SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Training"

Difference between revisions of "Training"

From BruCON 2017

Jump to: navigation, search
(Threat Modeling and Architecture review by Pravir Chandra)
(Training (2-4 October))
 
(170 intermediate revisions by 4 users not shown)
Line 1: Line 1:
These are the confirmed trainings for Brucon 2011
+
<div style="text-align: left;">
 +
Immerse yourself into the world of pen testing and application security by attending the BruCON Training.
 +
Spring training is held between 19 and 21 of April and fall training between 2 and 4 October (before the conference) offering world-class, deep-dive technical training given by '''the most recognised experts''' with huge industry experience in their domain!
  
==Registration details==
+
== Training (2-4 October) ==
The price for the 2 day courses is <del>895 Euro early bird (+ VAT) per attendee. After 15th of July this will become</del> 995 Euro (+ VAT) per attendee.
+
For the BruCON 0x09 edition, we are bringing you no less than 8(!) courses to choice from !
  
Registration for Trainings:
+
The Line-Up:
 +
* '''[[Training 2017 - Corelan Advanced|Corelan Advanced by Peter Van Eeckhoutte]] '''(3-day training) - The Corelan “ADVANCED” exploit development class is a fast-paced, mind-bending, hands-on course where you will learn advanced exploit development techniques from an experienced exploit developer. Only limited seats available so get them while you can.
 +
* '''[[Training 2017 - Exploiting Websites by using offensive HTML, SVG, CSS and other Browser-Evil|Exploiting Websites by using offensive HTML, SVG, CSS and other Browser-Evil by Mario Heiderich]] '''(3-day training) - Probably one of the best courses when it comes to exploiting websites and application returns to BruCON once more. Mario of Cure53 will host this 3-day course and will guide you through the latest and greatest in offensive website security for you to adsorb and put to concrete use!
 +
* <strike> '''[[Training 2017 - SensePost OSINT: Stalk like a boss|SensePost OSINT: Stalk like a boss by Daniel Cuthbert and Jonathan Hargreaves]] '''(2-day training) - A course which needs no introduction (and yet we bothered to write one). This course, by SensePost COO Daniel Cuthbert and Jonathan Hargreaves teaches you how to harness information online to build up a solid dossier of intel and gives you the confidence, as an investigator, to research individuals, companies, organisations and internet traffic. </strike> CANCELLED
 +
* '''[[Training 2017 - Offensive PowerShell for Red and Blue Teams|Offensive PowerShell for Red and Blue Teams by Nikhil Mittal]] '''(3-day training) - After the great success last year (+30 students), we are bringing this back to you ! In this course, you'll learn how to attack Windows network using PowerShell, based on real world Red team assessments. The course runs on a lab network with multiple active directory forests to which attendees will have free access for one month after the raining. The class consists of hands-on, challenges and demonstrations.
 +
* '''[[Training 2017 - Pentesting the Modern Application Stack|Pentesting the Modern Application Stack by Bharadwaj Machiraju and Francis Alexander]] '''(2-day training) - Pentesting the Modern Application Stack is a unique course that covers red team tactics for pentesting modern day application stack. Attendees will learn to identify, exploit and exfiltrate data from Database Servers, Software Collaboration tools, CI tools, Distributed Configuration & Resource management tools, Containers, Big Data Environments, Search Technologies and Message Brokers. The 2 days course is a fast paced and completely hands on program that aims to impart the technical know-how methodology and tools of trade for testing these systems. Real world corporate stacks are emulated in the form of containerised challenges to prepare students for real world scenarios.
 +
* '''[[Training 2017 - Modern Red Team Immersion Bootcamp|Modern Red Team Immersion Bootcamp by Josh Schwartz (aka FuzzyNop)]] '''(2-day training) - The Modern Red Team Immersion Bootcamp is designed to expose students to the types of attacks that long term persistent Red Teams have deployed against modern organizations. The first day includes a deep dive of recon techniques and approaches where students will plan an attack against a target of their choosing. The second day focuses on post exploitation, lateral movement, and escalation techniques within modern environments comprised of OSX, Linux, Continuous Integration Systems, and elastic compute services.
 +
* '''[[Training 2017 - Windows Kernel Exploitation|Windows Kernel Exploitation by Ashfaq Ansari]] '''(3-day training) - This is the most requested training according to our previous students, so we had to bring him back ! The devil is in details, and for Windows, it's Kernel remains the most devilish part and the most important target from the point of view of exploitation these days. This course of Windows Kernel Exploitation, is unique course by Ashfaq which is fast winning over the world. Ashfaq has delivered this course on all the 3 major continents in short span of a year along with disclosing many CVEs on regular basis.
 +
* '''[[Training 2017 - Smashing the SSL/TLS protocol with practical crypto attacks|Smashing the SSL/TLS protocol with practical crypto attacks by Marco Ortisi]] '''(3-day training) - Smashing the SSL/TLS protocol with practical crypto attacks is a 3-days long course dedicated for professionals and students eager to keep pace with latest crypto attacks affecting SSL/TLS services and learn the relative defensive countermeasures. This is a completely hands-on course, because there is no better way to understand crypto theory than put into practice attacks and techniques to defeat crypto algorithms. The course is also one of a kind. The practical part is based on a new framework called cryptosploit (code will be released for free as part of class materials).
  
