www.blackhat.com
Open in
urlscan Pro
2606:4700::6811:b485
Public Scan
Submitted URL: https://www.blackhat.com/us-24/training/schedule/#hacking-cybersecurity-leadership-an-interactive-training-to-strengthen-...
Effective URL: https://www.blackhat.com/us-24/training/schedule/
Submission: On July 17 via api from US — Scanned from DE
Effective URL: https://www.blackhat.com/us-24/training/schedule/
Submission: On July 17 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
<form class="filter_wrapper">
<div class="filters_wrapper" id="filters_wrapper">
<div class="format_type_wrapper">
<h3 id="filter_format_type" class="filter_header_background_shown filter_header">Format(s)</h3>
<div class="format_type_list">
<div class="select_clear_all_link"><a onclick="select_all_filter('format_type'); return false;" href="javascript:;">Select All</a> | <a onclick="clear_all_filter('format_type'); return false;" href="javascript:;">Clear</a> </div>
<ul>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="format_type_420-458_checkbox" id="format_type_420-458_checkbox" class="format_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="format_type_420-458_checkbox" id="label_format_type_420-458" class="format_type_checkbox_label" href="#format/-day-trainings">
<div class="format_type_icon -day-trainings_icon"></div> <span>2 Day Trainings</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="format_type_420-460_checkbox" id="format_type_420-460_checkbox" class="format_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="format_type_420-460_checkbox" id="label_format_type_420-460" class="format_type_checkbox_label" href="#format/-day-trainings">
<div class="format_type_icon -day-trainings_icon"></div> <span>4 Day Trainings</span>
</label> </div>
<div class="clear"></div>
</li>
</ul>
</div>
</div>
<div class="track_type_wrapper">
<h3 id="filter_track_type" class="filter_header_background_shown filter_header">Track(s)</h3>
<div class="track_type_list">
<div class="select_clear_all_link"><a onclick="select_all_filter('track_type'); return false;" href="javascript:;">Select All</a> | <a onclick="clear_all_filter('track_type'); return false;" href="javascript:;">Clear</a> </div>
<ul>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1879_checkbox" id="track_type_1879_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1879_checkbox" id="label_track_type_1879" class="track_type_checkbox_label" href="#track/ai-ml--data-science">
<div class="track_type_icon ai-ml--data-science_icon"></div> <span>AI, ML, & Data Science</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1801_checkbox" id="track_type_1801_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1801_checkbox" id="label_track_type_1801" class="track_type_checkbox_label" href="#track/appsec">
<div class="track_type_icon appsec_icon"></div> <span>AppSec</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1786_checkbox" id="track_type_1786_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1786_checkbox" id="label_track_type_1786" class="track_type_checkbox_label" href="#track/crypto">
<div class="track_type_icon crypto_icon"></div> <span>Crypto</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1769_checkbox" id="track_type_1769_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1769_checkbox" id="label_track_type_1769" class="track_type_checkbox_label" href="#track/defense">
<div class="track_type_icon defense_icon"></div> <span>Defense</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1787_checkbox" id="track_type_1787_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1787_checkbox" id="label_track_type_1787" class="track_type_checkbox_label" href="#track/forensics">
<div class="track_type_icon forensics_icon"></div> <span>Forensics</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1788_checkbox" id="track_type_1788_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1788_checkbox" id="label_track_type_1788" class="track_type_checkbox_label" href="#track/hardware">
<div class="track_type_icon hardware_icon"></div> <span>Hardware</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1789_checkbox" id="track_type_1789_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1789_checkbox" id="label_track_type_1789" class="track_type_checkbox_label" href="#track/human">
<div class="track_type_icon human_icon"></div> <span>Human</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1790_checkbox" id="track_type_1790_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1790_checkbox" id="label_track_type_1790" class="track_type_checkbox_label" href="#track/ics">
<div class="track_type_icon ics_icon"></div> <span>ICS</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1844_checkbox" id="track_type_1844_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1844_checkbox" id="label_track_type_1844" class="track_type_checkbox_label" href="#track/iot">
<div class="track_type_icon iot_icon"></div> <span>IOT</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1802_checkbox" id="track_type_1802_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1802_checkbox" id="label_track_type_1802" class="track_type_checkbox_label" href="#track/malware">
<div class="track_type_icon malware_icon"></div> <span>Malware</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_17_checkbox" id="track_type_17_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_17_checkbox" id="label_track_type_17" class="track_type_checkbox_label" href="#track/mobile">
<div class="track_type_icon mobile_icon"></div> <span>Mobile</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1777_checkbox" id="track_type_1777_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1777_checkbox" id="label_track_type_1777" class="track_type_checkbox_label" href="#track/network">
<div class="track_type_icon network_icon"></div> <span>Network</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1761_checkbox" id="track_type_1761_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1761_checkbox" id="label_track_type_1761" class="track_type_checkbox_label" href="#track/pentesting">
<div class="track_type_icon pentesting_icon"></div> <span>PenTesting</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1791_checkbox" id="track_type_1791_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1791_checkbox" id="label_track_type_1791" class="track_type_checkbox_label" href="#track/risk">
<div class="track_type_icon risk_icon"></div> <span>Risk</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="track_type_1792_checkbox" id="track_type_1792_checkbox" class="track_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="track_type_1792_checkbox" id="label_track_type_1792" class="track_type_checkbox_label" href="#track/wireless">
<div class="track_type_icon wireless_icon"></div> <span>Wireless</span>
</label> </div>
<div class="clear"></div>
</li>
</ul>
</div>
</div>
<div class="skill_level_wrapper">
<h3 id="filter_skill_level" class="filter_header_background_shown filter_header">Skill Level(s)</h3>
<div class="skill_level_list">
<div class="select_clear_all_link"><a onclick="select_all_filter('skill_level'); return false;" href="javascript:;">Select All</a> | <a onclick="clear_all_filter('skill_level'); return false;" href="javascript:;">Clear</a> </div>
<ul>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_3_checkbox" id="skill_level_3_checkbox" class="skill_level_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="skill_level_3_checkbox" id="label_skill_level_3" class="skill_level_checkbox_label" href="#skill/advanced">
<div class="skill_level_icon advanced_icon"></div> <span>Advanced</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_1_checkbox" id="skill_level_1_checkbox" class="skill_level_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="skill_level_1_checkbox" id="label_skill_level_1" class="skill_level_checkbox_label" href="#skill/all">
<div class="skill_level_icon all_icon"></div> <span>All</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_5_checkbox" id="skill_level_5_checkbox" class="skill_level_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="skill_level_5_checkbox" id="label_skill_level_5" class="skill_level_checkbox_label" href="#skill/beginner">
<div class="skill_level_icon beginner_icon"></div> <span>Beginner</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_6_checkbox" id="skill_level_6_checkbox" class="skill_level_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="skill_level_6_checkbox" id="label_skill_level_6" class="skill_level_checkbox_label" href="#skill/beginnerintermediate">
<div class="skill_level_icon beginnerintermediate_icon"></div> <span>Beginner/Intermediate</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_2_checkbox" id="skill_level_2_checkbox" class="skill_level_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="skill_level_2_checkbox" id="label_skill_level_2" class="skill_level_checkbox_label" href="#skill/intermediate">
<div class="skill_level_icon intermediate_icon"></div> <span>Intermediate</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="skill_level_7_checkbox" id="skill_level_7_checkbox" class="skill_level_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="skill_level_7_checkbox" id="label_skill_level_7" class="skill_level_checkbox_label" href="#skill/intermediateadvanced">
<div class="skill_level_icon intermediateadvanced_icon"></div> <span>Intermediate/Advanced</span>
</label> </div>
<div class="clear"></div>
</li>
</ul>
</div>
</div>
<div class="experience_type_wrapper">
<h3 id="filter_experience_type" class="filter_header_background_shown filter_header">Experience(s)</h3>
<div class="experience_type_list">
<div class="select_clear_all_link"><a onclick="select_all_filter('experience_type'); return false;" href="javascript:;">Select All</a> | <a onclick="clear_all_filter('experience_type'); return false;" href="javascript:;">Clear</a> </div>
<ul>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="experience_type_20_checkbox" id="experience_type_20_checkbox" class="experience_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="experience_type_20_checkbox" id="label_experience_type_20" class="experience_type_checkbox_label" href="#experience/in-person">
<div class="experience_type_icon in-person_icon"></div> <span>In-Person</span>
</label> </div>
<div class="clear"></div>
</li>
<li class="li2">
<div class="checkbox_wrapper"> <input type="checkbox" onclick="filterSchedule();" name="experience_type_18_checkbox" id="experience_type_18_checkbox" class="experience_type_checkboxes"> </div>
<div class="checkbox_label_wrapper"><label for="experience_type_18_checkbox" id="label_experience_type_18" class="experience_type_checkbox_label" href="#experience/virtual">
<div class="experience_type_icon virtual_icon"></div> <span>Virtual</span>
</label> </div>
<div class="clear"></div>
</li>
</ul>
</div>
</div>
</div>
</form>Text Content
Informa
Black Hat is part of the Informa Tech Division of Informa PLC
* Informa PLC
* About us
* Investor relations
* Talent
This site is operated by a business or businesses owned by Informa PLC and all
copyright resides with them. Informa PLC's registered office is 5 Howick Place,
London SW1P 1WG. Registered in England and Wales. Number 8860726.
