BruCON 2018 Training

Immerse yourself into the world of security by attending the BruCON Training ! BruCON offers world-class, deep-technical training given by the most recognised experts with huge industry experience in their domain. We want to offer courses for anybody interesting in security, ranging from novice to advanced and for red and blue teams !

All our courses (2-day and 3-day ones) will start on Monday the 1st of October !

If you want a nice overview of all courses to print, share, hang above your bed.. download the BruCON0x0A Training Flyer

You can find our training offering below:

Description: After our Corelan Bootcamp Spring Training in April, Corelan will host the Advanced course in October! The Corelan ADVANCED exploit development class is a fast-paced, mind-bending, hands-on course where you will learn advanced exploit development techniques from an experienced exploit developer. REMARK : This training starts at 9:00 and will end around 22:00 PM. That means +10 hours each day (Dinner will be foreseen)

Instructor: Peter Van Eeckhoutte

Duration: 3-day course

Read More

Description: Learn to attack and defense Windows environment with PowerShell and other built-in tools in this training. This class takes students from concepts to hands-on on latest red team techniques and focuses on minimum detection and functionality abuse while also discussing fingerprints and defenses against discussed attacks. This hands-on training gives you one-month access to a realistic lab containing fully patched machines, multiple domains and forests and latest Windows machines.

Instructor: Nikhil Mittal

Duration: 3-day course

Read More

Description: For this anniversary edition of BruCON, our resident trainer Didier Stevens will teach you how to both analyse as well as create malicious files such as PDF, Word and Excel documents. You’ll learn how to analyse malicious files as well as create your own for Red team testing!

Instructor: Didier Stevens

Duration: 3-day course

Read More

Description:  Learn to analyze, hunt and investigate malware. Perform static, dynamic, code and memory analysis. Understand adversary tactics and techniques. Investigate code injection, rootkits, hooking techniques and much more. Join us for 3-day hands-on training on malware analysis and memory forensics at BruCON 0x0A

Instructor: Monnappa K A

Duration: 3-day course

Read More

Description: “Practical Internet of Things (IoT) Hacking” is a unique course which offers security professionals, a comprehensive understanding of the complete IoT Technology suite including, IoT protocols, sensors, client side, mobile, cloud and their underlying weaknesses. The extensive hands-on labs enable attendees to identify, exploit or fix vulnerabilities in IoT, not just on emulators but on real smart devices as well. Attendees will get a eXos – custom IoT security Testing VM, Complete Lab manual and slides.

Instructor: Aseem Jakhar and Arun Magesh

Duration: 3-day course

Read More

Description: This training is the upgraded version of Windows Kernel Exploitation Foundation course. In this course we will use Windows 10 RS2 x64 for all the labs. This course starts with the
changes in Windows 10 RS2, Internals, hands-on fuzzing of Windows kernel mode drivers.

Instructor: Ashfaq Ansari

Duration: 3-day course

Read More

Description:  The training class has been designed to present students modern and emerging tools and techniques available for network data exfiltration, testing and bypassing DLP/IDS/IPS/FW systems, protocol tunneling, hiding, pivoting and generating malicious network events. Highly technical content and only a hands-on practical approach guarantees that the usage of this transferred knowledge & technologies in real production environments will be easy, smooth and repeatable. Become confident that your network security / SOC environment really works!

Instructor: Leszek Miś

Duration: 3-day course

Read More

Description: Industrial Control System environments contain purpose-driven network and hosts devices related to the production goal of the industrial environment. Due to the unique nature of
production environments, IT approaches to threat hunting do not map well to OT environments. Within this training, we will share our approach to hunting in industrial control system environments using only open source tools.

Instructor: Daniel Michaud-Soucy and Marc Seitz

Duration: 2-day course

Read More

Description: In this course, which will include both lectures and hands on training, we will learn how to look beyond the malware itself in order to dig information on the infrastructure and actor behind it. We will understand the adversary’s intents, way of thinking and the risk it poses against our threat model, to develop the best protections and mitigations.

