for both defending and attacking.
Learn everything about security visualization to make your hunting, log analysis and forensic investigations more efficient and effective. We explore big data and visual analytics to uncover new insights and hidden attacks on your environment.
In 2002 we released one of the first SQL injection tools, Mieliekoek, then in 2007 we released Squeeza, a tool that exfiltration of data from compromised databases through various channels (DNS, timing, HTTP error messages).
We love owning the application layer and this course reflects that. The course is built around Burp Suite, we will show you how to really get the best out of this amazing MiTM proxy and students are given a full pro license to use for two weeks after the course. In addition, we've built a unique lab environment for you to own.
This course is ideal for anyone wanting to fine-tune their application hacking foo, learn how to use web apps as pivot points into the network and exfiltrate data like a pro.
To achieve maximum stealth and obtain unabated access to the system, rootkits execute in kernel mode. This advanced course provides a comprehensive end-to-end view of the modus-operandi of rootkits by taking an in-depth look at behind the scenes working of the Windows kernel and how these mechanisms are exploited by malware through hands-on labs and real world case studies. Kernel security enhancements that have been progressively added to Windows are discussed along with some circumvention techniques. Attendees will study key parts of popular rootkits to understand the real world applicability of these concepts for offensive and defensive purposes.