*
* Events
Black Hat USASecTorBlack Hat EuropeUpcoming Events
* Briefings
BriefingsCall for PapersSecTor Briefings Call for PapersArchives
* Trainings
TrainingsOn DemandSelf Assessments
* Arsenal
ArsenalResourcesCall for ToolsReview Board
* Summits
* Webinars
WebinarsExecutive Interviews
* Sponsorships
Sponsorship OpportunitiesSponsor News
* About
About UsBlogIn the NewsPress ReleasesBriefings Review BoardTraining Review
BoardSecTor Review BoardBriefings Call for PapersSecTor Briefings Call for
PapersCode of ConductContact UsSustainability PledgePrivacy
USA 2024
Register Now
August 3-8, 2024
--------------------------------------------------------------------------------
Mandalay Bay / Las Vegas
Event Menu
* AttendAttend
Attendee RegistrationKnow Before You GoConference at a GlanceGroup
DiscountPass ComparisonIn-Person ResourcesMedia RegistrationScholarshipsDEF
CON PassesTravelSustainabilityCode of Conduct
* TrainingsTrainings
Training CoursesDaily ScheduleCertifications
* BriefingsBriefings
Keynotes & Main StageScheduleOverview & CPEsCall for Papers
* ArsenalArsenal
OverviewScheduleCall for Tools
* SummitsSummits
CISO SummitThe AI SummitInnovators & Investors SummitOmdia Analyst SummitICS
Micro SummitCyber Insurance Micro Summit
* FeaturesFeatures
Features OverviewFeatures ScheduleCommunityDay ZeroNOCParties &
NetworkingStartup Spotlight Competition
* Business HallBusiness Hall
Business Hall OverviewSponsor ActivitiesSponsored Sessions
* SponsorsSponsors
Become a SponsorEvent SponsorsSponsor News
All times are Pacific Time (GMT/UTC -7h)
* All
* 2 Day (Sat-Sun)
* 2 Day (Mon-Tue)
* 4 Day (Sat-Tue)
* All
* A-E
* F-J
* K-O
* P-T
* U-Z
All TrainingsPresenters
FORMAT(S)
Select All | Clear
*
2 Day Trainings
*
4 Day Trainings
TRACK(S)
Select All | Clear
*
AI, ML, & Data Science
*
AppSec
*
Crypto
*
Defense
*
Forensics
*
Hardware
*
Human
*
ICS
*
IOT
*
Malware
*
Mobile
*
Network
*
PenTesting
*
Risk
*
Wireless
SKILL LEVEL(S)
Select All | Clear
*
Advanced
*
All
*
Beginner
*
Beginner/Intermediate
*
Intermediate
*
Intermediate/Advanced
EXPERIENCE(S)
Select All | Clear
*
In-Person
*
Virtual
No sessions found
* * 2 Day (Sat-Sun)
* 360° Ransomware Response: Detection, Negotiation, Recovery, and Prevention
Location: TBD
lmg security (sherri davidoff and matt durrin)
Tracks:
Forensics,
Defense
Format: 2 Day Trainings
Location: Jasmine - F
Experience: In-Person
Learn to respond to ransomware effectively and efficiently. In this
hands-on boot camp, we'll show you a comprehensive approach to ransomware
response, covering key aspects such as early detection, negotiation
tactics, and decryption challenges. We'll analyze the latest ransomware
strains and learn about evolving detection strategies. Then we'll delve
into core elements of the initial response: triage, evidence preservation,
scoping, containment and mitigation. We'll study the decryption process,
including infected decryptors, double-encryption issues, and other common
challenges. You'll learn practical ransom negotiation tactics and gain
insights on the business impacts and communication strategies that will
help you effectively support legal teams, public relations and more
throughout the response. Hands-on labs are included throughout the class.
Each student gets 90 days of free access to the Ransomware Virtual
Laboratory. Along the way, we'll take students full circle and point out
effective technical measures that block attackers and prevent ransomware
deployment. Learn More
REGULAR
$4,300
ENDS JULY 19
Video Preview »
2024, A Space Hacking Odyssey
Location: TBD
final frontier security
Tracks:
PenTesting,
ICS
Format: 2 Day Trainings
Location: Palm - H
Skill Level: All
Experience: In-Person
Sure, maybe you've hacked the planet, but how about hacking off planet? The
final frontier has been designated as critical infrastructure. Satellites
and other space systems are an integral part of our daily lives from
navigation to communications, financial transactions, and national
security. Cybersecurity for these assets is environmentally and
operationally constrained in ways unfamiliar to most practitioners. What
better way to gain an appreciation for the challenges of cybersecurity in
space and an understanding of how attackers will behave against this attack
surface than exploiting it yourself? Learn More
REGULAR
$4,100
ENDS JULY 19
A Basic Guide to Bug Hunting with Ghidra
Location: TBD
craig young
Tracks:
AppSec,
PenTesting
Format: 2 Day Trainings
Location: Banyan - D
Skill Level: Intermediate
Experience: In-Person
Discover the art of uncovering vulnerabilities without the aid of source
code or commercial tooling. This class is a deep-dive on how to use open
source tools to shed light on closed source binaries. We will cover how bug
hunters use free tools like Ghidra, AFL, QEMU, Frida, and GDB, to find
exploitable bugs in modern software. Students will be introduced to each of
these tools and more as we walk through exercises demonstrating their use.
We will start with relatively simple techniques, like using Ghidra to
identify and trace potentially insecure function calls, but by the end we
will be looking at advanced techniques for stitching fuzzers together from
compiled code. We'll also explore opportunities for using dynamic analysis
to identify interesting code paths and reveal subtle bugs. Students in this
class should be comfortable working with C code and have a basic
understanding of memory safety vulnerabilities. Learn More
REGULAR
$4,200
ENDS JULY 19
A Beginner's Guide To Threat Hunting: How to Shift Focus from IOCs to
Behaviors and TTPs
Location: TBD
lee archinal (intel471/cyborg security)
Tracks:
Defense,
Human
Format: 2 Day Trainings
Location: Banyan - C
Experience: In-Person
This course is designed to provide the students with hands-on experience in
behavioral threat hunting. This includes covering common models and how
they relate to threat hunting, how to operationalize an intel report
focusing on tactics, techniques, and procedures (TTPs), how to leverage
intelligence to initiate and conduct a hunt, data pivoting from initial
query to results, proper documentation techniques to compile and organize
findings in a repeatable manner. The culmination of this process will be a
series of simulated attack chains using real world adversary TTPs, broken
down into two phases: crawling and walking.
