SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Training"

Difference between revisions of "Training"

From BruCON 2016

Jump to: navigation, search
(Visual Analytics - Delivering Actionable Security Intelligence by Raffael Marty)
(Registration details)
 
(121 intermediate revisions by 4 users not shown)
Line 1: Line 1:
==Metasploit for Penetration Testing by Georgia Weidman==
+
__NOTOC__
The class will begin with the basics of using the Metasploit Framework. We will continue on following the penetration test methodology to use Metasploit to exploit vulnerable systems in a lab. Jumping off from basic concepts we will move into advanced topics such as writing your own Metasploit modules and creating sophisticated client side attacks with Metasploit and the Social Engineering Toolkit. This class is suitable for those with no background in Metasploit or penetration testing as well as penetration testers who want to add the Metasploit Framework to their arsenal.
 
  
==Corelan Live! by Peter Van Eeckhoutte==
+
<div style="text-align: left;">
The Corelan Live Bootcamp is a truly unique opportunity to learn both basic & advanced techniques from an experienced exploit developer. During this 2 day course, students will be able to learn all ins and outs about writing reliable exploits for the Win32 platform.  The trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits.
+
Immerse yourself into the world of pen testing and application security by attending the BruCON 2016 Trainings (24-26 October 2016).
  
We believe it is important to explain the basics of buffer overflows and exploit writing, but this is not “your average” entry level course. In fact, this is one of the finest and most advanced courses you will find on Win32 stack based exploit development.
+
Offering world-class, deep-dive technical trainings given by '''the most recognized experts''' with huge industry experience in their domain!
  
This hardcore hands-on course will provide students with solid understanding of current Win32 (stack based) exploitation techniques and memory protection bypass techniques. We make sure the course material is kept updated with current techniques, includes previously undocumented tricks and techniques, and details about research we performed ourselves.  Combined with the way the course is built up, this will turn these 2 days into a truly unique experience.
+
The Line-Up:
 +
* '''[[Training 2016 - Offensive PowerShell for Red and Blue Teams|Offensive PowerShell for Red and Blue Teams by Nikhil Mittal]] '''(3-day training) - In this course, you'll learn how to attack Windows network using PowerShell, based on real world penetration tests. The course runs on a lab network to which attendees will have Free access for one month after the training. The class consists of hands-on, challenges and demonstrations.
 +
* '''[[Training 2016 - Windows Kernel Exploitation|Windows Kernel Exploitation by Ashfaq Ansari]] '''(3-day training) - In this 3-day training course, you'll learn to fuzz Windows Kernel Mode driver and find vulnerabilities. You'll be taken from basics of Windows Architecture, it's Kernel and introduction to different software vulnerabilities along with their exploitation in Kernel mode. These 3 days will be full of hands-on, kernel debugging and WinDbg-Fu.  
 +
* '''[[Training 2016 - Assessing and Exploiting Control Systems| Assessing and Exploiting Control Systems by Justin Searle (**)]]''' (3-day training) - This is not your traditional SCADA/ICS/IoT security course! How many courses send you home with your own PLC and a set of hardware/RF hacking tools?!? In this 3-day version of the course, you will receive all six days worth of slides.
 +
* '''[[Training 2016 - Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more|Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more by Dawid Czagan]]''' (2-day training) - Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique two-day hands-on training!
 +
* '''[[Training 2016 - Attacking with Excel|Attacking with Excel by Didier Stevens]]''' (2-day training) - In this training, our resident trainer Didier will teach you how to use Microsoft Office for offensive security. Performing a port scan, injecting and execute shellcode or even loading your own DLL's without touching the disk, only by using the Excel process !
 +
* '''[[Training 2016 - Hardware hacking training with Hardsploit|Hardware hacking training with Hardsploit by Julien Moinard (*)]] '''(2-day training) - Tired of watching hardware products getting hacked every day without having your part of fun ? Don't worry it will not be the case anymore! This training teaches you hardware hacking in its most pragmatic aspects by using both theory and practice (hands-on). It follows a simple (but efficient) training methodology based on a "Discover / Analyze / Attack & Protect" guideline that can be applied to any kind of hardware product (Internet of Insecure Things included). Each student will receive a Hardsploit hardware hacking tool, with a value of 250 euros.
  
