SEARCH
TOOLBOX
LANGUAGES
Difference between revisions of "Training"

Difference between revisions of "Training"

From BruCON 2017

Jump to: navigation, search
(Training (2-4 October))
 
(154 intermediate revisions by 4 users not shown)
Line 1: Line 1:
==Metasploit for Penetration Testing by Georgia Weidman==
+
<div style="text-align: left;">
The class will begin with the basics of using the Metasploit Framework. We will continue on following the penetration test methodology to use Metasploit to exploit vulnerable systems in a lab. Jumping off from basic concepts we will move into advanced topics such as writing your own Metasploit modules and creating sophisticated client side attacks with Metasploit and the Social Engineering Toolkit. This class is suitable for those with no background in Metasploit or penetration testing as well as penetration testers who want to add the Metasploit Framework to their arsenal.
+
Immerse yourself into the world of pen testing and application security by attending the BruCON Training.  
 +
Spring training is held between 19 and 21 of April and fall training between 2 and 4 October (before the conference) offering world-class, deep-dive technical training given by '''the most recognised experts''' with huge industry experience in their domain!
  
==Cyberwar: using the techniques and tactics of APT's in Penetration Tests by Joe McCray==
+
== Training (2-4 October) ==
Google, Sony, Lockheed Martin, several large financial institutions, several large oil companies, the stock market, and countless other large organizations have all targeted and systematically compromised by hackers commonly referred to as Advanced Persistent Threat (APT). These hackers, use an attack methodology focused on stealth, data collection, and persistence.
+
For the BruCON 0x09 edition, we are bringing you no less than 8(!) courses to choice from !
  
This course picks up where the wildly successful "Advanced Penetration Tester: Pentesting High Security Environments" left off. Taking Intrusion Detection System (IDS) evasion, and Anti-virus bypass to the next level.
+
The Line-Up:
 +
* '''[[Training 2017 - Corelan Advanced|Corelan Advanced by Peter Van Eeckhoutte]] '''(3-day training) - The Corelan “ADVANCED” exploit development class is a fast-paced, mind-bending, hands-on course where you will learn advanced exploit development techniques from an experienced exploit developer. Only limited seats available so get them while you can.
 +
* '''[[Training 2017 - Exploiting Websites by using offensive HTML, SVG, CSS and other Browser-Evil|Exploiting Websites by using offensive HTML, SVG, CSS and other Browser-Evil by Mario Heiderich]] '''(3-day training) - Probably one of the best courses when it comes to exploiting websites and application returns to BruCON once more. Mario of Cure53 will host this 3-day course and will guide you through the latest and greatest in offensive website security for you to adsorb and put to concrete use!
 +
* <strike> '''[[Training 2017 - SensePost OSINT: Stalk like a boss|SensePost OSINT: Stalk like a boss by Daniel Cuthbert and Jonathan Hargreaves]] '''(2-day training) - A course which needs no introduction (and yet we bothered to write one). This course, by SensePost COO Daniel Cuthbert and Jonathan Hargreaves teaches you how to harness information online to build up a solid dossier of intel and gives you the confidence, as an investigator, to research individuals, companies, organisations and internet traffic. </strike> CANCELLED
 +
* '''[[Training 2017 - Offensive PowerShell for Red and Blue Teams|Offensive PowerShell for Red and Blue Teams by Nikhil Mittal]] '''(3-day training) - After the great success last year (+30 students), we are bringing this back to you ! In this course, you'll learn how to attack Windows network using PowerShell, based on real world Red team assessments. The course runs on a lab network with multiple active directory forests to which attendees will have free access for one month after the raining. The class consists of hands-on, challenges and demonstrations.
 +
* '''[[Training 2017 - Pentesting the Modern Application Stack|Pentesting the Modern Application Stack by Bharadwaj Machiraju and Francis Alexander]] '''(2-day training) - Pentesting the Modern Application Stack is a unique course that covers red team tactics for pentesting modern day application stack. Attendees will learn to identify, exploit and exfiltrate data from Database Servers, Software Collaboration tools, CI tools, Distributed Configuration & Resource management tools, Containers, Big Data Environments, Search Technologies and Message Brokers. The 2 days course is a fast paced and completely hands on program that aims to impart the technical know-how methodology and tools of trade for testing these systems. Real world corporate stacks are emulated in the form of containerised challenges to prepare students for real world scenarios.
 +
* '''[[Training 2017 - Modern Red Team Immersion Bootcamp|Modern Red Team Immersion Bootcamp by Josh Schwartz (aka FuzzyNop)]] '''(2-day training) - The Modern Red Team Immersion Bootcamp is designed to expose students to the types of attacks that long term persistent Red Teams have deployed against modern organizations. The first day includes a deep dive of recon techniques and approaches where students will plan an attack against a target of their choosing. The second day focuses on post exploitation, lateral movement, and escalation techniques within modern environments comprised of OSX, Linux, Continuous Integration Systems, and elastic compute services.
 +
* '''[[Training 2017 - Windows Kernel Exploitation|Windows Kernel Exploitation by Ashfaq Ansari]] '''(3-day training) - This is the most requested training according to our previous students, so we had to bring him back ! The devil is in details, and for Windows, it's Kernel remains the most devilish part and the most important target from the point of view of exploitation these days. This course of Windows Kernel Exploitation, is unique course by Ashfaq which is fast winning over the world. Ashfaq has delivered this course on all the 3 major continents in short span of a year along with disclosing many CVEs on regular basis.
 +
* '''[[Training 2017 - Smashing the SSL/TLS protocol with practical crypto attacks|Smashing the SSL/TLS protocol with practical crypto attacks by Marco Ortisi]] '''(3-day training) - Smashing the SSL/TLS protocol with practical crypto attacks is a 3-days long course dedicated for professionals and students eager to keep pace with latest crypto attacks affecting SSL/TLS services and learn the relative defensive countermeasures. This is a completely hands-on course, because there is no better way to understand crypto theory than put into practice attacks and techniques to defeat crypto algorithms. The course is also one of a kind. The practical part is based on a new framework called cryptosploit (code will be released for free as part of class materials).
  
