Training



Black Hat USA 2012 brings together the best minds in security to define tomorrow's information security landscape. Featuring many new tracks and new training sessions, Black Hat USA is the biggest and best conference we've ever presented.

Training Category Matrix - get printable pdf »


  • Adaptive Penetration Testing
    July 21-24

    Need to conduct effective penetration tests as efficiently as possible? This challenging, fast-paced course will teach you how to best use available tools and methodologies to accurately emulate modern threats; all while adapting to tightening budgets, limited timeframes and diverse skillsets.

    Presented By:
    Veris Group

  • Advanced Malware Analysis
    July 21-24

    Looking to sharpen you malware analysis skills? Then take this fast-paced class to develop skills in dealing with anti-reversing, packers and special case malware. You will practice your new skills by dissecting real malware via hands-on labs.

    Presented By:
    MANDIANT

  • Advanced Memory Forensics in Incident Response
    July 23-24

    Specifically designed for information security professionals and analysts who respond to computer security incidents. It is designed as an operational course, using case studies and hands-on lab exercises to ensure attendees are gaining experience in each topic area.


  • Advanced Web Attacks and Exploitation
    July 21-24

    From mind-bending XSS attacks, to exploiting race conditions, to advanced SQL injection attacks, Advanced Web Attacks and Exploitation will deepen and broaden your knowledge of web application hacking, as well as help you identify and circumvent various protection mechanisms in use on the web today.

    Presented By:
    Offensive Security

  • Advanced Windows Exploitation Techniques
    July 21-24

    Advanced Windows Exploitation provides an in-depth and hardcore drilldown into topics ranging from precision heap spraying to DEP & ASLR bypass techniques to real-world 64-bit kernel exploitation. This course is extremely hands-on and includes a lab environment, which is tailored to bringing the most out of you.

    Presented By:
    Offensive Security

  • An Introduction to More Advanced Steganography
    July 21-22

    Steganography has advanced tremendously over the last few years, with simple concepts sensationalized on mainstream TV. However, more sophisticated techniques are less well-known and may be overlooked by forensic analysts and popular Steganalysis software.

    Presented By:
    John A. Ortiz

  • Application Security: For Hackers and Developers
    July 21-22

    This course will have 4 components: reverse engineering, source code auditing, fuzzing and exploitation. Each section contains a liberal amount of labs and hands-on exercises.

    Presented By:
    Jared DeMott

  • The Art of Exploiting SQL Injection
    July 24

    This is a full day hands on training course which will typically target penetration testers, security auditors/administrators and web developers to learn advanced exploitation techniques. SQL Injection, although now nearly 15 years old, still exists in over 30% of the web applications.

    Presented By:
    Sumit Siddharth

  • Assessing and Exploiting Web Applications with Samurai-WTF
    July 21-22 July 23-24

    Using open source tools to perform web application assessments, this course will take attendees through the process of application assessment using the open source tools included in the Samurai Web Testing Framework Live CD (Samurai-WTF).


  • Building, Attacking and Defending SCADA Systems
    July 21-22 July 23-24

    This two day course will provide a primer into the world of securing industrial control and automation systems as they relate to the numerous industries where they are most prolific.


  • CNSS-4012 Senior System Manager/CNSS-4015 System Certifier Combination Course
    July 21-24

    Very focused, highly concentrated, non-technical professional training necessary to achieve the fundamental knowledge needed to define, design, integrate and manage information system security policies, processes, practices, and procedures within federal interest information systems and networks.


  • CNSS-4016 Risk Analyst
    July 21-24

    This workshop is geared towards security professionals whose duties and responsibilities include guiding security decisions for whole departments or even entire companies.


  • Crisis Management
    July 23-24

    Covering everything necessary to successfully manage an incident, students will work through various scenarios building response plans for each situation. From what should be in place prior to an incident, to knowing when to trust your network again, this practical course will teach you how to appropriately respond in real world incidents.

    Presented By:
    Peak Security

  • Cyber Network Defense Bootcamp
    July 23-24

    A two day workshop focusing on the progression from incident identification, investigation and malware analysis to explaining to management why it matters. In other words how to go from geek to sleek.

    Presented By:
    Adam Meyers

  • Designing Secure Protocols and Intercepting Secure Communication
    July 21-22 July 22-24

    This is a new and special training that covers both designing and attacking secure protocols. Attendees will learn the fundamentals of how to design a secure protocol, and be armed with the knowledge of how to evaluate the security of and discover weaknesses in existing protocols.

    Presented By:
    Moxie Marlinspike

  • Detecting & Mitigating Attacks Using Your Network Infrastructure
    July 21-22 July 23-24

    Learn leading network security practices from experts who develop these techniques and put them to practical use.