During the course, we not only share techniques and mechanics, but we also want to make sure you understand why a given technique is used, why something works and why something doesn’t work.
+
==Registration details==
 
+
The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee. <br>
Finally, we offer you post-training support as well.  If you have taken the course and you still have questions, we will help.
+
As of August 1st 2016 this will become 1200 Euro (+ VAT) per attendee. <br>
 
+
(*) The Hardware hacking training price is 180 Euro higher but includes the Hardsploit hardware
https://www.corelan-training.com/index.php/training/corelan-live/
 
 
 
==Visual Analytics - Delivering Actionable Security Intelligence by Raffael Marty==
 
  
This workshop takes the audience on a fascinating journey of data analytics and visualization. The students will learn how to process data (log files), visualize them through actionable graphs, and analyze security related data. Past training attendees included employees of various Nation's secret services, large security vendors, and security analysts from all over the world. All of them attended to learn how to deal with the flood of security related data in an efficient way. The in-depth technical content is backed up and emphasized by numerous hands-on exercises, some of them utilizing a private extension of the DAVIX live CD.
+
The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee. <br>
 +
As of August 1st 2016 this will become 1500 Euro (+ VAT) per attendee. <br>
 +
(**) The Assessing and Exploiting Control Systems training price is 230 Euro higher but includes a hardware kit (PLC and a hardware/RF testing kit)
  
http://raffy.ch/training.php
+
Registration for Trainings:
 
 
==Registration details==
 
  
 +
[[File:Register.jpg||link=https://registration.brucon.org/training-registration/]]
  
 +
The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration.  Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.
  
 
==Location and dates==
 
==Location and dates==
The courses will be given on 24 & 25 September in Ghent
+
The courses will be given on 24, 25 and 26 October 2016 in Hotel Novotel Gent Centrum, Goudenleeuwplein 5, B-9000 Gent<br>
  
 
The courses begin promptly at 09h00 and end at 17h00. Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.
 
The courses begin promptly at 09h00 and end at 17h00. Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.
  
 
Lunch is included in the training fee.
 
Lunch is included in the training fee.

Latest revision as of 20:18, 20 June 2016


Immerse yourself into the world of pen testing and application security by attending the BruCON 2016 Trainings (24-26 October 2016).

Offering world-class, deep-dive technical trainings given by the most recognized experts with huge industry experience in their domain!

The Line-Up:

  • Offensive PowerShell for Red and Blue Teams by Nikhil Mittal (3-day training) - In this course, you'll learn how to attack Windows network using PowerShell, based on real world penetration tests. The course runs on a lab network to which attendees will have Free access for one month after the training. The class consists of hands-on, challenges and demonstrations.
  • Windows Kernel Exploitation by Ashfaq Ansari (3-day training) - In this 3-day training course, you'll learn to fuzz Windows Kernel Mode driver and find vulnerabilities. You'll be taken from basics of Windows Architecture, it's Kernel and introduction to different software vulnerabilities along with their exploitation in Kernel mode. These 3 days will be full of hands-on, kernel debugging and WinDbg-Fu.
  • Assessing and Exploiting Control Systems by Justin Searle (**) (3-day training) - This is not your traditional SCADA/ICS/IoT security course! How many courses send you home with your own PLC and a set of hardware/RF hacking tools?!? In this 3-day version of the course, you will receive all six days worth of slides.
  • Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more by Dawid Czagan (2-day training) - Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique two-day hands-on training!
  • Attacking with Excel by Didier Stevens (2-day training) - In this training, our resident trainer Didier will teach you how to use Microsoft Office for offensive security. Performing a port scan, injecting and execute shellcode or even loading your own DLL's without touching the disk, only by using the Excel process !
  • Hardware hacking training with Hardsploit by Julien Moinard (*) (2-day training) - Tired of watching hardware products getting hacked every day without having your part of fun ? Don't worry it will not be the case anymore! This training teaches you hardware hacking in its most pragmatic aspects by using both theory and practice (hands-on). It follows a simple (but efficient) training methodology based on a "Discover / Analyze / Attack & Protect" guideline that can be applied to any kind of hardware product (Internet of Insecure Things included). Each student will receive a Hardsploit hardware hacking tool, with a value of 250 euros.

Registration details

The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee.
As of August 1st 2016 this will become 1200 Euro (+ VAT) per attendee.
(*) The Hardware hacking training price is 180 Euro higher but includes the Hardsploit hardware

The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee.
As of August 1st 2016 this will become 1500 Euro (+ VAT) per attendee.
(**) The Assessing and Exploiting Control Systems training price is 230 Euro higher but includes a hardware kit (PLC and a hardware/RF testing kit)

Registration for Trainings:

Register.jpg

The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration. Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.

Location and dates

The courses will be given on 24, 25 and 26 October 2016 in Hotel Novotel Gent Centrum, Goudenleeuwplein 5, B-9000 Gent

The courses begin promptly at 09h00 and end at 17h00. Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.

Lunch is included in the training fee.