There are a few things to note that will be different from the "Advanced Penetration Tester: Pentesting High Security Environments" and from any other hacking course for that matter:
+
The "Modern Red Team Immersion Bootcamp" and "SensePost OSINT: Stalk like a boss course" will be hosted at the NH Gent Belfort hotel which is less than one minute away from the Novotel.
  
1. Per student request there will be NO Windows XP, or Vista in the course. Only Windows 7, and Server 2008 RC2, and new Linux distributions as the targets for students to go after.
+
== Spring Training (19-21 April) ==
 +
'''Spring Training is over.'''
 +
We would like to thank all students and trainers for another successful training.  
  
2. Students attack a network of fully patched, and hardened Windows 7, Server 2008 RC2 hosts. Each target computer will be running a Host-Based Intrusion Detection System (HIDS), updated Anti-Virus, and a logging agent that reports to a Security Information and Event Management (SIEM) solution.
+
The Line-Up:
 +
* '''Malicious Documents for Blue and Red Teams by Didier Stevens'''(3-day training)
 +
* '''Corelan Bootcamp by Peter Van Eeckhoutte'''(3-day training)
 +
* '''Mobile Application Exploitation (iOS and Android) by Prateek Gianchandani'''(3-day training)
 +
* '''Windows Breakout and Privilege Escalation by Jason Cook and Francesco Mifsud'''(3-day training)
 +
* '''Open Source Defensive Security Training by Leszek Mis'''(3-day training)
  
3. There will also be a Network Intrusion Detection System (NIDS), a web content filtering proxy, and a stateful inspection firewall as well.
+
==Registration details==
 +
The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee. <br>
 +
The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee. <br>
  
4. The classroom will have 4 projectors running to show in real time the events triggered by the HIDS, NIDS, Proxy, and the logs so the student can learn exactly what attacks and defenses really work in today's high security environment.
+
'''As of the 1st of July 2017''' this will become 1200 Euro (2-day) / 1500 Euro (3-day) (+ VAT) per attendee.<br>
 +
(*) The Corelan trainings are a little bit more expensive but consist of 3 long days (+  10 hours) including dinner.  
  
Students that are Network/System Administrators with three or more years experience working in environments such as financial institutions, DoD networks, or similar high security environments will benefit greatly from this course.
+
Registration for Trainings:
  
It is however primarily designed for Network/Web Application Penetration testers that are looking for the little tips and tricks that will help them better attack high security environments.
+
[[File:Register.jpg||link=https://registration.brucon.org/training-registration/]]
  
==Corelan Live! by Peter Van Eeckhoutte==
+
The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registrationPlease read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.
The Corelan Live Bootcamp is a truly unique opportunity to learn both basic & advanced techniques from an experienced exploit developer. During this 2 day course, students will be able to learn all ins and outs about writing reliable exploits for the Win32 platformThe trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits.
 