[[File:Register.jpg||link=https://ssl.brucon.org/register-training]]
+
The "Modern Red Team Immersion Bootcamp" and "SensePost OSINT: Stalk like a boss course" will be hosted at the NH Gent Belfort hotel which is less than one minute away from the Novotel.
  
==Location and dates==
+
== Spring Training (19-21 April) ==
The courses will be given on 21 & 22 September at the Vrije Universiteit Brussel, Pleinlaan 2, 1050 Elsene
+
'''Spring Training is over.'''
 +
We would like to thank all students and trainers for another successful training.
  
The courses start at 9h00 and end at 17h00.
+
The Line-Up:
 +
* '''Malicious Documents for Blue and Red Teams by Didier Stevens'''(3-day training)
 +
* '''Corelan Bootcamp by Peter Van Eeckhoutte'''(3-day training)
 +
* '''Mobile Application Exploitation (iOS and Android) by Prateek Gianchandani'''(3-day training)
 +
* '''Windows Breakout and Privilege Escalation by Jason Cook and Francesco Mifsud'''(3-day training)
 +
* '''Open Source Defensive Security Training by Leszek Mis'''(3-day training)
  
Lunch is included in the training fee.  
+
==Registration details==
 +
The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee. <br>
 +
The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee. <br>
  
==FAIR - Factor Analysis of Information Risk by Jack Jones==
+
'''As of the 1st of July 2017''' this will become 1200 Euro (2-day) / 1500 Euro (3-day) (+ VAT) per attendee.<br>
 +
(*) The Corelan trainings are a little bit more expensive but consist of 3 long days (+  10 hours) including dinner.
  
Factor Analysis of Information Risk (FAIR) provides a framework for understanding, analyzing, and measuring information risk. The outcomes are more cost-effective information risk management, greater credibility for the information security profession, and a foundation from which to develop a scientific approach to information risk management.
+
Registration for Trainings:
  
This training will introduce the students to FAIR and teach them how to apply it to real-life scenarios. 
+
[[File:Register.jpg||link=https://registration.brucon.org/training-registration/]]
  
At the end of training, students are eligible to take a certification exam at no additional cost.
+
The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration.  Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.
  
Everyone who attends training receives a free copy of the FAIRLite Excel-based application.
+
==Location and dates==
FAIRLite is an Excel application designed to enable simple and effective quantitative analysis of
+
Courses are held at the '''Hotel Novotel Gent Centrum, Goudenleeuwplein 5''' and '''NH Gent Belfort, Hoogpoort 63, B-9000 Ghent'''. Both hotels are within walking distance of each other (<1 minute). The Novotel hotel is still recommended for accommodation (see [http://2017.brucon.org/index.php/Travel#Accommodation here] for more info) and will be hosting the student social event on Tuesday evening<br>
risk scenarios using the FAIR framework. Developed by a former CISO who understands the
 
need for efficient and practical tools, FAIRLite is simple to use and yet flexible enough to per-
 
form powerful analyses on complex scenarios.
 
