Immerse yourself into the world of security by attending the BruCON Training ! BruCON offers world-class, deep-technical training given by the most recognised experts with huge industry experience in their domain. We want to offer courses for anybody interesting in security, ranging from novice to advanced and for red and blue teams !
BruCON 0x0D Spring Training will take place on 21st until 23rd of April 2021. All courses will be hosted virtually with the exception of Corelan Bootcamp which will be hosted at the Novotel Ghent centrum on the same dates
Description: The Corelan Exploit Dev Bootcamp for Windows 10 is a truly unique opportunity to learn both basic & advanced techniques from an experienced exploit developer, at a conference. During this (typically 3 ‘long’ day) course, students will be able to learn all ins and outs about writing reliable exploits for the Windows platform. The trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits.
- This training will be hosted onsite in Ghent Belgium in the Novotel Ghent Centrum. Please read the FAQ below for more information.
Update 8 March 2021 : We decided to move this training to 2,3 and 4 June 2021 to allow it to be easier for the students to join us given the current COVID restrictions.
Instructor: Peter Van Eeckhoutte
Duration: 3-day course
Description: This course provides a comprehensive picture of a Cyber Security Operations Center (CSOC or SOC). Discussion on the technology needed to run a SOC are handled in a vendor agnostic way. In addition, technology is addressed in a way that attempts to address both minimal budgets as well as budgets with global scope. Staff roles needed are enumerated. Informing and training staff through internal training and information sharing is addressed.
The interaction between functional areas and data exchanged is detailed. Processes to coordinate the technology, the SOC staff, and the business are enumerated. After attending this class, the participant will have a roadmap (and Gantt chart) for what needs to be done in the organization seeking to implement security operations.
Instructor: Christopher Crowley
Description: This is an immersive hands-on course aimed at a technical audience. Over 3 days we will fully compromise a simulated enterprise covering a multitude of TTP’s. The training is based around modern operating systems, using modern techniques and emphasising the exploitation of configuration weaknesses rather than throwing traditional exploits. This means logical thinking and creativity will definitely be put to the test.
Instructor: Owen Shearing / Will Hunt
Description: Enterprises are managed using Active Directory (AD) and it often forms the backbone of the complete enterprise network. Therefore, to secure an enterprise from an adversary, it is inevitable to secure its AD environment. To secure AD, you must understand different techniques and attacks used by adversaries against it. Often burdened with maintaining backward compatibility and interoperability with a variety of products, AD environments lack ability to tackle latest threats.
This training is aimed towards attacking modern AD Environment using built-in tools like PowerShell and other trusted OS resources. The training is based on real world penetration tests and Red Team engagements for highly secured environments
Instructor: Nikhil Mittal
Description: This 3-day course cuts through the mystery of Cloud Services (including AWS, Azure, and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and knowing how to protect yourself from them is critical.
This course covers both the theory as well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure. Prior pentest/security experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common Unix command-line syntax will be beneficial.
Instructor: Scott Isaac
Description: Attendees would be emulating techniques which would provide a comprehensive understanding of “Crash, Detect & Triage” of fuzzed binaries or software. In “Deep dive into fuzzing” we will be covering a detailed overview of fuzzing and how it can be beneficial to professionals in uncovering security vulnerabilities with a hands-on approach through focus on labs.
Finding vulnerabilities in software requires in-depth knowledge of different technology stacks. Modern day software’s have a huge codebase and may contain vulnerabilities, manually verifying such vulnerabilities is a tedious task and may not be possible in all cases. This training is designed in such a way that it introduces the concept of fuzzing and vulnerability discovery in software’s covering multiple platforms such as Linux & Windows and triage analysis for those vulnerabilities
Instructor: Dhiraj Mishra / Zubin Devnani
Duration: 2-day (Starting Thursday 22nd of April)
Conference training is taking place between 4 and 6 October 2021. Depending on the evolution of the current pandemic, this will be either virtually or in person. More information will follow soon.
The price for 2-day courses is 1300 Euro early bird (+ VAT) per attendee.
The price for 3-day courses is 1600 Euro early bird (+ VAT) per attendee.
Spring training – As of the 31st of January 2021 this will become 1400 Euro (2-day) / 1700 Euro (3-day) (+ VAT) per attendee.
(*) The Corelan trainings are a little bit more expensive but consist of 3 long days (+ 10 hours) including dinner.
Location and dates
With the exception of Corelan Bootcamp / Advanced (hosted at the Hotel Novotel Gent Centrum, Goudenleeuwplein 5) all courses will be held virtually using Zoom
The courses begin promptly at 09h00 and end at 17h00 (CET) (Except Corelan trainings). Out of consideration for your instructor(s) and fellow students, please try to be seated (or joined the Zoom conference) and ready to go by 08h45.
Why attend a BruCON Training ?
At BruCON, we try to keep our prices affordable, both for the conference and training. We focus on the having smaller classes with enough time to get to learn and exchange experience. We will host a social gathering for students, trainers and crew to meetup over a beer (or more) and you will receive a small gift
Frequently Asked Question regarding the impact of the Coronavirus on BruCON Training
Courses will be held virtually, will I have to pay the same ?
We have decided to keep the same price for our courses, but to ensure the students get something in return. For last year’s training courses we shipped a very special trainee gift (more details) to all students. We will do the same again in 2021 for Spring and Regular (in case the latter also takes place virtually)
What about Corelan, will it be held in-person ?
YES, Corelan will be held in person. Bootcamp will be held on the 21st, 22nd and 23rd of April 2021. In case we have to cancel the training because it is not allowed, we will offer you the ability to either move your registration to another time or opt for a full refund.