The 2018 call for training has now come to an end and we are reviewing all the submissions, as we make our decisions, the classes will be posted here. The training will be in the week before the con, two day classes will be on the 4th and 5th July, three day classes the 3rd, 4th and 5th. Your ticket to attend a class will also get you entry to the Friday workshops and the conference on the Saturday.
If you are interested in training, this is how the booking process will work…
Free tickets will be available through Eventbrite, log in and get one of these for each attendee, this helps us track numbers and makes it a fair process in case classes sell out. We will get an alert to say you’ve got the ticket but if you could also send a copy to email@example.com, that would help make sure your booking doesn’t get lost in with other ticket sales. Once we know you are interested, we will get in touch to arrange payment.
Note, we are not VAT registered and so will not be charging VAT on the training.
“Hack Yourself First” is all about building up defensive skills in software developers. It looks at security from the attacker’s perspective and takes them through the steps necessary to exploit vulnerable software on the web so that they can experience hacking first hand.
2 days, £990 per seat
For more information contact Scott.
delivered by Ben Turner and Phil Lynch from Nettitude’s red team.
This course is an updated and improved training package from last year’s successful Red Teaming Bootcamp.
Using the latest known attack techniques that are being used in the wild, the course will cover how to simulate an advanced threat actor through the use of these techniques and will also focus on bypassing common defensive capabilities used within most modern corporate environments in order to understand how a defense in depth approach is required to detect and defend against current threat actors.
The course will include a theory element as well as a substantial hands on practical where the techniques taught can be used within a representative training environment. This environment has defensive countermeasures deployed which will require the newly acquired skills of the simulated threat actor to bypass.
While this course focuses heavily on the offensive methods of a red team, it will also include common defensive techniques that are often deployed by the blue team such as logging and monitoring, egress filtering and various endpoint protection mechanisms.
- A laptop which you have local admin rights over
- The laptop must be capable of running two VMs as well as the host OS simultaneously
- This course is aimed at experienced penetration testers
3 days, £1500 per seat.
The following PDF contains a full syllabus:
For more information contact Nettitude.
Pentesting and Exploiting Highly Secured Enterprise Networks is an action-packed hands-on class giving attendees a chance to perform real-world exploitation on enterprise network scenarios accompanied with practical lab exercises in a CTF style formart. The course goes far beyond simple exploitation of low-hanging fruits and shows pentesters how to perform the abilities of an advanced attacker to find out flaws in a secured networks and calculate the business risk associated with these flaws.
This training is intended for senior/experienced pentesters. Just running a vulnerability scanner and submitting that as your report provides no real benefit to a company. This goes far beyond your traditional pentesting courses. Real-world Enterprise Networks are much complex in nature, needing your special attention choosing the techniques and tools that you use in order to infiltrate. A senior penetration tester must succeed when others fail. A senior pentester doesn’t give up when particular exploit is not working, he tries to analyse the exploit and make some modification those are necessary. He should think outside of the box and come up with solutions to complex problems. He must have knowledge of all domains and his skill should range from network attacks, web attacks, scripting to system exploitation.
This training is a result of years of pentesting experience, compromising some of the highly secured networks combined into one practical and hands-on class. This course provides in-depth knowledge of the most powerful attack vectors and provides labs to perform these attacks in numerous hands-on scenarios.
Training has module on python scripting. Because automation of tools is essential due to time constraints also it is helps to automate the testing of systems, services, and applications. Multiple python Modules, libraries, and debugging tools have been already written to help simplify and automate fuzzing and research. In order to reach the next level in penetration testing, one must embrace the idea of adding programming into their penetration testing toolkit. Once obtaining this power, tools can be written and shared, allowing you to build up an arsenal for reconnaissance, scanning, fuzzing, and exploitation.
