rss feed link header graphic
picture of capitol building

Black Hat USA Training 2008

Caesars Palace Las Vegas • August 2-7

A Certificate of Completion offered for each class.
See the Training Schedule.

Course Offerings

The stakes are high for today's network defenders.

Black Hat USA 2008 brings together the best minds in security to define tomorrow’s information security landscape. Featuring many new tracks and new training sessions, Black Hat USA is the biggest and best conference we've ever presented.

Application Security

Advanced Asp.Net Exploits and Countermeasures

Advanced level: Push Asp.Net to the limit. See how Asp.Net applications and environments can be exploited by skilled attackers, and how those same techniques can be used to protect the targeted assets.

header graphic

Advanced Web Application Penetration Testing:
Black Hat Edition
Aspect Security

Advanced Course – Hands on 2-Day intensive – learn how to test web applications for security flaws like the experts.

header graphic

Application Security - An Enterprise Approach
Security Compass

A major case study and various hands-on components are used to guide executives and information security managers in understanding how they can improve their organization's overall security posture.

header graphic

Hacking Oracle PL/SQL
David Litchfield

Delves deeply into Oracle server security and complements the Advanced Database Security Assessment Course

Building and Testing Secure Web Applications
Aspect Security

Hands-on exercises where the students get to perform security analysis and testing on a live web application.

header graphic

Effective Fuzzing: Using the Peach Fuzzing Platform
Michael Eddington, Leviathan
Blake Frantz, Leviathan

The first comprehensive hands-on fuzzing course centered on the industry standard Peach Fuzzing Platform. Lean how to fuzz just about anything with Peach. No coding required, but recommended.

header graphic

ModSecurity: Bootcamp Training Black Hat Edition
Breach Security

Designed for those people who want to quickly learn how to build, deploy, and use ModSecurity in the most effective manner possible.

header graphic

SAP (In)security
Mariano Nuñez Di Croce, CYBSEC

How to secure an SAP system? How to perform a security assessment of an SAP system? These are the two questions that this course tries to answer.

Web Application (In)security
NGS Software

If you are concerned with the security of web applications and the insecurity they introduce to your back end information systems this is the workshop for you.

Auditing and Assessment

Advanced Database Security Assessment
NGS Software

Discover flaws in database security and effectively develop strategies to keep attackers out.
This Course is Closed. No seats are available.

header graphic

Defend the Flag (DTF)
Microsoft, iSEC Partners, and Immunity

Learn to attack and secure Windows.

Hacking by Numbers: Cadet

Novice level. A highly practical course that teaches method-based hacker thinking, skills and techniques.

Hacking by Numbers: Bootcamp

Novice level. A highly practical course that teaches method-based hacker thinking, skills and techniques.

Hacking by Numbers: Combat Training

Advanced level. This course is all hack, no talk.

header graphic

Hacking by Numbers: Web 2.0

Web 2.0 is a whole new world and Hacking By Numbers - Web 2.0 Edition is a course designed to prepare you for it.

header graphic

Hands on Penetration Testing with BackTrack 3: 0wning the Network
Mati Aharoni, Offensive Security

This is an intensive, hardcore, hands on Security class by the creators of Backtrack especially designed for delivery in BlackHat Trainings. The course is an interesting amalgamation between our entrylevel course (Offensive Security 101) and expert level course (BackTrack to the Max).

header graphic

Source Code Review - J2EE
Security Compass

Roll up your sleeves and dive in to this hands-on tutorial on how to discover vulnerabilities in your J2EE code using static source code analysis.

TCP/IP Weapons School: Black Hat Edition
Richard Bejtlich, TaoSecurity

Learn how networks can be abused and subverted, while analyzing the attacks, methods, and traffic that make it happen.

Ultimate Hacking: Black Hat Edition

The definitive training regimen for assessing and securing your networks.

Ultimate Hacking: Expert

In depth coverage of current security topics. Not for Beginners.


Certified Ethical Hacker (C|EH) Version 6

Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

ECSA/LPT Certification Preparation

The ECSA course equips one with the knowledge and know-hows to become an EC-Council Licensed Penetration Tester.

NSA InfoSec Assessment Methodology Course (IAM) - Level 1
Security Horizon

You will need this course before you can take the IEM course. Earn NSA Certification.

NSA InfoSec Assessment Methodology Course (IEM) - Level 2
Security Horizon

The followup course to the IAM. Earn NSA certification.


header graphic

Cryptographic Primitives: A Close Look Inside
Andrew Lindell

In this course, students will gain an in-depth understanding of how cryptographic primitives are constructed and broken.