The crawl phase will provide students with the opportunity to go hands-on
with the data in a step-by-step hunting tutorial. This practical session
will allow students to experience threat hunting in a structured and
controlled manner, and allow them to practice the topics that were covered.
The walk phase will see students break off into small SOC teams for an
activity that will put all of their practical knowledge to the test. Learn
More
REGULAR
$4,100
ENDS JULY 19
Accurate and Scalable: Web Application Bug Hunting
Location: TBD
michal kamensky, bounce security
Tracks:
AppSec,
PenTesting
Format: 2 Day Trainings
Location: Coral - C
Skill Level: Beginner/Intermediate
Experience: In-Person
Ever find yourself repeating manual searches while analyzing a massive
codebase? Do you often manually perform the same tests over and over when
reviewing a huge web application?
In this course you will learn how to take all that knowledge and repetitive
work and put it into custom checks and tailored scans that will do the work
for you, across the whole application.
You will practice performing scalable, assisted manual research, using
free, open-source tools such as Semgrep and Nuclei whilst leveraging your
familiarity with the application and its logic. Instead of generic
vulnerability scans that barely find the obvious problems and flood you
with false positives, you can develop tailor-made checks that find what is
important.
Through multiple hands-on examples and practical exercises, you'll learn
how this approach of customization at scale enables you to look far beyond
the low hanging fruit, with useful tools that spare you the trouble of
reinventing the wheel each time around. Learn More
REGULAR
$4,100
ENDS JULY 19
Active Directory Attacks for Red and Blue Teams – Advanced Edition
(Virtual)
Location: TBD
altered security
Tracks:
PenTesting,
Network
Format: 2 Day Trainings
Skill Level: Intermediate
Experience: Virtual
More than 95% of Fortune 500 companies use Active Directory! Enterprises
are managed using Active Directory (AD) and it often forms the backbone of
the complete network. To secure AD, you must understand different
techniques and attacks used by adversaries against it. Often burdened with
maintaining interoperability with a variety of products, AD lack ability to
tackle latest threats.
This training is aimed towards attacking modern AD using built-in tools,
scripting and other trusted OS resources. Some of the techniques, used in
the course:
* Extensive AD Enumeration
* Trust mapping and abuse
* Privilege Escalation
* Advanced Kerberos Attacks
* Advanced cross forest trust abuse
* Attacking Azure AD integration
* Abusing trusts for MS products
* Credentials Replay Attacks
* Persistence
* Defenses
* Bypassing defenses
Attendees will get free two-month access to an AD environment comprising of
multiple domains and forests and a Certified Red Team Expert Exam (CRTE)
certification attempt. Learn More
REGULAR
$4,100
ENDS JULY 19
Active Directory Security Fundamentals
Location: TBD
specterops
Tracks:
PenTesting,
Defense
Format: 2 Day Trainings
Location: South Seas Ballroom - A
Experience: In-Person
Stop being passive with your Active Directory! Kerberos, ADUC, Golden
Tickets, Security Principals – have you come across these or similar words
in penetration test reports or security bulletins and felt a little… lost?
Active Directory comprises many components that fulfill complex
architectural requirements but can also open cracks through which attackers
may slip. Active Directory: Security Fundamentals demystifies the various
Active Directory components and illustrates how these components can
potentially introduce risks to your organization. This course empowers
network defenders to directly look under the hood of their Active Directory
architecture and understand their environment better than attackers.
Instructors share their knowledge and personal experiences testing Active
Directory in hundreds of environments to reveal not only common pitfalls in
securing their environment but also how they commonly occur. Learn More
REGULAR
$4,300
ENDS JULY 19
Adam Shostack's Threat Modeling Intensive
Location: TBD
adam shostack
Tracks:
AppSec,
Defense
Format: 2 Day Trainings
Location: Lagoon - J
Skill Level: All
Experience: In-Person
Threat modeling is the best way for security professionals to get a seat at
the table and influence a project early. It's how we get systematic,
structured and comprehensive about the products and services we deliver.
This is a rare public opportunity to take a course from "the person who
wrote the books." (Threat Modeling: Designing for Security and Threats:
What Every Engineer Should Learn from Star Wars) Learn More
REGULAR
$4,200
ENDS JULY 19
Advanced Cloud Incident Response in Azure and Microsoft 365
Location: TBD
korstiaan stam from invictus incident response b.v.
Tracks:
Forensics,
Defense
Format: 2 Day Trainings
Location: Jasmine - B
Skill Level: Intermediate/Advanced
Experience: In-Person
In this comprehensive two-day hands-on training, immerse yourself in the
intricacies of forensics and incident response within the Microsoft cloud
environment. This course delves into both Microsoft 365 and Microsoft
Azure, providing practical insights into investigating cyber attacks and
navigating relevant log artifacts. All concepts taught are directly
applicable to real-life threats observed in the Microsoft cloud.
Benefit from the expertise of a trainer with firsthand experience in
cloud-based incident response and forensic investigations, sharing insights
not found on conventional websites. By the end of this training, you will
be well-equipped to confidently investigate any threat within the Microsoft
cloud.
Experience a highly interactive training with practical exercises, at the
end of the course you will investigate two comprehensive attack scenarios
in both Azure and M365 in the Capture The Flag (CTF) challenge. It is your
task to solve as many puzzle pieces as possible. Learn More
REGULAR
$4,100
ENDS JULY 19
Advanced Hacking and Securing Windows Infrastructure
Location: TBD
paula januszkiewicz, ceo and cybersecurity expert; dr. mike
jankowski-lorek, director of consulting, cybersecurity expert
Track:
Defense
Format: 2 Day Trainings
Location: Jasmine - D
Skill Level: Intermediate/Advanced
Experience: In-Person
Take your cybersecurity skills to the next level with our infrastructure
services security course. Ideal for enterprise admins, security officers,
and architects seeking to protect critical infrastructure, this course is
taught by leading experts Paula Januszkiewicz and Mike Jankowski-Lorek,
Ph.D.
You'll gain practical knowledge from years of experience and successful
projects, with a focus on critical penetration testing tasks to effectively
safeguard your organization from cyberattacks. Learn efficient network
mapping, vulnerability identification, and exploitation techniques, while
mitigating the risk of attacks through secure measures. Learn More
REGULAR
$4,100
ENDS JULY 19
Advanced Hardware Hacking: Power Analysis & Fault Injection with the
ChipWhisperer
Location: TBD
newae technology inc.
Tracks:
Hardware,
IOT
Format: 2 Day Trainings
Location: Breakers - A
Skill Level: Intermediate
Experience: In-Person
This course brings you up to speed on advanced hardware hacking topics such
as power analysis and fault injection. The course is based around the
open-source ChipWhisperer project, and students will use a variety of
related tools in the course. This updated 2-day course includes more
focused labs using a wide variety of ChipWhisperer tools setup in the
classroom. Topics include power analysis for passwords & encryption
algorithms, along with fault injection using voltage, clock, and
electromagnetic fault injection. The course is structured so that students
can work through a wide variety of additional ChipWhisperer tutorials after
the course, focusing the course contents on the fundamentals along with how
to apply the material in practical scenarios. Learn More
REGULAR
$4,200
ENDS JULY 19
Advanced Threat Emulation: Active Directory
Location: TBD
bc security
Tracks:
PenTesting,
Malware
Format: 2 Day Trainings
Location: Shell Seekers - A
Skill Level: Intermediate/Advanced
Experience: In-Person
This training course covers various aspects of Active Directory and how to
attack it. Students will learn about network poisoning and authentication
protocols in Windows networks, the different kinds of Windows credential
types, and how to use them. Students will also learn common attacks on NTLM
and Kerberos, such as NTLM relay attacks, delegation attacks, and creating
forged tickets. Students will become familiar with identifying and
exploiting common Active Directory misconfigurations . Students will be
able to conduct attacks from both Windows and Linux operating systems and
learn the nuances between each platform for performing attacks. Students
will learn where credentials are stored on a Windows system and how to
extract credentials from LSASS, DPAPI, SAM, LSA, and the Kerberos ticket
cache. Students will learn about the different domain trusts and how to
perform multi-domain compromises. Learn More
REGULAR
$4,100
ENDS JULY 19
Advanced Threat Emulation: Evasion
Location: TBD
bc security
Tracks:
PenTesting,
Malware
Format: 2 Day Trainings
Location: Jasmine - C
Skill Level: Intermediate/Advanced
Experience: In-Person
Windows presents a vast attack surface, providing the Blue Team with many
detection opportunities. Students will learn about evading Blue Team
hunters by first learning to build detections, then masking their
signatures, and exploiting indicators to decrease detection probability. We
will also explore the impact of migrating through different programming
languages, such as C# and IronPython. By the end of the course, students
will be equipped with the knowledge to obfuscate open-source tools without
necessitating custom tooling for use across a diverse and dynamic
operations environment.
This class will explore the theory behind malware obfuscation, starting
with the Theory of Code Obfuscation and how it applies to Tactics,
Techniques, and Procedures (TTPs) implemented by modern Advanced Persistent
Threats (APTs). We will examine everything from standard variable
obfuscation to control flow manipulation to data procedurization. Students
will apply obfuscation theory to practical applications in hands-on labs
throughout the course. Learn More
REGULAR
$4,100
ENDS JULY 19
Adversarial Approach - Combating Social Engineering Attacks through
Situational Awareness
Location: TBD
jayson e. street
Track:
Human
Format: 2 Day Trainings
Location: Lagoon - E
Skill Level: Beginner/Intermediate
Experience: In-Person
Fueled by advancements in social media and AI, the evolution of social
engineering tactics has elevated cyber threats to unprecedented levels of
sophistication. So, why has the approach to Security Awareness Training
(SAT) stayed the same? This hands-on course will teach you how to go beyond
best practices and use modern social engineering techniques to transform
"security awareness" into "situational awareness."
Course Features:
* Apply AI for social engineering and other simulated nefarious purposes
* Learn DuckyScript and use it to expose the risk to executives and
coworkers
* Participate in 6 Practical Hands-On Exercises in Recon, Phishing
exploits, and Ways to Engage Your Employee Base
* Help educate others become more situationally aware of threats
* Take home a custom Hak5 field kit (consisting of Bash Bunny Mark II,
O.MG Elite USB-C Cable, & O.MG Programmer)
Traditional SAT programs cover password hygiene, recognizing phishing
emails, securing physical workspaces, and understanding the importance of
data privacy. This knowledge is essential but lacks the interactivity and
real-world simulation needed to effectively prepare someone for the dynamic
cyber threats of today. We will address that gap by teaching you:
* How adversaries perform reconnaissance using the Open-Source
Intelligence (OSINT) model
* How to effectively use spear phishing and physical compromise
demonstrations to showcase the direct impact of threats
* How to enhance your SAT program with engaging content to develop
security culture
At the end of this course, you will have the knowledge and tools you need
to demonstrate the impact of a social engineering attack. You will be able
to defeat optimism bias and show anyone how they can be personally impacted
by cybersecurity events. You'll also have strategies to secure leadership
endorsement and apply your new abilities to modernize the SAT program in
your organization.
Once you have successfully instilled situational awareness into the
personnel of your organization, you will have mobilized your organization's
most effective defense in the fight against cybercrime. This course serves
as a catalyst for transformative change, ensuring your organization's
resilience in the face of modern cybersecurity challenges.
Learn More
REGULAR
$4,300
ENDS JULY 19
Agile Whiteboard Hacking – aka Hands-on Threat Modeling (Virtual)
Location: TBD
toreon
Tracks:
AppSec,
Defense
Format: 2 Day Trainings
Skill Level: Beginner/Intermediate
Experience: Virtual
In this "Black Hat edition" training, we challenge you with hands-on threat
modeling exercises based on real-world projects. You will get insight into
our practical industry experience, helping you to become a Threat Modeling
Practitioner. We included an exercise on MITRE ATT&CK, and we focus on
embedding threat modeling in Agile and DevOps practices. And we introduce a
new challenge on threat modeling a Machine Learning-Powered Chatbot.
We levelled up the threat modeling war game. Engaged in CTF-style
challenges, your team will battle for control over an offshore wind turbine
park.
All participants get our Threat Modeling Playbook to improve you threat
modeling practice, one-year access to our online threat modeling learning
platform, and one-hour personal coaching to refine your threat modeling.
Our self-paced Threat Modeling Introduction training is included in this
course.
All participants get our Threat Modeling Playbook to improve you threat
modeling practice, one-year access to our online threat modeling learning
platform, and one-hour personal coaching to refine your threat modeling.
Are you new to threat Modeling? Our self-paced Threat Modeling Introduction
training is included in this course. Learn More
REGULAR
$4,300
ENDS JULY 19
AI Red Teaming in Practice
Location: TBD
dr. amanda minnich. microsoft ai red team gary lopez. microsoft ai red team
Tracks:
AI, ML, & Data Science,
AppSec
Format: 2 Day Trainings
Location: Oceanside - F
Skill Level: Intermediate/Advanced
Experience: In-Person
There is so much more to red teaming AI systems than prompt injection.
In this training, attendees will learn how to red team AI systems
leveraging three pillars: traditional software vulnerabilities in AI
systems, AI-specific vulnerabilities, and Responsible AI (RAI)
vulnerabilities. By the end of the class, attendees should be able to probe
comfortably any machine learning system for OWASP Top 10 LLM
vulnerabilities. We will exclusively use open- source tools and frameworks
such as Semantic Kernel, LangChain, NeMo Guardrails, Counterfit and the
MITRE ATLAS to red team AI systems.
The course is taught by Microsoft's AI Red Team, which was the first to
combine RAI Red Teaming alongside security red teaming. In the last year,
every high-risk AI system—including models and Copilots—was assessed by
this team. We will use this real-world experience to upskill Black Hat
attendees. Learn More
REGULAR
$4,100
ENDS JULY 19
A Journey Into Mobile Application Hacking (iOS & Android)
Location: TBD
sensepost training | orange cyberdefense
Tracks:
Mobile,
PenTesting
Format: 2 Day Trainings
Location: Lagoon - B
Skill Level: Beginner/Intermediate
Experience: In-Person
The course is created by hackers for hackers looking to take over the
mobile application hacking world!
Through this course we will show you how to do mobile assessments from
absolute scratch.
We will show you all of the basic concepts and tools required to perform
meaningful mobile assessments which will add value to your customer's
mobile offerings.
The course consists of two days of which 60% is practical. Designed,
developed and delivered by the team behind one of the most commonly used
mobile application hacking tools known as Objection. We will give you a
solid foundation so you can build a castle if you wish to. We will cover
Android and iOS with a playground of apps that you can hack to your hearts
content. The course is structured to make use of emulators, so you don't
even need physical devices to take part in the course.
