www.blackhat.com Open in urlscan Pro
2606:4700::6811:b185  Public Scan

Submitted URL: https://d367gh04.eu1.hubspotlinks.com/Ctc/ZW+113/d367gh04/MX3bVWkLXztW4hYx8K5SRWsgW3Dl4Sm5c-1HlN5NMMmx3m2ndW8wLKSR6lZ3m8W3RWPqM97RyfKW...
Effective URL: https://www.blackhat.com/us-24/training/schedule/?utm_medium=email&_hsenc=p2ANqtz-_U04Qjo9FF4svy1Sc_4GflOUmN2m5cl1yOQA9Zb...
Submission: On April 16 via manual from US — Scanned from DE

Form analysis 1 forms found in the DOM

<form class="filter_wrapper">
  <div class="filters_wrapper" id="filters_wrapper">
    <div class="format_type_wrapper">
      <h3 id="filter_format_type" class="filter_header_background_shown filter_header">Format(s)</h3>
      <div class="format_type_list">
        <div class="select_clear_all_link"><a onclick="select_all_filter('format_type'); return false;" href="javascript:;" data-feathr-click-track="true" data-feathr-link-aids="65414312709dc1f319b80018">Select All</a> |
          <a onclick="clear_all_filter('format_type'); return false;" href="javascript:;" data-feathr-click-track="true" data-feathr-link-aids="65414312709dc1f319b80018">Clear</a> </div>
        <ul>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="format_type_420-458_checkbox" id="format_type_420-458_checkbox" class="format_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="format_type_420-458_checkbox" id="label_format_type_420-458" class="format_type_checkbox_label" href="#format/-day-trainings">
                <div class="format_type_icon -day-trainings_icon"></div> <span>2 Day Trainings</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="format_type_420-460_checkbox" id="format_type_420-460_checkbox" class="format_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="format_type_420-460_checkbox" id="label_format_type_420-460" class="format_type_checkbox_label" href="#format/-day-trainings">
                <div class="format_type_icon -day-trainings_icon"></div> <span>4 Day Trainings</span>
              </label> </div>
            <div class="clear"></div>
          </li>
        </ul>
      </div>
    </div>
    <div class="track_type_wrapper">
      <h3 id="filter_track_type" class="filter_header_background_shown filter_header">Track(s)</h3>
      <div class="track_type_list">
        <div class="select_clear_all_link"><a onclick="select_all_filter('track_type'); return false;" href="javascript:;" data-feathr-click-track="true" data-feathr-link-aids="65414312709dc1f319b80018">Select All</a> |
          <a onclick="clear_all_filter('track_type'); return false;" href="javascript:;" data-feathr-click-track="true" data-feathr-link-aids="65414312709dc1f319b80018">Clear</a> </div>
        <ul>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1879_checkbox" id="track_type_1879_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1879_checkbox" id="label_track_type_1879" class="track_type_checkbox_label" href="#track/ai-ml--data-science">
                <div class="track_type_icon ai-ml--data-science_icon"></div> <span>AI, ML, &amp; Data Science</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1801_checkbox" id="track_type_1801_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1801_checkbox" id="label_track_type_1801" class="track_type_checkbox_label" href="#track/appsec">
                <div class="track_type_icon appsec_icon"></div> <span>AppSec</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1786_checkbox" id="track_type_1786_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1786_checkbox" id="label_track_type_1786" class="track_type_checkbox_label" href="#track/crypto">
                <div class="track_type_icon crypto_icon"></div> <span>Crypto</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1769_checkbox" id="track_type_1769_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1769_checkbox" id="label_track_type_1769" class="track_type_checkbox_label" href="#track/defense">
                <div class="track_type_icon defense_icon"></div> <span>Defense</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1787_checkbox" id="track_type_1787_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1787_checkbox" id="label_track_type_1787" class="track_type_checkbox_label" href="#track/forensics">
                <div class="track_type_icon forensics_icon"></div> <span>Forensics</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1788_checkbox" id="track_type_1788_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1788_checkbox" id="label_track_type_1788" class="track_type_checkbox_label" href="#track/hardware">
                <div class="track_type_icon hardware_icon"></div> <span>Hardware</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1789_checkbox" id="track_type_1789_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1789_checkbox" id="label_track_type_1789" class="track_type_checkbox_label" href="#track/human">
                <div class="track_type_icon human_icon"></div> <span>Human</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1790_checkbox" id="track_type_1790_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1790_checkbox" id="label_track_type_1790" class="track_type_checkbox_label" href="#track/ics">
                <div class="track_type_icon ics_icon"></div> <span>ICS</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1844_checkbox" id="track_type_1844_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1844_checkbox" id="label_track_type_1844" class="track_type_checkbox_label" href="#track/iot">
                <div class="track_type_icon iot_icon"></div> <span>IOT</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1802_checkbox" id="track_type_1802_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1802_checkbox" id="label_track_type_1802" class="track_type_checkbox_label" href="#track/malware">
                <div class="track_type_icon malware_icon"></div> <span>Malware</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_17_checkbox" id="track_type_17_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_17_checkbox" id="label_track_type_17" class="track_type_checkbox_label" href="#track/mobile">
                <div class="track_type_icon mobile_icon"></div> <span>Mobile</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1777_checkbox" id="track_type_1777_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1777_checkbox" id="label_track_type_1777" class="track_type_checkbox_label" href="#track/network">
                <div class="track_type_icon network_icon"></div> <span>Network</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1761_checkbox" id="track_type_1761_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1761_checkbox" id="label_track_type_1761" class="track_type_checkbox_label" href="#track/pentesting">
                <div class="track_type_icon pentesting_icon"></div> <span>PenTesting</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1791_checkbox" id="track_type_1791_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1791_checkbox" id="label_track_type_1791" class="track_type_checkbox_label" href="#track/risk">
                <div class="track_type_icon risk_icon"></div> <span>Risk</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1792_checkbox" id="track_type_1792_checkbox" class="track_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="track_type_1792_checkbox" id="label_track_type_1792" class="track_type_checkbox_label" href="#track/wireless">
                <div class="track_type_icon wireless_icon"></div> <span>Wireless</span>
              </label> </div>
            <div class="clear"></div>
          </li>
        </ul>
      </div>
    </div>
    <div class="skill_level_wrapper">
      <h3 id="filter_skill_level" class="filter_header_background_shown filter_header">Skill Level(s)</h3>
      <div class="skill_level_list">
        <div class="select_clear_all_link"><a onclick="select_all_filter('skill_level'); return false;" href="javascript:;" data-feathr-click-track="true" data-feathr-link-aids="65414312709dc1f319b80018">Select All</a> |
          <a onclick="clear_all_filter('skill_level'); return false;" href="javascript:;" data-feathr-click-track="true" data-feathr-link-aids="65414312709dc1f319b80018">Clear</a> </div>
        <ul>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_3_checkbox" id="skill_level_3_checkbox" class="skill_level_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="skill_level_3_checkbox" id="label_skill_level_3" class="skill_level_checkbox_label" href="#skill/advanced">
                <div class="skill_level_icon advanced_icon"></div> <span>Advanced</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_1_checkbox" id="skill_level_1_checkbox" class="skill_level_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="skill_level_1_checkbox" id="label_skill_level_1" class="skill_level_checkbox_label" href="#skill/all">
                <div class="skill_level_icon all_icon"></div> <span>All</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_5_checkbox" id="skill_level_5_checkbox" class="skill_level_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="skill_level_5_checkbox" id="label_skill_level_5" class="skill_level_checkbox_label" href="#skill/beginner">
                <div class="skill_level_icon beginner_icon"></div> <span>Beginner</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_6_checkbox" id="skill_level_6_checkbox" class="skill_level_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="skill_level_6_checkbox" id="label_skill_level_6" class="skill_level_checkbox_label" href="#skill/beginnerintermediate">
                <div class="skill_level_icon beginnerintermediate_icon"></div> <span>Beginner/Intermediate</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_2_checkbox" id="skill_level_2_checkbox" class="skill_level_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="skill_level_2_checkbox" id="label_skill_level_2" class="skill_level_checkbox_label" href="#skill/intermediate">
                <div class="skill_level_icon intermediate_icon"></div> <span>Intermediate</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_7_checkbox" id="skill_level_7_checkbox" class="skill_level_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="skill_level_7_checkbox" id="label_skill_level_7" class="skill_level_checkbox_label" href="#skill/intermediateadvanced">
                <div class="skill_level_icon intermediateadvanced_icon"></div> <span>Intermediate/Advanced</span>
              </label> </div>
            <div class="clear"></div>
          </li>
        </ul>
      </div>
    </div>
    <div class="experience_type_wrapper">
      <h3 id="filter_experience_type" class="filter_header_background_shown filter_header">Experience(s)</h3>
      <div class="experience_type_list">
        <div class="select_clear_all_link"><a onclick="select_all_filter('experience_type'); return false;" href="javascript:;" data-feathr-click-track="true" data-feathr-link-aids="65414312709dc1f319b80018">Select All</a> |
          <a onclick="clear_all_filter('experience_type'); return false;" href="javascript:;" data-feathr-click-track="true" data-feathr-link-aids="65414312709dc1f319b80018">Clear</a> </div>
        <ul>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="experience_type_20_checkbox" id="experience_type_20_checkbox" class="experience_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="experience_type_20_checkbox" id="label_experience_type_20" class="experience_type_checkbox_label" href="#experience/in-person">
                <div class="experience_type_icon in-person_icon"></div> <span>In-Person</span>
              </label> </div>
            <div class="clear"></div>
          </li>
          <li class="li2">
            <div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="experience_type_18_checkbox" id="experience_type_18_checkbox" class="experience_type_checkboxes"> </div>
            <div class="checkbox_label_wrapper"><label for="experience_type_18_checkbox" id="label_experience_type_18" class="experience_type_checkbox_label" href="#experience/virtual">
                <div class="experience_type_icon virtual_icon"></div> <span>Virtual</span>
              </label> </div>
            <div class="clear"></div>
          </li>
        </ul>
      </div>
    </div>
  </div>
</form>

Text Content

Informa

Black Hat is part of the Informa Tech Division of Informa PLC

 * Informa PLC
 * About us
 * Investor relations
 * Talent

This site is operated by a business or businesses owned by Informa PLC and all
copyright resides with them. Informa PLC's registered office is 5 Howick Place,
London SW1P 1WG. Registered in England and Wales. Number 8860726.

 * 
 * Events
   Black Hat AsiaBlack Hat USAUpcoming Events
 * Briefings
   BriefingsCall for PapersSecTor Briefings Call for PapersArchives
 * Trainings
 * Arsenal
   ArsenalResourcesCall for ToolsReview Board
 * Summits
 * Webinars
   WebinarsExecutive Interviews
 * Sponsorships
   Sponsorship OpportunitiesSponsor News
 * About
   About UsIn the NewsPress ReleasesBriefings Review BoardTraining Review
   BoardSecTor Review BoardBriefings Call for PapersSecTor Briefings Call for
   PapersCode of ConductContact UsSustainability PledgePrivacy


USA 2024
Register Now
August 3-8, 2024

--------------------------------------------------------------------------------

Mandalay Bay / Las Vegas
Event Menu
 * AttendAttend
   Attendee RegistrationPass ComparisonMedia RegistrationAI SummitCISO
   SummitOmdia Analyst SummitScholarshipsDEF CON PassesTravelSustainabilityCode
   of Conduct
 * TrainingsTrainings
   Trainings ScheduleCertifications
 * BriefingsBriefings
   Overview & CPEsMicro Summits
 * ArsenalArsenal
   Overview
 * FeaturesFeatures
   Features OverviewCommunityDay ZeroNOCStartup Spotlight Competition
 * ScheduleSchedule
   ScheduleTraining Schedule
 * Business HallBusiness Hall
   Business Hall OverviewContestsSponsor Activities
 * SponsorsSponsors
   Become a SponsorEvent SponsorsSponsor News
 * ProposalsProposals
   Call for Papers - BriefingsCall for Tools - Arsenal

All times are Pacific Time (GMT/UTC -7h)

 * All
 * 2 Day (Sat-Sun)
 * 2 Day (Mon-Tue)
 * 4 Day (Sat-Tue)

 * All
 * A-E
 * F-J
 * K-O
 * P-T
 * U-Z


All TrainingsPresenters



FORMAT(S)

Select All | Clear
 * 
   2 Day Trainings
   
 * 
   4 Day Trainings
   


TRACK(S)

Select All | Clear
 * 
   AI, ML, & Data Science
   
 * 
   AppSec
   
 * 
   Crypto
   
 * 
   Defense
   
 * 
   Forensics
   
 * 
   Hardware
   
 * 
   Human
   
 * 
   ICS
   
 * 
   IOT
   
 * 
   Malware
   
 * 
   Mobile
   
 * 
   Network
   
 * 
   PenTesting
   
 * 
   Risk
   
 * 
   Wireless
   


SKILL LEVEL(S)

Select All | Clear
 * 
   Advanced
   
 * 
   All
   
 * 
   Beginner
   
 * 
   Beginner/Intermediate
   
 * 
   Intermediate
   
 * 
   Intermediate/Advanced
   


EXPERIENCE(S)

Select All | Clear
 * 
   In-Person
   
 * 
   Virtual
   

No sessions found

 * * 2 Day (Sat-Sun)
   * 360° Ransomware Response: Detection, Negotiation, Recovery, and Prevention
     Location:  TBD
     lmg security (sherri davidoff and matt durrin)
     Tracks:
     
     Forensics,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Learn to respond to ransomware effectively and efficiently. In this
     hands-on boot camp, we'll show you a comprehensive approach to ransomware
     response, covering key aspects such as early detection, negotiation
     tactics, and decryption challenges. We'll analyze the latest ransomware
     strains and learn about evolving detection strategies. Then we'll delve
     into core elements of the initial response: triage, evidence preservation,
     scoping, containment and mitigation. We'll study the decryption process,
     including infected decryptors, double-encryption issues, and other common
     challenges. You'll learn practical ransom negotiation tactics and gain
     insights on the business impacts and communication strategies that will
     help you effectively support legal teams, public relations and more
     throughout the response. Hands-on labs are included throughout the class.
     Each student gets 90 days of free access to the Ransomware Virtual
     Laboratory. Along the way, we'll take students full circle and point out
     effective technical measures that block attackers and prevent ransomware
     deployment. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     2024, A Space Hacking Odyssey
     Location:  TBD
     final frontier security
     Tracks:
     
     PenTesting,
     
     ICS
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Sure, maybe you've hacked the planet, but how about hacking off planet? The
     final frontier has been designated as critical infrastructure. Satellites
     and other space systems are an integral part of our daily lives from
     navigation to communications, financial transactions, and national
     security. Cybersecurity for these assets is environmentally and
     operationally constrained in ways unfamiliar to most practitioners. What
     better way to gain an appreciation for the challenges of cybersecurity in
     space and an understanding of how attackers will behave against this attack
     surface than exploiting it yourself? Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     A Basic Guide to Bug Hunting with Ghidra
     Location:  TBD
     craig young
     Tracks:
     
     AppSec,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Discover the art of uncovering vulnerabilities without the aid of source
     code or commercial tooling. This class is a deep-dive on how to use open
     source tools to shed light on closed source binaries. We will cover how bug
     hunters use free tools like Ghidra, AFL, QEMU, Frida, and GDB, to find
     exploitable bugs in modern software. Students will be introduced to each of
     these tools and more as we walk through exercises demonstrating their use.
     We will start with relatively simple techniques, like using Ghidra to
     identify and trace potentially insecure function calls, but by the end we
     will be looking at advanced techniques for stitching fuzzers together from
     compiled code. We'll also explore opportunities for using dynamic analysis
     to identify interesting code paths and reveal subtle bugs. Students in this
     class should be comfortable working with C code and have a basic
     understanding of memory safety vulnerabilities. Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     A Beginner's Guide To Threat Hunting: How to Shift Focus from IOCs to
     Behaviors and TTPs
     Location:  TBD
     lee archinal (cyborg security)
     Tracks:
     
     Defense,
     
     Human
     Format: 2 Day Trainings
     
     
     This course is designed to provide the students with hands-on experience in
     behavioral threat hunting. This includes covering common models and how
     they relate to threat hunting, how to operationalize an intel report
     focusing on tactics, techniques, and procedures (TTPs), how to leverage
     intelligence to initiate and conduct a hunt, data pivoting from initial
     query to results, proper documentation techniques to compile and organize
     findings in a repeatable manner. The culmination of this process will be a
     series of simulated attack chains using real world adversary TTPs, broken
     down into two phases: crawling and walking.
     
     
     The crawl phase will provide students with the opportunity to go hands-on
     with the data in a step-by-step hunting tutorial. This practical session
     will allow students to experience threat hunting in a structured and
     controlled manner, and allow them to practice the topics that were covered.
     
     
     The walk phase will see students break off into small SOC teams for an
     activity that will put all of their practical knowledge to the test. Learn
     More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Accurate and Scalable: Web Application Bug Hunting
     Location:  TBD
     michal kamensky, bounce security
     Tracks:
     
     AppSec,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Ever find yourself repeating manual searches while analyzing a massive
     codebase? Do you often manually perform the same tests over and over when
     reviewing a huge web application?
     
     In this course you will learn how to take all that knowledge and repetitive
     work and put it into custom checks and tailored scans that will do the work
     for you, across the whole application.
     
     You will practice performing scalable, assisted manual research, using
     free, open-source tools such as Semgrep and Nuclei whilst leveraging your
     familiarity with the application and its logic. Instead of generic
     vulnerability scans that barely find the obvious problems and flood you
     with false positives, you can develop tailor-made checks that find what is
     important.
     
     Through multiple hands-on examples and practical exercises, you'll learn
     how this approach of customization at scale enables you to look far beyond
     the low hanging fruit, with useful tools that spare you the trouble of
     reinventing the wheel each time around. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Active Directory Attacks for Red and Blue Teams – Advanced Edition
     (Virtual)
     Location:  TBD
     altered security
     Tracks:
     
     PenTesting,
     
     Network
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: Virtual
     
     
     More than 95% of Fortune 500 companies use Active Directory! Enterprises
     are managed using Active Directory (AD) and it often forms the backbone of
     the complete network. To secure AD, you must understand different
     techniques and attacks used by adversaries against it. Often burdened with
     maintaining interoperability with a variety of products, AD lack ability to
     tackle latest threats.
     
     This training is aimed towards attacking modern AD using built-in tools,
     scripting and other trusted OS resources. Some of the techniques, used in
     the course:
     
      * Extensive AD Enumeration
      * Trust mapping and abuse
      * Privilege Escalation
      * Advanced Kerberos Attacks
      * Advanced cross forest trust abuse
      * Attacking Azure AD integration
      * Abusing trusts for MS products
      * Credentials Replay Attacks
      * Persistence
      * Defenses
      * Bypassing defenses
     
     
     Attendees will get free two-month access to an AD environment comprising of
     multiple domains and forests and a Certified Red Team Expert Exam (CRTE)
     certification attempt. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Active Directory Security Fundamentals
     Location:  TBD
     specterops
     Tracks:
     
     PenTesting,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Stop being passive with your Active Directory! Kerberos, ADUC, Golden
     Tickets, Security Principals – have you come across these or similar words
     in penetration test reports or security bulletins and felt a little… lost?
     Active Directory comprises many components that fulfill complex
     architectural requirements but can also open cracks through which attackers
     may slip. Active Directory: Security Fundamentals demystifies the various
     Active Directory components and illustrates how these components can
     potentially introduce risks to your organization. This course empowers
     network defenders to directly look under the hood of their Active Directory
     architecture and understand their environment better than attackers.
     Instructors share their knowledge and personal experiences testing Active
     Directory in hundreds of environments to reveal not only common pitfalls in
     securing their environment but also how they commonly occur. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Adam Shostack's Threat Modeling Intensive
     Location:  TBD
     adam shostack
     Tracks:
     
     AppSec,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Threat modeling is the best way for security professionals to get a seat at
     the table and influence a project early. It's how we get systematic,
     structured and comprehensive about the products and services we deliver.
     This is a rare public opportunity to take a course from "the person who
     wrote the books." (Threat Modeling: Designing for Security and Threats:
     What Every Engineer Should Learn from Star Wars) Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Advanced APT Threat Hunting & Incident Response
     Location:  TBD
     xintra
     Tracks:
     
     Forensics,
     
     Defense
     Format: 2 Day Trainings
     Experience: Virtual
     
     
     APTs are constantly evolving their attack techniques putting pressure on
     responders and blue teamers to stay up-to-date on all the latest tactics,
     techniques and procedures. Depending on the nature of the organization,
     responders and blue teamers may have never responded to a nation-state
     level threat in their environment. This course is built to arm attendees
     with the ability to detect, respond and remediate an APT-level attack.
     Attendees will be challenged with practical labs built around a simulated
     APT intrusion covering each stage of the ATT&CK chain. Students will be
     exposed to endpoint forensics, log analysis and cloud forensics on
     up-to-date attack techniques leveraged by Russian, Chinese, North Korean
     and Iranian APT groups against organizations within the last two years.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Advanced Cloud Incident Response in Azure and Microsoft 365
     Location:  TBD
     korstiaan stam from invictus incident response b.v.
     Tracks:
     
     Forensics,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     In this comprehensive two-day hands-on training, immerse yourself in the
     intricacies of forensics and incident response within the Microsoft cloud
     environment. This course delves into both Microsoft 365 and Microsoft
     Azure, providing practical insights into investigating cyber attacks and
     navigating relevant log artifacts. All concepts taught are directly
     applicable to real-life threats observed in the Microsoft cloud.
     
     Benefit from the expertise of a trainer with firsthand experience in
     cloud-based incident response and forensic investigations, sharing insights
     not found on conventional websites. By the end of this training, you will
     be well-equipped to confidently investigate any threat within the Microsoft
     cloud.
     
     Experience a highly interactive training with practical exercises, at the
     end of the course you will investigate two comprehensive attack scenarios
     in both Azure and M365 in the Capture The Flag (CTF) challenge. It is your
     task to solve as many puzzle pieces as possible. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Advanced Hacking and Securing Windows Infrastructure
     Location:  TBD
     paula januszkiewicz, ceo and cybersecurity expert; dr. mike
     jankowski-lorek, director of consulting, cybersecurity expert
     Track:
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Take your cybersecurity skills to the next level with our infrastructure
     services security course. Ideal for enterprise admins, security officers,
     and architects seeking to protect critical infrastructure, this course is
     taught by leading experts Paula Januszkiewicz and Mike Jankowski-Lorek,
     Ph.D.
     
     You'll gain practical knowledge from years of experience and successful
     projects, with a focus on critical penetration testing tasks to effectively
     safeguard your organization from cyberattacks. Learn efficient network
     mapping, vulnerability identification, and exploitation techniques, while
     mitigating the risk of attacks through secure measures. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Advanced Hardware Hacking: Power Analysis & Fault Injection with the
     ChipWhisperer
     Location:  TBD
     newae technology inc.
     Tracks:
     
     Hardware,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     This course brings you up to speed on advanced hardware hacking topics such
     as power analysis and fault injection. The course is based around the
     open-source ChipWhisperer project, and students will use a variety of
     related tools in the course. This updated 2-day course includes more
     focused labs using a wide variety of ChipWhisperer tools setup in the
     classroom. Topics include power analysis for passwords & encryption
     algorithms, along with fault injection using voltage, clock, and
     electromagnetic fault injection. The course is structured so that students
     can work through a wide variety of additional ChipWhisperer tutorials after
     the course, focusing the course contents on the fundamentals along with how
     to apply the material in practical scenarios. Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Advanced Threat Emulation: Active Directory
     Location:  TBD
     bc security
     Tracks:
     
     PenTesting,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     This training course covers various aspects of Active Directory and how to
     attack it. Students will learn about network poisoning and authentication
     protocols in Windows networks, the different kinds of Windows credential
     types, and how to use them. Students will also learn common attacks on NTLM
     and Kerberos, such as NTLM relay attacks, delegation attacks, and creating
     forged tickets. Students will become familiar with identifying and
     exploiting common Active Directory misconfigurations . Students will be
     able to conduct attacks from both Windows and Linux operating systems and
     learn the nuances between each platform for performing attacks. Students
     will learn where credentials are stored on a Windows system and how to
     extract credentials from LSASS, DPAPI, SAM, LSA, and the Kerberos ticket
     cache. Students will learn about the different domain trusts and how to
     perform multi-domain compromises. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Advanced Threat Emulation: Evasion
     Location:  TBD
     bc security
     Tracks:
     
     PenTesting,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Windows presents a vast attack surface, providing the Blue Team with many
     detection opportunities. Students will learn about evading Blue Team
     hunters by first learning to build detections, then masking their
     signatures, and exploiting indicators to decrease detection probability. We
     will also explore the impact of migrating through different programming
     languages, such as C# and IronPython. By the end of the course, students
     will be equipped with the knowledge to obfuscate open-source tools without
     necessitating custom tooling for use across a diverse and dynamic
     operations environment.
     