The Exploit Laboratory
Saumil Udayan Shah

Learn how to expose the inner mechanisms of exploits and how they work. The class is highly hands-on and very lab intensive.

header graphic

Exploits 101
Allen Harper

Working through lab examples and real world vulnerabilities to take you to the next level


Discover the Hidden: Steganography Investigator Training
WetStone Technologies

A comprehensive course for investigating the suspected use of digital steganography

Incident Response: Black Hat Edition
Kevin Mandia, MANDIANT

Specifically designed for information security professionals and analysts who respond to computer security incidents.

header graphic

Inside Hacking and Malware
WetStone Technologies

The most effective approach to get into the mind of cyber criminals is to utilize their tools and technologies in a hands-on environment and become familiar with the fundamental hacking process. This four day course is structured with interactive lab environments to allow students to work together and experience real investigative scenarios. Learn how to become the lead investigator in your office and learn to stay one step ahead of the criminals.

Live Digital Investigation – Investigating the Enterprise
WetStone Technologies

"Live" enterprise investigation training.

header graphic

Memory Forensics in Incident Response
James (“Jamie”) Butler II

This class will focus on the use of freeware and open source tools to perform advanced memory analysis.


Hands-On Hardware Hacking and Reverse Engineering Techniques: Black Hat Edition
Joe Grand

This course is the first of its kind and focuses entirely on hardware hacking.

header graphic

Lock Picking and Physical Security: From Beginner to Expert
Deviant Ollam

This workshop is geared towards security professionals whose duties and responsibilities include guiding security decisions for whole departments or even entire companies.

header graphic

SCADA Defense: Protecting Critical Infrastructure

This course is designed to provide process control professionals with a fundamental understanding of the steps needed to effectively defend their critical infrastructure assets.

Side Channel Analysis and Countermeasures

Learn how to protect embedded and smart card technology against side channel analysis

Malware Analysis

Advanced Malware Deobfuscation
Jason Geffner & Scott Lambert

No Source? No Symbols? No Problem.

Malware Analysis: Black Hat Edition

This introductory course is for those interested in entering the field of malicious software analysis.

Understanding Stealth Malware
Joanna Rutkowska and Alexander Tereshkin

An in-depth understanding of how advanced stealth malware works, how it interacts with the operating system, underlying harware and network.


Enterprise Security From Day 1 to Completion: A Practical Approach to Developing an Information Security Program
Chris Conacher

A practical, step-by-step approach to securing an entire organization.

header graphic

Leading, Planning, and Executing an Application Security Initiative
Aspect Security

For executives and managers - get the education and practical guidance you need to ensure that your software projects properly address security in this collaborative workshop 2 day session.


header graphic

Building a Better Mouse Trap: The Art of Developing Effective Intrusion Detection/Prevention Signatures
Rohit Dhamankar & Rob King

Learn how to implement effective network intrusion prevention.

Infrastructure Attacktecs™ & Defentecs™: Cisco Voice Over IP
Steve Dugan & Rodney Thayer

A new hands-on course offering from the creator of Hacking Cisco Networks.
This Course is Closed. No seats are available.

Infrastructure Attacktecs™ & Defentecs™: Hacking Cisco Networks
Steve Dugan

Extremely popular and intense hands-on course.

Tactical VoIP: Applied VoIPhreaking
the Grugq

Learn how to attack VoIP

Reverse Engineering

header graphic

Analyzing Software for Security Vulnerabilities
Halvar Flake

Intense course encompassing binary analysis, reverse engineering and bug finding.

The IDA Pro Class: Reverse Engineering with IDA Pro
Chris Eagle

Essential background material for effective reverse engineering.

Reverse Engineering on Windows:
Pedram Amini and Ero Carrera

This class is meant to impart cutting-edge understanding of malicious code analysis upon attendees, ultimately taking them to an advanced level of reverse engineering skills applicable to other security domains.

header graphic

Reverse Engineering Rootkits
Greg Hoglund, HBGary
Rich Cummings, HBGary

This two day class will cover useful techniques and methods for incident response in the field when machines are suspected of intrusion with stealthy malware.

Systems Administration

Microsoft Ninjitsu: Black Belt Edition
Timothy Mullen, Jim Harrison & Dr. Thomas Shinder

This one-of-a-kind training course will arm attendees with the skills needed to design, deploy, maintain and secure even the most sophisticated Microsoft infrastructures. This "special edition" course will also include the development and design of ISA Server DMZ configurations and deployments to further secure your Microsoft installations


Invisible Network, Invisible Risk
Adam Laurie

Wireless Security Class... Hot!

Ultimate Hacking: Wireless Edition

Knowledge is power and you do not want the hackers to know more about your wireless networks than you do…

� 1997-2009 Black Hat