Key Take-Aways:
* Form a base understanding of the mobile application hacking industry
* Build up a solid methodology and skill-set to assess and break mobile
applications built for iOS and Android
* Understand the required testing environment and tools required to make
mobile app hacking fun and exciting
Join us and hack some mobile apps! Learn More
REGULAR
$4,300
ENDS JULY 19
Android Userland & Kernel Fuzzing and Exploitation
Location: TBD
mobile hacking lab
Tracks:
Mobile,
AppSec
Format: 2 Day Trainings
Location: Banyan - E
Skill Level: Intermediate
Experience: In-Person
Android Userland & Kernel Fuzzing and Exploitation
Step into the realm of comprehensive Android security with our integrated
"Android Userland and Kernel Fuzzing and Exploitation" course. Designed for
both novices and seasoned professionals, this course offers an extensive
curriculum that covers the spectrum of Android vulnerabilities and their
exploitation.
Starting with the Userland component, learners will grasp how to detect
bugs in Android Userland Applications and exploit memory corruptions. The
course provides a deep understanding of ARM assembly, reverse engineering,
and the development of robust exploits, bypassing exploit mitigations like
NX and ASLR. With 43 labs across 9 modules, students will employ advanced
fuzzing techniques to pinpoint exploitable vulnerabilities.
The journey continues as we pivot to the Android kernel on the second day,
where the intricacies of kernel internals, such as memory allocators and
driver programming, are unraveled. Students will learn to discover bugs
using kernel fuzzing techniques, including the use of sanitizers and
Syzkaller. The course will guide attendees through the construction of
kernel exploits crucial for sandbox escape, examining real-world
vulnerabilities and the art of kernel debugging.
In culmination, the course integrates Userland and Kernel learnings to
assemble a full-chain remote exploit against target devices. The hands-on
approach is further enhanced by access to our state-of-the-art training
platform, where course attendees can perform exercises and apply their
knowledge in practical scenarios. Learn More
REGULAR
$4,100
ENDS JULY 19
Applied Data Science and Machine Learning For Cybersecurity
Location: TBD
gtk cyber
Tracks:
AI, ML, & Data Science,
Defense
Format: 2 Day Trainings
Location: Palm - D
Experience: In-Person
This interactive course will teach security professionals how to use data
science and AI to quickly manipulate and analyze security data. The course
will cover the entire data science process from data preparation,
exploratory data analysis, data visualization, machine learning, model
evaluation and finally, implementing at scale—all with a focus on security
related problems. Learn More
REGULAR
$4,300
ENDS JULY 19
Applied Hardware Attacks 1 – Embedded and IoT Systems
Location: TBD
joe fitzpatrick & the securinghardware.com team
Tracks:
Hardware,
IOT
Format: 2 Day Trainings
Location: Breakers - F
Skill Level: Beginner
Experience: In-Person
This hands-on course will introduce you to the common interfaces on
embedded systems and IoT devices, and how to exploit physical access to
grant yourself software privilege via UART, JTAG, or SPI.
Designed for newcomers to hardware, over 70% of our time will be hands-on
with current off-the-shelf hardware, supported by lectures to fill in the
background. This is why classes we developed have sold out at Black Hat
every year. Learn More
REGULAR
$4,300
ENDS JULY 19
A Practical Approach to Breaking & Pwning Kubernetes Clusters
Location: TBD
madhu akula
Tracks:
PenTesting,
Risk
Format: 2 Day Trainings
Location: Jasmine - E
Skill Level: Beginner/Intermediate
Experience: In-Person
The adoption of Kubernetes use in production has increased to 83% from a
survey by CNCF. Still, most security teams struggle to understand these
modern technologies. In this real-world scenario-based training, each
participant will be learning Tactics, Techniques, and Procedures (TTPs) to
attack and assess Kubernetes cluster environments at different layers like
Supply chain, Infrastructure, Runtime, and many others.
Some of the things you will be doing in this course:
* Exploiting Misconfigurations and private Registries by performing simple
Recon
* Escaping out of containers to host systems and clusters to gain more
access
* Escalating privileges, DoS cluster resources, Lateral movement from
container
* Gaining unauthorized access to namespaces, microservices, data, and logs
* Breaking the boundaries of NSP(Network Security Policy), RBAC, Profiles
* Defense evasion techniques & Persistence in Cluster Environments
* Bypassing the solutions like Policy Engines, Resource limits, and
Controls
* Evaluating the cluster security using CIS benchmarks and Cluster Audits
to find all possible risks
Also, the trainer will provide a step-by-step guide(Digital Book) with
resources and references to further your learning. Learn More
REGULAR
$4,100
ENDS JULY 19
Astute AWS/Azure/GCP Cloud Red Team: It's Raining Shells! - 2025 Edition (2
Day)
Location: TBD
ultraviolet cyber
Tracks:
PenTesting,
Network
Format: 2 Day Trainings
Location: Mandalay Bay - C
Skill Level: Intermediate
Experience: In-Person
Stay frosty within AWS, Azure, & GCP environments with this fast-paced and
hands-on course which teaches each participant the Tactics, Techniques, and
Procedures (TTPs) needed to infiltrate and expand access within cloud
platforms.
In this course you will:
* Exploit serverless (e.g. Lambda, Azure Functions) applications for
initial access into targets.
* Pivot between data and control planes to expand access (e.g. collecting
secrets, snapshots)
* Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain
undetected.
* Breach and backdoor boundaries (e.g. VPCs) to access hard-to-reach
systems.
* Expanding access within Kubernetes (K8s) envs (e.g. GCP bypass of
metadata protections)
Compete throughout the course in our hands-on Capture the Flag (CTF)
tournament! Learn More
REGULAR
$4,200
ENDS JULY 19
Attack and Defend Android Applications (Virtual)
Location: TBD
cyfinoid research
Tracks:
Mobile,
Defense
Format: 2 Day Trainings
Experience: Virtual
This course focuses on the Android application ecosystem covering both the
offense & defense of the application development process. We start with
attacks, covering various possible attacks on Android applications. Then we
provide solutions to various challenges routinely encountered by Android
security engineers and pen testers:
* Traffic interception (HTTP/HTTPS/web socket/non-HTTP)
* Root detection bypass
* Static & dynamic analysis
* Perform dynamic instrumentation (Frida / Magisk)
* Analyzing non-Java/ Kotlin apps (React Native, Xamarin and Flutter)
Next, we shift gears and focus on defending the applications, and major
areas covered are:
* Application Threat Modeling
* Identifying weaknesses
* Adding Security into CI / CD Pipeline for the application
* Analysis of the results
* Defense in Depth Design Techniques
The aim is not to create a "zero to hero" experience, but to provide a
methodical approach with which the participants could perform any Android
application assessment. We provide students with access to learning
portals, cloud VM's, a soft copy of slides, detailed answer sheets as well
as AMI's to continue learning after class. Learn More
REGULAR
$4,100
ENDS JULY 19
Attacking and Defending Private 5G Cores (Virtual)
Location: TBD
dr. altaf shaik
Tracks:
Network,
Wireless
Format: 2 Day Trainings
Skill Level: Beginner/Intermediate
Experience: Virtual
Security is paramount in private 5G networks due to their tailored nature
for enterprises. They handle sensitive data, connect mission-critical
devices, and are integral to operations. This advanced 5G Core Security
Training is a comprehensive program designed to equip security
professionals with advanced skills and techniques to identify and mitigate
potential security threats in private 5G networks. Participants will gain a
deep understanding of 5G core security and protocols, and learn how to
develop and use the latest 5G pentesting tools and techniques to perform
vulnerability assessments and exploit development. The training will also
cover the latest 5G security challenges and best practices, and provide
participants with hands-on experience in simulating different attacks and
defenses on a local zero-RF-transmitting 5G network. Learn More
REGULAR
$4,100
ENDS JULY 19
Automating Security with Open Source
Location: TBD
threat intelligence pty ltd
Tracks:
Defense,
Forensics
Format: 2 Day Trainings
Location: Mariners - B
Skill Level: Beginner/Intermediate
Experience: In-Person
The security industry is running fast towards security automation to
increase the capability and capacity of security teams so they can
effectively and efficiently stay on top of the constantly evolving threats,
attacks, and security breaches that occur every day!