 
 
Note that FAIRLite requires an Excel plugin from RiskAMP.com. A fully functional 30-day
 
demo version of the RiskAMP plugin is provided to students. Students may purchase the plugin
 
(Professional Edition required) directly from RiskAMP for $249.95.
 
 
 
Students are considered to have a basic understanding of risk and some experience in one or more disciplines related to risk (e.g., information security, disaster recovery, continuity management, operational risk, etc.).
 
 
 
==Corelan Live – Win32 Exploit Development Bootcamp by Peter Van Eeckhoutte'''==
 
 
 
Based on the Corelan tutorials, this hands-on course will provide students with solid understanding of current Win32 stack based exploitation techniques :
 
 
 
-      Win32 memory management
 
 
 
-      Using debuggers and debugger plugins such as pvefindaddr
 
 
 
-      Exploiting stack buffer overflows
 
 
 
-      Bypassing memory protections (Safeseh, sehop, stack cookies, aslr, dep)
 
 
 
-      Dealing with character set conversions and transformations (Unicode, etc)
 
 
 
-      Using egghunters, omelet egg hunters
 
 
 
-      Writing and integrating modules for Metasploit
 
 
 
-      Writing shellcode
 
 
 
more info can be found at  : http://www.corelan-training.com/
 
 
 
==There’s An App For That (Pentesting Mobile Apps) by Joe McCray==
 
 
 
This is a 2-day workshop focused on hands-on mobile application security
 
testing. Each day this course starts you off with setting up your
 
environment (emulator/sdk/hardware/etc), then quickly moves into using your
 
device as an attack platform. From there the course goes into the basics of
 
reverse engineering mobile applications, exploiting mobile applications on
 
each respective platform, and finally on to attacking web services from each
 
platform.
 
 
 
'''Important Note:'''<br>
 
Students are strongly encouraged to bring a Mac laptop running OS 10.6 Snow
 
Leopard, and XCode 3.2.6
 
 
 
Running Windows or Linux is acceptable for the first day of class (Android),
 
but for the second day of class (iDevices) it is strongly recommended that
 
each student have Mac laptop running OS 10.6 Snow Leopard, and XCode 3.2.6
 
 
 
==A crash course in pentesting and securing VOIP networks by Sandro Gauci and Joffrey Czarny (Sn0rkY)==
 
As VoIP networks become more and more part of the way organizations
 
communicate, security professionals need to understand their strengths
 
and weaknesses. This knowledge will help them make sound decisions on
 
the security (or lack of) of their VoIP system and network.
 
 
 
Attendees who follow the VoIP security training will gain valuable
 
hands-on experience in testing VoIP equipment and networks. During the
 
training they will make use of existent security tools as well as
 
custom built tools to help them get the job done.
 
 
 
These are some of the hands-on topics that are covered:
 
 
 
* Scanning and fingerprinting various VoIP network protocols including SIP, SCCP (Skinny), MGCP, H.323 and IAX2
 
* Toll fraud or making phone calls for free (at the expense of the victim)
 
* Attacks on PBX systems, including those specific to web applications
 
* Wiretapping of phone calls, both on physical network and remote wiretapping
 
* Denial of service attacks affecting both phones and PBX systems
 
* Attacks specific to Cisco and Asterisk VoIP solutions
 
* Common IP Phone vulnerabilities
 
 
 
==Threat Modeling and Architecture review by Pravir Chandra==
 
Unfortunately Pravir Chandra's training has been cancelled. If you already registered for this training program please email training@brucon.org to either join another class or to request a refund.
 