     This class will explore the theory behind malware obfuscation, starting
     with the Theory of Code Obfuscation and how it applies to Tactics,
     Techniques, and Procedures (TTPs) implemented by modern Advanced Persistent
     Threats (APTs). We will examine everything from standard variable
     obfuscation to control flow manipulation to data procedurization. Students
     will apply obfuscation theory to practical applications in hands-on labs
     throughout the course. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Adversarial Approach - Combating Social Engineering Attacks through
     Situational Awareness
     Location:  TBD
     jayson e. street
     Track:
     
     Human
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     
     Fueled by advancements in social media and AI, the evolution of social
     engineering tactics has elevated cyber threats to unprecedented levels of
     sophistication. So, why has the approach to Security Awareness Training
     (SAT) stayed the same? This hands-on course will teach you how to go beyond
     best practices and use modern social engineering techniques to transform
     "security awareness" into "situational awareness."
     
     Course Features:
     
      * Apply AI for social engineering and other simulated nefarious purposes
      * Learn DuckyScript and use it to expose the risk to executives and
        coworkers
      * Participate in 6 Practical Hands-On Exercises in Recon, Phishing
        exploits, and Ways to Engage Your Employee Base
      * Help educate others become more situationally aware of threats
      * Take home a custom Hak5 field kit (consisting of Bash Bunny Mark II,
        O.MG Elite USB-C Cable, & O.MG Programmer)
     
     
     Traditional SAT programs cover password hygiene, recognizing phishing
     emails, securing physical workspaces, and understanding the importance of
     data privacy. This knowledge is essential but lacks the interactivity and
     real-world simulation needed to effectively prepare someone for the dynamic
     cyber threats of today. We will address that gap by teaching you:
     
      * How adversaries perform reconnaissance using the Open-Source
        Intelligence (OSINT) model
      * How to effectively use spear phishing and physical compromise
        demonstrations to showcase the direct impact of threats
      * How to enhance your SAT program with engaging content to develop
        security culture
     
     At the end of this course, you will have the knowledge and tools you need
     to demonstrate the impact of a social engineering attack. You will be able
     to defeat optimism bias and show anyone how they can be personally impacted
     by cybersecurity events. You'll also have strategies to secure leadership
     endorsement and apply your new abilities to modernize the SAT program in
     your organization.
     
     Once you have successfully instilled situational awareness into the
     personnel of your organization, you will have mobilized your organization's
     most effective defense in the fight against cybercrime. This course serves
     as a catalyst for transformative change, ensuring your organization's
     resilience in the face of modern cybersecurity challenges.
     
     Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Agile Whiteboard Hacking – aka Hands-on Threat Modeling
     Location:  TBD
     toreon
     Tracks:
     
     AppSec,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     In this "Black Hat edition" training, we challenge you with hands-on threat
     modeling exercises based on real-world projects. You will get insight into
     our practical industry experience, helping you to become a Threat Modeling
     Practitioner. We included an exercise on MITRE ATT&CK, and we focus on
     embedding threat modeling in Agile and DevOps practices. And we introduce a
     new challenge on threat modeling a Machine Learning-Powered Chatbot.
     
     We levelled up the threat modeling war game. Engaged in CTF-style
     challenges, your team will battle for control over an offshore wind turbine
     park.
     
     All participants get our Threat Modeling Playbook to improve you threat
     modeling practice, one-year access to our online threat modeling learning
     platform, and one-hour personal coaching to refine your threat modeling.
     
     Our self-paced Threat Modeling Introduction training is included in this
     course.
     
     
     All participants get our Threat Modeling Playbook to improve you threat
     modeling practice, one-year access to our online threat modeling learning
     platform, and one-hour personal coaching to refine your threat modeling.
     
     Are you new to threat Modeling? Our self-paced Threat Modeling Introduction
     training is included in this course. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     AI Red Teaming in Practice
     Location:  TBD
     dr. amanda minnich. microsoft ai red team gary lopez. microsoft ai red team
     Tracks:
     
     AI, ML, & Data Science,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     There is so much more to red teaming AI systems than prompt injection.
     
     In this training, attendees will learn how to red team AI systems
     leveraging three pillars: traditional software vulnerabilities in AI
     systems, AI-specific vulnerabilities, and Responsible AI (RAI)
     vulnerabilities. By the end of the class, attendees should be able to probe
     comfortably any machine learning system for OWASP Top 10 LLM
     vulnerabilities. We will exclusively use open- source tools and frameworks
     such as Semantic Kernel, LangChain, NeMo Guardrails, Counterfit and the
     MITRE ATLAS to red team AI systems.
     
     The course is taught by Microsoft's AI Red Team, which was the first to
     combine RAI Red Teaming alongside security red teaming. In the last year,
     every high-risk AI system—including models and Copilots—was assessed by
     this team. We will use this real-world experience to upskill Black Hat
     attendees. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     A Journey Into Mobile Application Hacking (iOS & Android)
     Location:  TBD
     sensepost training | orange cyberdefense
     Tracks:
     
     Mobile,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     The course is created by hackers for hackers looking to take over the
     mobile application hacking world!
     
     Through this course we will show you how to do mobile assessments from
     absolute scratch.
     
     We will show you all of the basic concepts and tools required to perform
     meaningful mobile assessments which will add value to your customer's
     mobile offerings.
     
     The course consists of two days of which 60% is practical. Designed,
     developed and delivered by the team behind one of the most commonly used
     mobile application hacking tools known as Objection. We will give you a
     solid foundation so you can build a castle if you wish to. We will cover
     Android and iOS with a playground of apps that you can hack to your hearts
     content. The course is structured to make use of emulators, so you don't
     even need physical devices to take part in the course.
     
     Key Take-Aways:
     
      * Form a base understanding of the mobile application hacking industry
      * Build up a solid methodology and skill-set to assess and break mobile
        applications built for iOS and Android
      * Understand the required testing environment and tools required to make
        mobile app hacking fun and exciting
     
     
     Join us and hack some mobile apps! Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Android Userland & Kernel Fuzzing and Exploitation
     Location:  TBD
     mobile hacking lab
     Tracks:
     
     Mobile,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Android Userland & Kernel Fuzzing and Exploitation
     
     Step into the realm of comprehensive Android security with our integrated
     "Android Userland and Kernel Fuzzing and Exploitation" course. Designed for
     both novices and seasoned professionals, this course offers an extensive
     curriculum that covers the spectrum of Android vulnerabilities and their
     exploitation.
     
     Starting with the Userland component, learners will grasp how to detect
     bugs in Android Userland Applications and exploit memory corruptions. The
     course provides a deep understanding of ARM assembly, reverse engineering,
     and the development of robust exploits, bypassing exploit mitigations like
     NX and ASLR. With 43 labs across 9 modules, students will employ advanced
     fuzzing techniques to pinpoint exploitable vulnerabilities.
     
     The journey continues as we pivot to the Android kernel on the second day,
     where the intricacies of kernel internals, such as memory allocators and
     driver programming, are unraveled. Students will learn to discover bugs
     using kernel fuzzing techniques, including the use of sanitizers and
     Syzkaller. The course will guide attendees through the construction of
     kernel exploits crucial for sandbox escape, examining real-world
     vulnerabilities and the art of kernel debugging.
     
     In culmination, the course integrates Userland and Kernel learnings to
     assemble a full-chain remote exploit against target devices. The hands-on
     approach is further enhanced by access to our state-of-the-art training
     platform, where course attendees can perform exercises and apply their
     knowledge in practical scenarios. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Applied Data Science and Machine Learning For Cybersecurity
     Location:  TBD
     gtk cyber
     Tracks:
     
     AI, ML, & Data Science,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     This interactive course will teach security professionals how to use data
     science and AI to quickly manipulate and analyze security data. The course
     will cover the entire data science process from data preparation,
     exploratory data analysis, data visualization, machine learning, model
     evaluation and finally, implementing at scale—all with a focus on security
     related problems. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Applied Hardware Attacks 1 – Embedded and IoT Systems
     Location:  TBD
     joe fitzpatrick & the securinghardware.com team
     Tracks:
     
     Hardware,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     This hands-on course will introduce you to the common interfaces on
     embedded systems and IoT devices, and how to exploit physical access to
     grant yourself software privilege via UART, JTAG, or SPI.
     
     Designed for newcomers to hardware, over 70% of our time will be hands-on
     with current off-the-shelf hardware, supported by lectures to fill in the
     background. This is why classes we developed have sold out at Black Hat
     every year. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Applied Hardware Attacks 3 – Rapid Prototyping
     Location:  TBD
     joe fitzpatrick & the securinghardware.com team
     Tracks:
     
     Hardware,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     This is a two-day crash course in rapid prototyping for hardware hacking.
     We'll spend most of our time working hands-on to meet the mechanical,
     electrical, and protocol requirements for interfacing with our target
     hardware. In the span of two days, you will:
     
     
      * Analyze an undocumented debug connector
      * Design and print an interface jig
      * Layout, fabricate and assemble a PCB interposer
      * Automate assembly of a small device
      * Safely make electrical connections
      * Bit-bang a custom hardware protocol in software
     
     
     This course emphasizes how to connect to hardware for those who are already
     familiar with the what and why. It's specifically geared towards attendees
     who have already completed an introductory hardware hacking course
     including some soldering experience. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     A Practical Approach to Breaking & Pwning Kubernetes Clusters
     Location:  TBD
     madhu akula
     Tracks:
     
     PenTesting,
     
     Risk
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     The adoption of Kubernetes use in production has increased to 83% from a
     survey by CNCF. Still, most security teams struggle to understand these
     modern technologies. In this real-world scenario-based training, each
     participant will be learning Tactics, Techniques, and Procedures (TTPs) to
     attack and assess Kubernetes cluster environments at different layers like
     Supply chain, Infrastructure, Runtime, and many others.
     
     Some of the things you will be doing in this course:
     
     
      * Exploiting Misconfigurations and private Registries by performing simple
        Recon
      * Escaping out of containers to host systems and clusters to gain more
        access
      * Escalating privileges, DoS cluster resources, Lateral movement from
        container
      * Gaining unauthorized access to namespaces, microservices, data, and logs
      * Breaking the boundaries of NSP(Network Security Policy), RBAC, Profiles
      * Defense evasion techniques & Persistence in Cluster Environments
      * Bypassing the solutions like Policy Engines, Resource limits, and
        Controls
      * Evaluating the cluster security using CIS benchmarks and Cluster Audits
        to find all possible risks
     
     
     Also, the trainer will provide a step-by-step guide(Digital Book) with
     resources and references to further your learning. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Astute AWS/Azure/GCP Cloud Red Team: It's Raining Shells! - 2025 Edition (2
     Day)
     Location:  TBD
     ultraviolet cyber
     Tracks:
     
     PenTesting,
     
     Network
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Stay frosty within AWS, Azure, & GCP environments with this fast-paced and
     hands-on course which teaches each participant the Tactics, Techniques, and
     Procedures (TTPs) needed to infiltrate and expand access within cloud
     platforms.
     
     
     In this course you will:
     
     
      * Exploit serverless (e.g. Lambda, Azure Functions) applications for
        initial access into targets.
      * Pivot between data and control planes to expand access (e.g. collecting
        secrets, snapshots)
      * Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain
        undetected.
      * Breach and backdoor boundaries (e.g. VPCs) to access hard-to-reach
        systems.
      * Expanding access within Kubernetes (K8s) envs (e.g. GCP bypass of
        metadata protections)
     
     
     Compete throughout the course in our hands-on Capture the Flag (CTF)
     tournament! Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Attack and Defend Android Applications (Virtual)
     Location:  TBD
     cyfinoid research
     Tracks:
     
     Mobile,
     
     Defense
     Format: 2 Day Trainings
     Experience: Virtual
     
     
     This course focuses on the Android application ecosystem covering both the
     offense & defense of the application development process. We start with
     attacks, covering various possible attacks on Android applications. Then we
     provide solutions to various challenges routinely encountered by Android
     security engineers and pen testers:
     
     
      * Traffic interception (HTTP/HTTPS/web socket/non-HTTP)
      * Root detection bypass
      * Static & dynamic analysis
      * Perform dynamic instrumentation (Frida / Magisk)
      * Analyzing non-Java/ Kotlin apps (React Native, Xamarin and Flutter)
     
     
     Next, we shift gears and focus on defending the applications, and major
     areas covered are:
     
     
      * Application Threat Modeling
      * Identifying weaknesses
      * Adding Security into CI / CD Pipeline for the application
      * Analysis of the results
      * Defense in Depth Design Techniques
     
     
     The aim is not to create a "zero to hero" experience, but to provide a
     methodical approach with which the participants could perform any Android
     application assessment. We provide students with access to learning
     portals, cloud VM's, a soft copy of slides, detailed answer sheets as well
     as AMI's to continue learning after class. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Attacking and Defending Private 5G Cores (Virtual)
     Location:  TBD
     dr. altaf shaik
     Tracks:
     
     Network,
     
     Wireless
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: Virtual
     
     
     Security is paramount in private 5G networks due to their tailored nature
     for enterprises. They handle sensitive data, connect mission-critical
     devices, and are integral to operations. This advanced 5G Core Security
     Training is a comprehensive program designed to equip security
     professionals with advanced skills and techniques to identify and mitigate
     potential security threats in private 5G networks. Participants will gain a
     deep understanding of 5G core security and protocols, and learn how to
     develop and use the latest 5G pentesting tools and techniques to perform
     vulnerability assessments and exploit development. The training will also
     cover the latest 5G security challenges and best practices, and provide
     participants with hands-on experience in simulating different attacks and
     defenses on a local zero-RF-transmitting 5G network. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Automating Security with Open Source
     Location:  TBD
     threat intelligence pty ltd
     Tracks:
     
     Defense,
     
     Forensics
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     The security industry is running fast towards security automation to
     increase the capability and capacity of security teams so they can
     effectively and efficiently stay on top of the constantly evolving threats,
     attacks, and security breaches that occur every day!
     
     Learn how to implement streamlined security operations and help prevent
     breaches through security automation, including:
     
     
      * Automated Intelligence Collection and Analysis
      * Automated Vulnerability Identification and Penetration Testing
      * Automated Security Monitoring and Incident Response
      * Automated Security Infrastructure Orchestration and Integration
      * Automated Chaining of Security Capabilities
      * Automated Security Notifications
     
     
     Get ahead of the hackers and start automating the protection of your
     organisation now!
     
     Register now to secure your spot! Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Basic Infrastructure Hacking - 2 Day
     Location:  TBD
     tom large / notsosecure
     Tracks:
     
     Network,
     
     PenTesting
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     IT infrastructure is more complex and dynamic than it's ever been,
     demanding comprehensive, modern, and well-rehearsed security skills to
     match. Join this hands-on, 2-day course to develop a strong baseline in
     infrastructure hacking and widen your career prospects. Get your hands
     dirty with our popular virtual labs and learn from experienced, practicing
     penetration testers with a legacy of training at Black Hat. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Black Hat Cryptography: Attacks, Tools & Techniques for Security
     Professionals
     Location:  TBD
     ruben gonzalez
     Tracks:
     
     PenTesting,
     
     Crypto
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Crypto-related vulnerabilities are super common! OWASP even ranks
     "Cryptographic Failure" as the second most common security vulnerability
     class in software. Yet, very often these vulnerabilities are overlooked by
     developers, code auditors, blue teamers, and penetration testers alike.
     Because, let's face it: Nobody knows how cryptography works.
     
     This course turns you into a powerful weapon. It will teach you how applied
     cryptography is commonly misused in the field and how this leads to
     exploitable bugs. Using case studies
     from our own pentesting and red teaming engagements, we'll introduce core
     concepts of applied cryptography and how they fail in practice.
     
     During the course you'll:
     
     
      * Understand how modern cryptography works
      * Find common crypto vulnerabilities in real software
      * Write crypto exploits for real software (and an IoT device)
     
     
     At the end of the course you'll be able to spot an exploitable crypto bug
     from miles away (and be able to avoid them yourself)! No prior knowledge
     required. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Black Hat Machine Learning
     Location:  TBD
     nvidia
     Tracks:
     
     AI, ML, & Data Science,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Machine Learning technologies continue to improve and expand into new areas
     at a blistering pace: from driving cars to detecting cancer, defending
     networks to analyzing the human genome, writing code, generating synthetic
     artwork, flying drones, and more. With this success, ML is starting to
     receive scrutiny from regulators, security teams, and hackers across all
     industries. ML Systems represent a new attack surface and bring up genuine
     security concerns. In this training, students will explore the security
     risks and vulnerabilities that adopting machine learning might expose you
     to. This course will provide students with a realistic environment and
     methodology to explore the unique risks presented by the use of ML in
     today's environments. Students will leave equipped to assess the threat
     model, vulnerabilities, and attack surface of ML systems. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Cloud Security Hands-On (CCSK+) for AWS
     Location:  TBD
     securosis
     Track:
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     This course provides a solid foundation in cloud security, including 50% of
     hands-on labs in AWS to apply the principles in practice. We cover all the
     material needed to pass the Cloud Security Alliance Certificate of Cloud
     Security Knowledge (CCSK) exam while adding a pragmatic approach to
     immediately kick-start your cloud security projects. This class has been
     updated to align with version 5 of the CSA Guidance. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Cognitive Security: Preparing for Cyber Deception Through Synthetic Media
     Attacks
     Location:  TBD
     psyber labs, llc
     Tracks:
     
     Human,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Threat actors are rapidly moving beyond traditional cyber-attacks by
     leveraging generative AI and synthetic media to carry out cognitive warfare
     and cyber deception tactics against their victims. Extorting high net worth
     individuals in deepfake virtual kidnapping scams, disseminating
     disinformation by impersonating well-established brands, and spoofing the
     voices of executives to convince employees to transfer funds to
     illegitimate accounts; are just a few examples of tactics already observed
     in the wild. You will leave this course with the tools and training
     required to integrate deepfakes and synthetic media into your red team
     assessments, be able to conduct cyber threat assessments, and practice
     developing mitigation strategies to reduce potential harm from these
     attacks. By engaging with attacks from both the offensive and defensive
     perspectives you will gain a deep understanding of the critical factors
     that differentiate highly sophisticated attacks from mediocre attempts.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Defeating Microsoft's Default Bitlocker Implementation
     Location:  TBD
     popp schweiz ag
     Tracks:
     
     Forensics,
     
     Hardware
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     This training guides you through the whole process involved for a
     successful BitLocker TPM bus sniffing attack. Within two days you will be
     given the necessary knowledge about micro soldering, notebook internals,
     TPM basics, logic analyzers, basic forensic data acquisition and some
     BitLocker theory. In the end you will not just be able to conduct the
     attack against a test notebook which you can take home, but also fully
     understand what you are actually doing and applying it to your devices.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Defending Enterprises - 2024 Edition
     Location:  TBD
     in.security
     Tracks:
     
     Defense,
     
     PenTesting
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Updated for 2024, our immersive 2-day Defending Enterprises training is the
     natural counterpart to our popular Hacking Enterprises course.
     
     You'll play a SOC analyst in our Microsoft Sentinel cloud-based lab and try
     to rapidly locate IOA's and IOC's from a live enterprise breach executed by
     the trainers in real-time.
     
     Whether you're new to Kusto Query Language (KQL) or a seasoned pro, there's
     plenty for you in the 2-days! Yes, we're using Microsoft Sentinel, but the
     underlying threat detection theory, logic and threat hunting approach is
     transferable into your own environments, whatever your preferred platform.
     
     We look at the top 10+ methods we use in offensive engagements and show how
     these can be caught, along with numerous other examples and methods that go
     above and beyond these common TTPs!
     
     With 14 hands-on exercises you'll gain real-world experience in the
     following areas:
     
     
      * MITRE ATT&CK, CAR and D3fend frameworks
      * Introduction to Kusto Query Language (KQL)
      * Reviewing popular phishing attacks and living off the land techniques
      * Locating C2 traffic and beaconing activity
      * Digging into credential exploitation (Pass-the-Hash, Pass-the-Ticket,
        Kerberoasting, Azure Managed Service Accounts, DCSync)
      * Reviewing Active Directory Certificate Services (ADCS) attacks
      * Identifying lateral movement (WMIC, WinRM, MSSQL, SMB)
      * Catching data exfiltration attempts (ICMP, DNS)
      * Detecting persistence activities
      * + much more!
     
     
     We know 2 days isn't a lot of time, so you'll also get 14 days FREE lab
     time after class and Discord access for support. Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     DevSecOps Masterclass: AppSec Automation Edition
     Location:  TBD
     appsecengineer
     Tracks:
     
     AppSec,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     DevOps has changed the way we deliver apps. However, security remains a
     serious bottleneck, especially Application Security. This is largely due to
     the speed of innovation in DevOps, contrasted with the escalating attacks
     against Applications.
     
     The training is based on our 4.9/5 Rated DevSecOps Masterclass at Blackhat.
     
     The training is a hardcore hands-on journey into:
     Hands-on SAST for Apps and Infrastructure-as-Code, with a focus on Semgrep
     and CodeQL. Develop Custom SAST rules like a bawse!
     Supply-Chain Security Automation: SBOMs, Source Composition Analysis and
     Security Engineering techniques
     Assurance and Provenance for artifacts. Mastery over Cosign and SLSA for
     Supply-Chain Provenance
     DAST Automation and Security Regressions with ZAP and Nuclei.
     Policy-As-Code: Leverage Open Policy Agent (OPA) with use-cases from API
     Access Control to OS Policy Controls.
     
     Participants get 2 months of access to our online lab environment for
     DevSecOps training Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Elite Web Application Hacking
     Location:  TBD
     sensepost | orange cyberdefense
     Tracks:
     
     PenTesting,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     In an era where digital landscapes evolve, mastery of advanced web
     application security is imperative for seasoned developers, pentesters and
     red-teamers alike. This course builds upon existing knowledge, elevating
     your expertise in web application hacking through sophisticated attacks and
     hands-on challenges.
     
     As the digital ecosystem continues to advance, web applications become
     increasingly intricate, demanding a higher level of proficiency in securing
     them against sophisticated threats.
     This course is crafted to equip you with more advanced skills to identify,
     assess, and exploit web applications through complex vulnerabilities and
     approaches.
     
     Key Points:
     
      * Master complex web security concepts, building on foundational
        knowledge.
      * Engage in advanced hands-on exercises simulating real-world challenges.
      * Hone skills in conducting thorough risk assessments for strategic
        decision-making amid intricate security challenges.
     
     
     This course is tailored for individuals with a solid foundation in web
     application security. Whether you're an experienced cybersecurity
     practitioner seeking to enhance your skill set or a seasoned developer
     aiming to deepen your security expertise, this course provides a strategic
     and hands-on approach to mastering the nuances of advanced web application
     hacking. Learn More
     
      EARLY
     
     
     
     $4,100
     
     
     ENDS MAY 24
     
     Fundamentals of Industrial Control Systems (ICS) Security
     Location:  TBD
     mandiant (now part of google cloud)
     Track:
     
     ICS
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     This course provides IT security professionals and ICS/OT engineers
     interested in ICS/OT security with the fundamental knowledge and skills
     required to build and expand an ICS/OT security team.
     
