|What to bring:
All necessary equipment will be provided, including pre-configured laptops, tools and utitlites.
Computer hacking is 1 part theory and 9 parts practice. You've read all the books, you've attended all the courses. Now hone your skills in the ultimate hacker combat training course. Last year SensePost compromised over 200 networks worldwide. In this course we share all our skill and experience by placing you in the driving seat for 2 days of "Capture the Flag" excecises, each carefully designed to teach a specific hacking principle or technique. At the end a carefully calculated score will give an idea of how well you rate against the world's best. Use it to impress your friends.
This course is the latest addition to the established Hacking by Numbers series. From the first hour, to the final minutes students are placed in different attacker scenarios as they race the clock to "capture the flag". In the SensePost tradition, the solutions lie much more in technique and an out-of-box thought process than in the use of "skriptz" or "toolz". Each exercise is designed to teach a specific lesson and will be discussed in detail after they are completed. In this way you learn from your instructors, your colleagues and your own successes and failures.
The "Capture the Flag" excercises have all been designed to replicate real-life scenarios with real-life-hacker stumbling blocks along the way. Students will have to deal with multiple firewalls, IDS devices and home spun red herrings in their quests to complete the challenge. During the excercises SensePost's leading technical specialists will discuss possible attacks, possible alternatives and even possible defenses for the scenario in question.
The excercises range from simple layer one attacks to more complex attacks requiring combinations of Web Application vulnerabilities and TCP/IP covert channels. All tools, documentation and required reading material will be provided to the students.
Who Should Attend:
Students who have already completed the Hacking By Numbers: Bootcamp Edition will find that the Combat Edition is the natural next step. Security auditors, consultants and administrators with advanced skill, as well as seasoned penetration testers and the nice people from government agencies will all benefit from this hands-on course.
ISC2 CISSP/SCCP CPE Credits
Students are eligible to receive 16 Continuing Professional Education (CPE) credits upon completion of class. Black Hat will automatically forward your information to ISC2.
Cost: US $2200 on or before January 1, 2006 or US $2400 after January 1, 2006
All course materials, lunch and two coffee breaks will be provided. NOTE: this is a two day course. A Certificate of Completion will be offered.
Roelof Temmingh is the technical director of SensePost where his primary function is that of external penetration specialist. Roelof is internationally recognized for his skills in the assessment of web servers. He has written various pieces of PERL code as proof of concept for known vulnerabilities, and coded the world-first anti-IDS web proxy "Pudding". He has spoken at many International Conferences and in the past year alone has been a keynote speaker at SummerCon (Holland) and a speaker at The BlackHat Briefings (New Orleans). Roelof drinks tea and smokes Camels.
Haroon Meer is currently SensePost's director of Development (and coffee drinking). He specializes in the research and development of new tools and techniques for network penetration and has released several tools, utilities and white-papers to the security community. He has been a guest speaker at many Security forums including the Black Hat Briefings. Haroon doesnt drink tea or smoke camels.
Charl van der Walt is a founder member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish.