Training
Immerse yourself into the world of security by attending the BruCON Training (Spring Training 22-24 April and regular training 21-23 September) !
BruCON offers world-class, deep-technical training given by the most recognised experts with huge industry experience in their domain. We aim to offer courses for anybody interesting in security, ranging from novice to advanced and for red and blue teams !
Beginner
Applied SDR hacking: Red Team SIGINT for mission-critical, automotive, aviation, and marine targets
Have you ever had to deal with attacking an RF signal, and YouTube tutorials on the Flipper Zero didn't get you anywhere? Have you ever wanted to listen in on a security team's radio communications during a physical red team engagement? Did you ever think that covertly breaking into corporate vehicle fleets or garages should be in-scope, but didn't know how to approach this?
Then this is the course for you.
2-day in-person
Advanced
Practical Linux Attack Paths and DFIR/Hunting for Red and Blue Team v2.0
Dive into the world of modular Linux attack paths, local and remote exploitation, process injection, process hiding, network tunnelling/pivoting, data exfiltration, and syscall hooking techniques. Get hands-on experience on how Linux malware and US/KS rootkits work in the well-prepared PurpleLabs Cyber Range. Analyze and modify source codes, find interesting behavior patterns in binaries and logs, determine which telemetry is needed to catch modern Linux threat actors, and find how to proactively validate and improve EDR/SOAR/SIEM detection coverage with step-by-step Linux adversary emulations. On top of that, run your VMs RAM acquisition ‘on click’ and analyze memory images with Volatility Framework 3 at any stage of the training. 100% Purple Teaming structure and only hands-on delivery style.
3-day in-person
Advanced
Vibe Off, Spec On — Building Real Offensive Tools with Claude Code
Most "AI for hackers" courses are closed-lab cosplay — a curated exercise on rails wrapped around prompt screenshots, the same pre-made tool every time. This is the opposite. On Day 1 morning the class "votes on a real tool" to build over the next three days, writes a real PRD with Claude in the room, and ships it by Day 3.
3-day in-person
Beginner
Cloud Red Team Tactics for Attacking and Defending Azure
More than 95 percent of Fortune 500 use Azure today! A huge number of organizations now use Entra ID as an Identity and Access Management platform using the hybrid cloud model. This makes it imperative to understand the risks associated with Azure as not only the Windows infrastructure and apps use it but also identities across an enterprise are authenticated using it
3-day in-person
Advanced
Operational Purple Teaming For Defenders
Hands-on training for blue teamers focused on defensive security through live attack simulations. Participants face a simulated APT in a realistic corporate network to build skills in threat detection and incident response. Ideal for SOC analysts, incident responders, and cyber defenders looking to bridge red and blue team tactics.
3-day in-person
Beginner
Hardware Hacking
In this course you will take devices apart, void the warranty and start your reconnaissance with a multimeter. Through hands-on activities, you will learn how to handle a logic analyzer, dump the firmware from chips and access debug interfaces to perform runtime manipulations. Including hardware hacking kit worth 450€
3-day in-person
Advanced
Hacking Enterprises - 2026 Red Edition
During this true red-team course, you’ll perform OSINT reconnaissance to identify initial access vectors for a fictional organisation. Later, you’ll phish your way in where you’ll identify multiple networks, some easily accessible, others not so. Targeting modern operating systems including Windows Server 2025 within an enterprise VDI environment, you’ll implant and establish C2, but manual techniques will always be emphasised so you’re equipped with the knowledge to work without reliance on frameworks.
3-day in-person
Advanced
Reverse engineering and looking for code reuse in malware with Ghidra
This two-day training dives into Ghidra’s internals to let you automate the tedious and boring steps, and instead allows you to focus on the sections that matter. You will be introduced to Ghidra, its internal API, how to efficiently use AI and LLMs to aid your during your reversing endeavour, and more of Ghidra’s features. You will get hands-on experience with malware that was found in the wild, where you analyse the files and automate repetitive steps.
2-day in-person
Beginner, Advanced
Building, Securing and Hacking Intelligent Agentic Systems v.2026
This is an in-depth, hands-on course designed for developers, DevOps engineers, and security professionals who want to master the core principles behind intelligent agents and multi-agent (autonomous) systems, but we won’t shy away from the required, sometimes theoretical concepts, to grasp the technology but also the security dynamics in play. This course goes far beyond basic prompt engineering and does explore the low-level mechanics of LLM integration, agent chaining, and the architecture behind autonomous AI systems and security implications.
3-day in-person
Advanced
Corelan Heap
Corelan Heap doesn't just dive deep into the Windows heap, it teaches you how to do your own heap research. It covers precise heap manipulation (including Corelan's Memorigami), heap exploitation and the research of heap exploitation primitives and information leak strategies across a wide range of bug classes. Stuff that works on 32bit and 64bit. Widely regarded as the most advanced class on building a universal, research-driven understanding of heap management, heap exploitation and information leak strategies.
3-day in-person (long days, dinner included)
Training Details and Pricing (2026)
Location & Format
In-person: at the Novotel Mechelen Centre, HotelVe or Lamot Mechelen
Virtual: Via Zoom
Course Schedule
Start: 09:00 CET (arrive or join Zoom by 08:45 for a prompt start)
End: 17:00 CET (Corelan courses may run longer).
2-day courses start on the second day (Thursday or Tuesday)
⚠️When purchasing a training ticket, you can always purchase a conference ticket at a reduced cost, even when the conference is sold out!
Corelan trainings are premium courses that include 3 extended training days (+10 hours) and dinner.
Applied Hardware Hacking and Applied SDR Hacking trainings include all required hardware kits (see individual training descriptions for details).
Type | Early Bird (Until end June) | Regular | Late (last 3 weeks) |
|---|---|---|---|
2-day courses | €1890 (€1562 excl. VAT) | €2190 (€1810 excl. VAT) | €2590 (€2140 excl. VAT) |
3-day courses | €2190 (€1810 excl. VAT) | €2490 (€2060 excl. VAT) | €2890 (€2388 excl. VAT) |
Applied SDR Hacking (+250€ for hardware kit) | €2193 (€1812 excl. VAT) | €2493 (€2060 excl. VAT) | €2892 (€2390 excl. VAT) |
Corelan HEAP | €3199 (€2644 excl. VAT) | €3399 (€2809 excl. VAT) | €3599 (€2974 excl. VAT) |
Corelan STACK | €2890 (€2388 excl. VAT) | €3090 (€2554 excl. VAT) | €3290 (€2719 excl. VAT) |
Hardware Hacking (+350€ for hardware kit) | €2614 (€2160 excl. VAT) | €2916 (€2410 excl. VAT) | €3313 (€2738 excl. VAT) |