Black Hat Digital Self Defense DC 2007


Black Hat DC Training 2007
Sheraton Crystal City • February 26-27

Course Length: Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered.

Black Hat Registration

Hacking by Numbers: Combat Training Edition


What to bring:
Just Yourself.

All necessary equipment will be provided, including pre-configured laptops, tools and utilities.

Hacking By Numbers Combat Edition is SensePost’s flagship course. Combat is an unique new concept – a series of carefully crafted Capture-The-Flag ‘missions’, each designed to teach a specific hacking skill or concept. This course is all hack, no talk. Combat has been described as ‘Zen’ for hackers.

This course is the flagship course of the established Hacking by Numbers series. From the first hour to the final minutes students are placed in different attacker scenarios as they race the clock to "capture the flag". In the SensePost tradition, the solutions lie much more in technique and an out-of-box thought process than in the use of scripts or tools. Each exercise is designed to teach a specific lesson and will be discussed in detail after it is completed. In this way you learn from your instructors, your colleagues and your own successes and failures.

The "Capture the Flag" exercises have all been designed to replicate real-life scenarios with real-life-hacker stumbling blocks along the way. Students will have to deal with multiple firewalls, IDS devices and home spun red herrings in their quests to complete the challenge. During the exercises SensePost's leading technical specialists will discuss possible attacks, possible alternatives and even possible defences for the scenario in question.

The exercises range from simple layer one attacks to more complex attacks requiring combinations of web application vulnerabilities and TCP/IP covert channels. All tools, documentation and required reading material will be provided to the students.

SensePost will provide fully configured laptop computers as well as CDs with all the tools and materials used in the course. Students need to ensure they have the necessary level of skill.  Combat is a course for experienced pentesters and technical analysts. A solid understanding and technical experience of hacking tools, skills and techniques is an absolute prerequisite.

Students without the requisite technical skills are encouraged to consider ‘Bootcamp Edition’.

This course follows directly on from ‘Bootcamp Edition’ and serves as warm-up training the Combat Edition Grading, where students are actually rated on their performance in the exercises. As always, the course can also be taken without any of the others.

Who should attend
Combat Edition is a course for technical security professionals. It is expected that people attending this course are most likely to be involved in some form of technical penetration testing for at least one-third of their professional time.

Trainer:SensePost logo

Roelof Temmingh is the technical director of SensePost where his primary function is that of external penetration specialist. Roelof is internationally recognized for his skills in the assessment of web servers. He has written various pieces of PERL code as proof of concept for known vulnerabilities, and coded the world-first anti-IDS web proxy "Pudding". He has spoken at many International Conferences and in the past year alone has been a keynote speaker at SummerCon (Holland) and a speaker at the Black Hat Briefings (New Orleans). Roelof drinks tea and smokes Camels.

Haroon Meer is currently SensePost's director of Development (and coffee drinking). He specializes in the research and development of new tools and techniques for network penetration and has released several tools, utilities and white-papers to the security community. He has been a guest speaker at many Security forums including the Black Hat Briefings. Haroon doesn't drink tea or smoke camels.

Charl van der Walt is a founding member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish.

Black Hat Registration

Course Length: Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered.


Early Bird:
Ends December 31, 2006

Ends February 18, 2007

Begins February 19, 2007

$2200 USD

$2400 USD

$2500 USD

Black Hat Logo
(c) 1996-2007 Black Hat