PLAN - PRICE
Conference training is taking place between 25 and 27 September 2023. Check out the training page for more information
- Corelan Advanced
- Azure Cloud Attacks for Red and Blue Teams
- Abilities Driven Red Teaming
- IoT Security Bootcamp
- A Complete Practical Approach to Malware Analysis and Memory Forensics
- Hacking Enterprises - 2023 Edition
- Hacking Modern Web & Desktop apps: Master the Future of Attack Vectors
- Cloud Security Masterclass: Defender's Guide to Securing AWS & Azure Infrastructure
- The Hitchhacker's Guide to the Mobile Galaxy
Description: The Corelan “ADVANCED” exploit development class is a fast-paced, mind-bending, hands-on course where you will learn advanced heap manipulation and exploit development techniques from an experienced exploit developer. During this 4 or 5-day class (sometimes just 3 “long” days at a conference), students will get the opportunity to learn how to write heap exploits for the Windows platform, using Windows 7, Windows 10 and Windows 11 as the example platform, but mostly focusing on learning & applying generic techniques that can be applied to other operating systems and heap implementations. We will discuss differences between Windows 7 and Windows 10/Windows 11 and explore previously undocumented techniques to achieve important exploitation primitives in Windows 10 & Windows 11. The trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits.
This is most certainly not an entry level course. In fact, this is a one of the finest and most advanced courses you will find on heap exploit development for Windows, and probably the only one that dives deep into the Windows heap manager on Windows 7 and Windows 10/11 and demystifies how the heap really works.
REMARK : This training starts at 9:00 and will end around 22:00 PM. That means +10 hours each day (Dinner will be foreseen)
Instructor: Peter Van Eeckhoutte
Description: More than 95 percent of Fortune 500 use Azure today! A huge number of organizations now use Azure AD as an Identity and Access Management platform using the hybrid cloud model. This makes it imperative to understand the risks associated with Azure as not only the Windows infrastructure and apps use it but also identities of users across an enterprise are authenticated using it.
In addition to cloud-only identity, the ability to connect on-prem Active Directory, applications and infrastructure to Azure brings some very interesting opportunities and risks too. Often complex to understand, this setup of components, infrastructure and identity is a security challenge. This hands-on training aims towards abusing Azure and a number of services offered by it. We will cover multiple complex attack lifecycles against a lab containing multiple live Azure tenants.
All the phases of Azure red teaming and pentesting – Recon, Initial access, Enumeration, Privilege Escalation, Lateral Movement, Persistence and Data mining are covered. We will also discuss detecting and monitoring for the techniques we use. The course is a mixture of fun, demos, exercises, hands-on and lecture. The training focuses more on methodology and techniques than tools.
If you are a security professional trying to improve your skills in Azure cloud security, Azure Pentesting or Red teaming the Azure cloud this is the right class for you!
Instructor: Nikhil Mittal
Description: There are a lot of courses that you can take, virtual, in-person, etc that show you all of the tools and techniques under the sun. What sets this course apart is that we explain the “WHY”. After a combined 35 years of experience in red teaming and offensive security, egypt and mubix distill their TTPs in everything from building binaries, avoiding antivirus (EDR,XDR,BS-DR), to building your own company to take over another. In this 3 day course we have labs where we aren’t trying to teach you any particular OS, tool, or technique, but how to think about those same OSs, tools and techniques, when to use them, and how to assess new ones as the field of infosec changes.
Want to learn the newest, coolest, techniques? Go to a different class. Want to learn how to make any tool do what you want it to? This is the place to be.
Instructor: Rob Fuller and egypt “James” Lee
Description: This is a hands-on IoT hacking class. It covers all aspects of IoT Security, from the technologies and testing methodologies to the vulnerabilities. The main focus is offensive security: attacking and testing the devices and platforms.
We first cover the basics and lay out the ground with concepts before diving into the actual hacking. This provides the understanding of what and why the things can be hacked, with a good mix of knowledge and learning-by-doing or in this case learning-by-hacking.
Students will receive a IoT Hacking Kit (hardware with a value of +350 Euros), which contains the tools and some vulnerable devices used in class, so that they can continue sharpening their skills or hack devices after the event.
Instructor: Pablo Endres
Description: This hands-on training teaches the concepts, tools, and techniques to analyze, investigate and hunt malwares by combining two powerful techniques malware analysis and memory forensics.This course will introduce attendees to basics of malware analysis, reverse engineering, Windows internals and memory forensics, it then gradually progresses deep into more advanced concepts of malware analysis & memory forensics. Attendees will learn to perform static, dynamic, code and memory analysis.
