SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Training"

Difference between revisions of "Training"

From BruCON 2016

Jump to: navigation, search
(Registration details)
 
(168 intermediate revisions by 6 users not shown)
Line 1: Line 1:
<p class="box-red">Training subscriptions are not open yet. Check back in a few days.</p>
+
__NOTOC__
  
There will be trainings in the days prior to BruCON (22-23 Sept) , by internationally renowned trainers and at good prices. If you were looking for the conference presentations, see the [[Schedule]].
+
<div style="text-align: left;">
 +
Immerse yourself into the world of pen testing and application security by attending the BruCON 2016 Trainings (24-26 October 2016).
  
==Registration details==
+
Offering world-class, deep-dive technical trainings given by '''the most recognized experts''' with huge industry experience in their domain!
  
The price for the 2 day courses is 895 € early bird (+ VAT) per attendee. After 1st of July this will become 995 €.
+
The Line-Up:
 +
* '''[[Training 2016 - Offensive PowerShell for Red and Blue Teams|Offensive PowerShell for Red and Blue Teams by Nikhil Mittal]] '''(3-day training) - In this course, you'll learn how to attack Windows network using PowerShell, based on real world penetration tests. The course runs on a lab network to which attendees will have Free access for one month after the training. The class consists of hands-on, challenges and demonstrations.
 +
* '''[[Training 2016 - Windows Kernel Exploitation|Windows Kernel Exploitation by Ashfaq Ansari]] '''(3-day training) - In this 3-day training course, you'll learn to fuzz Windows Kernel Mode driver and find vulnerabilities. You'll be taken from basics of Windows Architecture, it's Kernel and introduction to different software vulnerabilities along with their exploitation in Kernel mode. These 3 days will be full of hands-on, kernel debugging and WinDbg-Fu.
 +
* '''[[Training 2016 - Assessing and Exploiting Control Systems| Assessing and Exploiting Control Systems by Justin Searle (**)]]''' (3-day training) - This is not your traditional SCADA/ICS/IoT security course! How many courses send you home with your own PLC and a set of hardware/RF hacking tools?!? In this 3-day version of the course, you will receive all six days worth of slides.
 +
* '''[[Training 2016 - Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more|Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more by Dawid Czagan]]''' (2-day training) - Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique two-day hands-on training!
 +
* '''[[Training 2016 - Attacking with Excel|Attacking with Excel by Didier Stevens]]''' (2-day training) - In this training, our resident trainer Didier will teach you how to use Microsoft Office for offensive security. Performing a port scan, injecting and execute shellcode or even loading your own DLL's without touching the disk, only by using the Excel process !
 +
* '''[[Training 2016 - Hardware hacking training with Hardsploit|Hardware hacking training with Hardsploit by Julien Moinard (*)]] '''(2-day training) - Tired of watching hardware products getting hacked every day without having your part of fun ? Don't worry it will not be the case anymore! This training teaches you hardware hacking in its most pragmatic aspects by using both theory and practice (hands-on). It follows a simple (but efficient) training methodology based on a "Discover / Analyze / Attack & Protect" guideline that can be applied to any kind of hardware product (Internet of Insecure Things included). Each student will receive a Hardsploit hardware hacking tool, with a value of 250 euros.
  
==Location & Date==
+
==Registration details==
 
+
The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee. <br>
The courses will be given on 22 & 23 September in Belgacom University (BCU), Carlistraat 2, B-1140 Evere. ([http://maps.google.be/maps?f=q&source=s_q&hl=nl&geocode=&q=Carlistraat+2+B-1140+Evere&sll=50.805935,4.432983&sspn=5.075643,11.195068&ie=UTF8&z=16&iwloc=A Google Maps Link])
+
As of August 1st 2016 this will become 1200 Euro (+ VAT) per attendee. <br>
 
+
(*) The Hardware hacking training price is 180 Euro higher but includes the Hardsploit hardware
The courses start at 9h00 and end at 17h00.
 
 
 
==Overview of the courses==
 
===Training #1: Pentesting High Security Environments===
 
This course will focus on penetration testing techniques that can be used when testing
 
highly secured environments such as 3-letter agencies, DoD, financial organizations,
 
federal organizations, and large companies. If you are tired of attacking unpatched
 
Windows 2000 Servers in your hacking courses and want to take a course where you will
 
be attacking new Operating Systems/Applications that are patched, locked down, and
 
protected with an IDS/IPS then this is the course for you.
 
 
 
The first day of the course starts with attacking heavily protected environments from the
 
outside and dealing with Network-Based IDS/IPS. Next is attacking web applications and
 
dealing with Load Balancing, common application security measures in PHP/ASP.NET,
 
and Web Application Firewalls.
 