Learn how to implement streamlined security operations and help prevent
breaches through security automation, including:
* Automated Intelligence Collection and Analysis
* Automated Vulnerability Identification and Penetration Testing
* Automated Security Monitoring and Incident Response
* Automated Security Infrastructure Orchestration and Integration
* Automated Chaining of Security Capabilities
* Automated Security Notifications
Get ahead of the hackers and start automating the protection of your
organisation now!
Register now to secure your spot! Learn More
REGULAR
$4,100
ENDS JULY 19
Basic Infrastructure Hacking - 2 Day
Location: TBD
notsosecure / tom large
Tracks:
Network,
PenTesting
Format: 2 Day Trainings
Location: Mandalay Bay - I
Skill Level: Beginner
Experience: In-Person
IT infrastructure is more complex and dynamic than it's ever been,
demanding comprehensive, modern, and well-rehearsed security skills to
match. Join this hands-on, 2-day course to develop a strong baseline in
infrastructure hacking and widen your career prospects. Get your hands
dirty with our popular virtual labs and learn from experienced, practicing
penetration testers with a legacy of training at Black Hat. Learn More
REGULAR
$4,100
ENDS JULY 19
Black Hat Cryptography: Attacks, Tools & Techniques for Security
Professionals
Location: TBD
ruben gonzalez
Tracks:
PenTesting,
Crypto
Format: 2 Day Trainings
Location: Banyan - F
Skill Level: Beginner/Intermediate
Experience: In-Person
Crypto-related vulnerabilities are super common! OWASP even ranks
"Cryptographic Failure" as the second most common security vulnerability
class in software. Yet, very often these vulnerabilities are overlooked by
developers, code auditors, blue teamers, and penetration testers alike.
Because, let's face it: Nobody knows how cryptography works.
This course turns you into a powerful weapon. It will teach you how applied
cryptography is commonly misused in the field and how this leads to
exploitable bugs. Using case studies
from our own pentesting and red teaming engagements, we'll introduce core
concepts of applied cryptography and how they fail in practice.
During the course you'll:
* Understand how modern cryptography works
* Find common crypto vulnerabilities in real software
* Write crypto exploits for real software (and an IoT device)
At the end of the course you'll be able to spot an exploitable crypto bug
from miles away (and be able to avoid them yourself)! No prior knowledge
required. Learn More
REGULAR
$4,100
ENDS JULY 19
Black Hat Machine Learning
Location: TBD
nvidia
Tracks:
AI, ML, & Data Science,
PenTesting
Format: 2 Day Trainings
Location: Palm - A
Skill Level: Intermediate/Advanced
Experience: In-Person
Machine Learning technologies continue to improve and expand into new areas
at a blistering pace: from driving cars to detecting cancer, defending
networks to analyzing the human genome, writing code, generating synthetic
artwork, flying drones, and more. With this success, ML is starting to
receive scrutiny from regulators, security teams, and hackers across all
industries. ML Systems represent a new attack surface and bring up genuine
security concerns. In this training, students will explore the security
risks and vulnerabilities that adopting machine learning might expose you
to. This course will provide students with a realistic environment and
methodology to explore the unique risks presented by the use of ML in
today's environments. Students will leave equipped to assess the threat
model, vulnerabilities, and attack surface of ML systems. Learn More
REGULAR
$4,100
ENDS JULY 19
Cloud Security Hands-On (CCSK+) for AWS
Location: TBD
securosis
Track:
Defense
Format: 2 Day Trainings
Location: Palm - B
Skill Level: Beginner
Experience: In-Person
This course provides a solid foundation in cloud security, including 50% of
hands-on labs in AWS to apply the principles in practice. We cover all the
material needed to pass the Cloud Security Alliance Certificate of Cloud
Security Knowledge (CCSK) exam while adding a pragmatic approach to
immediately kick-start your cloud security projects. This class has been
updated to align with version 5 of the CSA Guidance. Learn More
REGULAR
$4,300
ENDS JULY 19
Cognitive Security: Preparing for Cyber Deception Through Synthetic Media
Attacks
Location: TBD
psyber labs, llc
Tracks:
Human,
Defense
Format: 2 Day Trainings
Location: Tropics - B
Experience: In-Person
Threat actors are rapidly moving beyond traditional cyber-attacks by
leveraging generative AI and synthetic media to carry out cognitive warfare
and cyber deception tactics against their victims. Extorting high net worth
individuals in deepfake virtual kidnapping scams, disseminating
disinformation by impersonating well-established brands, and spoofing the
voices of executives to convince employees to transfer funds to
illegitimate accounts; are just a few examples of tactics already observed
in the wild. You will leave this course with the tools and training
required to integrate deepfakes and synthetic media into your red team
assessments, be able to conduct cyber threat assessments, and practice
developing mitigation strategies to reduce potential harm from these
attacks. By engaging with attacks from both the offensive and defensive
perspectives you will gain a deep understanding of the critical factors
that differentiate highly sophisticated attacks from mediocre attempts.
Learn More
REGULAR
$4,100
ENDS JULY 19
Defeating Microsoft's Default Bitlocker Implementation
Location: TBD
popp schweiz ag
Tracks:
Forensics,
Hardware
Format: 2 Day Trainings
Location: Breakers - J
Skill Level: All
Experience: In-Person
This training guides you through the whole process involved for a
successful BitLocker TPM bus sniffing attack. Within two days you will be
given the necessary knowledge about micro soldering, notebook internals,
TPM basics, logic analyzers, basic forensic data acquisition and some
BitLocker theory. In the end you will not just be able to conduct the
attack against a test notebook which you can take home, but also fully
understand what you are actually doing and applying it to your devices.
Learn More
REGULAR
$4,100
ENDS JULY 19
Defending Enterprises - 2024 Edition
Location: TBD
in.security
Tracks:
Defense,
PenTesting
Format: 2 Day Trainings
Location: Palm - C
Experience: In-Person
Updated for 2024, our immersive 2-day Defending Enterprises training is the
natural counterpart to our popular Hacking Enterprises course.
You'll play a SOC analyst in our Microsoft Sentinel cloud-based lab and try
to rapidly locate IOA's and IOC's from a live enterprise breach executed by
the trainers in real-time.
Whether you're new to Kusto Query Language (KQL) or a seasoned pro, there's
plenty for you in the 2-days! Yes, we're using Microsoft Sentinel, but the
underlying threat detection theory, logic and threat hunting approach is
transferable into your own environments, whatever your preferred platform.
We look at the top 10+ methods we use in offensive engagements and show how
these can be caught, along with numerous other examples and methods that go
above and beyond these common TTPs!
With 14 hands-on exercises you'll gain real-world experience in the
following areas:
* MITRE ATT&CK, CAR and D3fend frameworks
* Introduction to Kusto Query Language (KQL)
* Reviewing popular phishing attacks and living off the land techniques
* Locating C2 traffic and beaconing activity
* Digging into credential exploitation (Pass-the-Hash, Pass-the-Ticket,
Kerberoasting, Azure Managed Service Accounts, DCSync)
* Reviewing Active Directory Certificate Services (ADCS) attacks
* Identifying lateral movement (WMIC, WinRM, MSSQL, SMB)
* Catching data exfiltration attempts (ICMP, DNS)
* Detecting persistence activities
* + much more!
