Conceptually, red teaming is pretty simple: Slip past the good guys' defenses to show them where their rears are exposed. Actually doing so, on the other hand, requires skill, know-how, and finesse. That's the focus of today's first spotlighted Training.
The Exploit Laboratory: Red Team is an all-new intermediate to advanced-level class, for those curious to dig deeper into the art and craft of software exploitation. Brought to you by the same trainers who presented the popular Exploit Laboratory for over nine years, The Exploit Laboratory: Red Team will mainly focus on bug classes and vulnerabilities which are relevant today, such as in browsers and PDF readers. Hands-on labs will be abundant, so prepare to roll up your sleeves. The class will end with a capture-the-flag contest in which newly acquired exploit-writing skills will be put to the test.
(By the way, you can combine this Red Team Training with The Exploit Laboratory: Black Belt to make a comprehensive four-day course.)
Continuing on the offensive, Hacking by Numbers Reloaded - Black Ops is not your average point-and-click pwnage course, but designed and developed based upon real-world field experience and techniques. You'll learn how to generate an appropriate payload, gain remote access, and persist on the target box or network. The course also touches upon the latest tools and techniques aiding data harvesting, exfiltration, pivoting, privilege escalation, HIPS evasion, persistence, client-side attacks, and OSINT. But the best comes last: You'll need to stalk, social engineer, exploit, and exfiltrate data from a suspected bad guy using the techniques learned throughout the course.
Finally, we take a look at physical security. You know, those metal doors and locks that protect your assets from the chaos outside? Physical Penetration Testing explores the oft-overlooked world of real-world site security, aiming to give you a full awareness of how to best protect buildings and grounds from unauthorized access, as well as how to compromise most existing physical security in order to gain access yourself. After all, not even the most hardened server will stand a chance if a bad guy gains access to its keyboard.
Ready to register? Early-bird rates are available until June 2. Please visit Black Hat USA 2014's registration page to get started.