     Learners will become familiar with ICS/OT security concepts, secure
     architecture, threat models and ICS/ OT security standards and best
     practices. The course will also discuss today's security trends and the
     current threat landscape. Throughout the course, exercises and
     demonstrations inspired by actual cases and incidents in the ICS world will
     enable learners to advance their knowledge in their day jobs. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Going beyond shells! - Hacking AWS, Google Cloud, DigitalOcean and Aliyun
     (Virtual)
     Location:  TBD
     cyfinoid research
     Tracks:
     
     PenTesting,
     
     AppSec
     Format: 2 Day Trainings
     Experience: Virtual
     
     
     A fast paced, scenario driven hands-on training built on real world
     Detection, Identification and Exploitation of services and assets in AWS,
     Google Cloud, DigitalOcean and Alibaba Cloud. The training will take
     students through automated infrastructure creation, security configurations
     and their abuses that will allow them to go beyond the standard shells that
     attackers aim for. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Hacking Cybersecurity Leadership: An Interactive Training to Strengthen
     Skills for Leading Teams & Multi-Team Systems
     Location:  TBD
     multiteam solutions
     Tracks:
     
     Human,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     This 2-day, highly interactive course is designed for cybersecurity
     professionals currently in a role leading a team within a multi-team system
     (e.g., team lead) or leading an entire multi-team system (e.g., CISO). The
     training provides participants a chance to familiarize with and practice
     using 10 analog leadership tools designed to strengthen soft skills to
     support and motivate individuals, teams, and multi-team systems. The
     training, which acts as a sandbox, is built on social-behavioral research
     of CSIRTs and SOCs that was funded by the US and European governments, is
     assured by the UK NCSC, and will be delivered through expert-facilitated
     exercises. The exercises are not cybersecurity specific, which allows
     participants to disrupt their normal, routine ways of leading and open up
     to the possibilities for growth and change as leaders. The tools readily
     allow for the concrete transfer of knowledge and soft skills from the
     training back into the workplace. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Hacking Enterprises - 2024 Red Edition
     Location:  TBD
     in.security
     Tracks:
     
     PenTesting,
     
     Network
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Updated for 2024, our Hacking Enterprises training is the natural
     counterpart to our popular Defending Enterprises course.
     
     In this multi-layered offensive engagement, you will fully compromise a
     simulated enterprise in this immersive hands-on course that covers a
     multitude of TTP's. Targeting modern operating systems including Windows
     11, you'll use modern techniques and focus on exploiting configuration
     weaknesses rather than throwing traditional exploits. Logical thinking and
     creativity will definitely be put to the test!
     
     You will work to get initial access in a fictional organisation where
     multiple networks exist, some easily accessible, others not so. You'll
     implant and establish C2, but manual techniques will always be emphasised
     so you're equipped with the knowledge to work without reliance on
     frameworks.
     
     Course content has been designed to reflect real-world challenges and
     you'll perform numerous hands-on exercises including executing exploitative
     phishing campaigns against our simulated users for initial access, finding
     new networks that in turn bring new challenges including IPv6 exploitation,
     subverting AMSI and AWL, credential harvesting, passphrase cracking,
     pivoting, lateral movement, ADCS abuse, userland and privileged persistence
     via OOB channels and much more!
     
     With 14 hands-on exercises you'll gain real-world experience in the
     following areas:
     
     
      * IPv6 discovery, enumeration and exploitation
      * Pivoting, routing, tunnelling and SOCKS proxies
      * C2 infrastructure and beacon deployment
      * Exploitative phishing
      * Privilege escalation and credential harvesting
      * P@ssphras3 cracking
      * Bypassing AWL
      * Active Directory Certificate Services (AD CS) abuse
      * Lateral movement for domain trust exploitation
      * Out of Band (OOB) data exfiltration
      * + much more!
     
     
     We know 2 days isn't a lot of time, so you'll also get 14 days FREE lab
     time after class, Discord access for support and access to a post-training
     CTF containing hosts and networks not seen during training! Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Hands-On Hacking Fundamentals - 2024 Edition
     Location:  TBD
     sensepost training | orange cyberdefense
     Tracks:
     
     PenTesting,
     
     Network
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     Start your journey into information security with a hands-on course that
     will expose you to the technical fundamentals of penetration testing and
     security practises in the realms of networking, infrastructure, web
     applications and wireless technologies.
     
     Key Points:
     
      * How to think like a hacker
      * Finding vulnerabilities and exploiting them
      * How to approach a pentesting methodology in real-world scenarios
     
     
     This is an introductory course for those starting the journey into
     penetration testing or those working in environments where understanding
     how hackers think and the tools, tactics and techniques they use are of the
     essence. Learn how to attack, and utilise the concepts to enhance your
     defensive understandings.
     The course presents the background information, technical skills, and basic
     concepts required to those desiring a foundation in the world of
     information security.
     
     By the end of the course, you will have a good grasp of how vulnerabilities
     and exploits work, how attackers think about networks and systems and have
     compromised several of them, from infrastructure, and web applications to
     Wi-Fi.
     
     This course aims to expose you to the methodologies used by active
     penetration testers on their day-to-day journey with clients and
     assessments.
     Join us and hack hard! Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Implementation of Telco Networks for Pentesters: 2G, 4G and 5G
     Location:  TBD
     ethon shield
     Tracks:
     
     Mobile,
     
     Network
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     This course allows a pentester or researcher to learn how to implement on a
     single computer 2G, 4G and 5G SA and NSA mobile networks only with an Ettus
     SDR device. He will learn how to install the necessary SW, configure the
     tools, basic notions about the architecture and protocols of each
     technology, configure his programmable SIM card and finally connect a
     mobile device to these networks to perform tests such as traffic
     interception, analyze how to perform a downgrade attack, play with
     encryption or authentication algorithms.
     
     Do you want to go through this world with professionals who will help you
     to understand and implement these networks on your computer? Learn More
     
      EARLY
     
     
     
     $4,100
     
     
     ENDS MAY 24
     
     Information Operations: Influence, Exploit, And Counter
     Location:  TBD
     kopidion
     Tracks:
     
     Human,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     It is indeed all about the information - who controls it, how it
     propagates, and the effect it has on the receiver. With that knowledge and
     access comes great power. In this course, you will learn and practice how
     information operations (IO) are planned and executed. Perhaps more
     importantly, you will learn how to defend yourself, your employer, and your
     nation from information-based campaigns.
     
     This fast-paced course will include IO strategies, military IO doctrine and
     TTPs, psychological operations, deception and counter-deception, IO
     incident response, how to craft themes and messages, propagation
     techniques, and tactics for defending and countering information
     operations, among numerous other subjects.
     
     You'll leave the course with much deeper insight into how information
     operations are executed and how to defend against them. You'll also gain a
     heightened awareness and resistance to the manipulation that is taking
     place on a daily basis. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Introduction to Building and Reversing Digital Radios with SDR
     Location:  TBD
     paul clark
     Tracks:
     
     Wireless,
     
     Hardware
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Learn to build digital radios with SDR and GNU Radio, then apply those
     radio skills to reverse basic RF protocols!
      
     This is no lecture-based course, but one built on 23 different projects.
     
     Upon completion, you'll be able to build basic digital transmitters and
     receivers using OOK and FSK. You'll also understand the building blocks of
     digital signals: clocking, preambles, error-checking, and payload
     encodings.
     
     You'll spend the remainder of the course applying your digital SDR skills
     to reversing basic digital RF systems. Learn More
     
      EARLY
     
     
     
     $4,050
     
     
     ENDS MAY 24
     
     iOS Threat Hunting
     Location:  TBD
     matthias frielingsdorf
     Tracks:
     
     Mobile,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Since 2016 Pegasus is well known in the industry as the prime example for
     mercenary spyware targeting iOS devices. But did you know about Quadream's
     Reign, Cytrox's Predator, Tykelab's Hermit, Candiru or Operation
     Triangulation?
     
     This new and innovative training will enable you to detect a wide variety
     of iOS Malware. Our forensic-based approach will provide you with a deep
     understanding of the forensic artifacts left behind by these malware
     samples and how to detect them through various techniques. Through a
     combination of hands-on exercises and expert-led sessions, you will develop
     the skills and knowledge necessary to become a proficient iOS Threat
     Hunter. Join us in this unique training opportunity that has not been
     offered before and gain valuable insights into the world of iOS Malware
     detection and forensics. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     IoT and Embedded Device Exploitation
     Location:  TBD
     loudmouth security
     Tracks:
     
     IOT,
     
     Hardware
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     In the rapidly evolving landscape of the Internet of Things (IoT),
     understanding the security vulnerabilities and exploitation techniques of
     IoT devices has become crucial for cybersecurity professionals. This course
     aims to equip participants with the skills and practical knowledge to find
     vulnerabilities in IoT devices. Participants will gain hands-on experience
     in IoT hardware debugging, memory extraction, firmware analysis and bug
     hunting using a custom-built IoT device and firmware based on real-world
     examples. In addition, this course will introduce participants to device
     emulation and wireless communications in IoT devices, with hands-on labs to
     put the knowledge into practice. This course bridges multiple disciplines
     within cybersecurity, including application security, operating system
     penetration testing, wireless signal analysis, and embedded hardware
     security. It is designed to empower professionals to perform penetration
     testing of IoT devices, ensuring they are equipped with the knowledge and
     experience to find and exploit vulnerabilities in them. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Malware Detection and Triage with Volatility 3
     Location:  TBD
     andrew case and dave lassalle
     Tracks:
     
     Forensics,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Memory forensics—the analysis of volatile memory (RAM)—is an extremely
     powerful technique for detecting and triaging modern malware. Memory
     forensics is often a critical component of modern incident response due to
     the frequent use of memory-only payloads and rootkits that bypass modern
     EDRs, hide from live analysis tools, and often leave no file system
     artifacts. Memory analysis reconstructs system state without relying on
     operating system APIs, allowing it to both detect modern malware and
     provide automated triage results. In this course, a mix of lectures and
     hands-on labs provides students with the knowledge and experience necessary
     to perform real-world incident response using memory analysis for detection
     and hunting of sophisticated malware on Windows 10+ systems. The course is
     taught by two core developers of Volatility 3, the exciting new version of
     the world's most widely used memory analysis framework, and provides early
     access to upcoming capabilities. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Malware Detection in the AI Era: Attacks and Defenses on Machine Learning
     Classifiers
     Location:  TBD
     dmitrijs trizna and luca demetrio
     Tracks:
     
     AI, ML, & Data Science,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Endpoint Detection and Response (EDR) systems and Antivirus (AV) solutions
     have incorporated machine learning (ML) as core components of their
     decision-making processes. However, the integration of ML has introduced
     new vulnerabilities, rendering these systems susceptible to specific types
     of attacks that can weaken their effectiveness.
     
     In this course, participants will first gain a comprehensive understanding
     of how machine learning models can perform the task of malware detection in
     both static and dynamic settings, and they will use techniques that explain
     their behavior.
     
     Furthermore, we will introduce the concepts of Adversarial Machine
     Learning, the field of science that formalizes the presence of an adversary
     whose intent is the exploitation of AI models. Attendees will first learn
     and then execute known adversarial strategies designed to compromise ML
     malware classifiers under different threat models. Lastly, we will show how
     these attacks can be limited, by discussing recent advancements in research
     of defensive mechanisms. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Malware Hunting & Digital Forensics
     Location:  TBD
     paula januszkiewicz, ceo and cybersecurity expert; dr. mike
     jankowski-lorek, director of consulting and cybersecurity expert
     Track:
     
     Malware
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Are you tired of constantly reacting to malware attacks? Take control with
     our Advanced Malware Hunting course! In this deep-dive training, you'll
     learn the latest techniques and capabilities of malware, as well as
     practical methods for preventing, detecting, and responding to malicious
     code. Our expert instructors will guide you through real-world scenarios,
     showing you how to analyze malware, identify vulnerabilities, and build
     robust defenses that protect your organization's infrastructure. By the end
     of this course, you'll have a comprehensive understanding of malware and
     its behaviors, as well as a toolbox of proven techniques for securing your
     network, endpoints, and data. Whether you're an IT professional, security
     analyst, or malware researcher, this course will give you the skills and
     knowledge you need to stay one step ahead of the cybercriminals. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Offensive Hardware Hacking Training
     Location:  TBD
     whid - we hack in disguise
     Tracks:
     
     Hardware,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     The Offensive Hardware Hacking Training is a hands-on course designed to
     fulfill the skills gap that in the recent years emerged within the InfoSec
     scene in respect of the (I)IoT landscape. In it, students will be able to
     gather the needed theoretical knowledge and practical skills to engage with
     confidence hardware security audits involving those devices, that started
     to flood both consumer and corporate markets. The course is structured to
     be accessible to both junior and senior security personnel: it goes from a
     generic panoramic of the theory behind electronics, protocols, memories,
     microprocessors & tools-of-the-trade; then proceeds deeper into the topics
     by reviewing various TTPs. Moreover, the students' workbook contains more
     than 40 practical exercises involving real hardware devices and will allow
     each student to physically work on them during the training AND also to
     bring it at home together with their own first HW Hacking Lab Kit worth
     around 300 USD.
     For more info, check the following videos:
     
      1. https://www.youtube.com/watch?v=zbUuBZJIHkE
      2. https://www.youtube.com/watch?v=VpHBMELQmnk
     
     Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Open Source Intelligence Tools & Techniques
     Location:  TBD
     mandiant (now part of google cloud)
     Tracks:
     
     Defense,
     
     Risk
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     This two-day foundational level course is designed to teach intelligence
     analysts the fundamentals of open source intelligence (OSINT) tools and
     techniques. Students will employ a 3 Phase Branching Model across a
     multitude of use cases to conduct investigations. They will also use
     popular tools such as Virus Total and Google to drive these investigations
     to completion. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Patch Diffing In The Dark: Binary Diffing For Vulnerability Researchers and
     Reverse Engineers
     Location:  TBD
     john mcintosh
     Tracks:
     
     Forensics,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Every day, a new CVE or blog post is published detailing a critical
     vulnerability. Often, we know about a vulnerability but feel like we don't
     have the skills or time to understand its root cause. What if you could
     change that by learning a new skill that would guide you towards
     understanding modern vulnerabilities?
     
     The goal of this course is to teach participants how to use patch diffing
     techniques to analyze real-world vulnerabilities in Windows and Android.
     You will use open-source tools like the Ghidra SRE framework to reverse
     engineer the latest CVEs and discover that you already have the information
     and tools needed to get started. This course will help you develop the
     confidence and competence to tackle complex vulnerabilities.
     
     If you feel like you are always "in the dark" about the latest CVE and want
     to take a step towards the light (understanding), this course is for you.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Payment Systems: The Art of Analyzing Mag-stripe, Tokenization, NFC and EMV
     Technologies
     Location:  TBD
     metabase q
     Tracks:
     
     PenTesting,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Payment Systems training offers a holistic approach to understanding and
     mastering the intricacies of various banking data formats such as EMV, NFC,
     Tokenized, and Magstripe. Instead of merely concentrating on specific
     tools, our emphasis is on the underlying methodologies and communication
     protocols. This approach ensures a more profound and enduring grasp of the
     subject matter.
     
     The training is meticulously structured around different technologies and
     their respective communication protocols. This division facilitates an
     easier and more comprehensive understanding, enabling participants to
     effectively conceptualize techniques. Our intensive hands-on sessions are
     designed to immerse students in real-world scenarios that center on EMV
     standards. This not only provides a practical perspective but also
     challenges them to discern how malicious entities might navigate, exploit,
     or bypass security mechanisms within payment systems. Furthermore,
     participants will gain insights into the countermeasures implemented across
     various technologies, ensuring that they are well-equipped to anticipate
     and address potential vulnerabilities. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Practical Mobile Application Exploitation iOS & Android - 2024 Edition
     (Virtual)
     Location:  TBD
     8ksec
     Tracks:
     
     AppSec,
     
     Mobile
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: Virtual
     
     
     After running sold-out training at multiple conferences over the last few
     years, we are back with an updated version of our course which now covers
     ARM64, iOS & Android Internals, and detailed Mobile apps and operating
     system security. The class starts with a basic introduction to the ARM
     instruction set and calling conventions followed by some reverse
     engineering exercises. We then learn how to craft simple exploits for the
     ARM64 environment.
     The training will be based on exploiting Damn Vulnerable iOS app,
     Android-InsecureBankv2, InsecurePass and a wide range of real-world
     application vulnerabilities in order to give in-depth knowledge about the
     different kinds of vulnerabilities in Mobile applications. After the
     workshop, the students can successfully audit and secure applications
     running on iOS/Android operating systems, as well as get a better
     understanding of their Internals. Students will learn how to use Frida, a
     dynamic instrumentation framework, for doing vulnerability research.
     Slides, Custom scripts, Videos, VM and detailed documentation on the labs
     will be provided to the students for practice after the class. Corellium
     access will be provided to students during the training course. Students
     will be provided access to a Slack channel where the trainers will help
     prep them for the class, and the students can retain access to it for the
     foreseeable future.
     Slides, videos, and detailed documentation on the labs will be provided to
     the students for practice after the class. Corellium access will be
     provided to students during the training course. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Pragmatic API Exploration
     Location:  TBD
     sensepost | orange cyberdefense
     Tracks:
     
     AppSec,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     Embark on a learning journey to explore the art of attacking and securing
     Application Programming Interfaces (APIs) with our comprehensive API
     course. As API usage grows, so does the threat landscape for organisations.
     This practical-driven training will equip you to conduct impactful
     penetration tests on API implementations and further your understanding on
     how to mitigate the majority of vulnerabilities.
     
     Explore modules covering API fundamentals, engagement strategies, attack
     surface enumeration, and demystifying the OWASP Top 10 for APIs. Delve into
     additional focus areas such as logging, monitoring, injection attacks, and
     securing Azure API implementations. Gain practical experience in exploiting
     vulnerabilities on RESTful APIs and GraphQL, culminating in a thrilling
     Capture the Flag challenge.
     
     Join us, hack hard and make APIs safe Learn More
     
      EARLY
     
     
     
     $4,100
     
     
     ENDS MAY 24
     
     Python Hacker Bootcamp: Zero to Hero
     Location:  TBD
     snowfensive
     Tracks:
     
     PenTesting,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Scripting and automation have become standard requirements for
     cybersecurity professionals. However, learning how to program is
     challenging for many. Many people give up learning this skill because they
     may need to learn how to start, find programming books confusing, or the
     examples taught in online classes don't apply to their use cases. If you
     want to learn how to program Python to automate tasks, increase accuracy,
     and become more marketable in the workforce, this course is for you.
     This course was designed to follow a hacker's methodology of programming.
     Instead of learning formal programming practices that you'll never use
     (we're looking at you bubble sort), this course focuses on core concepts
     taught using information security-centric projects. The hands-on labs,
     which accompany the practical application lectures, focus on solving
     commonplace and real-world security challenges. The labs have been designed
     to apply to information security professionals. Join us for a fun,
     fast-paced bootcamp to take you from zero to hero! Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Reverse Engineering Firmware with Ghidra
     Location:  TBD
     eric evenchick & tetrel security
     Tracks:
     
     Hardware,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     This hands-on course teaches the concepts, tools, and techniques required
     to reverse engineer firmware and assess embedded devices. To ensure the
     tools taught are available to all, we will make use of Ghidra, a powerful
     open-source reverse engineering tool developed by the National Security
     Agency.
     
     Within the two days, you will:
     
     Learn general techniques for binary reverse engineering
     
     Identify, unpack, load, and analyze various types of firmware into Ghidra
     Use reverse engineering techniques to find exploitable vulnerabilities in
     an embedded Linux device
     
     Map device vector tables, peripheral memory, and system calls to find
     exploitable vulnerabilities in a bare-metal device
     
     Identify remotely exploitable vulnerabilities in a Bluetooth Low Energy
     device
     Learn to use a debugger to assist in reverse engineering
     
     Labs attacking an embedded Linux system and a bare-metal Bluetooth Low
     Energy device will be used to deliver a hands-on experience. You can expect
     to leave this course with the skills to reverse firmware for a variety of
     embedded targets. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Reversing and Exploiting RF with Software-Defined Radio Bootcamp
     Location:  TBD
     sébastien dudek @ penthertz
     Tracks:
     
     Wireless,
     
     Hardware
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Unleash the power of the impossible with Software-Defined Radio!
     
     Numerous wireless devices utilize simple radio protocols for communication.
     With the appropriate tools, it becomes feasible to intercept, decode, and
     even replicate or inject these transmissions. Such analysis can unveil
     critical security vulnerabilities, regardless of whether the device in
     question is a simple toy, a garage door opener, a wireless intercom, or a
     sophisticated IoT device. However, before we can uncover these
     vulnerabilities, it is essential to gain a comprehensive understanding of
     the data transmission process, including aspects such as modulation,
     encoding, encryption, and various other mechanisms, but also making the
     right choices about the hardware to use.
     
     This course offers perfect hands-on training for individuals eager to
     embark on a journey into the realm of Wireless Communication Reverse
     Engineering. It provides practical examples and invaluable tips to initiate
     and pursue the field, enabling students to delve into Signal Intelligence
     (SIGINT), reverse even the most exotic communication protocols, and
     practice attacking them using the capabilities of Software-Defined Radio.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Securing the Four C's of A Software Product: AWS Edition
     Location:  TBD
     rohit salecha
     Tracks:
     
     Defense,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Following a successful MVP demonstration, a startup recently obtained
     significant funding. The next step involves a soft launch where security
     poses a crucial challenge. The initial PoC lacks basic security standards
     needed for customer trust and compliance for ex: secrets are strewn all
     across the code, everyone is having admin privileges to AWS and Kubernetes,
     Compute infrastructure is non-compliant and only a basic web application
     pentest was conducted with very few findings.
     
     This scenario inspired creation of 'Securing 4C's of Software Product,' a
     specialized training program tailored to secure the core pillars of product
     security: Code, Container, Cluster & Cloud.
     
     This training delves deep into key security domains such as Authentication
     and Authorization in AWS and Kubernetes, Secrets Management & Detection,
     Supply Chain Security, Container Security, and Static Application Security.
     It equips attendees with the necessary knowledge to establish robust
     security protocols, ensuring deployments carry a high level of security
     assurance. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Video Preview »
     Tactical Recon for Pentesters - 2024 Edition
     Location:  TBD
     redhunt labs
     Track:
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     This 2024 Edition of our Tactical Recon for Pentesting training program not
     ONLY focuses on OSINT but also focuses on in-depth attack tactics using the
     information collected in the earlier phases. This course will focus on a
     wide range of tools and techniques for performing real-world reconnaissance
     in order to launch targeted attacks against modern and dynamic
     infrastructures.
     
     We will take a deep dive into various modern methodologies for extracting
     useful information from the internet. Furthermore, we will cover how this
     extracted information can be used in attack scenarios to get an initial
     foothold in multiple ways within an organization's network beyond the
     firewall and further exploit it to gain and maintain elevated access. The
     course will cover topics like:
     
     
      * Mapping the Modern Attack Surface
      * Comprehensive Subdomain Enumeration
      * Exploring Dark Web
      * Hunting 3rd Party SaaS Apps
      * Hunting & Attacking API Endpoints
      * Supply Chain Enumeration & SBOM
      * Template Based Scanning
      * Attacks using Recon from Docker Image, EBS volumes, etc.
      * Exploring Mobile Applications for Attack Chaining
      * Practical Social Engineering, etc.
     
     
     This 2-day course takes a hands-on approach to indulge the participants in
     real-world scenarios, simulated lab environments, and case studies to get
     proficient in techniques and methodologies. Each participant will also be
     provided ONE MONTH FREE ACCESS to our Hybrid-Cloud Based Private Lab
     mimicking the modern age infrastructure, as well as decoy accounts and the
     organization's social presence, where they can practice the skills learned
     during the course. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     The Shellcode Lab
     Location:  TBD
     threat intelligence pty ltd
     Tracks:
     
     PenTesting,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     The Shellcode Lab is back for its 14th consecutive year Black Hat USA! With
     feedback like "By far the best course I've taken at Black Hat", this is the
     training that takes your penetration testing and low-level technical skills
     to the next level!
     
     With 17 multi-part hands-on labs and over 150 slides of hard-core technical
     content, students start with basic knowledge, and by the end of the first
     day write their own macOS 64-bit Port Bind shellcode from scratch to
     remotely compromise a server.
     
     In this exciting and hands-on training, you will:
     
     
      * Create custom payloads for:
      * Linux 32-bit
      * macOS 64-bit
      * Windows 32-bit
      * Windows 64-bit
      * Make payloads small to fit into more exploits
      * Implement techniques to avoid bad characters
      * Integrate your payloads into public exploits
      * Create a Metasploit Payload Module using your payloads
      * Compromise machines using your payloads
     
     
     We take your security skills to the next level - fast!
     
     Seats go fast. Register now to secure your spot! Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Windows Enterprise Incident Response
     Location:  TBD
     mandiant (now part of google cloud)
     Tracks:
     
     Forensics,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Windows Enterprise Incident Response is an intensive two-day course
     designed to teach the fundamental investigative techniques and digital
     forensics skills needed to respond to complex intrusions by motivated and
     persistent attackers. The class is built upon a series of hands-on labs
     that highlight the phases of a targeted attack, key sources of evidence,
     and the forensic analysis know-how required to analyze them. Created and
     taught by consultants who do this work daily, this class is based on
     first-hand experience responding to incidents all around the world for
     major organizations. At Mandiant, we investigate the incidents that matter,
     and we're bringing that knowledge to the students of this class. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
   
   * 2 Day (Mon-Tue)
   * 360° Ransomware Response: Detection, Negotiation, Recovery, and Prevention
     Location:  TBD
     lmg security (sherri davidoff and matt durrin)
     Tracks:
     
     Forensics,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Learn to respond to ransomware effectively and efficiently. In this
     hands-on boot camp, we'll show you a comprehensive approach to ransomware
     response, covering key aspects such as early detection, negotiation
     tactics, and decryption challenges. We'll analyze the latest ransomware
     strains and learn about evolving detection strategies. Then we'll delve
     into core elements of the initial response: triage, evidence preservation,
     scoping, containment and mitigation. We'll study the decryption process,
     including infected decryptors, double-encryption issues, and other common
     challenges. You'll learn practical ransom negotiation tactics and gain
     insights on the business impacts and communication strategies that will
     help you effectively support legal teams, public relations and more
     throughout the response. Hands-on labs are included throughout the class.
     Each student gets 90 days of free access to the Ransomware Virtual
     Laboratory. Along the way, we'll take students full circle and point out
     effective technical measures that block attackers and prevent ransomware
     deployment. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     2024, A Space Hacking Odyssey
     Location:  TBD
     final frontier security
     Tracks:
     
     PenTesting,
     
     ICS
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Sure, maybe you've hacked the planet, but how about hacking off planet? The
     final frontier has been designated as critical infrastructure. Satellites
     and other space systems are an integral part of our daily lives from
     navigation to communications, financial transactions, and national
     security. Cybersecurity for these assets is environmentally and
     operationally constrained in ways unfamiliar to most practitioners. What
     better way to gain an appreciation for the challenges of cybersecurity in
     space and an understanding of how attackers will behave against this attack
     surface than exploiting it yourself? Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     A Basic Guide to Bug Hunting with Ghidra
     Location:  TBD
     craig young
     Tracks:
     
     AppSec,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Discover the art of uncovering vulnerabilities without the aid of source
     code or commercial tooling. This class is a deep-dive on how to use open
     source tools to shed light on closed source binaries. We will cover how bug
     hunters use free tools like Ghidra, AFL, QEMU, Frida, and GDB, to find
     exploitable bugs in modern software. Students will be introduced to each of
     these tools and more as we walk through exercises demonstrating their use.
     We will start with relatively simple techniques, like using Ghidra to
     identify and trace potentially insecure function calls, but by the end we
     will be looking at advanced techniques for stitching fuzzers together from
     compiled code. We'll also explore opportunities for using dynamic analysis
     to identify interesting code paths and reveal subtle bugs. Students in this
     class should be comfortable working with C code and have a basic
     understanding of memory safety vulnerabilities. Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     A Beginner's Guide To Threat Hunting: How to Shift Focus from IOCs to
     Behaviors and TTPs
     Location:  TBD
     lee archinal (cyborg security)
     Tracks:
     
     Defense,
     
     Human
     Format: 2 Day Trainings
     
     
     This course is designed to provide the students with hands-on experience in
     behavioral threat hunting. This includes covering common models and how
     they relate to threat hunting, how to operationalize an intel report
     focusing on tactics, techniques, and procedures (TTPs), how to leverage
     intelligence to initiate and conduct a hunt, data pivoting from initial
     query to results, proper documentation techniques to compile and organize
     findings in a repeatable manner. The culmination of this process will be a
     series of simulated attack chains using real world adversary TTPs, broken
     down into two phases: crawling and walking.
     
     
     The crawl phase will provide students with the opportunity to go hands-on
     with the data in a step-by-step hunting tutorial. This practical session
     will allow students to experience threat hunting in a structured and
     controlled manner, and allow them to practice the topics that were covered.
     
     
     The walk phase will see students break off into small SOC teams for an
     activity that will put all of their practical knowledge to the test. Learn
     More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Accelerated AppSec – Hacking your Product Security Programme for Velocity
     and Value (Virtual)
     Location:  TBD
     josh grossman, bounce security
     Tracks:
     
     AppSec,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: Virtual
     
     
     Software is a key part of the organization's "perimeter" but to many
     security people the engineering / development team can feel like a "black
     box". At the same time, product security is a complex, constantly changing
     and high-risk area for which the traditional security team is still
     considered responsible.
     
     In this one-of-a-kind course, exclusive to Black Hat, you will learn:
     
      * How to bridge the gap with engineering by getting leadership buy-in
      * How to build security processes which meet developers where they are
      * How to use scanning tools to accelerate your efforts without causing
        developer fatigue
     
     
     To bring the course to life and let you apply what you learn, you will work
     in teams (or individually if you prefer) on table-top exercises which
     simulate real challenges and situations which you might come across when
     building a software security programme.
     
     These exercises are based on our highly successful model from previous
     courses and give you the opportunity to plan your approach (using our
     in-house developed templates and tools) and then explain and justify your
     decisions to simulated stakeholders.
     
     Be ready to leave the course with clear strategies and ideas on how to
     build a valuable product security programme with strong engineering
     support. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Video Preview »
     Accurate and Scalable: Web Application Bug Hunting
     Location:  TBD
     michal kamensky, bounce security
     Tracks:
     
     AppSec,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Ever find yourself repeating manual searches while analyzing a massive
     codebase? Do you often manually perform the same tests over and over when
     reviewing a huge web application?
     
     In this course you will learn how to take all that knowledge and repetitive
     work and put it into custom checks and tailored scans that will do the work
     for you, across the whole application.
     
     You will practice performing scalable, assisted manual research, using
     free, open-source tools such as Semgrep and Nuclei whilst leveraging your
     familiarity with the application and its logic. Instead of generic
     vulnerability scans that barely find the obvious problems and flood you
     with false positives, you can develop tailor-made checks that find what is
     important.
     
     Through multiple hands-on examples and practical exercises, you'll learn
     how this approach of customization at scale enables you to look far beyond
     the low hanging fruit, with useful tools that spare you the trouble of
     reinventing the wheel each time around. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Active Directory Attacks for Red and Blue Teams – Advanced Edition
     (Virtual)
     Location:  TBD
     altered security
     Tracks:
     
     PenTesting,
     
     Network
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: Virtual
     
     
     More than 95% of Fortune 500 companies use Active Directory! Enterprises
     are managed using Active Directory (AD) and it often forms the backbone of
     the complete network. To secure AD, you must understand different
     techniques and attacks used by adversaries against it. Often burdened with
     maintaining interoperability with a variety of products, AD lack ability to
     tackle latest threats.
     
     This training is aimed towards attacking modern AD using built-in tools,
     scripting and other trusted OS resources. Some of the techniques, used in
     the course:
     
      * Extensive AD Enumeration
      * Trust mapping and abuse
      * Privilege Escalation
      * Advanced Kerberos Attacks
      * Advanced cross forest trust abuse
      * Attacking Azure AD integration
      * Abusing trusts for MS products
      * Credentials Replay Attacks
      * Persistence
      * Defenses
      * Bypassing defenses
     
     
     Attendees will get free two-month access to an AD environment comprising of
     multiple domains and forests and a Certified Red Team Expert Exam (CRTE)
     certification attempt. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Active Directory Security Fundamentals
     Location:  TBD
     specterops
     Tracks:
     
     PenTesting,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Stop being passive with your Active Directory! Kerberos, ADUC, Golden
     Tickets, Security Principals – have you come across these or similar words
     in penetration test reports or security bulletins and felt a little… lost?
     Active Directory comprises many components that fulfill complex
     architectural requirements but can also open cracks through which attackers
     may slip. Active Directory: Security Fundamentals demystifies the various
     Active Directory components and illustrates how these components can
     potentially introduce risks to your organization. This course empowers
     network defenders to directly look under the hood of their Active Directory
     architecture and understand their environment better than attackers.
     Instructors share their knowledge and personal experiences testing Active
     Directory in hundreds of environments to reveal not only common pitfalls in
     securing their environment but also how they commonly occur. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Adam Shostack's Threat Modeling Intensive
     Location:  TBD
     adam shostack
     Tracks:
     
     AppSec,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Threat modeling is the best way for security professionals to get a seat at
     the table and influence a project early. It's how we get systematic,
     structured and comprehensive about the products and services we deliver.
     This is a rare public opportunity to take a course from "the person who
     wrote the books." (Threat Modeling: Designing for Security and Threats:
     What Every Engineer Should Learn from Star Wars) Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Advanced APT Threat Hunting & Incident Response
     Location:  TBD
     xintra
     Tracks:
     
     Forensics,
     
     Defense
     Format: 2 Day Trainings
     Experience: Virtual
     
     
     APTs are constantly evolving their attack techniques putting pressure on
     responders and blue teamers to stay up-to-date on all the latest tactics,
     techniques and procedures. Depending on the nature of the organization,
     responders and blue teamers may have never responded to a nation-state
     level threat in their environment. This course is built to arm attendees
     with the ability to detect, respond and remediate an APT-level attack.
     Attendees will be challenged with practical labs built around a simulated
     APT intrusion covering each stage of the ATT&CK chain. Students will be
     exposed to endpoint forensics, log analysis and cloud forensics on
     up-to-date attack techniques leveraged by Russian, Chinese, North Korean
     and Iranian APT groups against organizations within the last two years.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Advanced Cloud Incident Response in Azure and Microsoft 365
     Location:  TBD
     korstiaan stam from invictus incident response b.v.
     Tracks:
     
     Forensics,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     In this comprehensive two-day hands-on training, immerse yourself in the
     intricacies of forensics and incident response within the Microsoft cloud
     environment. This course delves into both Microsoft 365 and Microsoft
     Azure, providing practical insights into investigating cyber attacks and
     navigating relevant log artifacts. All concepts taught are directly
     applicable to real-life threats observed in the Microsoft cloud.
     
     Benefit from the expertise of a trainer with firsthand experience in
     cloud-based incident response and forensic investigations, sharing insights
     not found on conventional websites. By the end of this training, you will
     be well-equipped to confidently investigate any threat within the Microsoft
     cloud.
     
     Experience a highly interactive training with practical exercises, at the
     end of the course you will investigate two comprehensive attack scenarios
     in both Azure and M365 in the Capture The Flag (CTF) challenge. It is your
     task to solve as many puzzle pieces as possible. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Advanced Hacking and Securing Windows Infrastructure
     Location:  TBD
     paula januszkiewicz, ceo and cybersecurity expert; dr. mike
     jankowski-lorek, director of consulting, cybersecurity expert
     Track:
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Take your cybersecurity skills to the next level with our infrastructure
     services security course. Ideal for enterprise admins, security officers,
     and architects seeking to protect critical infrastructure, this course is
     taught by leading experts Paula Januszkiewicz and Mike Jankowski-Lorek,
     Ph.D.
     
     You'll gain practical knowledge from years of experience and successful
     projects, with a focus on critical penetration testing tasks to effectively
     safeguard your organization from cyberattacks. Learn efficient network
     mapping, vulnerability identification, and exploitation techniques, while
     mitigating the risk of attacks through secure measures. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Advanced Hardware Hacking: Power Analysis & Fault Injection with the
     ChipWhisperer
     Location:  TBD
     newae technology inc.
     Tracks:
     
     Hardware,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     This course brings you up to speed on advanced hardware hacking topics such
     as power analysis and fault injection. The course is based around the
     open-source ChipWhisperer project, and students will use a variety of
     related tools in the course. This updated 2-day course includes more
     focused labs using a wide variety of ChipWhisperer tools setup in the
     classroom. Topics include power analysis for passwords & encryption
     algorithms, along with fault injection using voltage, clock, and
     electromagnetic fault injection. The course is structured so that students
     can work through a wide variety of additional ChipWhisperer tutorials after
     the course, focusing the course contents on the fundamentals along with how
     to apply the material in practical scenarios. Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Advanced Malware Traffic Analysis: Adaptive Defence. 2024 Edition
     Location:  TBD
     veronica valeros, sebastian garcia
     Tracks:
     
     Network,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     This intensive hands-on training provides students with the essential
     know-how to analyze malware traffic and advanced attacks, gaining a deep
     understanding of malware behaviors within a network. Through practical
     exercises, participants gain proficiency in identifying malicious
     connections and learn to differentiate between normal and malicious
     behaviors while effectively handling very large traffic captures.
     
     The most important lesson of the training is: that it is not about how to
     use a tool. The goal is to transmit the experience of recognizing malicious
     actions within the network. This includes understanding how malware hides,
     how to track it, and how to analyze traffic patterns to discard false
     positive connections. Students actively engage in executing their own
     malware, exploiting active services, capturing its traffic, and conducting
     comprehensive analysis, with a particular focus on real-life scenarios. It
     also explores and incorporates the application of machine learning models
     for detection. Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Advanced Threat Emulation: Active Directory
     Location:  TBD
     bc security
     Tracks:
     
     PenTesting,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     This training course covers various aspects of Active Directory and how to
     attack it. Students will learn about network poisoning and authentication
     protocols in Windows networks, the different kinds of Windows credential
     types, and how to use them. Students will also learn common attacks on NTLM
     and Kerberos, such as NTLM relay attacks, delegation attacks, and creating
     forged tickets. Students will become familiar with identifying and
     exploiting common Active Directory misconfigurations . Students will be
     able to conduct attacks from both Windows and Linux operating systems and
     learn the nuances between each platform for performing attacks. Students
     will learn where credentials are stored on a Windows system and how to
     extract credentials from LSASS, DPAPI, SAM, LSA, and the Kerberos ticket
     cache. Students will learn about the different domain trusts and how to
     perform multi-domain compromises. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Advanced Threat Emulation: Evasion
     Location:  TBD
     bc security
     Tracks:
     
     PenTesting,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Windows presents a vast attack surface, providing the Blue Team with many
     detection opportunities. Students will learn about evading Blue Team
     hunters by first learning to build detections, then masking their
     signatures, and exploiting indicators to decrease detection probability. We
     will also explore the impact of migrating through different programming
     languages, such as C# and IronPython. By the end of the course, students
     will be equipped with the knowledge to obfuscate open-source tools without
     necessitating custom tooling for use across a diverse and dynamic
     operations environment.
     
     This class will explore the theory behind malware obfuscation, starting
     with the Theory of Code Obfuscation and how it applies to Tactics,
     Techniques, and Procedures (TTPs) implemented by modern Advanced Persistent
     Threats (APTs). We will examine everything from standard variable
     obfuscation to control flow manipulation to data procedurization. Students
     will apply obfuscation theory to practical applications in hands-on labs
     throughout the course. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Adversarial Approach - Combating Social Engineering Attacks through
     Situational Awareness
     Location:  TBD
     jayson e. street
     Track:
     
     Human
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     
     Fueled by advancements in social media and AI, the evolution of social
     engineering tactics has elevated cyber threats to unprecedented levels of
     sophistication. So, why has the approach to Security Awareness Training
     (SAT) stayed the same? This hands-on course will teach you how to go beyond
     best practices and use modern social engineering techniques to transform
     "security awareness" into "situational awareness."
     
     Course Features:
     
      * Apply AI for social engineering and other simulated nefarious purposes
      * Learn DuckyScript and use it to expose the risk to executives and
        coworkers
      * Participate in 6 Practical Hands-On Exercises in Recon, Phishing
        exploits, and Ways to Engage Your Employee Base
      * Help educate others become more situationally aware of threats
      * Take home a custom Hak5 field kit (consisting of Bash Bunny Mark II,
        O.MG Elite USB-C Cable, & O.MG Programmer)
     
     
     Traditional SAT programs cover password hygiene, recognizing phishing
     emails, securing physical workspaces, and understanding the importance of
     data privacy. This knowledge is essential but lacks the interactivity and
     real-world simulation needed to effectively prepare someone for the dynamic
     cyber threats of today. We will address that gap by teaching you:
     
      * How adversaries perform reconnaissance using the Open-Source
        Intelligence (OSINT) model
      * How to effectively use spear phishing and physical compromise
        demonstrations to showcase the direct impact of threats
      * How to enhance your SAT program with engaging content to develop
        security culture
     
     At the end of this course, you will have the knowledge and tools you need
     to demonstrate the impact of a social engineering attack. You will be able
     to defeat optimism bias and show anyone how they can be personally impacted
     by cybersecurity events. You'll also have strategies to secure leadership
     endorsement and apply your new abilities to modernize the SAT program in
     your organization.
     
     Once you have successfully instilled situational awareness into the
     personnel of your organization, you will have mobilized your organization's
     most effective defense in the fight against cybercrime. This course serves
     as a catalyst for transformative change, ensuring your organization's
     resilience in the face of modern cybersecurity challenges.
     
     Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Adversarial Cloud Incident Response
     Location:  TBD
     securosis
     Tracks:
     
     Defense,
     
     PenTesting
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Spend two days immersed in pragmatic techniques to detect and respond to
     the latest cloud attacks, filled with live-fire exercises and opportunities
     to play the adversary and try to break into your fellow students' lab
     environments. This hands-on training starts with preparation and ends with
     response as students learn how to instrument accounts, build detectors, lay
     traps with canary tokens, analyze logs, and hunt cloud threats. They will
     then learn the top cloud attacks and take a quick spin through some pen
     test tooling. The training then finishes with a series of simulated attacks
     run by the instructors before the classroom divides up and teams get to
     play attack and defense with their new knowledge. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Agile Whiteboard Hacking – aka Hands-on Threat Modeling
     Location:  TBD
     toreon
     Tracks:
     
     AppSec,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     In this "Black Hat edition" training, we challenge you with hands-on threat
     modeling exercises based on real-world projects. You will get insight into
     our practical industry experience, helping you to become a Threat Modeling
     Practitioner. We included an exercise on MITRE ATT&CK, and we focus on
     embedding threat modeling in Agile and DevOps practices. And we introduce a
     new challenge on threat modeling a Machine Learning-Powered Chatbot.
     
     We levelled up the threat modeling war game. Engaged in CTF-style
     challenges, your team will battle for control over an offshore wind turbine
     park.
     
     All participants get our Threat Modeling Playbook to improve you threat
     modeling practice, one-year access to our online threat modeling learning
     platform, and one-hour personal coaching to refine your threat modeling.
     
     Our self-paced Threat Modeling Introduction training is included in this
     course.
     
     
     All participants get our Threat Modeling Playbook to improve you threat
     modeling practice, one-year access to our online threat modeling learning
     platform, and one-hour personal coaching to refine your threat modeling.
     
     Are you new to threat Modeling? Our self-paced Threat Modeling Introduction
     training is included in this course. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     AI Red Teaming in Practice
     Location:  TBD
     dr. amanda minnich. microsoft ai red team gary lopez. microsoft ai red team
     Tracks:
     
     AI, ML, & Data Science,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     There is so much more to red teaming AI systems than prompt injection.
     
     In this training, attendees will learn how to red team AI systems
     leveraging three pillars: traditional software vulnerabilities in AI
     systems, AI-specific vulnerabilities, and Responsible AI (RAI)
     vulnerabilities. By the end of the class, attendees should be able to probe
     comfortably any machine learning system for OWASP Top 10 LLM
     vulnerabilities. We will exclusively use open- source tools and frameworks
     such as Semantic Kernel, LangChain, NeMo Guardrails, Counterfit and the
     MITRE ATLAS to red team AI systems.
     
     The course is taught by Microsoft's AI Red Team, which was the first to
     combine RAI Red Teaming alongside security red teaming. In the last year,
     every high-risk AI system—including models and Copilots—was assessed by
     this team. We will use this real-world experience to upskill Black Hat
     attendees. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     A Journey Into Mobile Application Hacking (iOS & Android)
     Location:  TBD
     sensepost training | orange cyberdefense
     Tracks:
     
     Mobile,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     The course is created by hackers for hackers looking to take over the
     mobile application hacking world!
     
     Through this course we will show you how to do mobile assessments from
     absolute scratch.
     
     We will show you all of the basic concepts and tools required to perform
     meaningful mobile assessments which will add value to your customer's
     mobile offerings.
     
     The course consists of two days of which 60% is practical. Designed,
     developed and delivered by the team behind one of the most commonly used
     mobile application hacking tools known as Objection. We will give you a
     solid foundation so you can build a castle if you wish to. We will cover
     Android and iOS with a playground of apps that you can hack to your hearts
     content. The course is structured to make use of emulators, so you don't
     even need physical devices to take part in the course.
     
     Key Take-Aways:
     
      * Form a base understanding of the mobile application hacking industry
      * Build up a solid methodology and skill-set to assess and break mobile
        applications built for iOS and Android
      * Understand the required testing environment and tools required to make
        mobile app hacking fun and exciting
     
     
     Join us and hack some mobile apps! Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Applied Data Science and Machine Learning For Cybersecurity
     Location:  TBD
     gtk cyber
     Tracks:
     
     AI, ML, & Data Science,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     This interactive course will teach security professionals how to use data
     science and AI to quickly manipulate and analyze security data. The course
     will cover the entire data science process from data preparation,
     exploratory data analysis, data visualization, machine learning, model
     evaluation and finally, implementing at scale—all with a focus on security
     related problems. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Applied Hardware Attacks 2 - Hardware Pentesting
     Location:  TBD
     joe fitzpatrick & the securinghardware.com team listed on black hat event
     website
     Tracks:
     
     Hardware,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     You've learned about JTAG, UART, and SPI in your introductory IOT hacking
     class, but how does this apply to real world devices you encounter on
     actual engagements?
     
     This course distills the art of hardware hacking the into the science of a
     standardized penetration testing procedure.
     
     We'll analyze how and why hardware hacks belong in scope of certain pen
     tests, and what that means to threat modeling and deliverables. We'll build
     upon your basic skills and see how more advanced hardware and firmware
     analysis tells us more about the software vulnerabilities in a system.
     We'll prototype some hardware exploits into compelling demos or helpful
     red-team tools. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Applied Hardware Attacks 4 – Hardware Implants
     Location:  TBD
     joe fitzpatrick & the securinghardware.com team
     Tracks:
     
     Hardware,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     They may not be as small as a grain of rice, but in this two-day course
     you'll combine hardware hacking with rapid prototyping to build real custom
     hardware implants.
     In the span of two days, you will design, build, and program:
     
     A hardware man-in-the-middle device
     A wireless 'tap' for a wired hardware protocol
     A standalone hardware protocol payload delivery device
     
     In order to fit all of that in two days, we'll rely on existing open-source
     hardware and software that we can customize to fit our needs. We'll bring
     our portable lab of rapid prototyping mills and printers so that you can
     assemble and test the devices you design. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     A Practical Approach to Breaking & Pwning Kubernetes Clusters
     Location:  TBD
     madhu akula
     Tracks:
     
     PenTesting,
     
     Risk
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     The adoption of Kubernetes use in production has increased to 83% from a
     survey by CNCF. Still, most security teams struggle to understand these
     modern technologies. In this real-world scenario-based training, each
     participant will be learning Tactics, Techniques, and Procedures (TTPs) to
     attack and assess Kubernetes cluster environments at different layers like
     Supply chain, Infrastructure, Runtime, and many others.
     
     Some of the things you will be doing in this course:
     
     
      * Exploiting Misconfigurations and private Registries by performing simple
        Recon
      * Escaping out of containers to host systems and clusters to gain more
        access
      * Escalating privileges, DoS cluster resources, Lateral movement from
        container
      * Gaining unauthorized access to namespaces, microservices, data, and logs
      * Breaking the boundaries of NSP(Network Security Policy), RBAC, Profiles
      * Defense evasion techniques & Persistence in Cluster Environments
      * Bypassing the solutions like Policy Engines, Resource limits, and
        Controls
      * Evaluating the cluster security using CIS benchmarks and Cluster Audits
        to find all possible risks
     
     
     Also, the trainer will provide a step-by-step guide(Digital Book) with
     resources and references to further your learning. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Astute AWS/Azure/GCP Cloud Red Team: It's Raining Shells! - 2025 Edition (2
     Day)
     Location:  TBD
     ultraviolet cyber
     Tracks:
     
     PenTesting,
     
     Network
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Stay frosty within AWS, Azure, & GCP environments with this fast-paced and
     hands-on course which teaches each participant the Tactics, Techniques, and
     Procedures (TTPs) needed to infiltrate and expand access within cloud
     platforms.
     