Metasploit and other 3rd party tools are easily detectable by modern security solutions and they have fingerprinted quite well and so it is not possible to have an emulate modern powerful adversary using these tools, so there is need for custom code. When we are using custom code those are target specific and there is no mass deployment so antivirus vendors doesn’t have signature for those. Building custom scripts will also help in bypassing firewall, IDS/IPS and to evade AV. Custom script will help in post exploitation such as list patches, list users, list AD accounts in active directory, pull passwords with mimikatz, bypass UAC etc. When you are attacking, it is useful to load code into remote process and have it execute within that process’ context. So for this we will use DLL injection and we will write DLL injector using Python and this will help us to evade firewalls.
As a pentester you need to be familiar with how to edit, modify and execute shellcodes and be able to understand how exploit works. There are few scripts on internet which causes harm to your system, so you need to how that script works. Metasploit’s XOR, shikata_ga_gai encoders are quite well detectable by AntiVirus so we will write our own custom encoders to evade Antivirus and we will use polymorphic engines which is quite difficult to detect and fingerprint.
We will build Command and Control (C2) because network intrusion may be detected and compromised system can be patched, some exploits only work once, to survive the reboot. C2 will be Stealth to avoid detection by IDS, persistence to survive reboot, encryption for secure communication and minimising possibility of firewall interference.
This training has been taken by 1000+ security professionals and red team members worldwide to advance their pentesting and exploitation skills and we have received extremely positive feedback.
Lab has real world remote enterprise networks including different flavours of operating system such as windows and linux. Lab contains real world Firewalls, IDP/IPS, DMZ, Load Balancers, Web Application Firewalls, Active Directory etc. This course is for you if you want to pentest and exploit highly secured enterprise networks using cutting edge techniques. The training includes 50+ labs and 30+ challenges which are inspired by real world vulnerabilities and case studies. After the training attendees will get 1 month remote lab access free with additional 20 challenges and 5+ hours of HD videos of training walkthrough. Also before the 1 month of training, attendees will get videos on basic Assembly Language and Python Scripting which will help them in class.
Key Learning objectives:
- Python programming for Scanning, Fuzzing, Keylogging, Sandbox detection etc
- Learn to use custom code in post exploitation to bypass firewall, IDS/IPS and to evade Anti Virus
- Write your own custom encoders using shellcoding
- Learn to write Python DLL Injector which will allow us to load code into remote process and have it execute within process’ context to evade firewall
- Read, edit, modify, execute scripts / shellcode downloaded from internet
- Learn how to port exploit using Powershell
- Build Command and Control (C2) infrastructure using different payload delivery methods such as VBA, Client-side exploits, HTML etc.
- Advanced Information Gathering, Network Scanning, Enumeration, Stealth Scanning Strategies
- Adding custom Nmap scripts to your arsenal
- Assessing Routers – Router scanning analysis, iptables network analysis
- Evaluating switches – VLAN Hopping attacks, GARP attacks, Layer two attacks
- Working with Virtual Switches Evasion
- Attacking the Thin Clients
- Capturing Traffic to uncover network secrets
- Mimikatz to recover clear text passwords
- Faster and smarter password cracking
- Detecting Honeypot
- Bypassing DMZ
- Exploit routing protocol implementations
- Bypass different types of Network Access Control (NAC) implementations
- Firewalls – Mapping beyond firewall, Firewall identification, Evading Firewalls
- Intrusion Detection System / Intrusion Prevention System (IDS/IPS) – IDS/IPS identification, Evading IDS/IPS
- Antivirus – Bypassing Antivirus using different framework, Evading detection and blocks from the different endpoint protection mechanisms that may encounter during your testing, Generating compiled python executable from the raw the shellcode from Veil framework
- Identification and Enumeration of internal network hosts
- Detection of Web Application Firewall and Load Balancers
- Bypassing Web Application Firewalls (WAF) – Tricks to Penetrate Firewall
- Client Side Exploitation – Backdooring Executable Files, Attacking a System using Hostile Scripts
- Advanced client side exploitation with BeEF
- DLL Injection
- Python programming – Extending Burp Proxy, Scanning, Fuzzing, Keylogging, Sandbox detection
- Bypass Linux service lockdown – AppArmor
- Bypass Windows service lockdown – AppLocker
- Windows Domain Attacks – Modern Enumeration of Windows Environments, Controlling the Domain, Authentication Protocol Downgrade Attacks, Breaking from Restricted Desktops
- Active Directory Domain Enumeration
- Active Directory Exploitation
- Kerberos Vulnerabilities – Golden tickets, Silver tickets, Pass-The-Ticket and more
- Attacking Domain Controller
- Abusing Cross Domain Trusts
- Bypassing Windows User Account Control (UAC)
- WMI Attacks – Lateral Movement, Backdoors, persistence etc.
