SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Training"

Difference between revisions of "Training"

From BruCON 2016

Jump to: navigation, search
(Location and dates)
(Registration details)
 
(107 intermediate revisions by 3 users not shown)
Line 1: Line 1:
==Metasploit for Penetration Testing by Georgia Weidman==
+
__NOTOC__
The class will begin with the basics of using the Metasploit Framework. We will continue on following the penetration test methodology to use Metasploit to exploit vulnerable systems in a lab. Jumping off from basic concepts we will move into advanced topics such as writing your own Metasploit modules and creating sophisticated client side attacks with Metasploit and the Social Engineering Toolkit. This class is suitable for those with no background in Metasploit or penetration testing as well as penetration testers who want to add the Metasploit Framework to their arsenal.
 
  
==Cyberwar: using the techniques and tactics of APT's in Penetration Tests by Joe McCray==
+
<div style="text-align: left;">
Google, Sony, Lockheed Martin, several large financial institutions, several large oil companies, the stock market, and countless other large organizations have all targeted and systematically compromised by hackers commonly referred to as Advanced Persistent Threat (APT). These hackers, use an attack methodology focused on stealth, data collection, and persistence.
+
Immerse yourself into the world of pen testing and application security by attending the BruCON 2016 Trainings (24-26 October 2016).
  
This course picks up where the wildly successful "Advanced Penetration Tester: Pentesting High Security Environments" left off. Taking Intrusion Detection System (IDS) evasion, and Anti-virus bypass to the next level.
+
Offering world-class, deep-dive technical trainings given by '''the most recognized experts''' with huge industry experience in their domain!
  
There are a few things to note that will be different from the "Advanced Penetration Tester: Pentesting High Security Environments" and from any other hacking course for that matter:
+
The Line-Up:
 +
* '''[[Training 2016 - Offensive PowerShell for Red and Blue Teams|Offensive PowerShell for Red and Blue Teams by Nikhil Mittal]] '''(3-day training) - In this course, you'll learn how to attack Windows network using PowerShell, based on real world penetration tests. The course runs on a lab network to which attendees will have Free access for one month after the training. The class consists of hands-on, challenges and demonstrations.
 +
* '''[[Training 2016 - Windows Kernel Exploitation|Windows Kernel Exploitation by Ashfaq Ansari]] '''(3-day training) - In this 3-day training course, you'll learn to fuzz Windows Kernel Mode driver and find vulnerabilities. You'll be taken from basics of Windows Architecture, it's Kernel and introduction to different software vulnerabilities along with their exploitation in Kernel mode. These 3 days will be full of hands-on, kernel debugging and WinDbg-Fu.
 +
* '''[[Training 2016 - Assessing and Exploiting Control Systems| Assessing and Exploiting Control Systems by Justin Searle (**)]]''' (3-day training) - This is not your traditional SCADA/ICS/IoT security course! How many courses send you home with your own PLC and a set of hardware/RF hacking tools?!? In this 3-day version of the course, you will receive all six days worth of slides.
 +
* '''[[Training 2016 - Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more|Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more by Dawid Czagan]]''' (2-day training) - Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique two-day hands-on training!
 +
* '''[[Training 2016 - Attacking with Excel|Attacking with Excel by Didier Stevens]]''' (2-day training) - In this training, our resident trainer Didier will teach you how to use Microsoft Office for offensive security. Performing a port scan, injecting and execute shellcode or even loading your own DLL's without touching the disk, only by using the Excel process !
 +
* '''[[Training 2016 - Hardware hacking training with Hardsploit|Hardware hacking training with Hardsploit by Julien Moinard (*)]] '''(2-day training) - Tired of watching hardware products getting hacked every day without having your part of fun ? Don't worry it will not be the case anymore! This training teaches you hardware hacking in its most pragmatic aspects by using both theory and practice (hands-on). It follows a simple (but efficient) training methodology based on a "Discover / Analyze / Attack & Protect" guideline that can be applied to any kind of hardware product (Internet of Insecure Things included). Each student will receive a Hardsploit hardware hacking tool, with a value of 250 euros.
  
1. Per student request there will be NO Windows XP, or Vista in the course. Only Windows 7, and Server 2008 RC2, and new Linux distributions as the targets for students to go after.
+
==Registration details==
 
+
The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee. <br>
2. Students attack a network of fully patched, and hardened Windows 7, Server 2008 RC2 hosts. Each target computer will be running a Host-Based Intrusion Detection System (HIDS), updated Anti-Virus, and a logging agent that reports to a Security Information and Event Management (SIEM) solution.
+
As of August 1st 2016 this will become 1200 Euro (+ VAT) per attendee. <br>
 
+
(*) The Hardware hacking training price is 180 Euro higher but includes the Hardsploit hardware
3. There will also be a Network Intrusion Detection System (NIDS), a web content filtering proxy, and a stateful inspection firewall as well.
 