 
 
The second day covers attacking from the LAN, dealing with NAC solutions, locked
 
down workstations/GPOs, and Host-Based IDS/IPS. The last section of the course covers
 
gaining control of Active Directory.
 
 
 
====Instructors====
 
[[Training_1| Joe McCray ]]
 
  
====Description====
+
The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee. <br>
'''For more details see [[Training 1| Pentesting High Security Environments]]'''
+
As of August 1st 2016 this will become 1500 Euro (+ VAT) per attendee. <br>
 +
(**) The Assessing and Exploiting Control Systems training price is 230 Euro higher but includes a hardware kit (PLC and a hardware/RF testing kit)
  
==== Pricing====
+
Registration for Trainings:
The price is 895 € early bird (+ VAT) per attendee. After 1st of July this will become 995 €.
 
  
===Training #2: A crash course in pentesting VOIP networks===
+
[[File:Register.jpg||link=https://registration.brucon.org/training-registration/]]  
====Instructor====
 
[[Training_2#About_course_designer_and_instructor | Joffrey Czarny and Sandro Gauci ]]
 
  
====Description====
+
The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration.  Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.
The training is to learn the risks and the weaknesses VoIP and how to pentest them. Besides reviewing default configuration mistakes, you will learn about VLAN hopping, fingerprinting, SIP abuse, wiretapping, covert channels, denial of service attacks and VOIP webapplication issues.
 
  
 +
==Location and dates==
 +
The courses will be given on 24, 25 and 26 October 2016 in Hotel Novotel Gent Centrum, Goudenleeuwplein 5, B-9000 Gent<br>
  
'''For more details see [[Training 2| A crash course in pentesting VOIP networks ]]'''
+
The courses begin promptly at 09h00 and end at 17h00. Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.
  
==== Pricing====
+
Lunch is included in the training fee.
The price is 895 € early bird (+ VAT) per attendee. After 1st of July this will become 995 €.
 

Latest revision as of 20:18, 20 June 2016


Immerse yourself into the world of pen testing and application security by attending the BruCON 2016 Trainings (24-26 October 2016).

Offering world-class, deep-dive technical trainings given by the most recognized experts with huge industry experience in their domain!

The Line-Up:

  • Offensive PowerShell for Red and Blue Teams by Nikhil Mittal (3-day training) - In this course, you'll learn how to attack Windows network using PowerShell, based on real world penetration tests. The course runs on a lab network to which attendees will have Free access for one month after the training. The class consists of hands-on, challenges and demonstrations.
  • Windows Kernel Exploitation by Ashfaq Ansari (3-day training) - In this 3-day training course, you'll learn to fuzz Windows Kernel Mode driver and find vulnerabilities. You'll be taken from basics of Windows Architecture, it's Kernel and introduction to different software vulnerabilities along with their exploitation in Kernel mode. These 3 days will be full of hands-on, kernel debugging and WinDbg-Fu.
  • Assessing and Exploiting Control Systems by Justin Searle (**) (3-day training) - This is not your traditional SCADA/ICS/IoT security course! How many courses send you home with your own PLC and a set of hardware/RF hacking tools?!? In this 3-day version of the course, you will receive all six days worth of slides.
  • Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more by Dawid Czagan (2-day training) - Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique two-day hands-on training!
  • Attacking with Excel by Didier Stevens (2-day training) - In this training, our resident trainer Didier will teach you how to use Microsoft Office for offensive security. Performing a port scan, injecting and execute shellcode or even loading your own DLL's without touching the disk, only by using the Excel process !
  • Hardware hacking training with Hardsploit by Julien Moinard (*) (2-day training) - Tired of watching hardware products getting hacked every day without having your part of fun ? Don't worry it will not be the case anymore! This training teaches you hardware hacking in its most pragmatic aspects by using both theory and practice (hands-on). It follows a simple (but efficient) training methodology based on a "Discover / Analyze / Attack & Protect" guideline that can be applied to any kind of hardware product (Internet of Insecure Things included). Each student will receive a Hardsploit hardware hacking tool, with a value of 250 euros.

Registration details

The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee.
As of August 1st 2016 this will become 1200 Euro (+ VAT) per attendee.
(*) The Hardware hacking training price is 180 Euro higher but includes the Hardsploit hardware

The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee.
As of August 1st 2016 this will become 1500 Euro (+ VAT) per attendee.
(**) The Assessing and Exploiting Control Systems training price is 230 Euro higher but includes a hardware kit (PLC and a hardware/RF testing kit)

Registration for Trainings:

Register.jpg

The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration. Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.

Location and dates

The courses will be given on 24, 25 and 26 October 2016 in Hotel Novotel Gent Centrum, Goudenleeuwplein 5, B-9000 Gent

The courses begin promptly at 09h00 and end at 17h00. Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.

Lunch is included in the training fee.