  • Digital Forensics and Incident Response
    July 21-24

    Digital forensics and incident response are two of the most critical fields in all of information security. The staggering number of reported breaches in the last year has shown that the ability to rapidly respond to attacks is a vital capability for all organizations.

    Presented By:
    Andrew Case
    Jamie Levy

  • Digital Intelligence Gathering Using Maltego
    July 21-22 July 23-24

    Unlock the true potential and raw power of Maltego. Join us and we'll show you how to navigate and map the Internet's darkest rivers...

    Presented By:
    Paterva

  • Effective Fuzzing: Using the Peach Fuzzing Platform
    July 21-22 July 23-24

    The first comprehensive hands-on fuzzing course centered on the industry standard Peach Fuzzing Platform. Learn how to fuzz just about anything with Peach. No coding required, but recommended.


  • The Exploit Laboratory
    July 21-22

    Learn how to expose the inner mechanisms of exploits and how they work. The class is highly hands-on and very lab intensive.


  • The Exploit Laboratory: Black Belt Edition
    July 23-24

    Black Belt is a new and advanced class continuing from where The Exploit Laboratory left off. This class is for those curious to dig deeper into the art and craft of software exploitation.


  • Hacking by Numbers: BlackOps
    July 21-22 July 23-24

    Your final course in the HBN series before being deployed into "Combat"

    Presented By:
    SensePost

  • Hacking by Numbers: Bootcamp
    July 21-22 July 23-24

    This course follows directly on from 'Cadet Edition' and serves as a prerequisite for the 'BlackOps Edition'. As always, the course can also be taken without any of the others. Bootcamp Edition can be taken back-to-back with either Cadet Edition (for beginners) or BlackOps Edition for more advanced students.

    Presented By:
    SensePost

  • Hacking by Numbers: Cadet
    July 21-22

    Beginner level. An introduction to the art and science of computer hacking.

    Presented By:
    SensePost

  • Hacking by Numbers: Combat
    July 21-22 July 23-24

    This course follows directly on from 'BlackOps Edition'. However, the course can also be taken without any of the others.

    Presented By:
    SensePost

  • Hacking by Numbers: Unplugged
    July 23-24

    The ultimate wi-fi hacking course

    Presented By:
    SensePost

  • Hacking by Numbers: W^3
    July 23-24

    Hacking by Numbers - W^3 Edition is an intermediate web application hacking course for people with some experience in penetration testing.

    Presented By:
    SensePost

  • Hands-On Hardware Hacking and Reverse Engineering Techniques: Black Hat Edition
    July 21-22 July 23-24

    This course is the first of its kind and focuses entirely on hardware hacking.

    Presented By:
    Joe Grand

  • IDA Pro Class: Reverse Engineering with IDA Pro
    July 21-22 July 23-24

    Essential background material for effective reverse engineering.

    Presented By:
    Chris Eagle

  • Incident Response: Black Hat Edition
    July 21-22 July 23-24

    Designed for information security professionals responding to computer security incidents or managing information security programs.

    Presented By:
    MANDIANT

  • Infrastructure Attacktecs™ & Defentecs™: Hacking Cisco Networks
    July 21-22 July 23-24

    Extremely popular and intense hands-on course.

    Presented By:
    Stephen Dugan

  • Inside and Out of the Social-Engineer Toolkit (SET)
    July 21-22 July 23-24

    This course will cover the social-engineer toolkit and how to leverage it during penetration tests.

    Presented By:
    David Kennedy

  • Malware Analysis: Black Hat Edition
    July 21-22 July 23-24

    "Looking to enter the exciting cat-and-mouse game of malware analysis? Take this fast-paced class to learn about the tools and techniques used by professionals. You will practice your new skills by dissecting real malware via hands-on labs."

    Presented By:
    MANDIANT

  • Mobile Hacking II
    July 21-22 July 23-24

    Brand new, never before seen mobile hacking course that will cover multiple smartphone technologies and development environments.

    Presented By:
    HotWAN

  • Modern Botnets
    July 21

    Master financial botnets in a day. Thoroughly understand their threats to your network and how they work by building and configuring your own.

    Presented By:
    Ken Baylor Ph.D.

  • Network Forensics: Black Hat Release
    July 21-24

    This fast-paced class includes packet analysis, statistical flow record analysis, wireless forensics, intrusion detection and analysis, network tunneling, malware network behavior—all packed into 4 days of hands on intensives.


  • Offensive Countermeasures: Defensive Tactics that Actually Work
    July 21-22 July 23-24

    Learn to become more offensive in your defensive tactics against attackers.