 
 
4. The classroom will have 4 projectors running to show in real time the events triggered by the HIDS, NIDS, Proxy, and the logs so the student can learn exactly what attacks and defenses really work in today's high security environment.
 
 
 
Students that are Network/System Administrators with three or more years experience working in environments such as financial institutions, DoD networks, or similar high security environments will benefit greatly from this course.
 
 
 
It is however primarily designed for Network/Web Application Penetration testers that are looking for the little tips and tricks that will help them better attack high security environments.
 
 
 
==Corelan Live! by Peter Van Eeckhoutte==
 
The Corelan Live Bootcamp is a truly unique opportunity to learn both basic & advanced techniques from an experienced exploit developer. During this 2 day course, students will be able to learn all ins and outs about writing reliable exploits for the Win32 platform.  The trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits.
 
 
 
We believe it is important to explain the basics of buffer overflows and exploit writing, but this is not “your average” entry level course. In fact, this is one of the finest and most advanced courses you will find on Win32 stack based exploit development.
 
 
 
This hardcore hands-on course will provide students with solid understanding of current Win32 (stack based) exploitation techniques and memory protection bypass techniques.  We make sure the course material is kept updated with current techniques, includes previously undocumented tricks and techniques, and details about research we performed ourselves.  Combined with the way the course is built up, this will turn these 2 days into a truly unique experience.
 
 
 
During the course, we not only share techniques and mechanics, but we also want to make sure you understand why a given technique is used, why something works and why something doesn’t work.
 
 
 
Finally, we offer you post-training support as well.  If you have taken the course and you still have questions, we will help.
 
 
 
https://www.corelan-training.com/index.php/training/corelan-live/
 
 
 
==Visual Analytics - Delivering Actionable Security Intelligence by Raffael Marty==
 
 
 
This workshop takes the audience on a fascinating journey of data analytics and visualization. The students will learn how to process data (log files), visualize them through actionable graphs, and analyze security related data. Past training attendees included employees of various Nation's secret services, large security vendors, and security analysts from all over the world. All of them attended to learn how to deal with the flood of security related data in an efficient way. The in-depth technical content is backed up and emphasized by numerous hands-on exercises, some of them utilizing a private extension of the DAVIX live CD.
 
 
 
http://raffy.ch/training.php
 
  
==Hacking IPv6 Network by Fernando Gont==
+
The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee. <br>
The IPv6 protocol suite was designed to accommodate the present and future growth of the Internet by providing a much larger address space than that of its IPv4 counterpart, and is expected to be the successor of the original IPv4 protocol suite. The imminent exhaustion of the IPv4 address space has resulted in the deployment of IPv6 in a number of production environments, with many other organizations planning to deploy IPv6 in the short or near term. Additionally, a number of activities such as the World IPv6 Day in 2011 and the upcoming World IPv6 Launch Day (scheduled for June
+
As of August 1st 2016 this will become 1500 Euro (+ VAT) per attendee. <br>
2012) have led to an improvement in the awareness about IPv6 and an increase in the number of IPv6 deployments.
+
(**) The Assessing and Exploiting Control Systems training price is 230 Euro higher but includes a hardware kit (PLC and a hardware/RF testing kit)
 
 
There are a number of factors that make the IPv6 protocol suite interesting from a security standpoint. Firstly, being a new technology, technical personnel has much less confidence with the IPv6 protocols than with their IPv4 counterpart, and thus it is more likely that the security implications of the protocols be overlooked when the protocols are deployed. Secondly, IPv6 implementations are much less mature than their IPv4 counterparts, and thus it is very likely that a
 
number of vulnerabilities will be discovered in them before their robustness matches that of the existing IPv4 implementations. Thirdly, security products such as firewalls and NIDS’s (Network Intrusion Detection Systems) usually have less support for the IPv6 protocols than for their IPv4 counterparts, either in terms of features or in terms of performance. Fourthly, the security implications of IPv6 transition/co-existence technologies on existing IPv4 networks are usually overlooked, potentially enabling attackers to leverage these technologies to circumvent IPv4 security measures in unexpected ways.
 