  
<del>Threat Modeling & Architecture Review are cornerstones of a preventative approach to Software Security
+
Spring Training is held between 19 and 21 April and fall training between 2 and 4 October 2017.
Assurance. By combining these topics into single comprehensive course attendees can get a complete
 
understanding of how to understand the risks an application faces and how the application will handle
 
those potential problems. This enables consistently accurate assessment of an application’s security
 
posture and recommendation of appropriate improvements or mitigating controls.</del>
 
  
==Dissecting Wireless Network Security by Vivek Ramachandran==
+
The courses '''begin promptly at 09h00''' and '''end at 17h00''' (Except Corelan trainings). Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.
This workshop will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide the participants with a deep understanding of the principles behind various attacks and not just a quick how-
 
to guide on publicly available tools.
 
  
We will start our journey with the very basics by dissecting WLAN packet headers with Wireshark, then graduate to the next level by cracking WEP, WPA/WPA2 and then move on to real life challenges like orchestrating Man-in-the-
+
Lunch is included in the training fee. During the registration you can specify a regular, vegetarian or vegan mail. We will do our best to accommodate according to your requirements.
Middle attacks and taking on the live Wi-Fi CTF!
 
  
Topics that will be addressed in the training :
+
==Contact==
* Understanding WLAN protocol basics using Wireshark
+
If you need more information or have a specific request, you can reach out to use on Twitter (@BruCON) or via email training@brucon.org
* Bypassing WLAN Authentication – Shared Key, MAC Filtering, Hidden SSIDs
 
* Cracking WLAN Encryption – WEP, WPA/WPA2 Personal and Enterprise
 
* Attacking the WLAN Infrastructure – Rogues Devices, Evil Twins, DoS Attacks, MITM attacks
 
* Advanced Enterprise Attacks – attacking 802.1x, Radius server, Cisco LEAP, SSL MITM over Wireless, IPSec over WLAN attacks
 
* Attacking Wireless Intrusion Detection and Prevention Systems
 
* Attacking the Wireless Client – Honeypots, Hotspot attacks, Caffe-Latte, Hirte Attack, Ad-Hoc networks and Viral SSIDs, WiFishing
 
* Compromising the Client using Metasploit and SET post wireless network hijacking
 
* Wireshark as a wireless forensics tool
 
* Extending Aircrack-NG for fun and profit
 
* Programming Wireless Sniffers and Packet Injectors using raw sockets and 3rd party libraries
 
* Over 25 hands-on lab sessions on different attacks
 
* 5 pure Wi-Fi CTF challenges of varying difficulty played at various stages in the training
 

Latest revision as of 11:41, 18 August 2017

Immerse yourself into the world of pen testing and application security by attending the BruCON Training. Spring training is held between 19 and 21 of April and fall training between 2 and 4 October (before the conference) offering world-class, deep-dive technical training given by the most recognised experts with huge industry experience in their domain!

Training (2-4 October)

For the BruCON 0x09 edition, we are bringing you no less than 8(!) courses to choice from !

The Line-Up:

  • Corelan Advanced by Peter Van Eeckhoutte (3-day training) - The Corelan “ADVANCED” exploit development class is a fast-paced, mind-bending, hands-on course where you will learn advanced exploit development techniques from an experienced exploit developer. Only limited seats available so get them while you can.
  • Exploiting Websites by using offensive HTML, SVG, CSS and other Browser-Evil by Mario Heiderich (3-day training) - Probably one of the best courses when it comes to exploiting websites and application returns to BruCON once more. Mario of Cure53 will host this 3-day course and will guide you through the latest and greatest in offensive website security for you to adsorb and put to concrete use!
  • SensePost OSINT: Stalk like a boss by Daniel Cuthbert and Jonathan Hargreaves (2-day training) - A course which needs no introduction (and yet we bothered to write one). This course, by SensePost COO Daniel Cuthbert and Jonathan Hargreaves teaches you how to harness information online to build up a solid dossier of intel and gives you the confidence, as an investigator, to research individuals, companies, organisations and internet traffic. CANCELLED
  • Offensive PowerShell for Red and Blue Teams by Nikhil Mittal (3-day training) - After the great success last year (+30 students), we are bringing this back to you ! In this course, you'll learn how to attack Windows network using PowerShell, based on real world Red team assessments. The course runs on a lab network with multiple active directory forests to which attendees will have free access for one month after the raining. The class consists of hands-on, challenges and demonstrations.
  • Pentesting the Modern Application Stack by Bharadwaj Machiraju and Francis Alexander (2-day training) - Pentesting the Modern Application Stack is a unique course that covers red team tactics for pentesting modern day application stack. Attendees will learn to identify, exploit and exfiltrate data from Database Servers, Software Collaboration tools, CI tools, Distributed Configuration & Resource management tools, Containers, Big Data Environments, Search Technologies and Message Brokers. The 2 days course is a fast paced and completely hands on program that aims to impart the technical know-how methodology and tools of trade for testing these systems. Real world corporate stacks are emulated in the form of containerised challenges to prepare students for real world scenarios.
  • Modern Red Team Immersion Bootcamp by Josh Schwartz (aka FuzzyNop) (2-day training) - The Modern Red Team Immersion Bootcamp is designed to expose students to the types of attacks that long term persistent Red Teams have deployed against modern organizations. The first day includes a deep dive of recon techniques and approaches where students will plan an attack against a target of their choosing. The second day focuses on post exploitation, lateral movement, and escalation techniques within modern environments comprised of OSX, Linux, Continuous Integration Systems, and elastic compute services.
  • Windows Kernel Exploitation by Ashfaq Ansari (3-day training) - This is the most requested training according to our previous students, so we had to bring him back ! The devil is in details, and for Windows, it's Kernel remains the most devilish part and the most important target from the point of view of exploitation these days. This course of Windows Kernel Exploitation, is unique course by Ashfaq which is fast winning over the world. Ashfaq has delivered this course on all the 3 major continents in short span of a year along with disclosing many CVEs on regular basis.
  • Smashing the SSL/TLS protocol with practical crypto attacks by Marco Ortisi (3-day training) - Smashing the SSL/TLS protocol with practical crypto attacks is a 3-days long course dedicated for professionals and students eager to keep pace with latest crypto attacks affecting SSL/TLS services and learn the relative defensive countermeasures. This is a completely hands-on course, because there is no better way to understand crypto theory than put into practice attacks and techniques to defeat crypto algorithms. The course is also one of a kind. The practical part is based on a new framework called cryptosploit (code will be released for free as part of class materials).

The "Modern Red Team Immersion Bootcamp" and "SensePost OSINT: Stalk like a boss course" will be hosted at the NH Gent Belfort hotel which is less than one minute away from the Novotel.

Spring Training (19-21 April)

Spring Training is over. We would like to thank all students and trainers for another successful training.

The Line-Up:

  • Malicious Documents for Blue and Red Teams by Didier Stevens(3-day training)
  • Corelan Bootcamp by Peter Van Eeckhoutte(3-day training)
  • Mobile Application Exploitation (iOS and Android) by Prateek Gianchandani(3-day training)
  • Windows Breakout and Privilege Escalation by Jason Cook and Francesco Mifsud(3-day training)
  • Open Source Defensive Security Training by Leszek Mis(3-day training)

Registration details

The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee.
The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee.

As of the 1st of July 2017 this will become 1200 Euro (2-day) / 1500 Euro (3-day) (+ VAT) per attendee.
(*) The Corelan trainings are a little bit more expensive but consist of 3 long days (+ 10 hours) including dinner.

Registration for Trainings:

Register.jpg

The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration. Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.

Location and dates

Courses are held at the Hotel Novotel Gent Centrum, Goudenleeuwplein 5 and NH Gent Belfort, Hoogpoort 63, B-9000 Ghent. Both hotels are within walking distance of each other (<1 minute). The Novotel hotel is still recommended for accommodation (see here for more info) and will be hosting the student social event on Tuesday evening

Spring Training is held between 19 and 21 April and fall training between 2 and 4 October 2017.

The courses begin promptly at 09h00 and end at 17h00 (Except Corelan trainings). Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.

Lunch is included in the training fee. During the registration you can specify a regular, vegetarian or vegan mail. We will do our best to accommodate according to your requirements.

Contact

If you need more information or have a specific request, you can reach out to use on Twitter (@BruCON) or via email training@brucon.org