We know 2 days isn't a lot of time, so you'll also get 14 days FREE lab
time after class and Discord access for support. Learn More
REGULAR
$4,200
ENDS JULY 19
DevSecOps Masterclass: AppSec Automation Edition (Virtual)
Location: TBD
appsecengineer
Tracks:
AppSec,
Defense
Format: 2 Day Trainings
Experience: Virtual
DevOps has changed the way we deliver apps. However, security remains a
serious bottleneck, especially Application Security. This is largely due to
the speed of innovation in DevOps, contrasted with the escalating attacks
against Applications.
The training is based on our 4.9/5 Rated DevSecOps Masterclass at Blackhat.
The training is a hardcore hands-on journey into:
Hands-on SAST for Apps and Infrastructure-as-Code, with a focus on Semgrep
and CodeQL. Develop Custom SAST rules like a bawse!
Supply-Chain Security Automation: SBOMs, Source Composition Analysis and
Security Engineering techniques
Assurance and Provenance for artifacts. Mastery over Cosign and SLSA for
Supply-Chain Provenance
DAST Automation and Security Regressions with ZAP and Nuclei.
Policy-As-Code: Leverage Open Policy Agent (OPA) with use-cases from API
Access Control to OS Policy Controls.
Participants get 2 months of access to our online lab environment for
DevSecOps training Learn More
REGULAR
$4,300
ENDS JULY 19
Elite Web Application Hacking
Location: TBD
sensepost | orange cyberdefense
Tracks:
PenTesting,
AppSec
Format: 2 Day Trainings
Location: Lagoon - I
Skill Level: Intermediate/Advanced
Experience: In-Person
In an era where digital landscapes evolve, knowledge of web application
security is imperative for developers & pentesters. This course builds upon
existing knowledge, elevating your skills in web application hacking
through various attacks and hands-on challenges.
As the digital ecosystem continues to advance, web applications become
increasingly intricate, demanding a higher level of proficiency in securing
them against sophisticated threats.
This course is crafted to equip you with more intermediate skills to
identify, assess, and exploit web applications through vulnerabilities and
approaches.
Key Points:
• Web security concepts, building on foundational knowledge.• Engage in
hands-on exercises simulating real-world challenges.• Hone skills in
conducting thorough risk assessments for strategic decision-making amid
intricate security challenges.
This course is tailored for individuals with a solid foundation in web
application security. Whether you're a cybersecurity practitioner seeking
to enhance your skill set or a developer aiming to deepen your security
knowledge, this course provides a strategic and hands-on approach to
explore the nuances of web application hacking.
Learn More
REGULAR
$4,400
ENDS JULY 19
Fundamentals of Industrial Control Systems (ICS) Security
Location: TBD
mandiant (now part of google cloud)
Track:
ICS
Format: 2 Day Trainings
Location: Breakers - C
Skill Level: Beginner
Experience: In-Person
This course provides IT security professionals and ICS/OT engineers
interested in ICS/OT security with the fundamental knowledge and skills
required to build and expand an ICS/OT security team.
Learners will become familiar with ICS/OT security concepts, secure
architecture, threat models and ICS/ OT security standards and best
practices. The course will also discuss today's security trends and the
current threat landscape. Throughout the course, exercises and
demonstrations inspired by actual cases and incidents in the ICS world will
enable learners to advance their knowledge in their day jobs. Learn More
REGULAR
$4,300
ENDS JULY 19
Going beyond shells! - Hacking AWS, Google Cloud, DigitalOcean and Aliyun
(Virtual)
Location: TBD
cyfinoid research
Tracks:
PenTesting,
AppSec
Format: 2 Day Trainings
Experience: Virtual
A fast paced, scenario driven hands-on training built on real world
discovery and exploitation of services and assets in AWS, Google Cloud,
DigitalOcean and Alibaba Cloud. The training will take students through
automated infrastructure creation, security misconfigurations and their
abuses that will allow them to go beyond the standard shells that attackers
aim for.
In this course you will experience
* Environments spanning across multiple cloud platforms.
* Exploiting different services in the array of cloud environments
* How same services are implemented differently by each cloud service
provider
* How to chain attacks from a web exploit to becoming iam owner
The students will be tracking their progress using a capture the flag
platform throughout the course duration. Learn More
REGULAR
$4,100
ENDS JULY 19
Hacking Cybersecurity Leadership: An Interactive Training to Strengthen
Skills for Leading Teams & Multi-Team Systems
Location: TBD
multiteam solutions
Tracks:
Human,
Defense
Format: 2 Day Trainings
Location: Oceanside - G
Experience: In-Person
This 2-day, highly interactive course is designed for cybersecurity
professionals currently in a role leading a team within a multi-team system
(e.g., team lead) or leading an entire multi-team system (e.g., CISO). The
training provides participants a chance to familiarize with and practice
using 10 analog leadership tools designed to strengthen soft skills to
support and motivate individuals, teams, and multi-team systems. The
training, which acts as a sandbox, is built on social-behavioral research
of CSIRTs and SOCs that was funded by the US and European governments, is
assured by the UK NCSC, and will be delivered through expert-facilitated
exercises. The exercises are not cybersecurity specific, which allows
participants to disrupt their normal, routine ways of leading and open up
to the possibilities for growth and change as leaders. The tools readily
allow for the concrete transfer of knowledge and soft skills from the
training back into the workplace. Learn More
REGULAR
$4,100
ENDS JULY 19
Hacking Enterprises - 2024 Red Edition
Location: TBD
in.security
Tracks:
PenTesting,
Network
Format: 2 Day Trainings
Location: Jasmine - A
Experience: In-Person
Updated for 2024, our Hacking Enterprises training is the natural
counterpart to our popular Defending Enterprises course.
In this multi-layered offensive engagement, you will fully compromise a
simulated enterprise in this immersive hands-on course that covers a
multitude of TTP's. Targeting modern operating systems including Windows
11, you'll use modern techniques and focus on exploiting configuration
weaknesses rather than throwing traditional exploits. Logical thinking and
creativity will definitely be put to the test!
You will work to get initial access in a fictional organisation where
multiple networks exist, some easily accessible, others not so. You'll
implant and establish C2, but manual techniques will always be emphasised
so you're equipped with the knowledge to work without reliance on
frameworks.
Course content has been designed to reflect real-world challenges and
you'll perform numerous hands-on exercises including executing exploitative
phishing campaigns against our simulated users for initial access, finding
new networks that in turn bring new challenges including IPv6 exploitation,
subverting AMSI and AWL, credential harvesting, passphrase cracking,
pivoting, lateral movement, ADCS abuse, userland and privileged persistence
via OOB channels and much more!
With 14 hands-on exercises you'll gain real-world experience in the
following areas:
* IPv6 discovery, enumeration and exploitation
* Pivoting, routing, tunnelling and SOCKS proxies
* C2 infrastructure and beacon deployment
* Exploitative phishing
* Privilege escalation and credential harvesting
* P@ssphras3 cracking
* Bypassing AWL
* Active Directory Certificate Services (AD CS) abuse
* Lateral movement for domain trust exploitation
* Out of Band (OOB) data exfiltration
* + much more!
We know 2 days isn't a lot of time, so you'll also get 14 days FREE lab
time after class, Discord access for support and access to a post-training
CTF containing hosts and networks not seen during training! Learn More
REGULAR
$4,200
ENDS JULY 19
Hands-On Hacking Fundamentals - 2024 Edition
Location: TBD
sensepost training | orange cyberdefense
Tracks:
PenTesting,
Network
Format: 2 Day Trainings
Location: Lagoon - A
Skill Level: Beginner
Experience: In-Person
Start your journey into information security with a hands-on course that
will expose you to the technical fundamentals of penetration testing and
security practises in the realms of networking, infrastructure, web
applications and wireless technologies.
