Please click on any Training title below to see pricing and full description.
Note: Please read all Registration Terms and Conditions carefully. Training courses include full access to the Business Hall, Sponsor Workshops, Sponsor Sessions, and Arsenal. Briefings are not included with the purchase of a Training pass; however, you may purchase a Briefings pass to complement your Training course/s once you register. All Briefings and Trainings will be presented in English.
The fast-paced course teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. The course will cover advanced penetration techniques to achieve exploitation against these platforms:
Students will have access to a hack-lab with wide variety of vulnerabilities to practice exploitation and will receive a FREE 1 month subscription after the class to allow more practice time. From old-school misconfiguration issues to the very latest cutting-edge exploits, we have got it all covered.
Adversary Hunting and Incident Response: Network Edition offers practical experience for an often underutilized incident response practice-- hunting. Hunting is the proactive search of a network for threats that may go unidentified by intrusion detection, AV, and other security systems. Hunting provides opportunities for organizations to find unknown threats while gaining deeper understanding of their networks. This course will teach you how to hunt through network data and identify threats commonly seen from nation-state adversaries, organized criminal syndicates, and hacktivists using a variety of free and open source tools.
This training, a natural growth from Matasano's Cryptopals' challenges and the 'Crypto for Pen Testers' course, is designed to give students a a deep understanding of how exploitable cryptographic vulnerabilities and problematic cryptographic protocols arise. Rather than focus on individual attacks and teach people how to perform carbon-copy exploitation in contrived scenarios - we've gone a level deeper and taken the common underpinnings of them. What do Lucky13, hash length extensions, and Bitlocker bypass attacks have in common? Recognize the fundamental issue in them, and then start finding novel attacks in new situations.
This course provides a solid foundation in cloud security, and includes a full day of hands-on labs to apply the principles in practice. We cover all the material needed to pass the Cloud Security Alliance Certificate of Cloud Security Knowledge (CCSK) exam, but add a pragmatic approach to immediate kick start your cloud security projects. For Black Hat, we also add expanded material to show you how to take cloud security to the next level by leveraging DevOps techniques and the characteristics of the cloud.
Dark Side Ops: Custom Penetration Testing focuses on using stealthy techniques, advanced attacks, and custom malware to conduct realistic, targeted penetration tests. Intensive, hands-on labs provides even intermediate participants with a structured and challenging approach to write custom code and bypass the very latest in offensive countermeasures. Participants will also receive and compile source code to create several custom backdoors, RATs, and persistence and privilege escalation techniques as they learn to plan, exploit, pivot, persist, and evade detection in even the most secure networks.
This course looks at the methods and approaches one would take when performing internal and external network penetration tests. In our fully functional lab, your aim will be to think like an attacker and map out your target, find weaknesses and fully exploit trust relationships in place. Using scenarios along with presentations, this course is a healthy mix of thinking, strategies and the methodologies you might need for every step along the way. If you are looking for practical, hands on approach to learning how to pwn a network, then this is where you will find it.
This course teaches hardware hacking and reverse engineering techniques and skills commonly used against electronic products and embedded systems. It is a combination of lecture and hands-on exercises covering the hardware hacking process, proper use of tools and test measurement equipment, circuit board analysis and modification, embedded security, and common hardware attack vectors. The course concludes with a final hardware hacking challenge in which students must apply what they've learned in the course to defeat the security mechanism of a custom circuit board.
Almost every computer incident involves a trojan, backdoor, virus, or rootkit. Incident responders must be able to perform rapid analysis on the malware encountered in an effort to cure current infections and prevent future ones. This course provides a rapid introduction to the tools and methodologies used to perform malware analysis on executables found on Windows systems using a practical, hands-on approach.
Learn how to exploit an IoT device in this 2-day complete hands-on class using both real devices and emulated environments. Map out the architecture, identify attack surfaces, discover vulnerabilities and write exploits in this unique class for the first time in BlackHat. Full of labs and practical challenges with different varieties of IoT devices.