     
     In this course you will:
     
     
      * Exploit serverless (e.g. Lambda, Azure Functions) applications for
        initial access into targets.
      * Pivot between data and control planes to expand access (e.g. collecting
        secrets, snapshots)
      * Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain
        undetected.
      * Breach and backdoor boundaries (e.g. VPCs) to access hard-to-reach
        systems.
      * Expanding access within Kubernetes (K8s) envs (e.g. GCP bypass of
        metadata protections)
     
     
     Compete throughout the course in our hands-on Capture the Flag (CTF)
     tournament! Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Attack and Defend Android Applications (Virtual)
     Location:  TBD
     cyfinoid research
     Tracks:
     
     Mobile,
     
     Defense
     Format: 2 Day Trainings
     Experience: Virtual
     
     
     This course focuses on the Android application ecosystem covering both the
     offense & defense of the application development process. We start with
     attacks, covering various possible attacks on Android applications. Then we
     provide solutions to various challenges routinely encountered by Android
     security engineers and pen testers:
     
     
      * Traffic interception (HTTP/HTTPS/web socket/non-HTTP)
      * Root detection bypass
      * Static & dynamic analysis
      * Perform dynamic instrumentation (Frida / Magisk)
      * Analyzing non-Java/ Kotlin apps (React Native, Xamarin and Flutter)
     
     
     Next, we shift gears and focus on defending the applications, and major
     areas covered are:
     
     
      * Application Threat Modeling
      * Identifying weaknesses
      * Adding Security into CI / CD Pipeline for the application
      * Analysis of the results
      * Defense in Depth Design Techniques
     
     
     The aim is not to create a "zero to hero" experience, but to provide a
     methodical approach with which the participants could perform any Android
     application assessment. We provide students with access to learning
     portals, cloud VM's, a soft copy of slides, detailed answer sheets as well
     as AMI's to continue learning after class. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Automating Security with Open Source
     Location:  TBD
     threat intelligence pty ltd
     Tracks:
     
     Defense,
     
     Forensics
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     The security industry is running fast towards security automation to
     increase the capability and capacity of security teams so they can
     effectively and efficiently stay on top of the constantly evolving threats,
     attacks, and security breaches that occur every day!
     
     Learn how to implement streamlined security operations and help prevent
     breaches through security automation, including:
     
     
      * Automated Intelligence Collection and Analysis
      * Automated Vulnerability Identification and Penetration Testing
      * Automated Security Monitoring and Incident Response
      * Automated Security Infrastructure Orchestration and Integration
      * Automated Chaining of Security Capabilities
      * Automated Security Notifications
     
     
     Get ahead of the hackers and start automating the protection of your
     organisation now!
     
     Register now to secure your spot! Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Basic Web Hacking - 2 Day
     Location:  TBD
     tom large / notsosecure
     Tracks:
     
     AppSec,
     
     PenTesting
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     This is an entry-level web application security testing course and a
     recommended pre-requisite course before enrolling for our "Web Hacking
     Black Belt Edition" course. This foundation course of "Web Hacking"
     familiarizes the attendees with the basics of web application and web
     application security concerns. Several tools and techniques, backed up by a
     systematic approach on the various phases of hacking will be discussed
     during this 2-day course.  If you would like to step into a career of
     Ethical Hacking / Pen Testing with the right amount of knowledge, this is
     the right course for you.
      
     This course familiarizes the attendees with a wealth of tools and
     techniques required to breach and compromise the security of web
     applications. The course starts by discussing the very basics of web
     application concepts, and gradually builds up to a level where attendees
     can not only use the tools and techniques to hack various components
     involved in a web application, but also walk away with a solid
     understanding of the concepts on which these tools are based. The course
     will also talk about industry standards such as OWASP Top 10 and PCI DSS,
     which form a critical part of web application security. Numerous real-life
     examples will be discussed during the course to help the attendees
     understand the true impact of these vulnerabilities. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Black Hat Cryptography: Attacks, Tools & Techniques for Security
     Professionals
     Location:  TBD
     ruben gonzalez
     Tracks:
     
     PenTesting,
     
     Crypto
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Crypto-related vulnerabilities are super common! OWASP even ranks
     "Cryptographic Failure" as the second most common security vulnerability
     class in software. Yet, very often these vulnerabilities are overlooked by
     developers, code auditors, blue teamers, and penetration testers alike.
     Because, let's face it: Nobody knows how cryptography works.
     
     This course turns you into a powerful weapon. It will teach you how applied
     cryptography is commonly misused in the field and how this leads to
     exploitable bugs. Using case studies
     from our own pentesting and red teaming engagements, we'll introduce core
     concepts of applied cryptography and how they fail in practice.
     
     During the course you'll:
     
     
      * Understand how modern cryptography works
      * Find common crypto vulnerabilities in real software
      * Write crypto exploits for real software (and an IoT device)
     
     
     At the end of the course you'll be able to spot an exploitable crypto bug
     from miles away (and be able to avoid them yourself)! No prior knowledge
     required. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Black Hat Machine Learning
     Location:  TBD
     nvidia
     Tracks:
     
     AI, ML, & Data Science,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Machine Learning technologies continue to improve and expand into new areas
     at a blistering pace: from driving cars to detecting cancer, defending
     networks to analyzing the human genome, writing code, generating synthetic
     artwork, flying drones, and more. With this success, ML is starting to
     receive scrutiny from regulators, security teams, and hackers across all
     industries. ML Systems represent a new attack surface and bring up genuine
     security concerns. In this training, students will explore the security
     risks and vulnerabilities that adopting machine learning might expose you
     to. This course will provide students with a realistic environment and
     methodology to explore the unique risks presented by the use of ML in
     today's environments. Students will leave equipped to assess the threat
     model, vulnerabilities, and attack surface of ML systems. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Cloud Security Hands-On (CCSK+) for Azure
     Location:  TBD
     securosis
     Track:
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     This course provides a solid foundation in cloud security, including 50% of
     hands-on labs in AWS to apply the principles in practice. We cover all the
     material needed to pass the Cloud Security Alliance Certificate of Cloud
     Security Knowledge (CCSK) exam while adding a pragmatic approach to
     immediately kick-start your cloud security projects. This class has been
     updated to align with version 5 of the CSA Guidance. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Cognitive Security: Preparing for Cyber Deception Through Synthetic Media
     Attacks
     Location:  TBD
     psyber labs, llc
     Tracks:
     
     Human,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Threat actors are rapidly moving beyond traditional cyber-attacks by
     leveraging generative AI and synthetic media to carry out cognitive warfare
     and cyber deception tactics against their victims. Extorting high net worth
     individuals in deepfake virtual kidnapping scams, disseminating
     disinformation by impersonating well-established brands, and spoofing the
     voices of executives to convince employees to transfer funds to
     illegitimate accounts; are just a few examples of tactics already observed
     in the wild. You will leave this course with the tools and training
     required to integrate deepfakes and synthetic media into your red team
     assessments, be able to conduct cyber threat assessments, and practice
     developing mitigation strategies to reduce potential harm from these
     attacks. By engaging with attacks from both the offensive and defensive
     perspectives you will gain a deep understanding of the critical factors
     that differentiate highly sophisticated attacks from mediocre attempts.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Defeating Microsoft's Default Bitlocker Implementation
     Location:  TBD
     popp schweiz ag
     Tracks:
     
     Forensics,
     
     Hardware
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     This training guides you through the whole process involved for a
     successful BitLocker TPM bus sniffing attack. Within two days you will be
     given the necessary knowledge about micro soldering, notebook internals,
     TPM basics, logic analyzers, basic forensic data acquisition and some
     BitLocker theory. In the end you will not just be able to conduct the
     attack against a test notebook which you can take home, but also fully
     understand what you are actually doing and applying it to your devices.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Defending Enterprises - 2024 Edition
     Location:  TBD
     in.security
     Tracks:
     
     Defense,
     
     PenTesting
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Updated for 2024, our immersive 2-day Defending Enterprises training is the
     natural counterpart to our popular Hacking Enterprises course.
     
     You'll play a SOC analyst in our Microsoft Sentinel cloud-based lab and try
     to rapidly locate IOA's and IOC's from a live enterprise breach executed by
     the trainers in real-time.
     
     Whether you're new to Kusto Query Language (KQL) or a seasoned pro, there's
     plenty for you in the 2-days! Yes, we're using Microsoft Sentinel, but the
     underlying threat detection theory, logic and threat hunting approach is
     transferable into your own environments, whatever your preferred platform.
     
     We look at the top 10+ methods we use in offensive engagements and show how
     these can be caught, along with numerous other examples and methods that go
     above and beyond these common TTPs!
     
     With 14 hands-on exercises you'll gain real-world experience in the
     following areas:
     
     
      * MITRE ATT&CK, CAR and D3fend frameworks
      * Introduction to Kusto Query Language (KQL)
      * Reviewing popular phishing attacks and living off the land techniques
      * Locating C2 traffic and beaconing activity
      * Digging into credential exploitation (Pass-the-Hash, Pass-the-Ticket,
        Kerberoasting, Azure Managed Service Accounts, DCSync)
      * Reviewing Active Directory Certificate Services (ADCS) attacks
      * Identifying lateral movement (WMIC, WinRM, MSSQL, SMB)
      * Catching data exfiltration attempts (ICMP, DNS)
      * Detecting persistence activities
      * + much more!
     
     
     We know 2 days isn't a lot of time, so you'll also get 14 days FREE lab
     time after class and Discord access for support. Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     DevSecOps Masterclass: AppSec Automation Edition
     Location:  TBD
     appsecengineer
     Tracks:
     
     AppSec,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     DevOps has changed the way we deliver apps. However, security remains a
     serious bottleneck, especially Application Security. This is largely due to
     the speed of innovation in DevOps, contrasted with the escalating attacks
     against Applications.
     
     The training is based on our 4.9/5 Rated DevSecOps Masterclass at Blackhat.
     
     The training is a hardcore hands-on journey into:
     Hands-on SAST for Apps and Infrastructure-as-Code, with a focus on Semgrep
     and CodeQL. Develop Custom SAST rules like a bawse!
     Supply-Chain Security Automation: SBOMs, Source Composition Analysis and
     Security Engineering techniques
     Assurance and Provenance for artifacts. Mastery over Cosign and SLSA for
     Supply-Chain Provenance
     DAST Automation and Security Regressions with ZAP and Nuclei.
     Policy-As-Code: Leverage Open Policy Agent (OPA) with use-cases from API
     Access Control to OS Policy Controls.
     
     Participants get 2 months of access to our online lab environment for
     DevSecOps training Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Elite Web Application Hacking
     Location:  TBD
     sensepost | orange cyberdefense
     Tracks:
     
     PenTesting,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     In an era where digital landscapes evolve, mastery of advanced web
     application security is imperative for seasoned developers, pentesters and
     red-teamers alike. This course builds upon existing knowledge, elevating
     your expertise in web application hacking through sophisticated attacks and
     hands-on challenges.
     
     As the digital ecosystem continues to advance, web applications become
     increasingly intricate, demanding a higher level of proficiency in securing
     them against sophisticated threats.
     This course is crafted to equip you with more advanced skills to identify,
     assess, and exploit web applications through complex vulnerabilities and
     approaches.
     
     Key Points:
     
      * Master complex web security concepts, building on foundational
        knowledge.
      * Engage in advanced hands-on exercises simulating real-world challenges.
      * Hone skills in conducting thorough risk assessments for strategic
        decision-making amid intricate security challenges.
     
     
     This course is tailored for individuals with a solid foundation in web
     application security. Whether you're an experienced cybersecurity
     practitioner seeking to enhance your skill set or a seasoned developer
     aiming to deepen your security expertise, this course provides a strategic
     and hands-on approach to mastering the nuances of advanced web application
     hacking. Learn More
     
      EARLY
     
     
     
     $4,100
     
     
     ENDS MAY 24
     
     Fundamentals of Industrial Control Systems (ICS) Security
     Location:  TBD
     mandiant (now part of google cloud)
     Track:
     
     ICS
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     This course provides IT security professionals and ICS/OT engineers
     interested in ICS/OT security with the fundamental knowledge and skills
     required to build and expand an ICS/OT security team.
     
     Learners will become familiar with ICS/OT security concepts, secure
     architecture, threat models and ICS/ OT security standards and best
     practices. The course will also discuss today's security trends and the
     current threat landscape. Throughout the course, exercises and
     demonstrations inspired by actual cases and incidents in the ICS world will
     enable learners to advance their knowledge in their day jobs. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Going beyond shells! - Hacking AWS, Google Cloud, DigitalOcean and Aliyun
     (Virtual)
     Location:  TBD
     cyfinoid research
     Tracks:
     
     PenTesting,
     
     AppSec
     Format: 2 Day Trainings
     Experience: Virtual
     
     
     A fast paced, scenario driven hands-on training built on real world
     Detection, Identification and Exploitation of services and assets in AWS,
     Google Cloud, DigitalOcean and Alibaba Cloud. The training will take
     students through automated infrastructure creation, security configurations
     and their abuses that will allow them to go beyond the standard shells that
     attackers aim for. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Hacking Bureaucracy
     Location:  TBD
     kopidion
     Track:
     
     Human
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Bureaucracies didn't start out as soul-crushing obstructions to innovation
     and agility, but you can't escape them today. Whether you're in government,
     industry, school, or an independent practitioner, you face relentless
     bureaucracies that impede progress, destroy morale, and frustrate security.
     Not taught in schools or other institutional learning facilities, this
     course plays to the puzzle-solving superpowers of the hacker mindset. Come
     learn how to achieve your personal and organizational goals effectively and
     legally, by hacking the system. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Hacking Cybersecurity Leadership: An Interactive Training to Strengthen
     Skills for Leading Teams & Multi-Team Systems
     Location:  TBD
     multiteam solutions
     Tracks:
     
     Human,
     
     Defense
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     This 2-day, highly interactive course is designed for cybersecurity
     professionals currently in a role leading a team within a multi-team system
     (e.g., team lead) or leading an entire multi-team system (e.g., CISO). The
     training provides participants a chance to familiarize with and practice
     using 10 analog leadership tools designed to strengthen soft skills to
     support and motivate individuals, teams, and multi-team systems. The
     training, which acts as a sandbox, is built on social-behavioral research
     of CSIRTs and SOCs that was funded by the US and European governments, is
     assured by the UK NCSC, and will be delivered through expert-facilitated
     exercises. The exercises are not cybersecurity specific, which allows
     participants to disrupt their normal, routine ways of leading and open up
     to the possibilities for growth and change as leaders. The tools readily
     allow for the concrete transfer of knowledge and soft skills from the
     training back into the workplace. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Hacking Enterprises - 2024 Red Edition
     Location:  TBD
     in.security
     Tracks:
     
     PenTesting,
     
     Network
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Updated for 2024, our Hacking Enterprises training is the natural
     counterpart to our popular Defending Enterprises course.
     
     In this multi-layered offensive engagement, you will fully compromise a
     simulated enterprise in this immersive hands-on course that covers a
     multitude of TTP's. Targeting modern operating systems including Windows
     11, you'll use modern techniques and focus on exploiting configuration
     weaknesses rather than throwing traditional exploits. Logical thinking and
     creativity will definitely be put to the test!
     
     You will work to get initial access in a fictional organisation where
     multiple networks exist, some easily accessible, others not so. You'll
     implant and establish C2, but manual techniques will always be emphasised
     so you're equipped with the knowledge to work without reliance on
     frameworks.
     
     Course content has been designed to reflect real-world challenges and
     you'll perform numerous hands-on exercises including executing exploitative
     phishing campaigns against our simulated users for initial access, finding
     new networks that in turn bring new challenges including IPv6 exploitation,
     subverting AMSI and AWL, credential harvesting, passphrase cracking,
     pivoting, lateral movement, ADCS abuse, userland and privileged persistence
     via OOB channels and much more!
     
     With 14 hands-on exercises you'll gain real-world experience in the
     following areas:
     
     
      * IPv6 discovery, enumeration and exploitation
      * Pivoting, routing, tunnelling and SOCKS proxies
      * C2 infrastructure and beacon deployment
      * Exploitative phishing
      * Privilege escalation and credential harvesting
      * P@ssphras3 cracking
      * Bypassing AWL
      * Active Directory Certificate Services (AD CS) abuse
      * Lateral movement for domain trust exploitation
      * Out of Band (OOB) data exfiltration
      * + much more!
     
     
     We know 2 days isn't a lot of time, so you'll also get 14 days FREE lab
     time after class, Discord access for support and access to a post-training
     CTF containing hosts and networks not seen during training! Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Hack in the Block: Down and Dirty
     Location:  TBD
     nadir akhtar and anto joseph
     Tracks:
     
     AppSec,
     
     Crypto
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Blockchains are both a blessing and a curse for the same reason:
     immutability. The permanence of change means that any mistake cannot be
     undone. Thus, writing code that lives on a blockchain requires deep
     knowledge and rigorous examination to protect against critical failures.
     
     This course builds upon the previous Beginner class to teach advanced
     exploitation techniques for mission-critical blockchain applications, such
     as Dapps, by teaching you the newest and deepest parts of blockchains and
     smart contracts. We will dive into a number of specialized blockchain
     verticals, such as zero knowledge (ZK) cryptography, MEV, formal
     verification, scaling architectures like Optimistic and ZK rollups, and
     advanced smart contract architectures. We'll provide and walk through a
     number of in-depth labs, drawing directly from real-life hacks that have
     impacted users for hundreds of millions of dollars, to demonstrate how to
     detect, exploit, and prevent these attack scenarios. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Hands-On Hacking Fundamentals - 2024 Edition
     Location:  TBD
     sensepost training | orange cyberdefense
     Tracks:
     
     PenTesting,
     
     Network
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     Start your journey into information security with a hands-on course that
     will expose you to the technical fundamentals of penetration testing and
     security practises in the realms of networking, infrastructure, web
     applications and wireless technologies.
     
     Key Points:
     
      * How to think like a hacker
      * Finding vulnerabilities and exploiting them
      * How to approach a pentesting methodology in real-world scenarios
     
     
     This is an introductory course for those starting the journey into
     penetration testing or those working in environments where understanding
     how hackers think and the tools, tactics and techniques they use are of the
     essence. Learn how to attack, and utilise the concepts to enhance your
     defensive understandings.
     The course presents the background information, technical skills, and basic
     concepts required to those desiring a foundation in the world of
     information security.
     
     By the end of the course, you will have a good grasp of how vulnerabilities
     and exploits work, how attackers think about networks and systems and have
     compromised several of them, from infrastructure, and web applications to
     Wi-Fi.
     
     This course aims to expose you to the methodologies used by active
     penetration testers on their day-to-day journey with clients and
     assessments.
     Join us and hack hard! Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Implementation of Telco Networks for Pentesters: 2G, 4G and 5G
     Location:  TBD
     ethon shield
     Tracks:
     
     Mobile,
     
     Network
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     This course allows a pentester or researcher to learn how to implement on a
     single computer 2G, 4G and 5G SA and NSA mobile networks only with an Ettus
     SDR device. He will learn how to install the necessary SW, configure the
     tools, basic notions about the architecture and protocols of each
     technology, configure his programmable SIM card and finally connect a
     mobile device to these networks to perform tests such as traffic
     interception, analyze how to perform a downgrade attack, play with
     encryption or authentication algorithms.
     
     Do you want to go through this world with professionals who will help you
     to understand and implement these networks on your computer? Learn More
     
      EARLY
     
     
     
     $4,100
     
     
     ENDS MAY 24
     
     IntelTechniques 2-Day OSINT Training
     Location:  TBD
     inteltechniques
     Tracks:
     
     Human,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     The IntelTechniques open source intelligence course provides the tactics,
     tools, and workflow necessary for developing actionable intelligence from
     various online data sources and social media platforms. The curriculum is
     built around developing an efficient process that consistently produces a
     professional intelligence product. Instructors will demonstrate the latest
     methods for triage, research, capture, analysis, documentation, and
     presentation. The class will be provided with custom tools, scripts, and a
     series of practical exercises. Learn the most current tactics by watching
     experienced investigators work through live scenarios, with a focus on
     workflow and methodology.
     
     Included in this course:
     
      * 25 modules taking you from beginner to advanced OSINT tactics
      * 60-day access to 100+ hours of IntelTechniques video training content
      * 700+ page digital handbook and over a dozen report templates
      * Custom OSINT toolset
      * Build a custom OSINT virtual machine
      * New tactics for leak/breach/stealer-log data acquisition, analysis, and
        implementation
      * 200+ practical exercises in an online CTF format
     
     Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Intermediate RF Reverse Engineering with SDR
     Location:  TBD
     paul clark
     Tracks:
     
     Wireless,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Learn to build more powerful digital radios, controlled by a combination of
     GNU Radio and Python. Then use these tools to reverse engineer digital
     radios with SDR!
     
     This is no lecture-based course, but one built on 19 different RF reverse
     engineering projects. You'll practice on a mix of simple systems, which
     you'll fully reverse, and on individual steps of more complex reversing
     projects.
     
     When you're done you'll understand how to identify unknown modulation
     schemes, determine signal timing, use statistical methods to identify bit
     functions, and reverse error checking. We'll also cover a number of
     reversing best practices along the way. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     iOS Threat Hunting
     Location:  TBD
     matthias frielingsdorf
     Tracks:
     
     Mobile,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Since 2016 Pegasus is well known in the industry as the prime example for
     mercenary spyware targeting iOS devices. But did you know about Quadream's
     Reign, Cytrox's Predator, Tykelab's Hermit, Candiru or Operation
     Triangulation?
     
     This new and innovative training will enable you to detect a wide variety
     of iOS Malware. Our forensic-based approach will provide you with a deep
     understanding of the forensic artifacts left behind by these malware
     samples and how to detect them through various techniques. Through a
     combination of hands-on exercises and expert-led sessions, you will develop
     the skills and knowledge necessary to become a proficient iOS Threat
     Hunter. Join us in this unique training opportunity that has not been
     offered before and gain valuable insights into the world of iOS Malware
     detection and forensics. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     IoT and Embedded Device Exploitation
     Location:  TBD
     loudmouth security
     Tracks:
     
     IOT,
     
     Hardware
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     In the rapidly evolving landscape of the Internet of Things (IoT),
     understanding the security vulnerabilities and exploitation techniques of
     IoT devices has become crucial for cybersecurity professionals. This course
     aims to equip participants with the skills and practical knowledge to find
     vulnerabilities in IoT devices. Participants will gain hands-on experience
     in IoT hardware debugging, memory extraction, firmware analysis and bug
     hunting using a custom-built IoT device and firmware based on real-world
     examples. In addition, this course will introduce participants to device
     emulation and wireless communications in IoT devices, with hands-on labs to
     put the knowledge into practice. This course bridges multiple disciplines
     within cybersecurity, including application security, operating system
     penetration testing, wireless signal analysis, and embedded hardware
     security. It is designed to empower professionals to perform penetration
     testing of IoT devices, ensuring they are equipped with the knowledge and
     experience to find and exploit vulnerabilities in them. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Malware Detection and Triage with Volatility 3
     Location:  TBD
     andrew case and dave lassalle
     Tracks:
     
     Forensics,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Memory forensics—the analysis of volatile memory (RAM)—is an extremely
     powerful technique for detecting and triaging modern malware. Memory
     forensics is often a critical component of modern incident response due to
     the frequent use of memory-only payloads and rootkits that bypass modern
     EDRs, hide from live analysis tools, and often leave no file system
     artifacts. Memory analysis reconstructs system state without relying on
     operating system APIs, allowing it to both detect modern malware and
     provide automated triage results. In this course, a mix of lectures and
     hands-on labs provides students with the knowledge and experience necessary
     to perform real-world incident response using memory analysis for detection
     and hunting of sophisticated malware on Windows 10+ systems. The course is
     taught by two core developers of Volatility 3, the exciting new version of
     the world's most widely used memory analysis framework, and provides early
     access to upcoming capabilities. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Malware Detection in the AI Era: Attacks and Defenses on Machine Learning
     Classifiers
     Location:  TBD
     dmitrijs trizna and luca demetrio
     Tracks:
     
     AI, ML, & Data Science,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Endpoint Detection and Response (EDR) systems and Antivirus (AV) solutions
     have incorporated machine learning (ML) as core components of their
     decision-making processes. However, the integration of ML has introduced
     new vulnerabilities, rendering these systems susceptible to specific types
     of attacks that can weaken their effectiveness.
     
     In this course, participants will first gain a comprehensive understanding
     of how machine learning models can perform the task of malware detection in
     both static and dynamic settings, and they will use techniques that explain
     their behavior.
     
