Ticket sale will start on June 1st 2021 at 5 PM CET.
REMARK: Please check out this page about the specifics regarding this ticket sale in light of the COVID-19 restrictions
PLAN - PRICE
Conference training is taking place between 4 and 6 October 2021. Depending on the evolution of the current pandemic, this will be either virtually or in person. Check out the training page for more information
- Corelan Advanced
- Practical DevSecOps - Continious Security in the age of cloud
- Assessing and Exploiting PLCs
- Azure AD Attacks for Red and Blue Teams - Basic Edition
- A Complete Practical Approach to Malware Analysis and Memory Forensics
- Operational Threat Intelligence
- Defending Enterprises – NEW for 2021!
- Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation (Virtual - Live online training)
Description: The Corelan “ADVANCED” exploit development class is a fast-paced, mind-bending, hands-on course where you will learn advanced exploit development techniques from an experienced exploit developer. During this (typically 3 ‘long’ day) course, students will get the opportunity to learn how to write exploits that bypass modern memory protections for the Win32 platform, using Windows 7 and Windows 10 as the example platform, but using techniques that can be applied to other operating systems an applications. We will discuss differences between Windows 7 and Windows 10 and explore previously undocumented techniques to achieve important exploitation primitives in Windows 10. The trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits. This is most certainly not an entry level course. In fact, this is one of the finest and most advanced courses you will find on Win32 exploit development.
REMARK : This training starts at 9:00 and will end around 22:00 PM. That means +10 hours each day (Dinner will be foreseen)
Instructor: Peter Van Eeckhoutte
Description: Ever wondered how to handle the deluge of security issues and reduce the cost of fixing before software goes to production? How unicorns like Google, Facebook, Amazon, Etsy handle security at scale? In Practical DevSecOps training, you will learn how to handle security at scale using DevSecOps practices. We will start oﬀ with the basics of the DevOps, DevSecOps and move towards advanced concepts such as Security as Code, Compliance as Code, Conﬁguration management, Infrastructure as code, etc.,
The training will be based on DevSecOps Studio, a distribution for DevSecOps enthusiasts. We will cover real-world DevSecOps tools and practices in order to obtain an in-depth understanding of the concepts learned as part of the course. We will also cover how to use static analysis (SAST), Dynamic Analysis (DAST), OS hardening and Security Monitoring as part of the Secure SDLC and how to select tools that fit your organization’s needs and culture. After the training, the students will be able to successfully hack and secure applications before hackers do.
This course will cover the following DevSecOps topics and techniques:
- Overview of DevSecOps
- Overview of the Tools of the trade
- Secure SDLC and CI/CD pipeline
- Security Requirements and Threat Modelling (TM)
- Static Analysis(SAST) in CI/CD pipeline
- Dynamic Analysis(DAST) in CI/CD pipeline
- Runtime Analysis(RASP/IAST) in CI/CD pipeline
- Infrastructure as Code(IaC) and Its Security
- Secrets management on mutable and immutable infra
- Vulnerability Management with custom tools
Instructor: Mohammed A. “secfigo” Imran and Marudhamaran Gunasekaran
Description: This is not your traditional SCADA/ICS/IIoT security course! How many courses send you home with a PLC and non-expiring software to program it?!? This course teaches hands-on penetration testing techniques used to test PLCs, including their logic, field buses, network protocols, and proprietary maintenance interfaces. Skills you will learn in this course will apply directly to any current or past PLC in the industry. This course is structured around the formal penetration testing methodology created by ControlThings LLC and their opensource suite of tools found at ControlThings.io.
Instructor: Justin Searle
Description: More than 95 percent of Fortune 500 use Azure today! A huge number of organizations now use Azure AD as an Identity and Access Management platform using the hybrid cloud model. This makes it imperative to understand the risks associated with Azure AD as not only the Windows infrastructure and apps use it but also identities of users across an enterprise are authenticated using it.
In addition to cloud-only identity, the ability to connect on-prem Active Directory, applications and infrastructure to Azure AD brings some very interesting opportunities and risks too. Often complex to understand, this setup of components, infrastructure and identity is a security challenge. This hands-on training aims towards abusing Azure AD and a number of services offered by it. We will cover multiple complex attack lifecycles against a lab containing multiple live Azure tenants.
All the phases of Azure red teaming and pentesting – Recon, Initial access, Enumeration, Privilege Escalation, Lateral Movement, Persistence and Data mining are covered. We will also discuss detecting and monitoring for the techniques we use.
The course is a mixture of fun, demos, exercises, hands-on and lecture. The training focuses more on methodology and techniques than tools.
If you are a security professional trying to improve your skills in Azure AD cloud security, Azure Pentesting or Red teaming the Azure cloud this is the right class for you!