Instructor: Irena Damsky

Duration: 2-day course

Read More

Description: With this training we will teach you how to use threat modeling as an offensive weapon. Traditional threat modeling looks at the attacker, the asset and the system. With offensive threat modelling we look at the defender to understand his tactics and expose weaknesses. You will be challenged to perform practical threat modelling in groups of 3 to 4 people covering the different stages of offensive threat modelling on applications, IOT devices and a nuclear facility. Feedback from a Black Hat 2017 training attendee: “I feel that this course is one of the most important courses to be taken by a security professional.

Instructor: Sebastien Deleersnyder and Steven Wierckx

Duration: 2-day course

Read More

Additional info

Pricing

The price for 2-day courses is 1300 Euro early bird (+ VAT) per attendee.
The price for 3-day courses is 1600 Euro early bird (+ VAT) per attendee.

As of the 1st of July 2018 this will become 1400 Euro (2-day) / 1700 Euro (3-day) (+ VAT) per attendee.
(*) The Corelan trainings are a little bit more expensive but consist of 3 long days (+ 10 hours) including dinner.

Location and dates

Courses are held at the Hotel Novotel Gent Centrum, Goudenleeuwplein 5 and NH Gent Belfort, Hoogpoort 63, B-9000 Ghent. Both hotels are within walking distance of each other (<1 minute).

The courses begin promptly at 09h00 and end at 17h00 (Except Corelan trainings). Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.

Lunch is included in the training fee. During the registration you can specify a regular, vegetarian or vegan mail. We will do our best to accommodate according to your requirements.

Overlap with conference?

For our anniversary edition, BruCON 0x0A will be 3 days, starting on the 3rd of October with retro talks (= Top 7 speakers from 9 years of BruCON). Students attending a 3-day training will be able to buy a conference ticket at a reduced price and attend the regular conference on Thursday and Friday.

If you are worried about missing out on the retro talks, as always, we will be streaming, recording and publishing every talk presented at BruCON.

Spring Training

Spring Training is over. We would like to thank all students and trainers for another successful training. We had a blast and I hope you did too !

You can find our spring training offering below:

Description: Once again we bring you Corelan ! One of the best exploit development courses available, now in our spring training track. Prepare yourself for 3 long days (+10 hours/day) of intensive exploit development ! Lunch and dinner are included and, as always enough coffee to keep you going!

Instructor: Peter Van Eeckhoutte

Duration: 3-day course

Read More

Description: This training is aimed towards attacking modern AD Environment using built-in tools like PowerShell and other trusted OS resources. The training is based on real world penetration tests and Red Team engagements for highly secured environments.

Instructor: Nikhil Mittal

Duration: 3 days

Read More

Description:

This is not your traditional SCADA/ICS/IIoT security course! How many courses send you home with a $500 kit including your own PLC and a set of hardware/RF hacking tools?!?

The following items are provided to each student to use in class and to keep after course completion:

  • Programmable Logic Controller (PLC)
  • Software to program the PLC to keep (non-expiring)
  • Software to program an HMI for the PLC (non-expiring)
  • Buspirate with probes and EEPROMS for exercises
  • RTL-SDR (Software Defined Radio)
  • Great Scott Gadgets Yardstick sub-GHz Radio
  • Saleae Logic4 Analyzer
  • Breadboard with SPI and I2C EEPROMs
  • MSP430 Launchpad for Firmware exercises
  • Latest version of the Control Things Pentest Platform on USB
  • Power for your laptop
  • Internet connectivity may or may not be available depending on the facility hosting the course
  • PDF version of the course slide deck

Instructor:Justin Searle

Duration: 3days

Read More

Description: Open Source Defensive Security Training is an Open Source IT Security laboratory dedicated for professionals who need close the gaps in Linux & Open Source Security knowledge.

Instructor: Leszek Miś

Duration: 3 days

Read More