  
We believe it is important to explain the basics of buffer overflows and exploit writing, but this is not “your average” entry level course. In fact, this is one of the finest and most advanced courses you will find on Win32 stack based exploit development.
+
==Location and dates==
 +
Courses are held at the '''Hotel Novotel Gent Centrum, Goudenleeuwplein 5''' and '''NH Gent Belfort, Hoogpoort 63, B-9000 Ghent'''. Both hotels are within walking distance of each other (<1 minute). The Novotel hotel is still recommended for accommodation (see [http://2017.brucon.org/index.php/Travel#Accommodation here] for more info) and will be hosting the student social event on Tuesday evening<br>
  
This hardcore hands-on course will provide students with solid understanding of current Win32 (stack based) exploitation techniques and memory protection bypass techniques.  We make sure the course material is kept updated with current techniques, includes previously undocumented tricks and techniques, and details about research we performed ourselves.  Combined with the way the course is built up, this will turn these 2 days into a truly unique experience.
+
Spring Training is held between 19 and 21 April and fall training between 2 and 4 October 2017.
  
During the course, we not only share techniques and mechanics, but we also want to make sure you understand why a given technique is used, why something works and why something doesn’t work.
+
The courses '''begin promptly at 09h00''' and '''end at 17h00''' (Except Corelan trainings). Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.
 
 
Finally, we offer you post-training support as well.  If you have taken the course and you still have questions, we will help.
 
 
 
https://www.corelan-training.com/index.php/training/corelan-live/
 
 
 
==Visual Analytics - Delivering Actionable Security Intelligence by Raffael Marty==
 
 
 
This workshop takes the audience on a fascinating journey of data analytics and visualization. The students will learn how to process data (log files), visualize them through actionable graphs, and analyze security related data. Past training attendees included employees of various Nation's secret services, large security vendors, and security analysts from all over the world. All of them attended to learn how to deal with the flood of security related data in an efficient way. The in-depth technical content is backed up and emphasized by numerous hands-on exercises, some of them utilizing a private extension of the DAVIX live CD.
 
 
 
http://raffy.ch/training.php
 
 
 
==Hacking IPv6 Network by Fernando Gont==
 
The IPv6 protocol suite was designed to accommodate the present and future growth of the Internet by providing a much larger address space than that of its IPv4 counterpart, and is expected to be the successor of the original IPv4 protocol suite. The imminent exhaustion of the IPv4 address space has resulted in the deployment of IPv6 in a number of production environments, with many other organizations planning to deploy IPv6 in the short or near term. Additionally, a number of activities such as the World IPv6 Day in 2011 and the upcoming World IPv6 Launch Day (scheduled for June
 
2012) have led to an improvement in the awareness about IPv6 and an increase in the number of IPv6 deployments.
 
 
 
There are a number of factors that make the IPv6 protocol suite interesting from a security standpoint. Firstly, being a new technology, technical personnel has much less confidence with the IPv6 protocols than with their IPv4 counterpart, and thus it is more likely that the security implications of the protocols be overlooked when the protocols are deployed. Secondly, IPv6 implementations are much less mature than their IPv4 counterparts, and thus it is very likely that a
 
number of vulnerabilities will be discovered in them before their robustness matches that of the existing IPv4 implementations. Thirdly, security products such as firewalls and NIDS’s (Network Intrusion Detection Systems) usually have less support for the IPv6 protocols than for their IPv4 counterparts, either in terms of features or in terms of performance. Fourthly, the security implications of IPv6 transition/co-existence technologies on existing IPv4 networks are usually overlooked, potentially enabling attackers to leverage these technologies to circumvent IPv4 security measures in unexpected ways.
 
 
 
The imminent global deployment of IPv6 has created a global need for security professionals with expertise in the field of IPv6 security, such that the aforementioned security issues can be mitigated. While there exist a number of courses and trainings about IPv6 security, they either limit themselves to a high-level overview of IPv6 security, and/or fail to cover a number of key IPv6 technologies (such as transition/co-existence mechanisms) that are vital in all real IPv6 deployment
 
scenarios.
 
 
 
Fernando Gont, a well-known IPv6 security researcher will deliver a comprehensive IPv6 hacking training covering real-world IPv6 attacks along with real-world mitigations, thus preparing the attendees for deploying the IPv6 protocols in a secure manner.
 
 
 
==Red Team Testing by Ian Amit and Chris Nickerson==
 
Red Team testing is the pinnacle of security simulations. It is the most accurate and realistic scenario an organization can use to see how it really fares up against a real-world attacker, without taking the risk of an actual breach or loss.
 
 
 
In this training, you will learn how Red Team (or full scope) testing works, how to create a methodology for using a red team test not just as a one-off "see how I got in" case, but as a repeatable test with metrics and actionable results.
 
We will go through all elements of a red team test, from planning and scoping, intelligence gathering, target selection, vulnerability analysis, risk analysis, exploitation and execution, resource usage and ad-hoc agent deployment, post-exploitation, documentation and recording of evidence, damage analysis, and reporting.
 
 
 
The training will arm you with not just tools and techniques, but a sustainable methodology which you could update as new tools and techniques are introduced.
 
 
 
==Assessing and Exploiting Web Applications with Samurai-WTF by Raul Siles==
 
This course will focus on using open source tools to perform web application assessments. The course will take attendees through the process of application assessment using the open source tools included in the Samurai Web Testing Framework Live DVD (Samurai-WTF). The course will take students through the steps and open source tools used to assess applications for vulnerabilities using a 4-step methodology (Reconnaissance, Mapping, Discovery & Exploitation), and various scenarios against vulnerable target web applications. The latest tools and techniques will be use throughout the course.
 
 
 
==  Elite Web Application Defense by Eoin Keary and Jim Manico==
 
Writing Secure code is the most effective method to securing your web applications. Writing secure code takes skill and know-how but results in a more stable and robust application and assists in protecting an organisations brand. Application security is not commonly a part of many computer science curricula today and most organizations have not focused on instituting a culture that includes application security as a core part of their software development training efforts.
 
 
 
This intensive 2-day course focuses on the most common web application security problems, including aspects of both the OWASP Top Ten (2010) and the MITRE Top 25. The course will introduce and demonstrate application assessment techniques, illustrating how application vulnerabilities can be exploited so students really understand how to avoid introducing such vulnerabilities in their code. Students get experience via doing, both in terms of exploitation but also the latest defences against common and advanced attacks covering both traditional and RIA applications.
 
==Registration details==
 
The price for the 2 day courses is 945 Euro early bird (+ VAT) per attendee. After 1st of June this will become 1045 Euro (+ VAT) per attendee.
 
 
 
Registration for Trainings:
 
 
 
[[File:Register.jpg||link=https://registration.brucon.org/training-registration/]]
 
 
 
The training price does not include travel, accomodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration.  Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.
 
 
 
==Location and dates==
 
The courses will be given on 24 & 25 September in Ghent
 
  
The courses begin promptly at 09h00 and end at 17h00. Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.
+
Lunch is included in the training fee. During the registration you can specify a regular, vegetarian or vegan mail. We will do our best to accommodate according to your requirements.
  
Lunch is included in the training fee.
+
==Contact==
 +
If you need more information or have a specific request, you can reach out to use on Twitter (@BruCON) or via email training@brucon.org

Latest revision as of 12:41, 18 August 2017

Immerse yourself into the world of pen testing and application security by attending the BruCON Training. Spring training is held between 19 and 21 of April and fall training between 2 and 4 October (before the conference) offering world-class, deep-dive technical training given by the most recognised experts with huge industry experience in their domain!

Training (2-4 October)

For the BruCON 0x09 edition, we are bringing you no less than 8(!) courses to choice from !

The Line-Up:

  • Corelan Advanced by Peter Van Eeckhoutte (3-day training) - The Corelan “ADVANCED” exploit development class is a fast-paced, mind-bending, hands-on course where you will learn advanced exploit development techniques from an experienced exploit developer. Only limited seats available so get them while you can.
  • Exploiting Websites by using offensive HTML, SVG, CSS and other Browser-Evil by Mario Heiderich (3-day training) - Probably one of the best courses when it comes to exploiting websites and application returns to BruCON once more. Mario of Cure53 will host this 3-day course and will guide you through the latest and greatest in offensive website security for you to adsorb and put to concrete use!
  • SensePost OSINT: Stalk like a boss by Daniel Cuthbert and Jonathan Hargreaves (2-day training) - A course which needs no introduction (and yet we bothered to write one). This course, by SensePost COO Daniel Cuthbert and Jonathan Hargreaves teaches you how to harness information online to build up a solid dossier of intel and gives you the confidence, as an investigator, to research individuals, companies, organisations and internet traffic. CANCELLED
  • Offensive PowerShell for Red and Blue Teams by Nikhil Mittal (3-day training) - After the great success last year (+30 students), we are bringing this back to you ! In this course, you'll learn how to attack Windows network using PowerShell, based on real world Red team assessments. The course runs on a lab network with multiple active directory forests to which attendees will have free access for one month after the raining. The class consists of hands-on, challenges and demonstrations.
  • Pentesting the Modern Application Stack by Bharadwaj Machiraju and Francis Alexander (2-day training) - Pentesting the Modern Application Stack is a unique course that covers red team tactics for pentesting modern day application stack. Attendees will learn to identify, exploit and exfiltrate data from Database Servers, Software Collaboration tools, CI tools, Distributed Configuration & Resource management tools, Containers, Big Data Environments, Search Technologies and Message Brokers. The 2 days course is a fast paced and completely hands on program that aims to impart the technical know-how methodology and tools of trade for testing these systems. Real world corporate stacks are emulated in the form of containerised challenges to prepare students for real world scenarios.
  • Modern Red Team Immersion Bootcamp by Josh Schwartz (aka FuzzyNop) (2-day training) - The Modern Red Team Immersion Bootcamp is designed to expose students to the types of attacks that long term persistent Red Teams have deployed against modern organizations. The first day includes a deep dive of recon techniques and approaches where students will plan an attack against a target of their choosing. The second day focuses on post exploitation, lateral movement, and escalation techniques within modern environments comprised of OSX, Linux, Continuous Integration Systems, and elastic compute services.
  • Windows Kernel Exploitation by Ashfaq Ansari (3-day training) - This is the most requested training according to our previous students, so we had to bring him back ! The devil is in details, and for Windows, it's Kernel remains the most devilish part and the most important target from the point of view of exploitation these days. This course of Windows Kernel Exploitation, is unique course by Ashfaq which is fast winning over the world. Ashfaq has delivered this course on all the 3 major continents in short span of a year along with disclosing many CVEs on regular basis.
  • Smashing the SSL/TLS protocol with practical crypto attacks by Marco Ortisi (3-day training) - Smashing the SSL/TLS protocol with practical crypto attacks is a 3-days long course dedicated for professionals and students eager to keep pace with latest crypto attacks affecting SSL/TLS services and learn the relative defensive countermeasures. This is a completely hands-on course, because there is no better way to understand crypto theory than put into practice attacks and techniques to defeat crypto algorithms. The course is also one of a kind. The practical part is based on a new framework called cryptosploit (code will be released for free as part of class materials).

The "Modern Red Team Immersion Bootcamp" and "SensePost OSINT: Stalk like a boss course" will be hosted at the NH Gent Belfort hotel which is less than one minute away from the Novotel.

Spring Training (19-21 April)

Spring Training is over. We would like to thank all students and trainers for another successful training.

The Line-Up:

  • Malicious Documents for Blue and Red Teams by Didier Stevens(3-day training)
  • Corelan Bootcamp by Peter Van Eeckhoutte(3-day training)
  • Mobile Application Exploitation (iOS and Android) by Prateek Gianchandani(3-day training)
  • Windows Breakout and Privilege Escalation by Jason Cook and Francesco Mifsud(3-day training)
  • Open Source Defensive Security Training by Leszek Mis(3-day training)

Registration details

The price for 2-day courses is 1100 Euro early bird (+ VAT) per attendee.
The price for 3-day courses is 1400 Euro early bird (+ VAT) per attendee.

As of the 1st of July 2017 this will become 1200 Euro (2-day) / 1500 Euro (3-day) (+ VAT) per attendee.
(*) The Corelan trainings are a little bit more expensive but consist of 3 long days (+ 10 hours) including dinner.

Registration for Trainings:

Register.jpg

The training price does not include travel, accommodation or computer material for the training unless otherwise stated in the training description or preparation material provided after registration. Please read carefully any communication that will be sent to you in regard to the training you've registered for because they will outline what you need to bring to get the most out of each training.

Location and dates

Courses are held at the Hotel Novotel Gent Centrum, Goudenleeuwplein 5 and NH Gent Belfort, Hoogpoort 63, B-9000 Ghent. Both hotels are within walking distance of each other (<1 minute). The Novotel hotel is still recommended for accommodation (see here for more info) and will be hosting the student social event on Tuesday evening

Spring Training is held between 19 and 21 April and fall training between 2 and 4 October 2017.

The courses begin promptly at 09h00 and end at 17h00 (Except Corelan trainings). Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.

Lunch is included in the training fee. During the registration you can specify a regular, vegetarian or vegan mail. We will do our best to accommodate according to your requirements.

Contact

If you need more information or have a specific request, you can reach out to use on Twitter (@BruCON) or via email training@brucon.org
Retrieved from "https://2017.brucon.org/index.php?title=Training&oldid=5685"