- Powershell – Client Side Attacks, porting exploits to powershell, privilege escalation,getting system secrets
- Pentester’s guide to Pivoting
- Advanced methods for privilege escalation
- Writing your own shellcode for Bind and Reverse TCP, Egg Hunter etc.
- Use and modify 3rd party shellcode for fun and profit
- Write your own Encoders, Decoders, Crypters to evade AntiVirus
- Create Polymorphic and Mutation code
- Build Command and Control (C2) infrastructure for stealth, Remote File Access, Remote Command Execution
Pre Class courses:
Learn from our free courses – watch videos, read articles, solve exercises and come prepare for the class.
- x86 Assembly – https://www.vmaskers.com/x86-assembly.php
- Python for InfoSec – https://www.vmaskers.com/python-for-infosec.php
Attendees will be provided with:
- 1 month free access to all the labs with additional 20 challenges
- Over 50 labs and 30+ challenges to solve
- Training materials – presentation materials and lab guide
- Over 5+ hours of HD videos to practice your skills after the class
- Custom tools and scripts
- Additional reading materials
Attendee requirements for this training:
- Modern laptop with wireless networking capabilities and have admin/root access on it. (64-bit Machine)
- Minimum 4 GB RAM installed
- At least 40 GB HD Free
- VMware Workstation / Fusion installed
- Basic Networking knowledge
- Basic Windows and Linux command-line Skills
- Penetration Testing Experience
- Basic Assembly Language knowledge (Learn from our free courses –https://www.vmaskers.com/x86-assembly.php)
- Scripting knowledge in Python (Learn from our free courses – https://www.vmaskers.com/python-for-infosec.php)
Who should attend this training?
- Pentesters who want to take their skills to the next level
- Security Professionals and Red teamers
- Blue teamers who want to defend their environment
- Network / System Admins
3 days, £1500 per seat.
For more information contact Vikram Salunke.
IoT firmware is the crux of what controls the many embedded devices within the world’s critical infrastructure. As technology evolves, firmware frameworks and underlying technology change at a much slower pace leaving a considerable amount of research from the security community to be performed. Join me as I share insider techniques gained from an IoT manufacture to discover and protect against software security bugs in firmware. With this knowledge, you might even earn your first CVE.
The IoT Embedded Firmware Security and Reverse Engineering training is designed to provide techniques for testing of embedded IoT systems, employing proactive controls, embedded application security best practices, and address the challenges of building security into embedded devices. This course is suited for embedded systems engineers, software developers, and security professionals. Hands on demonstrations and labs will be given throughout the course. Upon completion of the course, trainees will learn the following:
- How to identify vulnerabilities in embedded devices
- Understand the embedded security testing methodology, techniques, and tools
Firmware reverse engineering, emulation, and binary exploitation
- How to backdoor firmware for MIPs and ARM architectures
- Understand embedded system design constraints that pose security risks
- Learn defensive practices to protect embedded applications
- Identify and apply Embedded Application Security best practices, as well as techniques for integrating security into the software development lifecycle
- Understand security controls for Embedded, Linux, Embedded Windows, and RTOS platforms
- Understand IoT botnet exploitation techniques that impact critical infrastructures and how to apply appropriate mitigating controls for product security teams
- Familiarity with a Linux operating system
- Admin Rights
- At least 25 GB of free space
- Laptop with a minimum of 4 GB RAM
- USB access allowed
- Virtualization software installed (VMWare and/or VirtualBox)
At the start of the class, we will share a virtual machine which will have all the tools and labs preconfigured for the training.
2 days, £950 per seat.
For more information contact Aaron Guzman.
Note, we are not VAT registered and so will not be charging VAT on the training.