 
 
The imminent global deployment of IPv6 has created a global need for security professionals with expertise in the field of IPv6 security, such that the aforementioned security issues can be mitigated. While there exist a number of courses and trainings about IPv6 security, they either limit themselves to a high-level overview of IPv6 security, and/or fail to cover a number of key IPv6 technologies (such as transition/co-existence mechanisms) that are vital in all real IPv6 deployment
 
scenarios.
 
 
 
Fernando Gont, a well-known IPv6 security researcher will deliver a comprehensive IPv6 hacking training covering real-world IPv6 attacks along with real-world mitigations, thus preparing the attendees for deploying the IPv6 protocols in a secure manner.
 
 
 
==Red Team Testing by Ian Amit and Chris Nickerson==
 
Red Team testing is the pinnacle of security simulations. It is the most accurate and realistic scenario an organization can use to see how it really fares up against a real-world attacker, without taking the risk of an actual breach or loss.
 
 
 
In this training, you will learn how Red Team (or full scope) testing works, how to create a methodology for using a red team test not just as a one-off "see how I got in" case, but as a repeatable test with metrics and actionable results.
 
We will go through all elements of a red team test, from planning and scoping, intelligence gathering, target selection, vulnerability analysis, risk analysis, exploitation and execution, resource usage and ad-hoc agent deployment, post-exploitation, documentation and recording of evidence, damage analysis, and reporting.
 
 
 
The training will arm you with not just tools and techniques, but a sustainable methodology which you could update as new tools and techniques are introduced.
 
 
 
==Assessing and Exploiting Web Applications with Samurai-WTF by Raul Siles==
 
This course takes attendees through the process of web application assessment using the open source tools included in the Samurai Web Testing Framework Live DVD (Samurai-WTF). The course follows a probed 4-step methodology (Reconnaissance, Mapping, Discovery & Exploitation), and various scenarios against vulnerable target web applications. The latest tools and techniques will be use throughout the course, and primary emphasis of the instructor lead exercises is how to integrate these tools into your own manual testing procedures to improve your overall workflow.
 
 
 
Come take the official Samurai-WTF training course given by one of the course co-authors and lead developer of the project! You will learn the latest Samurai-WTF open source tools as well as the latest techniques to perform web application penetration tests. After a quick overview of pen testing methodology, the instructor will lead you through the penetration and exploitation of various web applications, including client side attacks using flaws within the application. Different sets of open source tools will be used on each web application, allowing you to learn first hand the pros and cons of each tool. After you have gained experience with the Samurai-WTF tools, you will be challenged with a capture the flag event. This final challenge will give you time to practice your new skills at your own pace and experiment with your favorite new tools. This experience will help you gain the confidence and knowledge necessary to perform web application assessments and expose you to the wealth of freely available, open source tools.
 
 
 
==  Elite Web Application Defense by Eoin Keary and Jim Manico==
 
Writing Secure code is the most effective method to securing your web applications. Writing secure code takes skill and know-how but results in a more stable and robust application and assists in protecting an organisations brand. Application security is not commonly a part of many computer science curricula today and most organizations have not focused on instituting a culture that includes application security as a core part of their software development training efforts.
 
 
 
This intensive 2-day course focuses on the most common web application security problems, including aspects of both the OWASP Top Ten (2010) and the MITRE Top 25. The course will introduce and demonstrate application assessment techniques, illustrating how application vulnerabilities can be exploited so students really understand how to avoid introducing such vulnerabilities in their code. Students get experience via doing, both in terms of exploitation but also the latest defences against common and advanced attacks covering both traditional and RIA applications.
 
 
 
== Advanced Wi-Fi Penetration Testing and Hacking by Vivek Ramachandran ==
 
This is an extremely practical and advanced course in Wi-Fi penetration testing. The course is based on the book "Backtrack 5 Wireless Penetration Testing" and the online certification "SecurityTube Wi-Fi Security Expert" (SWSE), which is currently taken by students from over 40+ countries around the world.
 
 
 
A non-exhaustive list of topics to be covered include:
 
 
 
*Bypassing WLAN Authentication – Shared Key, MAC Filtering, Hidden SSIDs
 
*Cracking WLAN Encryption – WEP, WPA/WPA2 Personal and Enterprise, Understanding encryption based flaws (WEP,TKIP,CCMP)
 
*Attacking the WLAN Infrastructure – Rogues Devices, Evil Twins, DoS Attacks, MITM, Wi-Fi Protected Setup
 
*Advanced Enterprise Attacks – 802.1x, EAP, LEAP, PEAP, EAP-TTLS
 
*Attacking the Wireless Client – Honeypots and Hotspot attacks, Caffe-Latte, Hirte, Ad-Hoc Networks and Viral SSIDs, WiFishing
 
