Difference between revisions of "Training"
From BruCON 2016
| Security4all (talk | contribs) | m | ||
| Line 72: | Line 72: | ||
| ==== Pricing==== | ==== Pricing==== | ||
| The price is 895 € early bird (+ VAT) per attendee. After 1st of July this will become 995 €. | The price is 895 € early bird (+ VAT) per attendee. After 1st of July this will become 995 €. | ||
| − | ===Training #4: | + | ===Training #4: Assessing and Exploiting Web Applications with Samurai-WTF=== | 
| ====Description==== | ====Description==== | ||
| − | + | This course will focus on using open source tools to perform web application assessments. The course will take attendees through the process of application assessment using the open source tools included in the Samurai Web Testing Framework Live CD (Samurai-WTF). Day one will take students through the steps and open source tools used to assess applications for vulnerabilities. Day two will focus on the exploitation of web app vulnerabilities, spending half the day on server side attacks and the other half of the day on client side attacks. The latest tools and techniques will be use throughout the course, including several tools developed by the trainers themselves. | |
| ====Instructors==== | ====Instructors==== | ||
| − | + | [[Training_4#Instructor | Justin Searle]]<br><br> | |
| + | '''For more details see [[Training_4#Description | Assessing and Exploiting Web Applications with Samurai-WTF]]''' | ||
| + | |||
| ===Training #5: Coming soon=== | ===Training #5: Coming soon=== | ||
| ====Description==== | ====Description==== | ||
Revision as of 11:30, 14 March 2010
There will be training sessions in the days prior to BruCON (22-23 Sept) , by internationally renowned trainers and at good prices. More courses will be announced in the coming days, so check this page later for more information.
Contents
- 1 Registration details
- 2 Location & Date
- 3 Overview of the courses
Registration details
The price for the 2 day courses is 895 € early bird (+ VAT) per attendee. After 1st of July this will become 995 €.
Location & Date
The courses will be given on 22 & 23 September in Belgacom University (BCU), Carlistraat 2, B-1140 Evere. (Google Maps Link)
The courses start at 9h00 and end at 17h00.
Overview of the courses
Training #1: Pentesting High Security Environments
Description
This course will focus on penetration testing techniques that can be used when testing highly secured environments such as 3-letter agencies, DoD, financial organizations, federal organizations, and large companies. If you are tired of attacking unpatched Windows 2000 Servers in your hacking courses and want to take a course where you will be attacking new Operating Systems/Applications that are patched, locked down, and protected with an IDS/IPS then this is the course for you.
The first day of the course starts with attacking heavily protected environments from the outside and dealing with Network-Based IDS/IPS. Next is attacking web applications and dealing with Load Balancing, common application security measures in PHP/ASP.NET, and Web Application Firewalls.
The second day covers attacking from the LAN, dealing with NAC solutions, locked down workstations/GPOs, and Host-Based IDS/IPS. The last section of the course covers gaining control of Active Directory.
Instructors
 Joe McCray 
For more details see  Pentesting High Security Environments
Pricing
The price is 895 € early bird (+ VAT) per attendee. After 1st of July this will become 995 €.
Training #2: A crash course in pentesting and securing VOIP networks
Description
As VoIP networks become more and more part of the way organizations communicate, security professionals need to understand their strengths and weaknesses. This knowledge will help them make sound decisions on the security (or lack of) of their VoIP system and network.
Attendees who follow the VoIP security training will gain valuable hands-on experience in testing VoIP equipment and networks. During the training they will make use of existent security tools as well as custom built tools to help them get the job done.
Instructor
 Joffrey Czarny and Sandro Gauci 
For more details see  A crash course in pentesting and securing VOIP networks 
Pricing
The price is 895 € early bird (+ VAT) per attendee. After 1st of July this will become 995 €.
Training #3: Social engineering
Description
Social engineering attacks can have disastrous consequences, both financially and reputationally. You can have the best technical security controls in the world, from the most expensive firewall to the most sophisticated biometrics, but they will not protect you from a social engineering attack. In any security programme people are the weakest link. Social engineering tests can be used to evaluate and strengthen this link.
Like any penetration test, social engineering tests can help to identify security weaknesses that could allow your IT systems to be compromised. Such tests can:
- Give a good indication of and even improve your staff’s level of security awareness
- Teach your staff how to identify and deal with social engineering situations
- Provide valuable recommendations on both security awareness and physical security
However, it can be difficult to know how to conduct a social engineering test. This two-day training course will teach participants how to conduct an ethical social engineering test, the theory behind social engineering, as well as giving recommendations on how to defend against social engineers. The course will include practical exercises and is open to anyone with an interest in social engineering.
Instructors
 Martin Law and Sharon Conheady
For more details see  Social Engineering
Pricing
The price is 895 € early bird (+ VAT) per attendee. After 1st of July this will become 995 €.
Training #4: Assessing and Exploiting Web Applications with Samurai-WTF
Description
This course will focus on using open source tools to perform web application assessments. The course will take attendees through the process of application assessment using the open source tools included in the Samurai Web Testing Framework Live CD (Samurai-WTF). Day one will take students through the steps and open source tools used to assess applications for vulnerabilities. Day two will focus on the exploitation of web app vulnerabilities, spending half the day on server side attacks and the other half of the day on client side attacks. The latest tools and techniques will be use throughout the course, including several tools developed by the trainers themselves.
Instructors
 Justin Searle
For more details see  Assessing and Exploiting Web Applications with Samurai-WTF
Training #5: Coming soon
Description
Coming soon
Instructors
Coming soon