     Furthermore, we will introduce the concepts of Adversarial Machine
     Learning, the field of science that formalizes the presence of an adversary
     whose intent is the exploitation of AI models. Attendees will first learn
     and then execute known adversarial strategies designed to compromise ML
     malware classifiers under different threat models. Lastly, we will show how
     these attacks can be limited, by discussing recent advancements in research
     of defensive mechanisms. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Malware Hunting & Digital Forensics
     Location:  TBD
     paula januszkiewicz, ceo and cybersecurity expert; dr. mike
     jankowski-lorek, director of consulting and cybersecurity expert
     Track:
     
     Malware
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Are you tired of constantly reacting to malware attacks? Take control with
     our Advanced Malware Hunting course! In this deep-dive training, you'll
     learn the latest techniques and capabilities of malware, as well as
     practical methods for preventing, detecting, and responding to malicious
     code. Our expert instructors will guide you through real-world scenarios,
     showing you how to analyze malware, identify vulnerabilities, and build
     robust defenses that protect your organization's infrastructure. By the end
     of this course, you'll have a comprehensive understanding of malware and
     its behaviors, as well as a toolbox of proven techniques for securing your
     network, endpoints, and data. Whether you're an IT professional, security
     analyst, or malware researcher, this course will give you the skills and
     knowledge you need to stay one step ahead of the cybercriminals. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Military Strategy and Tactics for Cybersecurity
     Location:  TBD
     kopidion
     Tracks:
     
     Defense,
     
     Human
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Air, sea, land, space, and now cyber. Cyberspace has been named an
     operational domain by the U.S. Department of Defense. This designation and
     subsequent application of U.S. doctrine to cyberspace operations has shed
     light on new tactics and techniques for network defense based on military
     doctrine developed over millennia; techniques you can use now to improve
     the defense of your network. This course will introduce you to the
     intricacies of this complex new landscape through discussion and hands-on
     exercises developed by career Army officers with a combined 50+ years of
     experience. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Offensive AI for Red Team Operations
     Location:  TBD
     invokesec
     Tracks:
     
     AI, ML, & Data Science,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     You're stuck. Traditional offensive methodology has led to failure or
     detection. Your red team is at a stand-still. Offensive AI for Red Team
     Operations is a cutting-edge course built for hands-on offensive security
     engineers looking to operationalize AI for more efficient, stealthy, and
     fast-paced operations. Proactive defenders will also feel right at home as
     they build AI-enhanced cyber-operation tool chains and pipelines.
     
     The course kicks off with a technical primer on AI, tailored for offensive
     cybersecurity applications. Participants will dive into the mechanics of AI
     models and how they can be repurposed for cyber-attack methodologies.
     Moving beyond the basics, the course delves into advanced AI-driven attack
     vectors. It provides in-depth coverage of techniques such as AI-powered
     phishing, AI model exploitation, as well as the customization of AI models
     to facilitate more effective operations. Course content is designed to
     provide hands-on experience and tooling to drive the future of AI-enhanced
     operations. Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Offensive Hardware Hacking Training
     Location:  TBD
     whid - we hack in disguise
     Tracks:
     
     Hardware,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     The Offensive Hardware Hacking Training is a hands-on course designed to
     fulfill the skills gap that in the recent years emerged within the InfoSec
     scene in respect of the (I)IoT landscape. In it, students will be able to
     gather the needed theoretical knowledge and practical skills to engage with
     confidence hardware security audits involving those devices, that started
     to flood both consumer and corporate markets. The course is structured to
     be accessible to both junior and senior security personnel: it goes from a
     generic panoramic of the theory behind electronics, protocols, memories,
     microprocessors & tools-of-the-trade; then proceeds deeper into the topics
     by reviewing various TTPs. Moreover, the students' workbook contains more
     than 40 practical exercises involving real hardware devices and will allow
     each student to physically work on them during the training AND also to
     bring it at home together with their own first HW Hacking Lab Kit worth
     around 300 USD.
     For more info, check the following videos:
     
      1. https://www.youtube.com/watch?v=zbUuBZJIHkE
      2. https://www.youtube.com/watch?v=VpHBMELQmnk
     
     Learn More
     
      EARLY
     
     
     
     $3,900
     
     
     ENDS MAY 24
     
     Open Source Intelligence Tools & Techniques
     Location:  TBD
     mandiant (now part of google cloud)
     Tracks:
     
     Defense,
     
     Risk
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     This two-day foundational level course is designed to teach intelligence
     analysts the fundamentals of open source intelligence (OSINT) tools and
     techniques. Students will employ a 3 Phase Branching Model across a
     multitude of use cases to conduct investigations. They will also use
     popular tools such as Virus Total and Google to drive these investigations
     to completion. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Patch Diffing In The Dark: Binary Diffing For Vulnerability Researchers and
     Reverse Engineers
     Location:  TBD
     john mcintosh
     Tracks:
     
     Forensics,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Every day, a new CVE or blog post is published detailing a critical
     vulnerability. Often, we know about a vulnerability but feel like we don't
     have the skills or time to understand its root cause. What if you could
     change that by learning a new skill that would guide you towards
     understanding modern vulnerabilities?
     
     The goal of this course is to teach participants how to use patch diffing
     techniques to analyze real-world vulnerabilities in Windows and Android.
     You will use open-source tools like the Ghidra SRE framework to reverse
     engineer the latest CVEs and discover that you already have the information
     and tools needed to get started. This course will help you develop the
     confidence and competence to tackle complex vulnerabilities.
     
     If you feel like you are always "in the dark" about the latest CVE and want
     to take a step towards the light (understanding), this course is for you.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Payment Systems: The Art of Analyzing Mag-stripe, Tokenization, NFC and EMV
     Technologies
     Location:  TBD
     metabase q
     Tracks:
     
     PenTesting,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Payment Systems training offers a holistic approach to understanding and
     mastering the intricacies of various banking data formats such as EMV, NFC,
     Tokenized, and Magstripe. Instead of merely concentrating on specific
     tools, our emphasis is on the underlying methodologies and communication
     protocols. This approach ensures a more profound and enduring grasp of the
     subject matter.
     
     The training is meticulously structured around different technologies and
     their respective communication protocols. This division facilitates an
     easier and more comprehensive understanding, enabling participants to
     effectively conceptualize techniques. Our intensive hands-on sessions are
     designed to immerse students in real-world scenarios that center on EMV
     standards. This not only provides a practical perspective but also
     challenges them to discern how malicious entities might navigate, exploit,
     or bypass security mechanisms within payment systems. Furthermore,
     participants will gain insights into the countermeasures implemented across
     various technologies, ensuring that they are well-equipped to anticipate
     and address potential vulnerabilities. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Pentesting SAP Applications
     Location:  TBD
     yvan genuer
     Tracks:
     
     PenTesting,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     This highly-practical course will teach attendees not only the fundamentals
     on how to pentest SAP systems, but also the latest techniques and
     procedures.
     
     Students will be guided through a variety of scenarios designed to walk
     them through all the phases involved in an SAP penetration testing:
     
     
      * Landscape discovery
      * System mapping
      * Vulnerability assessment
      * System exploitation
      * Privilege escalation
      * Lateral movement
     
     
     Attendees will start from a black-box perspective and end up digging in the
     heart of the system learning how to spot and leverage most common
     misconfigurations and vulnerabilities. Common attack patterns and high
     impact vulnerabilities will be analyzed, along with brand new techniques to
     escalate privileges, establish persistence and move laterally across the
     landscape.
     
     No previous SAP experience required. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Practical Drone Hacking - Zero to Hero (Intensive)
     Location:  TBD
     captain kelvin and boris so (pilot owl)
     Tracks:
     
     Hardware,
     
     Wireless
     Format: 2 Day Trainings
     Experience: In-Person
     
     
     Advancements in UAV technology are opening new opportunities and
     applications in various fields of life. However, these advancements are
     also causing new challenges in terms of security, adaptability, and
     consistency. Especially the small drones are even suffering from
     architectural issues and the definition of security and safety issues. In
     this course, a programable small drone will be provided to learn the common
     drone attack vectors and hacking skills. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Practical Mobile Application Exploitation iOS & Android - 2024 Edition
     (Virtual)
     Location:  TBD
     8ksec
     Tracks:
     
     AppSec,
     
     Mobile
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: Virtual
     
     
     After running sold-out training at multiple conferences over the last few
     years, we are back with an updated version of our course which now covers
     ARM64, iOS & Android Internals, and detailed Mobile apps and operating
     system security. The class starts with a basic introduction to the ARM
     instruction set and calling conventions followed by some reverse
     engineering exercises. We then learn how to craft simple exploits for the
     ARM64 environment.
     The training will be based on exploiting Damn Vulnerable iOS app,
     Android-InsecureBankv2, InsecurePass and a wide range of real-world
     application vulnerabilities in order to give in-depth knowledge about the
     different kinds of vulnerabilities in Mobile applications. After the
     workshop, the students can successfully audit and secure applications
     running on iOS/Android operating systems, as well as get a better
     understanding of their Internals. Students will learn how to use Frida, a
     dynamic instrumentation framework, for doing vulnerability research.
     Slides, Custom scripts, Videos, VM and detailed documentation on the labs
     will be provided to the students for practice after the class. Corellium
     access will be provided to students during the training course. Students
     will be provided access to a Slack channel where the trainers will help
     prep them for the class, and the students can retain access to it for the
     foreseeable future.
     Slides, videos, and detailed documentation on the labs will be provided to
     the students for practice after the class. Corellium access will be
     provided to students during the training course. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Pragmatic API Exploration
     Location:  TBD
     sensepost | orange cyberdefense
     Tracks:
     
     AppSec,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     Embark on a learning journey to explore the art of attacking and securing
     Application Programming Interfaces (APIs) with our comprehensive API
     course. As API usage grows, so does the threat landscape for organisations.
     This practical-driven training will equip you to conduct impactful
     penetration tests on API implementations and further your understanding on
     how to mitigate the majority of vulnerabilities.
     
     Explore modules covering API fundamentals, engagement strategies, attack
     surface enumeration, and demystifying the OWASP Top 10 for APIs. Delve into
     additional focus areas such as logging, monitoring, injection attacks, and
     securing Azure API implementations. Gain practical experience in exploiting
     vulnerabilities on RESTful APIs and GraphQL, culminating in a thrilling
     Capture the Flag challenge.
     
     Join us, hack hard and make APIs safe Learn More
     
      EARLY
     
     
     
     $4,100
     
     
     ENDS MAY 24
     
     Python Hacker Bootcamp: Zero to Hero
     Location:  TBD
     snowfensive
     Tracks:
     
     PenTesting,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Scripting and automation have become standard requirements for
     cybersecurity professionals. However, learning how to program is
     challenging for many. Many people give up learning this skill because they
     may need to learn how to start, find programming books confusing, or the
     examples taught in online classes don't apply to their use cases. If you
     want to learn how to program Python to automate tasks, increase accuracy,
     and become more marketable in the workforce, this course is for you.
     This course was designed to follow a hacker's methodology of programming.
     Instead of learning formal programming practices that you'll never use
     (we're looking at you bubble sort), this course focuses on core concepts
     taught using information security-centric projects. The hands-on labs,
     which accompany the practical application lectures, focus on solving
     commonplace and real-world security challenges. The labs have been designed
     to apply to information security professionals. Join us for a fun,
     fast-paced bootcamp to take you from zero to hero! Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Reverse Engineering Firmware with Ghidra
     Location:  TBD
     eric evenchick & tetrel security
     Tracks:
     
     Hardware,
     
     IOT
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     This hands-on course teaches the concepts, tools, and techniques required
     to reverse engineer firmware and assess embedded devices. To ensure the
     tools taught are available to all, we will make use of Ghidra, a powerful
     open-source reverse engineering tool developed by the National Security
     Agency.
     
     Within the two days, you will:
     
     Learn general techniques for binary reverse engineering
     
     Identify, unpack, load, and analyze various types of firmware into Ghidra
     Use reverse engineering techniques to find exploitable vulnerabilities in
     an embedded Linux device
     
     Map device vector tables, peripheral memory, and system calls to find
     exploitable vulnerabilities in a bare-metal device
     
     Identify remotely exploitable vulnerabilities in a Bluetooth Low Energy
     device
     Learn to use a debugger to assist in reverse engineering
     
     Labs attacking an embedded Linux system and a bare-metal Bluetooth Low
     Energy device will be used to deliver a hands-on experience. You can expect
     to leave this course with the skills to reverse firmware for a variety of
     embedded targets. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Reversing and Exploiting RF with Software-Defined Radio Bootcamp
     Location:  TBD
     sébastien dudek @ penthertz
     Tracks:
     
     Wireless,
     
     Hardware
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Unleash the power of the impossible with Software-Defined Radio!
     
     Numerous wireless devices utilize simple radio protocols for communication.
     With the appropriate tools, it becomes feasible to intercept, decode, and
     even replicate or inject these transmissions. Such analysis can unveil
     critical security vulnerabilities, regardless of whether the device in
     question is a simple toy, a garage door opener, a wireless intercom, or a
     sophisticated IoT device. However, before we can uncover these
     vulnerabilities, it is essential to gain a comprehensive understanding of
     the data transmission process, including aspects such as modulation,
     encoding, encryption, and various other mechanisms, but also making the
     right choices about the hardware to use.
     
     This course offers perfect hands-on training for individuals eager to
     embark on a journey into the realm of Wireless Communication Reverse
     Engineering. It provides practical examples and invaluable tips to initiate
     and pursue the field, enabling students to delve into Signal Intelligence
     (SIGINT), reverse even the most exotic communication protocols, and
     practice attacking them using the capabilities of Software-Defined Radio.
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Securing the Four C's of A Software Product: AWS Edition
     Location:  TBD
     rohit salecha
     Tracks:
     
     Defense,
     
     AppSec
     Format: 2 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Following a successful MVP demonstration, a startup recently obtained
     significant funding. The next step involves a soft launch where security
     poses a crucial challenge. The initial PoC lacks basic security standards
     needed for customer trust and compliance for ex: secrets are strewn all
     across the code, everyone is having admin privileges to AWS and Kubernetes,
     Compute infrastructure is non-compliant and only a basic web application
     pentest was conducted with very few findings.
     
     This scenario inspired creation of 'Securing 4C's of Software Product,' a
     specialized training program tailored to secure the core pillars of product
     security: Code, Container, Cluster & Cloud.
     
     This training delves deep into key security domains such as Authentication
     and Authorization in AWS and Kubernetes, Secrets Management & Detection,
     Supply Chain Security, Container Security, and Static Application Security.
     It equips attendees with the necessary knowledge to establish robust
     security protocols, ensuring deployments carry a high level of security
     assurance. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Video Preview »
     Tactical Recon for Pentesters - 2024 Edition
     Location:  TBD
     redhunt labs
     Track:
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     This 2024 Edition of our Tactical Recon for Pentesting training program not
     ONLY focuses on OSINT but also focuses on in-depth attack tactics using the
     information collected in the earlier phases. This course will focus on a
     wide range of tools and techniques for performing real-world reconnaissance
     in order to launch targeted attacks against modern and dynamic
     infrastructures.
     
     We will take a deep dive into various modern methodologies for extracting
     useful information from the internet. Furthermore, we will cover how this
     extracted information can be used in attack scenarios to get an initial
     foothold in multiple ways within an organization's network beyond the
     firewall and further exploit it to gain and maintain elevated access. The
     course will cover topics like:
     
     
      * Mapping the Modern Attack Surface
      * Comprehensive Subdomain Enumeration
      * Exploring Dark Web
      * Hunting 3rd Party SaaS Apps
      * Hunting & Attacking API Endpoints
      * Supply Chain Enumeration & SBOM
      * Template Based Scanning
      * Attacks using Recon from Docker Image, EBS volumes, etc.
      * Exploring Mobile Applications for Attack Chaining
      * Practical Social Engineering, etc.
     
     
     This 2-day course takes a hands-on approach to indulge the participants in
     real-world scenarios, simulated lab environments, and case studies to get
     proficient in techniques and methodologies. Each participant will also be
     provided ONE MONTH FREE ACCESS to our Hybrid-Cloud Based Private Lab
     mimicking the modern age infrastructure, as well as decoy accounts and the
     organization's social presence, where they can practice the skills learned
     during the course. Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     The Shellcode Lab
     Location:  TBD
     threat intelligence pty ltd
     Tracks:
     
     PenTesting,
     
     Malware
     Format: 2 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     The Shellcode Lab is back for its 14th consecutive year Black Hat USA! With
     feedback like "By far the best course I've taken at Black Hat", this is the
     training that takes your penetration testing and low-level technical skills
     to the next level!
     
     With 17 multi-part hands-on labs and over 150 slides of hard-core technical
     content, students start with basic knowledge, and by the end of the first
     day write their own macOS 64-bit Port Bind shellcode from scratch to
     remotely compromise a server.
     
     In this exciting and hands-on training, you will:
     
     
      * Create custom payloads for:
      * Linux 32-bit
      * macOS 64-bit
      * Windows 32-bit
      * Windows 64-bit
      * Make payloads small to fit into more exploits
      * Implement techniques to avoid bad characters
      * Integrate your payloads into public exploits
      * Create a Metasploit Payload Module using your payloads
      * Compromise machines using your payloads
     
     
     We take your security skills to the next level - fast!
     
     Seats go fast. Register now to secure your spot! Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
     
     Windows Enterprise Incident Response
     Location:  TBD
     mandiant (now part of google cloud)
     Tracks:
     
     Forensics,
     
     Defense
     Format: 2 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Windows Enterprise Incident Response is an intensive two-day course
     designed to teach the fundamental investigative techniques and digital
     forensics skills needed to respond to complex intrusions by motivated and
     persistent attackers. The class is built upon a series of hands-on labs
     that highlight the phases of a targeted attack, key sources of evidence,
     and the forensic analysis know-how required to analyze them. Created and
     taught by consultants who do this work daily, this class is based on
     first-hand experience responding to incidents all around the world for
     major organizations. At Mandiant, we investigate the incidents that matter,
     and we're bringing that knowledge to the students of this class. Learn More
     
      EARLY
     
     
     
     $4,000
     
     
     ENDS MAY 24
     
     Windows Instrumentation With Frida
     Location:  TBD
     ruben boonen
     Tracks:
     
     Forensics,
     
     PenTesting
     Format: 2 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     
     Binary instrumentation is an invaluable skill across all platforms, yet it
     is often under-appreciated on Windows specifically. In this course you will
     learn how to use the Frida framework on Windows. You will master function
     hooking and binary instrumentation and apply those skills in a wide variety
     of scenarios. You'll gain the ability to discover Black Box application
     functionality using static and dynamic techniques. These learnings will
     empower you to understand what an application is doing, modify its
     functionality and augment its operation.
     
     This expertise is invaluable in Defence, Offense, and Research. Whether
     you're aiming to develop a novel detection method, assess the viability of
     a post-exploitation strategy, or do Windows internals research, this course
     is designed to equip you with the necessary, real-world, practical, skills.
     
     We start from the ground up, assuming no prior knowledge, allowing you to
     build your capabilities step-by-step. You'll solidify your understanding
     and gradually refine your skill set, gaining experience that will
     seamlessly integrate into your professional workflow. Although the primary
     focus is on native code applications for Windows, the techniques and skills
     you'll learn are equally applicable to native code applications on other
     platforms.
     
     Moreover, this course also includes some specials learnings and benefits.
     You will receive a Binary Ninja personal license and will become familiar
     with the use of Binary Ninja for static analysis. Other domain specific
     tools are also used extensively, like API Monitor.
     
     Learn More
     
      EARLY
     
     
     
     $3,800
     
     
     ENDS MAY 24
   
   * 4 Day (Sat-Tue)
   * 802.11 Unplugged: Modern Wi-Fi Hacking
     Location:  TBD
     sensepost | orange cyberdefense
     Tracks:
     
     Wireless,
     
     PenTesting
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     If you want to learn how to understand and compromise Wi-Fi networks, this
     is your course.
     
     Key Points:
     
      * Foundations of wireless network technologies
      * How to approach wireless network exploitation when facing obstacles
      * New approaches and tooling in the Wi-Fi hacking field
     
     
     If you want to really understand what's going on and master Wi-Fi attacks
     in such a way that you can vary them when you encounter real-world
     complexities, this course will teach you what you need to know.
     
     This course is highly practical, with concepts taught through theory
     delivered while your hands are on the keyboard, and semi-self-directed
     practicals at the end of each section to reinforce the learning. The course
     is hosted in a "Wi-Fi in the cloud" environment we invented several years
     ago, which means no more fiddling with faulty hardware or turning the
     classroom into a microwave. Designed, developed and delivered by the team
     behind some of the most commonly used Wi-Fi hacking tools such as
     hostapd-mana, berate_ap and wpa_sycophant. This course aims to expose you
     to the Wi-Fi hacking methodologies used by active penetration testers on
     their day-to-day journey with clients and assessments. Learn More
     
      EARLY
     
     
     
     $5,100
     
     
     ENDS MAY 24
     
     Ability Driven Red Teaming
     Location:  TBD
     egypt & mubix
     Tracks:
     
     PenTesting,
     
     Network
     Format: 4 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     What sets this course apart is that we focus on explaining the "WHY".
     Choosing one C2 or technique over another often comes with tradeoffs that
     might not be obvious at first glance. After a combined 35 years of
     experience in red teaming and offensive security, egypt and mubix distill
     their TTPs in everything from building binaries for avoiding antivirus to
     building your own company for taking over another. Our labs aren't trying
     to teach you any particular OS, tool, or technique, but rather how to think
     about those same OSs, tools and techniques, when to use them, and how to
     assess new ones as the field of infosec changes.
     
     Want to learn how to make your tools work overtime for you? This is the
     place to be.
     
     In this course, we will walk you through how we
     
      * Build Red Team Infrastructure
      * Use OSINT to Get Initial Access
      * Attack Active Directory, including Kerberos, Azure, and SMB
      * Find Common DevOps vulns
      * Use Web App attacks that give you shells
      * Extend Metasploit and other frameworks to do your bidding
      * Escalate privileges, move laterally (pivoting), & persist on Windows,
        OSX, and Linux
      * Avoid common detections for all of the above
     
     
     We'll do the above in a custom-built CTF where you'll pwn a variety of
     boxes in a variety of environments. Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24
     
     Abusing and Protecting Kubernetes, Linux, and Containers
     Location:  TBD
     jay beale, inguardians
     Tracks:
     
     PenTesting,
     
     Defense
     Format: 4 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Learn how to attack and defend Kubernetes, Linux and containers from Jay
     Beale, the creator of Bastille Linux and two Kubernetes security tools: the
     Peirates attack tool and the Bust-a-Kube CTF cluster. In this fully
     hands-on course, you'll get a computer to keep, filled with
     capture-the-flag (CTF) containers and Kubernetes clusters, which you will
     attack and defend. You'll also get access to our cloud environment,
     allowing you to attack cloud-based Kubernetes clusters.
     
     Every single topic in the class has an attack exercise, where you use Kali
     Linux to compromise a system or a Kubernetes cluster scenario. Most have a
     matching defense exercise, where you will use new skills to break that
     attack, confident that it will break other attacks.
     
     This Kubernetes, Linux, and Containers training focuses on giving you
     practical attack skills from real penetration tests, coupled with solid
     defenses to break attacks.
     
     Includes a free laptop! Learn More
     
      EARLY
     
     
     
     $5,300
     
     
     ENDS MAY 24
     
     A Complete Practical Approach to Malware Analysis and Memory Forensics -
     2024 Edition
     Location:  TBD
     monnappa k a & sajan shetty
     Tracks:
     
     Malware,
     
     Forensics
     Format: 4 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     This 4-day hands-on training teaches the concepts, tools, and techniques to
     analyze, investigate, and hunt malwares by combining two powerful
     techniques malware analysis and memory forensics. This course will
     introduce attendees to the basics of malware analysis, reverse engineering,
     Windows internals, and memory forensics. It then gradually progresses deep
     into more advanced concepts of malware analysis & memory forensics.
     Attendees will learn to perform static, dynamic, code, and memory analysis.
     To make the training completely practical, it consists of scenario-based
     hands-on labs after each module, which involves analyzing real-world
     malware samples and investigating malware infected memory images
     (crimeware, APT malware, Fileless malware, Rootkits, etc.). This hands-on
     training is designed to help attendees gain a better understanding of the
     subject in a short span of time. Throughout the course, the attendees will
     learn the latest techniques used by the adversaries to compromise and
     persist on the system. In addition to that, it also covers various code
     injection, hooking, and rootkit techniques used by the adversaries to
     bypass forensic tools and security products. During the training, you will
     also gain an understanding of how to integrate malware analysis and memory
     forensics techniques into a custom sandbox to automate the analysis of
     malicious code. After taking this course, attendees will be better equipped
     with the skills to analyze, investigate, hunt, and respond to
     malware-related incidents.
     
     Whether you are a beginner interested in learning malware analysis and
     memory forensics from scratch or an experienced professional who would like
     to enhance your existing skills to perform a forensic investigation or
     threat hunting, this training will help you accomplish your goals.
     