    Presented By:
    PaulDotCom

  • Pentesting with BackTrack
    July 21-24

    This is an intensive, hands-on security class by Offensive Security, the creators of Backtrack. "Pentesting with BackTrack" is targeted towards network administrators and security professionals who need to get acquainted with the latest hacking tools and techniques available with the world-renowned BackTrack 5.

    Presented By:
    Offensive Security

  • Pentesting with Perl
    July 23-24

    This popular single day class has been expanded into a two day course. Utilize Perl to streamline the tedious aspects of pentesting.

    Presented By:
    Joshua Abraham

  • Physical Penetration Testing (Introduction)
    July 23-24

    Those who attend this session will leave with a full awareness of how to best protect buildings and grounds from unauthorized access, as well as how to compromise most existing physical security in order to gain access themselves. Distinguish good locks and access control from poor ones and become well-versed in picking and bypassing in order to assess your own company's security posture or augment your career as a penetration tester.

    Presented By:
    The CORE Group

  • Physical Penetration Testing (Advanced)
    July 21-22

    Individuals with an established understanding of the mechanics of locks and the basic ways in which they can be compromised will learn highly advanced and specialized techniques in this course. Impressioning fully-functioning keys for unknown locks, manipulating the dials of safes, and advanced picking and bumping techniques for higher security locks will be covered in great detail. [Restricted to Law Enforcement Officers, Government Personnel, and Properly-Credentialed Established Security Professionals only.]

    Presented By:
    The CORE Group

  • Practical ARM Exploitation
    July 23-24

    Intensive lab-based course aiming to expand your exploitation ability to include the ARM processor architecture. Students will learn under "real world" circumstances through multiple lab exercises and challenges covering code auditing, advanced heap exploitation and more.


  • Real World Security: Attack, Defend, Repel
    July 21-22

    An intensive 2 day course/exercise for the security professional that wants to up the ante on their current skill sets in offensive and defensive security. Learn new tactics and receive guidance from expert instructors while you test yourself in a team vs team environment. Hands on and technical.

    Presented By:
    Peak Security

  • SAP Security In-Depth
    July 23-24

    Have you ever wondered whether your business-critical SAP implementation was secure? Do you know how to check it? Have you imagined which could be the impact of an attack to your core business platform? Do you know how to prevent it? This training is the answer to these questions.


  • The Shellcode Lab
    July 21-22 July 23-24

    Compromise Windows, Linux and Mac OSX machines, bypass security controls, and increase your successful exploitation rate by creating shellcode using various shellcoding techniques. Also learn how to integrate your shellcode into Metasploit so it can be used by all Metasploit exploits.

    Presented By:
    Ty Miller

  • Social Engineering for Penetration Testers
    July 21-24

    The Social Engineering for Penetration Testers program is a week-long immersion into the world of a professional social engineer.

    Presented By:
    White Hat Defense

  • Tactical Exploitation
    July 23-24

    Using a combination of new tools and lesser-known techniques, attendees will learn how hackers compromise systems without depending on standard exploits.

    Presented By:
    Attack Research

  • TCP/IP Weapons School 3.0
    July 21-22 July 23-24

    Learn how networks can be abused and subverted, while analyzing the attacks, methods, and traffic that make it happen.


  • Ultimate Hacking: Black Hat Edition
    July 21-22 July 23-24

    This course delivers hands on application of Foundstone's hacker methodology. This course has long been considered essential for penetration testers.

    Presented By:
    Foundstone

  • Ultimate Hacking: Malware Forensics & Incident Response
    July 21-24

    McAfee's Malware Forensics & Incident Response Education (MFIRE) workshop is a proactive weapon to help you normalize your environment after a negative event has occurred.

    Presented By:
    Foundstone

  • Ultimate Hacking: Wireless
    July 21-22 July 23-24

    This course delivers hands on application of Foundstone's wireless hacking methodology. This course takes you from configuring interfaces to the latest attacks.

    Presented By:
    Foundstone

  • Uses and Misuses of Cryptography: How to Use Crypto Properly and Attack Those That Don't
    July 22-24

    Even when crypto is correctly implemented, it is notoriously difficult to use correctly. In this course we study how crypto works, how to use it properly, and how to stay clear of crypto misuses that will leave you wide open to attack.

    Presented By:
    Andrew Lindell

  • The Web Application Hacker's Handbook, 2nd Edition: LIVE!
    July 21-22 July 23-24

    MDSec's course is delivered by the authors of the Web Application Hacker's Handbook, and the author of Burp Suite. It features hands-on hacking from the 2nd Edition of the Handbook, with 150+ examples including a CTF contest