*Breaking into the Client – Metasploit, SET, Social Engineering
 
*Enterprise Wi-Fi Worms, Backdoors and Botnets
 
*Cracking WPS and other newer schemas
 
*Custom Building Wireless Routers
 
*Scripting Wi-Fi attack tools (sniffers, injectors, fuzzers)
 
 
 
Each participant will get:
 
*An ALFA Wi-Fi card
 
*DVD with 12 hours of video lectures
 
*A copy of the book "Backtrack 5 Wireless Penetration Testing"
 
*A 30% discount voucher for the SecurityTube Wi-Fi Security Expert certification
 
 
 
==Registration details==
 
The price for the 2 day courses is <s>945 Euro early bird (+ VAT) per attendee</s>. After 1st of June this will become 1045 Euro (+ VAT) per attendee.  
 
  
 
Registration for Trainings:
 
Registration for Trainings:
  
[[File:Register.jpg||link=https://registration.brucon.org/training-registration/]]
+
[[File:Register.jpg||link=https://registration.brucon.org/training-registration/]]  
  
The training price does not include travel, accomodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration.  Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.
+
The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration.  Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.
  
 
==Location and dates==
 
==Location and dates==
The courses will be given on 24 & 25 September in [http://www.monasterium.be/ The Monasterium], Ghent (Belgium)
+
The courses will be given on 24, 25 and 26 October 2016 in Hotel Novotel Gent Centrum, Goudenleeuwplein 5, B-9000 Gent<br>
  
 
The courses begin promptly at 09h00 and end at 17h00. Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.
 
The courses begin promptly at 09h00 and end at 17h00. Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.
  
 
Lunch is included in the training fee.
 
Lunch is included in the training fee.

Latest revision as of 20:18, 20 June 2016


Immerse yourself into the world of pen testing and application security by attending the BruCON 2016 Trainings (24-26 October 2016).

Offering world-class, deep-dive technical trainings given by the most recognized experts with huge industry experience in their domain!

The Line-Up:

  • Offensive PowerShell for Red and Blue Teams by Nikhil Mittal (3-day training) - In this course, you'll learn how to attack Windows network using PowerShell, based on real world penetration tests. The course runs on a lab network to which attendees will have Free access for one month after the training. The class consists of hands-on, challenges and demonstrations.
  • Windows Kernel Exploitation by Ashfaq Ansari (3-day training) - In this 3-day training course, you'll learn to fuzz Windows Kernel Mode driver and find vulnerabilities. You'll be taken from basics of Windows Architecture, it's Kernel and introduction to different software vulnerabilities along with their exploitation in Kernel mode. These 3 days will be full of hands-on, kernel debugging and WinDbg-Fu.
  • Assessing and Exploiting Control Systems by Justin Searle (**) (3-day training) - This is not your traditional SCADA/ICS/IoT security course! How many courses send you home with your own PLC and a set of hardware/RF hacking tools?!? In this 3-day version of the course, you will receive all six days worth of slides.
  • Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more by Dawid Czagan (2-day training) - Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique two-day hands-on training!
  • Attacking with Excel by Didier Stevens (2-day training) - In this training, our resident trainer Didier will teach you how to use Microsoft Office for offensive security. Performing a port scan, injecting and execute shellcode or even loading your own DLL's without touching the disk, only by using the Excel process !
  • Hardware hacking training with Hardsploit by Julien Moinard (*) (2-day training) - Tired of watching hardware products getting hacked every day without having your part of fun ? Don't worry it will not be the case anymore! This training teaches you hardware hacking in its most pragmatic aspects by using both theory and practice (hands-on). It follows a simple (but efficient) training methodology based on a "Discover / Analyze / Attack & Protect" guideline that can be applied to any kind of hardware product (Internet of Insecure Things included). Each student will receive a Hardsploit hardware hacking tool, with a value of 250 euros.

Registration details

The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee.
As of August 1st 2016 this will become 1200 Euro (+ VAT) per attendee.
(*) The Hardware hacking training price is 180 Euro higher but includes the Hardsploit hardware

The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee.
As of August 1st 2016 this will become 1500 Euro (+ VAT) per attendee.
(**) The Assessing and Exploiting Control Systems training price is 230 Euro higher but includes a hardware kit (PLC and a hardware/RF testing kit)

Registration for Trainings:

Register.jpg

The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration. Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.

Location and dates

The courses will be given on 24, 25 and 26 October 2016 in Hotel Novotel Gent Centrum, Goudenleeuwplein 5, B-9000 Gent

The courses begin promptly at 09h00 and end at 17h00. Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.

Lunch is included in the training fee.