This training is based on the best-selling book "Backtrack 5 Wireless Penetration Testing" and will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools.
During the course of this training participants will do over 25+ hands-on lab sessions and will fight it out against live CTF challenges. These include: cracking WPA Enterprise (PEAP, EAP-TTLS), MITM attacks over Wireless, Creating Wi-Fi Backdoors, Scripting and Attack automation, Wireless Forensics, and Security Best Practices.
PC BIOS/UEFI firmware is usually “out of sight, out of mind,” but this just means it’s a place where sophisticated attackers can live unseen and unfettered. This class shares information about PC firmware security that was hard-won over years of focused research into firmware vulnerabilities.
This two-day course will take a deep-dive into the fundamentals of SCADA security and provide students with the knowledge that they need to safely perform penetration testing against live SCADA environments. The course will also provide students with methodologies through which security research may be performed against SCADA devices in order to identify 0-day flaws in some of the world’s most critical systems. During the course, students will have the opportunity to engage in live attacks against programmable logic controllers (PLC’s) and other industrial control systems, to include activities such as SCADA RTOS firmware reversing and SCADA protocol fuzzing.
This course provides a solid foundation in cloud security and includes a full day of hands-on labs to apply the principles in practice. We cover all the material needed to pass the Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK) exam, but add a pragmatic approach to immediately kick start your cloud security projects. For Black Hat, we also add expanded material to show you how to take cloud security to the next level by leveraging DevOps techniques and the characteristics of the cloud.
Dark Side Ops: Custom Penetration Testing focuses on using stealthy techniques, advanced attacks, and custom malware to conduct realistic, targeted penetration tests. An intensive, hands-on lab environment provides participants with a structured and challenging approach to bypass the very latest in offensive countermeasures. Participants will also receive and compile source code to several custom shells and backdoors as they learn to plan, exploit, pivot, persist, and evade detection in even the most secure networks.
This intensive two-day course is designed to teach the fundamental investigative techniques needed to respond to today’s landscape of threat actors and intrusion scenarios. Completely redeveloped with all-new material in 2013, the class is built upon a series of hands-on labs that highlight the phases of a targeted attack, key sources of evidence, and the forensic analysis know-how required to analyze them.
Intelligence driven security focuses on making the systems and processes used for network defense smarter. This class teaches students how to incorporate threat intelligence into network defense.
Our state-of-the-art exploit development course gets a new overhaul for 2014, focusing on use-after-free exploits and defeating advanced exploit mitigation techniques including ASLR and DEP. Develop and hone your return oriented programming (ROP) skills, exploit browsers, embed and trigger reverse shells in PDFs, perform advanced heap sprays, and work on complex "Pwn2Own style" exploits which involve info leaks and dynamic ROP chains. Our custom lab environment, included for you to take home at the end of the class, has been designed and refined to provide a stable environment for exploit writing and sharpen your skills even after the class is over. Join us for a truly challenging two days!
IDA Pro is touted as the premier disassembler available today, capable of disassembling machine languages for a large number of microprocessors and micro controllers. This course will cover advanced features of IDA that may be used to work through challenging reverse engineering problems. This course is taught using primarily x86 and ARM assembly language.
Learn everything about security visualization to make your log analysis and forensic investigations more efficient and effective. We explore situational awareness and learn how to uncover new insights and hidden attacks on your environment.