     Note: Students will be provided with malware samples, malware infected
     memory images, course material, lab solution manual, video demos, custom
     scripts, and Linux VM. Learn More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Video Preview »
     A DFIR Masterclass with Offensive and Defensive Techniques on Windows 11
     and Server 2022
     Location:  TBD
     internet initiative japan inc.
     Tracks:
     
     Forensics,
     
     Malware
     Format: 4 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     This is a hands-on course for learning attack, detection and DFIR
     techniques on Windows environment.
     
     You will first attack a Windows domain network with in-the-wild targeted
     attack malware and post-exploitation tools using the same techniques as
     attackers, such as:
     
     
      * NTLM Relay Attack
      * Golden/Silver/Diamond/Sapphire Ticket Attack
      * DCSync/DCShadow
      * Credential Harvesting
      * Remote Command Execution/Logon
      * Domain Persistence
      * Delegation Attack
     
     
     Then, you will acquire artifacts from the environment and analyze them with
     the DFIR techniques such as:
     
     
      * Memory Forensics
      * Persistence Analysis
      * Program Execution Artifacts Analysis
      * Event Log Analysis
      * Timeline Analysis
      * Triage Collection
     
     
     Since you will learn attack *AND* defense, including detection and DFIR,
     techniques, you will have a better understanding of both. Then, even if new
     attacks emerge, you will already know how to test and detect them yourself
     after completing this course.
     
     We will be waiting for you with numerous exercises! Learn More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Advanced Detection Engineering in the Enterprise
     Location:  TBD
     olaf hartong / falconforce
     Tracks:
     
     Defense,
     
     Risk
     Format: 4 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Building resilient and automated detection capabilities require a detailed
     understanding of attackers and their known or expected behavior. By
     thinking like an attacker, understanding the different techniques and
     procedures used by attackers and what indicators can be extracted, better
     detection capabilities can be developed.
     
     The training covers a full, realistic attacker scenario in an enterprise
     environment: from the endpoint, through the Active Directory and into the
     cloud environment.
     
     This training focuses on the entire methodology of a detection engineering
     cycle. We guide participants in defining a scope, researching the relevant
     (sub-)techniques, building the detection analytic, investigating which logs
     can be utilized, and validating the resilience of the analytic against
     evasion. Maintenance, testing and improvement is part of proper
     engineering.
     The training is highly interactive and retains a good balance between
     theory and a lot of hands-on exercises, in which the students execute all
     attacks themselves in a dedicated lab environment. Learn More
     
      EARLY
     
     
     
     $5,100
     
     
     ENDS MAY 24
     
     Advanced Infrastructure Hacking - 4 Day
     Location:  TBD
     tiago carvalho / notsosecure
     Tracks:
     
     Network,
     
     PenTesting
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     Whether you are penetration testing, Red Teaming or trying to get a better
     understanding of managing vulnerabilities in your environment,
     understanding advanced hacking techniques is critical. This course covers a
     wide variety of neat, new and ridiculous techniques to compromise modern
     Operating Systems and networking devices.
     
     While prior pentest experience is not a strict requirement, familiarity
     with both Linux and Windows command line syntax will be greatly beneficial.
     
     The 2024 edition of our best-selling class, brings more new, neat and
     ridiculous network hacks. From old-school misconfiguration issues to the
     very latest cutting-edge techniques and exploits against the modern network
     platforms, we have got it all covered. The course will cover advanced
     penetration techniques to achieve exploitation against these platforms:
     
     
      * Modern Operating systems (Windows, Linux)
      * New Attack Chain
      * ADCS
      * Resource-Based Constrained Delegation
      * Web and Application servers
      * Switches/Routers
      * Docker
      * VLANs
      * Kubernetes
      * AWS/Azure/GCP specific attacks
      * IaaS, PaaS, CaaS, SaaS and Serverless exploitation
      * Logging and Monitoring Network Attacks
     
     
     
     Note: Students will have access to a state-of-the-art Hacklab with a wide
     variety of vulnerabilities to practice exploitation and will receive a FREE
     1-month subscription after the class to allow more practice time. Learn
     More
     
      EARLY
     
     
     
     $5,400
     
     
     ENDS MAY 24
     
     Advanced Security Operations and Threat Hunting
     Location:  TBD
     digital defense institute
     Tracks:
     
     Defense,
     
     Forensics
     Format: 4 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     Advanced Security Operations & Threat Hunting is a meticulously crafted
     course designed for cybersecurity defenders focusing on detection
     engineering, threat hunting, adversary detection, and incident response.
     Over an intensive four-day program, participants will delve deep into the
     strategies and techniques essential for identifying, tracking, and
     neutralizing sophisticated cyber threats.
     
     The course begins with exploring detection engineering principles, teaching
     attendees how to create robust detection systems. It then transitions into
     advanced threat-hunting methods, enabling participants to proactively seek
     out and identify potential or active threats. The segment on adversary
     detection covers the latest tactics used by cyber attackers, providing
     insights into their methodologies. Finally, the course culminates with
     practical incident response exercises, equipping attendees with the skills
     to respond to and mitigate cyber incidents effectively.
     
     Designed for immediate application, this course empowers professionals to
     enhance the security posture of their organizations through advanced
     operational techniques and threat intelligence. Learn More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Advanced Windows Exploitation
     Location:  TBD
     offsec powered by applied technology academy
     Track:
     
     PenTesting
     Format: 4 Day Trainings
     Skill Level: Advanced
     Experience: In-Person
     
     
     
     EXP-401: Advanced Windows Exploitation is OffSec's most intense course,
     featuring a sophisticated hands-on computer lab environment challenging
     learners to bring out their best penetration testing skills.
     
     Modern exploits for Windows-based platforms require modern bypass methods
     to circumvent Microsoft's defenses. In EXP-401, OffSec challenges learners
     to develop creative solutions that work in today's increasingly difficult
     exploitation environment.
     
     The case studies in AWE are large, well-known applications that are widely
     deployed in enterprise networks. The course dives deep into topics ranging
     from security mitigation bypass techniques to complex heap manipulations
     and 64-bit kernel exploitation.
     
     EXP-401 is a particularly demanding penetration testing course. It requires
     a significant amount of learner-instructor interaction. Therefore, we limit
     these courses to a live, hands-on environment at one of our live training
     at the Black Hat conference.
     
     This course can qualify learners for 40 (ISC)2 CPE Credits at the end of
     the training course or after passing the certification challenge.
     
     Learners who complete EXP-401 and pass the exam will earn the Offensive
     Security Exploitation Expert (OSEE) certification.
     
     Benefits:
     
      * Put your team's skills to the test with intense in-person training
      * Enrich your team's penetration testing learning journey with advanced
        exploit development skills
      * Improve your team's preparedness for the OSEE certification exam
      * Benchmark your team's skill level for increased confidence around
        securing your IT infrastructure through industry-recognized
        certifications
     
     Learn:
     
      * Bypass and evasion of user mode security mitigations such as DEP, ASLR,
        CFG, ACG and CET
      * Advanced heap manipulations to obtain code execution along with
        guest-to-host and sandbox escapes
      * Disarming WDEG mitigations and creating version independence for
        weaponization
      * 64-Bit Windows Kernel Driver reverse engineering and vulnerability
        discovery
      * Bypass of kernel mode security mitigations such as kASLR, NX, SMEP,
        SMAP, kCFG and HVCI
     
     Learn More
     
      EARLY
     
     
     
     $8,000
     
     
     ENDS MAY 24
     
     Adversary Simulation and Capability Development
     Location:  TBD
     mdsec
     Track:
     
     PenTesting
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     During this training, you will be equipped with the necessary knowledge
     provided by recognised industry red team experts to plan, manage and
     perform an advanced red team operation.
     
     These steps include the essential knowledge to perform efficient and
     targeted opensource intelligence, design and automate the deployment of
     operation infrastructure, gain initial access to a target using
     sophisticated payloads with defensive evasion techniques, perform host
     triage, persistence and privilege escalation and move laterally whilst
     exploiting common Active Directory misconfigurations.
     
     At the end of the training students will walk away equipped to target even
     the most mature environments and budding with knowledge about the
     indicators they didn't know their tools were emitting, but the blue team
     did! Learn More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Adversary Tactics: Detection
     Location:  TBD
     specterops
     Tracks:
     
     Defense,
     
     Network
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     You bought all the latest detection tools, but somehow still can't seem to
     detect mimikatz. IT is screaming about the resource consumption from the
     multitude of security tools on the endpoints, analysts are barely staying
     afloat in the oceans of data your toolsets have created, and the latest red
     team report detailed how response actions were ineffective again. If this
     sounds familiar for your organization, this is the course for you. We'll
     walk you through starting with a detection engineering strategy first and
     then focusing on methodologies to build robust alerting, with the end
     result of improving detection and response capabilities throughout security
     operations. This course will provide you the understanding and ability to
     build robust detections, starting with the why and going all the way to the
     technical implementation of detecting threat actor activity. You will learn
     how to apply the methodologies and technical approaches practiced,
     regardless of the security toolsets deployed in your organization.
     
     In this course, you will:
     
      * Learn how to best integrate different components of a detection program
        for maximum effect
      * Integrate "threat hunting" activity into current detection programs to
        drive meaningful detection engineering
      * Understand different threat hunting campaign approaches
      * Perform data sensor and data source analysis
      * Understand various MITRE TTPs and Threat Intelligence
      * Practice standardized processes for developing technical detections
      * Document detection research into standardized formats for use in
        security operations
      * In technical labs, practice data aggregation & analysis at scale to
        detect threat actor activity
     
     Learn More
     
      EARLY
     
     
     
     $5,400
     
     
     ENDS MAY 24
     
     Adversary Tactics: Red Team Operations
     Location:  TBD
     specterops
     Tracks:
     
     PenTesting,
     
     Network
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     Upgrade your red team tradecraft with cutting-edge Tactics, Techniques, and
     Procedures (TTPs) used by attackers in real-world breaches. This course
     will teach students how to infiltrate networks, gather intelligence, and
     covertly persist to simulate advanced adversaries. Students will use the
     skillsets taught in this course to go up against live incident responders
     in an enterprise lab environment designed to mimic an enterprise network
     and learn to adapt and overcome active response operations through
     collaborative feedback as the course progresses.
     
     Topics covered include:
     
      * Design and deploy sophisticated, resilient covert attack infrastructure
      * Gain an initial access foothold on systems using client-side attacks in
        real-world scenarios
      * Utilize advanced Active Directory attack techniques to execute domain
        enumeration, escalation, and persistence
      * Perform sophisticated post-exploitation actions, including sophisticated
        data mining, going beyond just achieving "Domain Admin"
      * Use cutting-edge lateral movement methods to move through the enterprise
      * Practice "offense-in-depth" by utilizing a variety of tools and
        techniques in response to defender actions and technical defenses
      * Effectively train network defenders to better protect themselves against
        advanced, persistent adversaries
     
     Learn More
     
      EARLY
     
     
     
     $5,400
     
     
     ENDS MAY 24
     
     Adversary Tactics: Tradecraft Analysis
     Location:  TBD
     specterops
     Tracks:
     
     Defense,
     
     PenTesting
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     Your organization has just implemented the leading detection and response
     products. Are they configured with default configuration? How much faith
     should you have in your ability to detect sophisticated attacks? How would
     you simulate attacks to ensure robust detections are in place? This course
     will teach the importance of understanding the inner workings of attack
     techniques and telemetry availability and provide a workflow for developing
     robust detection analytics or data driven evasion decisions. Focusing on
     various Windows components and attacker TTPs, you will dive deep into how
     software abstracts underlying capabilities and how attackers can interact
     with deeper layers to bypass superficial detection capabilities. Learn More
     
      EARLY
     
     
     
     $5,400
     
     
     ENDS MAY 24
     
     Applied Network Security
     Location:  TBD
     matt pawloski
     Tracks:
     
     Network,
     
     Defense
     Format: 4 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     This course is a hands-on lesson in networking fundamentals that are
     critical to cyber security. Curriculum will start from layer 1 of the OSI
     model, working up to the most critical layer 7 protocols for modern network
     communication. These protocols underpin local area networks (LANs), IoT
     devices, and critical infrastructure. Security implications at each layer
     and protocol will be discussed and demonstrated through hands-on lab
     exercises. Lab exercises include traffic modification and redirection
     methods, building an open-source Linux router and unified threat management
     (UTM) appliance, proxying and modifying HTTP/S traffic with Squid and Burp,
     and advanced uses for SSH. Solid foundational knowledge, gained in this
     class, will allow students to easily understand more advanced topics. The
     technical confidence students will gain in this class will enable them to
     quickly tackle technical hurdles in their day-to-day work. Attendees with
     all levels of technical backgrounds will benefit from this class. Learn
     More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Applied Threat Hunting and Detection Engineering
     Location:  TBD
     trustedsec
     Tracks:
     
     Defense,
     
     PenTesting
     Format: 4 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Finding attacker behavior and patterns is vital to an organization's
     security posture. The Applied Threat Hunting and Detection Engineering
     class will equip the student with the knowledge of attacker methodologies
     and highlight the most popular attacks by APT groups. Students will then
     experience live threat hunts for attacker behavior and work through the
     detection engineering process to build high-fidelity detections. This class
     is designed for security professionals of all levels and will give
     real-world examples of attacks and practical skills to improve an
     organization's ability to detect attacker behavior. Learn More
     
      EARLY
     
     
     
     $5,300
     
     
     ENDS MAY 24
     
     Assessing and Exploiting Control Systems and IIoT
     Location:  TBD
     justin searle / inguardians
     Tracks:
     
     ICS,
     
     PenTesting
     Format: 4 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     This is not your traditional SCADA/ICS/IIoT security course! How many
     courses send you home with lifetime access to course updates and a $500 kit
     including your own PLC and a set of hardware/RF hacking tools?!? This
     course teaches hands-on penetration testing techniques used to test
     individual components of industrial control systems. The first day of the
     course teaches how to perform safe assessments of commissioned components
     in production without negatively affecting reliability and safety of the
     systems. The remaining bulk of the course will then focus on performing
     deeper component-level penetration testing in lab settings, attempting to
     discover and address 0-day vulnerabilities before those components are
     commissioned in production environments. Learn More
     
      EARLY
     
     
     
     $5,400
     
     
     ENDS MAY 24
     
     Attacking and Defending AWS, Azure, and GCP Cloud Applications: 2024
     Edition
     Location:  TBD
     appsecengineer
     Tracks:
     
     AppSec,
     
     Defense
     Format: 4 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Applications on the cloud present some unique opportunities and challenges
     in terms of security. In this training, we're going to explore Application
     Security on the cloud with three popular cloud providers, AWS, Azure, and
     GCP.
     
     The aim of this training is to take the participant through a journey of
     highly practical, scalable, and granular knowledge of AWS, Azure, and GCP
     offense, defense, and detection engineering. Our No.1 objective is that
     participants can apply skills learned from this class nearly immediately at
     their workplaces.
     
     This class is an intense, deep-dive experience in attacking and defending
     applications on AWS, Azure, and GCP. We would take participants through our
     ADD (Attack-Detect-Defend) labs in all these areas to give them a
     360°perspective of attacking and defending applications of various stacks
     deployed on the cloud
     
     Participants will walk away with 2 months of access to our online training
     portal and labs Learn More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Attacking and Defending the Application Supply-Chain
     Location:  TBD
     appsecengineer
     Tracks:
     
     AppSec,
     
     Defense
     Format: 4 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     Supply-chain security is a hot-button issue that companies are struggling
     with. The sheer size and scope of the problem is overwhelming to security
     and engineering teams, the world over. This hands-on training immerses
     participants in real-world scenarios, exploring both offensive and
     defensive strategies within CI systems, build environments, container
     infrastructure, and cloud-native platforms like Kubernetes, AWS, and Azure.
     
     This training is an attack and defend version of our famous "Attacking the
     Application Supply-Chain" Training that we've delivered at BlackHat over
     the past 3 years
     
     Through stories and red-blue team approaches this renowned, practical, and
     hands-on training takes the participants through a journey of attacking and
     defending application supply chains from development through deployment and
     beyond.
     
     Participants will walk away with long-term access to our online training
     portal and labs Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24
     
     Attacking Mobile Applications: Practical Security Testing for Android and
     iOS
     Location:  TBD
     mandiant (now part of google cloud)
     Tracks:
     
     Mobile,
     
     AppSec
     Format: 4 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     The Attacking Mobile Applications course is a hands-on 4-day journey into
     the world of mobile application penetration testing. The course has 19
     labs, each based on Mandiant's first-hand experience assessing mobile
     applications. Students will gain experience building a test environment,
     understanding application packages, analyzing Swift/Objective-C assembly
     and Dalvik bytecode, performing dynamic instrumentation to bypass jailbreak
     or root detection, intercepting network communications, and testing modern
     cross-platform applications (Xamarin, ReactJS, Flutter, etc.).
     
     Students will receive USB devices loaded with training materials: A
     self-contained Linux virtual machine with the labs and tools used in the
     course, a PDF collection of the course slides, multiple cheat sheets, and
     sample source code. Virtual Android and iOS devices will be supplied for
     attendees for use during the course. Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24
     
     Automating Reverse Engineering Processes with AI/ML, NLP, and LLMs
     Location:  TBD
     malachi jones, phd
     Tracks:
     
     AI, ML, & Data Science,
     
     Malware
     Format: 4 Day Trainings
     Skill Level: Advanced
     Experience: In-Person
     
     
     This course enhances reverse engineering (RE) processes through automation,
     focusing on efficiency and scalability in malware and firmware analysis by
     integrating Neural Networks (NN), Natural Language Processing (NLP), and
     Large Language Models (LLMs). It introduces Blackfyre, an open-source
     system combining a Ghidra plugin and Python library, essential for binary
     analysis and applying NN/NLP/LLM techniques in RE. The curriculum covers NN
     and NLP in malware analysis for threat classification and anomaly
     detection, and in firmware analysis for predicting function/binary names
     and detecting similarities. It also introduces BinaryRank, inspired by
     PageRank, but more efficient with linear complexity, for static analysis,
     improving NLP's effectiveness in binaries data representations. Advanced
     topics include LLMs for function and binary summarization, and malware
     analysis for signature and report generation. Designed for those with a
     foundational understanding of RE, Python object-oriented programming
     skills, and basic mathematical knowledge, the course aims to bolster
     NN/NLP/LLM capabilities in automating RE processes. Learn More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Blue Team Arsenal: Python and Generative AI for Threat Intelligence
     Location:  TBD
     roberto rodriguez, thomas roccia
     Tracks:
     
     AI, ML, & Data Science,
     
     Defense
     Format: 4 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     In the fast-paced world of cyber security, threat intelligence plays a
     critical role in an organization's defense strategy, empowering defenders
     with deep understanding of adversary tradecraft and their threat landscape.
     For a threat intelligence analyst, the abilities to collect and connect
     information from a wide variety of data sources and dive deep into
     malicious software are essential. Imagine streamlining these processes by
     building your own tools leveraging artificial intelligence.
     
     In this 4-day class, you will learn to use Python to collect and analyze
     threat data, handle malware, build your own custom tools, and integrate the
     power for Generative AI to transform your technical approach to threat
     intelligence. We will combine theory with practical, hands-on exercises,
     giving you the opportunity to apply all these concepts in real-world
     scenarios. By the end of this course, you will have the necessary skills
     and tools to unlock new capabilities into your threat intelligence cycle.
     Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24
     
     DevSecOps Masterclass: 2024 Edition
     Location:  TBD
     appsecengineer
     Tracks:
     
     AppSec,
     
     Defense
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     DevOps has become a pervasive force within organizations globally, driving
     the continuous delivery of applications. Despite its success, security
     remains a significant challenge for DevOps. Organizations need help
     including security in continuous delivery processes.
     This training is a comprehensive, focused, and practical approach to
     implementing Security for your Continuous Delivery Pipeline. Backed by tons
     of hands-on labs, original research, and real-world implementations of
     DevSecOps, this training offers a comprehensive and practical guide for
     professionals seeking to enhance their skills and implement robust security
     measures in the ever-evolving landscape of continuous delivery and
     application development.
     
     The training starts with Application Security Automation for SAST, DAST,
     SCA, IAST, and RASP, apart from Vulnerability Management and Correlation.
     Subsequently, the training focuses on Cloud Security and automating
     security processes in cloud and cloud-native environments. Next, the
     training closes with a deep dive into DevSecOps Practices for Kubernetes
     and Containers, providing detailed perspectives on implementing scalable
     security for these deployments. In anticipation of Cloud-focused DevSecOps
     requirements, this training arms the learners with a plethora of
     cloud-native options that will serve as drop-in replacements for their
     on-prem pipeline components. Practical learnings picked up throughout the
     class are brought to AWS Codepipeline and Azure Pipelines along with a
     handbook of best practices and blueprints to prepare the students for the
     changed landscape.
     
     Participants receive a free (OSS) toolkit for DevSecOps Implementations and
     2 months of access to our hands-on labs, engaging challenges, and recorded
     classes for this DevSecOps training. Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24
     
     Digging Deeper With Velociraptor
     Location:  TBD
     mike cohen, digital paleontologist, rapid7
     Tracks:
     
     Forensics,
     
     Defense
     Format: 4 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     The old way of performing in-depth forensic analysis and incident response
     with your existing tools is clearly not adequate or scalable to many
     endpoints. It is just too time consuming to analyze many machines, acquire
     large disk images, and memory, let alone actively hunt for indicators of
     compromise across your entire network.
     
     This course covers all you need to know to use Velociraptor as a power
     user!
     
     Learn how to weird this powerful tool to respond to incidents, detect
     attacks and shut down attackers in their tracks. Learn More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Foundational Security Operations and Defensive Analysis
     Location:  TBD
     offsec powered by applied technology academy
     Track:
     
     Risk
     Format: 4 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     
     The student receives a 1 Year OffSec Learn Unlimited license.
     OffSec Learn Unlimited - A $5,400 Value!
     
      * Provides access to the Proving Grounds (Play and Practice)
      * All 100, 200 and 300-level training materials and labs
      * Unlimited exam attempts to the corresponding courses (OSCP, OSDA, OSWA,
        OSWP, KLCP, OSWE, OSEP, OSED & OSMR)
     
     
     
     A skilled security operations team is crucial for any organization's
     cybersecurity readiness and ability to effectively detect cyber threats.
     
     With OffSec's SOC-200: Foundational Security Operations and Defensive
     Analysis course, employers worldwide are upskilling their teams with
     hands-on learning on detecting and assessing security incidents.
     
     This foundational course teaches learners how to uncover the consequences
     of common attacks from a defensive perspective, recognize methodologies for
     end-to-end attack chaining, use a SIEM to identify and access cyber
     attacks, and conduct guided audits of compromised systems across multiple
     OSs.
     
     Learners who complete the SOC-200 course and pass the associated exam earn
     the Offensive Security Defense Analyst (OSDA) certification. A certified
     OSDA candidate is prepared to join and participate in a Security Operations
     Center (SOC) as a Junior Analyst.
     