This course consists of scenario-based hands-on labs after each module which involves analyzing real-world malware samples and infected memory images (crimeware, APT malware, fileless malwares, Rootkits etc). This hands-on training is designed to help attendees gain a better understanding of the subject in short span. Throughout the course, the attendees will learn the latest techniques used by the adversaries to compromise and persist on the system.
The training also demonstrates how to integrate the malware analysis and forensics techniques into a custom sandbox to automate the analysis of malicious code. After taking this course attendees will be better equipped with skills to analyze, investigate and respond to malware-related incidents.
Instructors: Monnappa K A and Sajan Shetty
Description: Updated for 2023, our Hacking Enterprises training is the natural counterpart to our popular Defending Enterprises course. In this multi-layered offensive engagement, you will fully compromise a simulated enterprise in this immersive hands-on course that covers a multitude of TTP’s. Targeting modern operating systems including Windows 11, you’ll use modern techniques and focus on exploiting configuration weaknesses rather than throwing traditional exploits. Logical thinking and creativity will definitely be put to the test!
You will work to get initial access in a fictional organisation where multiple networks exist, some easily accessible, others not so. You’ll implant and establish C2, but manual techniques will always be emphasised so you’re equipped with the knowledge to work without reliance on frameworks.
Course content has been designed to reflect real-world challenges and you’ll perform numerous hands-on exercises including executing exploitative phishing campaigns against our simulated users for initial access, finding new networks that in turn bringing new challenges including IPv6 exploitation, subverting AMSI and AWL, passphrase cracking, pivoting, lateral movement, AD CS abuse, userland and privileged persistence via OOB channels and much more!
We realise that training courses are limited for time and therefore students are also provided with the following:
- 14-day extended LAB access after the course finishes
- 14-day access to a CTF platform with subnets/hosts not seen during training!
- Discord support channel access where our security consultants are available
Instructors: Will Hunt and Owen Shearing
Description: This course is a 100% hands-on deep dive into the OWASP Security Testing Guide and relevant items of the OWASP Application Security Verification Standard (ASVS), so this course covers and goes beyond the OWASP Top Ten.
All action, no fluff, improve your security analysis workflow and immediately apply these gained skills in your workplace, packed with exercises, extra mile challenges and CTF, self-paced and suitable for all skill levels, with continued education via unlimited email support and lifetime access to training portal with step-by-step video recordings and interesting apps to practice, including all future updates for free.
Instructors: Abraham Aranguren
Description: This hands-on CTF-style training focuses on elevating your security knowledge into the cloud. Learn to defend your AWS & Azure cloud infrastructure by building automated detection, alerting and response pipelines for your workloads by using native cloud services. This training focuses on building security knowledge on the cloud and for the cloud.
This training takes both investigator and builder approach towards security. It teaches you the fundamentals of cloud infrastructure security and focuses on building highly scalable threat detection, monitoring, and response tools by using cloud-native services like serverless, containers, object stores, IAM/AD, logic apps, SQL/KQL queries and much more.
By the end of this training, we will be able to(applies to both AWS & Azure):
- Use cloud technologies to detect & build automated responses against IAM & AD attacks.
- Understand and mitigate advanced identity based attacks like pivoting and privilege escalation and build defense techniques against them.
- Use serverless functions to perform on-demand threat scans.
- Deploy containers to build threat detection services at scale.
- Build notification services to create detection alerts.
- Analyze malware-infected virtual machines to perform automated forensic investigations.
- Define step functions & logic apps to implement automated forensic artifacts collection for cloud resources.
- Build cloud security response playbooks for defense evasion, persistence and lateral movements.
- Perform advanced security investigations through architecting and deploying security data-lake for real-time threat intelligence and monitoring.
- Enforce multi-cloud security strategy through assessments, compliance checks and benchmarking automation.
Instructors: Abhinav Singh
Duration: 2-day (starting 26th of September)
Description: The mobile galaxy is dominated by two solar systems: Android and iOS. Grab your towel and embark on a journey through the intricacies of mobile operating systems. Uncover the secrets and vulnerabilities of mobile app planets through static analysis. Ignite the infinite improbability drive and delve deeper with dynamic analysis to gain the skills and knowledge to outwit the Vogons. Establish a Man-in-the-Middle to glide through the network traffic of mobile applications and see them phone home.
In this training, not only the Ultimate Question of Life, the Universe, and Everything will be answered but also most of your questions regarding mobile security. Join us on this galactic adventure of becoming a mobile security expert!
Instructors: Jeroen Beckers and Claudia Ully
Duration: 2-day (starting 26th of September)