Instructor: Nikhil Mittal
Description: This hands-on training teaches the concepts, tools, and techniques to analyze, investigate and hunt malwares by combining two powerful techniques malware analysis and memory forensics.This course will introduce attendees to basics of malware analysis, reverse engineering, Windows internals and memory forensics, it then gradually progresses deep into more advanced concepts of malware analysis & memory forensics.
Attendees will learn to perform static, dynamic, code and memory analysis. This course consists of scenario-based hands-on labs after each module which involves analyzing real-world malware samples and infected memory images (crimeware, APT malware, fileless malwares, Rootkits etc). This hands-on training is designed to help attendees gain a better understanding of the subject in short span.
Throughout the course, the attendees will learn the latest techniques used by the adversaries to compromise and persist on the system. The training also demonstrates how to integrate the malware analysis and forensics techniques into a custom sandbox to automate the analysis of malicious code. After taking this course attendees will be better equipped with skills to analyze, investigate and respond to malware-related incidents.
Instructor:Monnappa K A
Description: When used properly, cyber threat intelligence allows an organization to leverage another’s breach or incident to their own benefit. Yet while many cyber threat intelligence courses and guides exist, these are primarily designed for developing long-range, in-depth intelligence products for strategic or similar overview with an overemphasis on theory and little experience in practice. Operational threat intelligence instead supports a different audience: day to day security work and network defense. While cyber threat intelligence must always meet standards for accuracy, relevancy, and timeliness, SOC watch-standers and IR personnel need enriched information now in order to execute their jobs.
This course fills a critical role that other training does not address: how to successfully embed cyber threat intelligence operations into the daily rhythm of security to support everyday tasks, and extraordinary incidents. Toward that end, while this course will briefly touch on theoretical concepts such as analysis of competing hypotheses, kill chain methodology, and other ideas, the real focus will be on what efforts make operational threat intelligence possible and sustainable:
- Establishing roles, responsibilities, and service agreements in advance.
- Determining priorities, intelligence requirements, and customer threat landscape.
- Molding threat intelligence information to security tools to make enriched information useful and actionable.
- How to analyze internal and external data sources to extract actionable threat intelligence for operational defenders.
- An extensive walk-through of IOC analysis, pivoting, and information enrichment to demonstrate how to better equip defenders to respond to emerging threats.
- Discussions on reporting, feedback, and closing the intelligence loop to definitively show how threat intelligence operations link to SOC, IR, and security policy entities.
The course then concludes with the nature of pivoting, data and observable enrichment, and quick analysis reporting to close out instruction.
Attendees will receive a certificate of completion following the course to record for training and CPE purposes.
Instructor: Joe Slowik
Duration: 2-day (Starting Tuesday)
Description: New for 2021, our immersive 2-day Defending Enterprises training is the natural counterpart to our popular Hacking Enterprises course. From SIEM configuration to monitoring, alerting and threat hunting, you’ll play a SOC analyst in our cloud-based lab and try to rapidly locate IOA’s and IOC’s from an enterprise breach.
You’ll use a combination of Microsoft Azure Sentinel and Elastic platforms to perform practical exercises. In each instance, filters and/or expressions will be supplied for both platforms (where applicable). We know 2 days isn’t a lot of time, so you’ll also get 14-days FREE lab time after class and Discord
access for support.
Instructor: Owen Shearing and William Hunt
Duration: 2-day (Starting Tuesday)
Description: HackerOne bug hunters have earned over $100 million in bug bounties so far. Some of HackerOne customers include the United States Department of Defense, General Motors, Uber, Twitter, and Yahoo. It clearly shows where the challenges and opportunities are for you in the upcoming years. What you need is a solid technical training by one of the Top 10 HackerOne bug hunters.
Modern web applications are complex and it’s all about full-stack nowadays. That’s why you need to dive into full-stack exploitation if you want to master web attacks and maximize your payouts. Say ‘No’ to classical web application hacking. Join this unique hands-on training and become a full‑stack exploitation master.
Watch 3 exclusive videos (~1 hour) and feel the taste of this live online training
After completing this live online training, you will have learned about …
- REST API hacking
- AngularJS-based application hacking
- DOM-based exploitation
- bypassing Content Security Policy
- server-side request forgery
- browser-dependent exploitation
- DB truncation attack
- NoSQL injection
- type confusion vulnerability
- exploiting race conditions
- path-relative stylesheet import vulnerability
- reflected file download vulnerability
- subdomain takeover
- XML attacks
- deserialization attacks
- HTTP parameter pollution
- bypassing XSS protection
- clickjacking attack
- window.opener tabnabbing attack
- RCE attacks
- and more..
Instructor: Dawid Czagan
Duration: 2-day (Starting Tuesday)