     Benefits:
     
      * Upskill talent to roles such as SOC Analysts and Jr. roles in Threat
        Hunting and Digital Forensics and Incident Response
      * Ensure your team can preempt threats and detect vulnerabilities before
        they're exploited
      * Fortify your organization's cybersecurity defense and maintain your
        security posture
      * Recognized certifications demonstrate a high-performing team
      * Train your team to detect threats using the only dedicated lab framework
        built to execute live attacks against a network for defensive purposes
      * Learners can use the SOC-200 Challenge Labs to learn how to review logs
        and identify attackers and their methods in real-time
     
     Learn More
     
      EARLY
     
     
     
     $6,000
     
     
     ENDS MAY 24
     
     Full Scope Social Engineering and Physical Security
     Location:  TBD
     snowfensive
     Tracks:
     
     Human,
     
     PenTesting
     Format: 4 Day Trainings
     Skill Level: All
     Experience: In-Person
     
     
     Full Scope Social Engineering is designed for students who want to learn
     all aspects of Social Engineering in one course. No prior experience is
     needed, students will start by learning core techniques and Open-Source
     Intelligence (OSINT) gathering. Students will take these fundamental
     concepts into the next three phases by applying them to craft robust and
     captivating Vishing (voice-phishing), Phishing, and Physical Security
     campaigns.
     Each phase includes multiple labs and challenges. FSSE is extremely
     hands-on and student participation is highly encouraged. Upon completion,
     students will feel confident performing OSINT, choosing targets, developing
     pretexts, and performing effective Social Engineering engagements.
     FSSE provides considerable value to pentesters and red teamers as clients
     frequently request this type of testing. Defenders can also benefit from
     this training and leverage these skills to defend against attacks and
     provide awareness training. Learn More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Hacking and Securing Cloud Infrastructure - 4 Day
     Location:  TBD
     manish rohilla / notsosecure
     Tracks:
     
     Network,
     
     PenTesting
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     With the rapid adoption of cloud infrastructure and the prevalence of
     hybrid cloud environments among organizations, the need to address cloud
     misconfigurations has become paramount. This course offers a holistic
     approach to understanding and mitigating misconfigurations in AWS, Azure,
     and GCP.
     From building and migrating to managing and innovating in the cloud,
     organizations face increasing pressure to secure their cloud infrastructure
     effectively. To achieve this, a deep understanding of cloud attack
     architecture and hands-on experience with relevant tools and techniques are
     essential.
     This comprehensive 4-day course immerses participants in the attacker's
     mindset, providing the opportunity to deploy over 25 novel attacks through
     state-of-the-art labs. The training is delivered by seasoned penetration
     testers with extensive experience in cloud hacking, gained through
     real-world engagements.
     By the end of the course, participants will be well-equipped to confidently
     identify vulnerabilities within cloud deployments. Additionally, the
     training covers cloud detection and response strategies, empowering
     participants to proactively address weaknesses and monitor their cloud
     environment for potential attacks. This course is a crucial step toward
     enhancing cloud security in an ever-evolving threat landscape. Learn More
     
      EARLY
     
     
     
     $5,400
     
     
     ENDS MAY 24
     
     Industrial Control Systems: Build, Break, Secure
     Location:  TBD
     arnaud soullie
     Tracks:
     
     ICS,
     
     PenTesting
     Format: 4 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Discover the world of Industrial Control Systems with an attack mindset! We
     will follow a hands-on approach, growing from a very simple local process
     to a realistic ICS environment with 3 words in mind:
     
      * Build: how does it work?
      * Break: what are the weaknesses and how to exploit it?
      * Secure: what can we do to fix it?
     
     Day 1 & 2 will allow you to discover and understand ICS and its components,
     by creating your own training environment and programming it. We'll spend
     day 3 attacking a realistic ICS environment, and on day 4 we'll learn how
     to secure it.
     Moreover, the training doesn't stop on the last day! Each participant will
     receive 30-day access to our "ICS cybersecurity academy" e-learning portal,
     which allows them to watch the training content in video, as well as
     perform all the exercises on a cloud platform. Learn More
     
      EARLY
     
     
     
     $4,900
     
     
     ENDS MAY 24
     
     Offensive Mobile Reversing and Exploitation (iOS & Android) - 2024 Edition
     Location:  TBD
     8ksec
     Tracks:
     
     Mobile,
     
     AppSec
     Format: 4 Day Trainings
     Skill Level: Intermediate/Advanced
     Experience: In-Person
     
     
     After running sold-out trainings at multiple conferences over the last few
     years, we are back with an updated version of our course which now covers
     ARM64, mobile browser security, and detailed Mobile apps and operating
     system security. The class starts with a basic introduction to the ARM
     instruction set and calling conventions followed by some reverse
     engineering exercises. We then learn how to craft simple exploits for the
     ARM64 environment. Next, we move to Mobile browser security and understand
     some of the browser mitigations followed by writing some simple exploits
     for the mobile browser. We then cover iOS and Android internals in further
     detail. We then discuss some of the exploitation techniques using
     real-world vulnerabilities (e.g., voucher_swap, checkm8, etc) followed by a
     walkthrough of how jailbreaks are written. We also discuss some of the
     common vulnerability types (Heap Overflows, Use-after-free, Uninitialized
     Stack variables, Race conditions). The training then moves on to
     application security based on exploiting the Damn Vulnerable iOS app,
     Android-InsecureBankv2, and InsecurePass application written by the authors
     of this course in addition to a broad range of other real-world
     applications. We also cover a variety of mitigations deployed in real-world
     apps and discuss how to bypass them. The course then covers the kernel
     exploitation and details for both Android and iOS platforms along with
     steps for breaking into Mobile Kernel exploitation. Slides, videos, and
     detailed documentation on the labs will be provided to the students for
     practice after the class. Corellium access will be provided to students
     during the duration of the training course.
     
     Summary
     
      * Fully updated for iOS 17 and Android 14
      * Get 30 Days of Lab Access to our VMs
      * Virtual Devices on iOS and Android using Corellium
      * Get Certified as Mobile Security Expert
      * Learn Reverse Engineering Mobile Apps from Scratch
      * Learn Malware Reversing for iOS and Android
      * Learn the internals of iOS and Android Kernel and their mitigations
      * Learn Penetration Testing of iOS and Android apps
      * Get an understanding of ARM64 architecture
      * Learn Advanced Binary Instrumentation techniques using Frida
      * Learn how to set up your own Mobile Research Environment
     
     Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24
     
     Penetration Testing with Kali Linux
     Location:  TBD
     offsec powered by applied technology academy
     Track:
     
     PenTesting
     Format: 4 Day Trainings
     Skill Level: Intermediate
     Experience: In-Person
     
     
     
     The student receives a 1 Year OffSec Learn Unlimited license.
     OffSec Learn Unlimited - A $5,400 Value!
     
      * Provides access to the Proving Grounds (Play and Practice)
      * All 100, 200 and 300-level training materials and labs
      * Unlimited exam attempts to the corresponding courses (OSCP, OSDA, OSWA,
        OSWP, KLCP, OSWE, OSEP, OSED & OSMR)
     
     
     
     Penetration Testing with Kali Linux is a unique online penetration testing
     course that introduces learners to the latest pentesting methodologies,
     tools, and techniques via hands-on experience. PEN-200 simulates a full
     penetration test from start to finish by immersing the learners into a
     target-rich and vulnerable network environment.
     
     This foundational-level course is designed for security and other
     technology professionals who want to take a meaningful step into the world
     of professional pentesting, as well as seasoned pentesters seeking to
     sharpen their skills and earn one of the most coveted pentesting
     certifications.
     
     As one of the most respected cybersecurity courses, PEN-200 is considered
     more technical than other similar courses – it requires evidence of
     practical pentesting skills, ensuring real-world and job-ready skills. With
     this focus on the practical application of real-world pentesting skills,
     this course goes one step further by teaching learners the "Try Harder"
     mindset – a true exercise of grit and will that is crucial for any
     pentester.
     
     Learners who complete the PEN-200 course and the associated exam earn the
     Offensive Security Certified Professional (OSCP) certification.
     
     Benefits:
     
      * In-depth training from infosec experts
      * Improved security posture with a team skilled in the latest pentesting
        tools and techniques
      * Higher employee retention rates with an engaging and industry-recognized
        learning plan
      * Have complete visibility and data on your team's progression as they
        work through a variety of network security skills
     
     Learn More
     
      EARLY
     
     
     
     $7,000
     
     
     ENDS MAY 24
     
     Physical Penetration, RFID Hacking, & Electronic Access Control Systems
     Location:  TBD
     red team alliance
     Tracks:
     
     PenTesting,
     
     Hardware
     Format: 4 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Beyond firewalls and network hardening, government and enterprise alike
     must consider how security infrastructure safeguards digital, material, and
     human assets. Physical security is foundational to the ability to resist
     unauthorized access or malicious threat.
     
     In this training, students will be immersed in the world of mechanical
     locking systems, door hardware, manipulation and bypassing techniques, PACS
     tokens, RFID credentials, alarm contacts, tamper switches, door
     controllers, and backhaul protocols that underpin Physical Access Control
     Systems (PACS) across the globe.
     
     Red Team members and penetration testers will gain a practical
     understanding of what physical security looks like in the field, and how to
     manipulate, bypass, intercept, clone, downgrade, replay, and bypass one's
     way through such defenses. Blue Team members including SOC staff,
     defenders, designers, and directors will come with away with best practices
     and techniques that will resist attacks.
     
     Those who attend this course will leave with a full awareness of how to
     best protect buildings and grounds from unauthorized access, as well as how
     to compromise most existing physical security in order to gain access
     themselves. Learn More
     
      EARLY
     
     
     
     $5,400
     
     
     ENDS MAY 24
     
     Practical Car Hacking - A Hands-On Approach
     Location:  TBD
     willem melching
     Track:
     
     Hardware
     Format: 4 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     This course will cover a variety of topics related to automotive security.
     The most common networks used in modern vehicles will be discussed, and we
     will cover a variety of attacks on these communication networks found in
     cars, such as spoofing, DoS and MITM.
     
     We will look at a variety of diagnostics protocols to talk to ECUs and
     extract their firmware, such as UDS, CCP and XCP. Other methods of
     obtaining firmware such as extracting proprietary update files, JTAG and
     Fault Injection will be shown.
     
     After firmware is obtained you will learn how to quickly identify the
     relevant part of an ECUs firmware and reverse engineer it. Finally we will
     consider the wireless attack surface of a vehicle, such as TPMS, key fobs
     and EV charging. Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24
     
     Practical Linux Attack Paths and Hunting for Red and Blue Team
     Location:  TBD
     leszek mis@defensive-security
     Tracks:
     
     Defense,
     
     PenTesting
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     Dive into the world of Linux attack paths, local and remote exploitation,
     process injection, process hiding, tunneling, network pivoting, and syscall
     hooking techniques. See hands-on how Linux malware, userspace, and kernel
     space rootkits work in well-prepared Detection PurpleLabs Cyber Range,
     analyze and modify the source codes, find interesting behavior patterns in
     binaries and logs, learn what telemetry is needed to catch modern Linux
     threat actors, and find how to proactively validate and improve detection
     coverage with step-by-step Linux adversary emulations. On top of that, run
     your VMs RAM acquisition 'on click' and analyze
     memory images at any stage of the course. Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24
     
     Tactical Hacking Essentials - 2024 Edition
     Location:  TBD
     sensepost | orange cyberdefense
     Tracks:
     
     PenTesting,
     
     Network
     Format: 4 Day Trainings
     Skill Level: Beginner/Intermediate
     Experience: In-Person
     
     
     Are you looking to leap into a penetration testing career and gain
     essential practical hacking skills? Then this course is for you!
     
     This extremely hands-on course is designed to provide you with a complete
     overview and methodology to start a career in penetration testing. Our core
     methodologies are instilled throughout this course. You'll be taken on an
     immersive journey into the day-to-day tactical operations of a penetration
     tester.
     
     Key Points:
     
      * Complete methodologies to conduct penetration tests
      * Deep dive into the complete attack path of a real-world attacker
      * Fundamentals to continue a career in the security testing/ethical
        hacking field
     
     
     The course starts off with fundamental security knowledge to provide you
     with a solid technical base to build upon. The attack model starts from an
     external perspective with the main objective of taking over an
     organisation. You'll be exposed to open-source intelligence gathering
     techniques, external and web application hacking skills, and working your
     way into an organisation, ending with advanced internal network compromises
     and objective completion. Throughout the course, you will gain actual
     attacker skills and knowledge to apply in real-world scenarios.
     
     This course is highly practical and will provide you with tools and
     techniques to achieve objectives through the course in our immersive online
     lab environment.
     
     Join us and learn to hack hard! Learn More
     
      EARLY
     
     
     
     $5,100
     
     
     ENDS MAY 24
     
     The Art of Hacking - 4 Day
     Location:  TBD
     tom large / notsosecure
     Tracks:
     
     PenTesting,
     
     AppSec
     Format: 4 Day Trainings
     Skill Level: Beginner
     Experience: In-Person
     
     
     This is our entry-level security testing course that covers approaches for
     both web application security and infrastructure security, the course is
     also a pre-requisite course before enrolling for either our "Web Hacking
     Black Belt Edition" or "Advanced Infrastructure Hacking" courses. This
     foundation course familiarises the attendees with the basics of penetration
     testing by demonstrating a number of tools and techniques to find and
     exploit vulnerabilities, backed up by discussing a systematic approach on
     the various phases of a penetration test. If you would like to step into
     Ethical Hacking/Penetration Testing with the right amount of knowledge,
     this is the right course for you. Learn More
     
      EARLY
     
     
     
     $5,100
     
     
     ENDS MAY 24
     
     Theory and Practice: Machine Learning Introduction with Threats and
     Vulnerabilities
     Location:  TBD
     include security
     Tracks:
     
     AI, ML, & Data Science,
     
     AppSec
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     This 4-day course provides a comprehensive yet concise overview of AI/ML
     models (kNN, Linear Models, Decision Trees, Random Forest, Neural Networks
     and Transformer based LLMs) as well as the attacks on those models. The
     goal is to give security professionals a quick introduction to AI/ML models
     and how they work in addition to providing the foundational security skills
     to identify and understand the risks associated with AI/ML/LLM
     applications. With this knowledge attendees will be able to understand how
     ML works and assess the threats against AI/ML systems to better understand
     how to protect against AI/ML specific security threats. This course is
     primarily focused on offensive techniques however some defensive techniques
     will be briefly mentioned as well. Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24
     
     Web Hacking Black Belt Edition - 4 day
     Location:  TBD
     sanjay gondaliya / notsosecure
     Tracks:
     
     AppSec,
     
     PenTesting
     Format: 4 Day Trainings
     Experience: In-Person
     
     
     This course uses a Defence by Offence methodology based on real-world
     engagements and offensive research (not theory). That means everything we
     teach has been tried and tested on live environments and in our labs, so
     you can put it into practice as soon as the training is over. By the end of
     the course, you'll know:
     
     
      * How to think and behave like an advanced, real-world threat actor
      * How to identify commonly used vulnerabilities known to have caused
        damage and disruption in recent months
      * How to deploy the latest and most common web application hacks
        (including many novel techniques that can't be detected by scanners)
      * How to analyse vulnerabilities within your own organisation and
        customise your hacking techniques in response
     
     
     Join this hands-on, 4-day course to push your web hacking to the next level
     and widen your career prospects. Get your hands dirty with our popular labs
     and learn from experienced, practicing penetration testers with a legacy of
     training at Black Hat. Learn More
     
      EARLY
     
     
     
     $5,400
     
     
     ENDS MAY 24
     
     Windows Kernel Rootkit Techniques
     Location:  TBD
     t.roy, codemachine
     Tracks:
     
     Malware,
     
     PenTesting
     Format: 4 Day Trainings
     Skill Level: Advanced
     Experience: In-Person
     
     
     To achieve maximum stealth and obtain unabated access to the system,
     rootkits execute in kernel mode. This advanced course provides a
     comprehensive end-to-end view of the modus-operandi of rootkits by taking
     an in-depth look at behind the scenes working of the Windows kernel and how
     these mechanisms are exploited by malware through hands-on labs and
     real-world case studies. Kernel security enhancements that have been
     progressively added to Windows including ones that depend on Virtualized
     Based Security (VBS) are discussed along with some circumvention
     techniques. Attendees will study key techniques used by rootkits to
     understand the real-world applicability of these concepts for offensive and
     defensive purposes. This course has been updated for Windows 11 23H2.
     
     The training consists of theory, instructor-led demos, code walkthroughs,
     and most importantly, hands-on labs where students use Visual Studio 2022
     and Windows Driver Kit (WDK), to implement rootkit functionality and use
     WinDBG to detect, identify, and analyze rootkit behavior on Windows 11
     64-bit. Learn More
     
      EARLY
     
     
     
     $5,000
     
     
     ENDS MAY 24



 * Back to Trainings


ON THIS PAGE

 * Pricing
 * Overview
 * Key Takeaways
 * Who Should Take this Course
 * Student Requirements
 * What Students Should Bring
 * What Students Will Be Provided With


ADVANCED INFRASTRUCTURE HACKING - 4 DAY


TIAGO CARVALHO / NOTSOSECURE | AUGUST 3-6

--------------------------------------------------------------------------------

 Early



$5,400


ENDS MAY 24

 Regular



$5,700


ENDS JULY 19

 Late



$5,900


ENDS AUGUST 2

 On-Site



$6,000


ENDS AUGUST 8


--------------------------------------------------------------------------------


EXPERIENCE

In-Person

--------------------------------------------------------------------------------


OVERVIEW

Overview

Whether you are penetration testing, Red Teaming or trying to get a better
understanding of managing vulnerabilities in your environment, understanding
advanced hacking techniques is critical. This course covers a wide variety of
neat, new and ridiculous techniques to compromise modern Operating Systems and
networking devices.

While prior pentest experience is not a strict requirement, familiarity with
both Linux and Windows command line syntax will be greatly beneficial.

The following is the syllabus for the class:

Day 1:

 * IPv4/IPv6 Basics
 * IPv6 service discovery & enumeration
 * MiTM attacks
 * Exploiting systems/services over IPv6
 * Host Discovery & Enumeration
 * Advanced OSINT & Asset Discovery
 * Exploiting DVCS and CI-CD Server -Change in training flow 
(Attack chain
   -DVCS-Ubuntu-Container)


Windows Exploitation

 * Windows Enumeration and Configuration Issues
 * Windows Desktop 'Breakout' and AppLocker Bypass Techniques (Win 10)
 * Local Privilege Escalation
 * Offensive PowerShell/ Offsec Development
 * AMSI Bypass Techniques
 * AV Evasion Techniques
 * Post Exploitation Tips, Tools, and Methodology


Day 2:
Active Directory Attacks

 * Active Directory Delegation Reviews and Pwnage (Win 2019 server)
 * Pass the Hash/Ticket (Revamp)
 * ADCS Misconfiguration
 * Resource-Based Constrained Delegation
 * Cross Domain and Forest attacks
 * Pivoting, Port Forwarding, and Lateral Movement Techniques
 * Persistence and backdooring techniques (Golden and Diamond Ticket)
 * Command and Control (C2) Frameworks (Revamp)


Day 3:

 * Linux Vulnerabilities and Configuration Issues
 * Treasure hunting via enumeration
 * Kerberos authentication (Revamp)
 * File Share/SSH Hacks
 * Restricted Shells Breakouts
 * Breaking Hardened Web Servers
 * Local Privilege Escalation
 * MongoDB exploitation
 * TTY hacks, Pivoting
 * Gaining root via misconfigurations
 * Kernel Exploitation (Revamp)
 * Post Exploitation
 * Persistence Techniques (Linux Capabilities)


Day 4:

 * Breaking and abusing Docker (Revamp)
 * Kubernetes environments
 * Breaking out of Kubernetes containers
 * AWS/Azure/GCP specific attacks
 * Storage Misconfigurations
 * Credentials, API's and token Abuse
 * IaaS, PaaS, SaaS, CaaS and Serverless exploitation
 * Azure AD attacks
 * VLAN Hopping Attacks
 * B33r 101


KEY TAKEAWAYS

 * Learn the latest and cutting-edge attack techniques against modern Operating
   system
 * The free 30-day lab access provides attendee surplus time to learn advanced
   topics in their own time and at their own pace.
 * All our trainers are hands-on practitioners and they share real-world stories
   to help attendees put vulnerabilities into real-world perspectives.


WHO SHOULD TAKE THIS COURSE
System Administrators, SOC analysts, Penetration testers, network engineers,
security enthusiasts, and anyone who wants to take their skills to the next
level.

While prior pentest experience is not a strict requirement, familiarity with
both Linux and Windows command line syntax will be greatly beneficial. Hands-on
experience with common hacking tools such as Metasploit and familiarity with
scripting language will also be beneficial, although less advanced users can
work their way up during the 30 days of complimentary lab access provided as
part of the class.

AUDIENCE SKILL LEVEL
Intermediate/Advanced

STUDENT REQUIREMENTS
The only requirement for this class is that you must bring your own laptop and
have admin/root access on it. During the class, we will give you VPN access to
our state-of-art hacklab which is hosted in our data-center in the UK. Once you
are connected to the lab, you will find all the relevant tools/VMs there. We
also provide a dedicated Kali VM to each attendee on the hacklab. So, you don't
need to bring any VMs with you. All you need is admin access to install the VPN
client and once connected, you are good to go!

WHAT STUDENTS SHOULD BRING
See student requirement

WHAT STUDENTS WILL BE PROVIDED WITH
Access to a hacking lab not just during the course but for 30 days after the
class too. This gives them plenty of time to practice the concepts taught in the
class. The lab contains a wide variety of challenges from local privilege
escalation to VLAN hopping etc. Numerous scripts and tools will also be provided
during the training, along with student handouts.

Our courses also come with detailed answer sheets. That is a step-by-step
walkthrough of how every exercise within the class needs to be solved. These
answer sheets are also provided to students at the end of the class.

Why Should People Attend Your Course?
We have been running this course at BlackHat since 2015 and have been updating
it every year by 25% to keep up with the latest tech and trends. This course
includes a full hands-on lab environment replicating a near real-world setup to
practise the attacks. The lab contains exercises for all the modules discussed
during the course as well as additional challenges to be explored during the
30-day complementary lab period. Students are provided with very detailed
documentation for each and every topic including slides, answer sheets, and
command cheat sheets. The latest update includes CTF competition to increase
student interactivity. The lab is hosted on a VPN environment which students
will be provided access to. It also includes a dedicated attack machine for
every student, enabling them to practice on isolated machines. This helps reduce
the resource requirements towards attendee systems.

--------------------------------------------------------------------------------


KEY TAKEAWAYS

 * Learn the latest and cutting-edge attack techniques against a modern
   operating system
 * The free 30-day lab access provides attendee surplus time to learn advanced
   topics in their own time and at their own pace.
 * All our trainers are hands-on practitioners and they share real-world stories
   to help attendees put vulnerabilities into real-world perspectives.

--------------------------------------------------------------------------------


WHO SHOULD TAKE THIS COURSE

System Administrators, SOC analysts, Penetration testers, network engineers,
security enthusiasts and anyone who wants to take their skills to the next
level.
 
While prior pentest experience is not a strict requirement, familiarity with
both Linux and Windows command line syntax will be greatly beneficial. Hands-on
experience with common hacking tools such as Metasploit and familiarity with
scripting language will also be beneficial, although less advanced users can
work their way up during the 30 days of complimentary lab access provided as
part of the class.

--------------------------------------------------------------------------------


STUDENT REQUIREMENTS

The only requirement for this class is that you must bring your own laptop and
have admin/root access on it. During the class, we will give you VPN access to
our state-of-art hacklab which is hosted in our data-center in the UK. Once you
are connected to the lab, you will find all the relevant tools/VMs there. We
also provide a dedicated Kali VM to each attendee on the hacklab. So, you don't
need to bring any VMs with you. All you need is admin access to install the VPN
client and once connected, you are good to go!

--------------------------------------------------------------------------------


WHAT STUDENTS SHOULD BRING

The only requirement for this class is that you must bring your own laptop and
have admin/root access on it.

--------------------------------------------------------------------------------


WHAT STUDENTS WILL BE PROVIDED WITH

Access to a hacking lab not just during the course but for 30 days after the
class too. This gives them plenty of time to practice the concepts taught in the
class. The lab contains a wide variety of challenges from local privilege
escalation to VLAN hopping etc. Numerous scripts and tools will also be provided
during the training, along with student handouts.
 
Our courses also come with detailed answer sheets. That is a step by step
walkthrough of how every exercise within the class needs to be solved. These
answer sheets are also provided to students at the end of the class.

--------------------------------------------------------------------------------


TRAINERS

Tiago discovered computer programming at a very young age with ZX Spectrum in
Basic programming, with his curiosity driving him to learn more about computers
and how they work. He holds two professional degrees in Electronics level III
from the Portuguese Navy (as a civilian) where he also undertook an internship
and a qualification in Computer Networks Level IV from ATEC. He began his career
in 2006 as a network administrator, however his passion for coding and
cybersecurity led him to switch to programming in 2009 and various roles,
including: a developer in Java-based real time, integration and source code
analysis applications for the telecommunications and banking sectors; a member
of an application development management team; and a security advisor. His
career in Information Security began in 2013 when he gained a number of
cybersecurity certifications and work in Penetration Testing. Course content
contributor and trainer for NotSoSecure's Advanced Infrastructure, Tiago has
delivered training at Black Hat and other leading global Security conferences.


Discover more from Informa Tech
 * Dark Reading
 * SecTor
 * Black Hat Trainings
 * Omdia

Working With Us
 * About Us
 * Code of Conduct
 * Contact us
 * Upcoming Events

Follow on Social
 * 
 * 
 * 
 * 
 * 
 * 

 * Cookie
 * CCPA: Do not sell my personal info
 * Privacy
 * Terms

Copyright © 2024 Informa PLC. Informa PLC is registered in England and Wales
with company number 8860726 whose registered and head office is 5 Howick Place,
London, SW1P 1WG.


×
>

This site uses cookies to provide you with the best user experience possible. By
continuing to use this site, you accept our use of cookies.

I Agree