Key Points:
* How to think like a hacker
* Finding vulnerabilities and exploiting them
* How to approach a pentesting methodology in real-world scenarios
This is an introductory course for those starting the journey into
penetration testing or those working in environments where understanding
how hackers think and the tools, tactics and techniques they use are of the
essence. Learn how to attack, and utilise the concepts to enhance your
defensive understandings.
The course presents the background information, technical skills, and basic
concepts required to those desiring a foundation in the world of
information security.
By the end of the course, you will have a good grasp of how vulnerabilities
and exploits work, how attackers think about networks and systems and have
compromised several of them, from infrastructure, and web applications to
Wi-Fi.
This course aims to expose you to the methodologies used by active
penetration testers on their day-to-day journey with clients and
assessments.
Join us and hack hard! Learn More
REGULAR
$4,300
ENDS JULY 19
Implementation of Telco Networks for Pentesters: 2G, 4G and 5G
Location: TBD
ethon shield
Tracks:
Mobile,
Network
Format: 2 Day Trainings
Location: Palm - E
Skill Level: Intermediate/Advanced
Experience: In-Person
This course allows a pentester or researcher to learn how to implement on a
single computer 2G, 4G and 5G SA and NSA mobile networks only with an Ettus
SDR device. He will learn how to install the necessary SW, configure the
tools, basic notions about the architecture and protocols of each
technology, configure his programmable SIM card and finally connect a
mobile device to these networks to perform tests such as traffic
interception, analyze how to perform a downgrade attack, play with
encryption or authentication algorithms.
Do you want to go through this world with professionals who will help you
to understand and implement these networks on your computer? Learn More
REGULAR
$4,400
ENDS JULY 19
Information Operations: Influence, Exploit, And Counter
Location: TBD
kopidion
Tracks:
Human,
Defense
Format: 2 Day Trainings
Location: Tradewinds - F
Skill Level: Intermediate/Advanced
Experience: In-Person
It is indeed all about the information - who controls it, how it
propagates, and the effect it has on the receiver. With that knowledge and
access comes great power. In this course, you will learn and practice how
information operations (IO) are planned and executed. Perhaps more
importantly, you will learn how to defend yourself, your employer, and your
nation from information-based campaigns.
This fast-paced course will include IO strategies, military IO doctrine and
TTPs, psychological operations, deception and counter-deception, IO
incident response, how to craft themes and messages, propagation
techniques, and tactics for defending and countering information
operations, among numerous other subjects.
You'll leave the course with much deeper insight into how information
operations are executed and how to defend against them. You'll also gain a
heightened awareness and resistance to the manipulation that is taking
place on a daily basis. Learn More
REGULAR
$4,100
ENDS JULY 19
Introduction to Building and Reversing Digital Radios with SDR
Location: TBD
paul clark
Tracks:
Wireless,
Hardware
Format: 2 Day Trainings
Location: Tropics - A
Skill Level: Intermediate
Experience: In-Person
Learn to build digital radios with SDR and GNU Radio, then apply those
radio skills to reverse basic RF protocols!
This is no lecture-based course, but one built on 23 different projects.
Upon completion, you'll be able to build basic digital transmitters and
receivers using OOK and FSK. You'll also understand the building blocks of
digital signals: clocking, preambles, error-checking, and payload
encodings.
You'll spend the remainder of the course applying your digital SDR skills
to reversing basic digital RF systems. Learn More
REGULAR
$4,350
ENDS JULY 19
iOS Threat Hunting (Virtual)
Location: TBD
matthias frielingsdorf
Tracks:
Mobile,
Malware
Format: 2 Day Trainings
Skill Level: Intermediate
Experience: Virtual
Since 2016 Pegasus is well known in the industry as the prime example for
mercenary spyware targeting iOS devices. But did you know about Quadream's
Reign, Cytrox's Predator, Tykelab's Hermit, Candiru or Operation
Triangulation?
This new and innovative training will enable you to detect a wide variety
of iOS Malware. Our forensic-based approach will provide you with a deep
understanding of the forensic artifacts left behind by these malware
samples and how to detect them through various techniques. Through a
combination of hands-on exercises and expert-led sessions, you will develop
the skills and knowledge necessary to become a proficient iOS Threat
Hunter. Join us in this unique training opportunity that has not been
offered before and gain valuable insights into the world of iOS Malware
detection and forensics. Learn More
REGULAR
$4,100
ENDS JULY 19
Malware Detection and Triage with Volatility 3
Location: TBD
andrew case and dave lassalle
Tracks:
Forensics,
Malware
Format: 2 Day Trainings
Location: Reef - C
Skill Level: Intermediate
Experience: In-Person
Memory forensics—the analysis of volatile memory (RAM)—is an extremely
powerful technique for detecting and triaging modern malware. Memory
forensics is often a critical component of modern incident response due to
the frequent use of memory-only payloads and rootkits that bypass modern
EDRs, hide from live analysis tools, and often leave no file system
artifacts. Memory analysis reconstructs system state without relying on
operating system APIs, allowing it to both detect modern malware and
provide automated triage results. In this course, a mix of lectures and
hands-on labs provides students with the knowledge and experience necessary
to perform real-world incident response using memory analysis for detection
and hunting of sophisticated malware on Windows 10+ systems. The course is
taught by two core developers of Volatility 3, the exciting new version of
the world's most widely used memory analysis framework, and provides early
access to upcoming capabilities. Learn More
REGULAR
$4,100
ENDS JULY 19
Malware Detection in the AI Era: Attacks and Defenses on Machine Learning
Classifiers
Location: TBD
dmitrijs trizna and luca demetrio
Tracks:
AI, ML, & Data Science,
Malware
Format: 2 Day Trainings
Location: Surf - A
Skill Level: Beginner/Intermediate
Experience: In-Person
Endpoint Detection and Response (EDR) systems and Antivirus (AV) solutions
have incorporated machine learning (ML) as core components of their
decision-making processes. However, the integration of ML has introduced
new vulnerabilities, rendering these systems susceptible to specific types
of attacks that can weaken their effectiveness.
In this course, participants will first gain a comprehensive understanding
of how machine learning models can perform the task of malware detection in
both static and dynamic settings, and they will use techniques that explain
their behavior.
Furthermore, we will introduce the concepts of Adversarial Machine
Learning, the field of science that formalizes the presence of an adversary
whose intent is the exploitation of AI models. Attendees will first learn
and then execute known adversarial strategies designed to compromise ML
malware classifiers under different threat models. Lastly, we will show how
these attacks can be limited, by discussing recent advancements in research
of defensive mechanisms. Learn More
REGULAR
$4,100
ENDS JULY 19
Offensive Hardware Hacking Training
Location: TBD
whid - we hack in disguise
Tracks:
Hardware,
IOT
Format: 2 Day Trainings
Location: Palm - F
Skill Level: Beginner/Intermediate
Experience: In-Person
The Offensive Hardware Hacking Training is a hands-on course designed to
fulfill the skills gap that in the recent years emerged within the InfoSec
scene in respect of the (I)IoT landscape. In it, students will be able to
gather the needed theoretical knowledge and practical skills to engage with
confidence hardware security audits involving those devices, that started
to flood both consumer and corporate markets. The course is structured to
be accessible to both junior and senior security personnel: it goes from a
generic panoramic of the theory behind electronics, protocols, memories,
microprocessors & tools-of-the-trade; then proceeds deeper into the topics
by reviewing various TTPs. Moreover, the students' workbook contains more
than 40 practical exercises involving real hardware devices and will allow
each student to physically work on them during the training AND also to
bring it at home together with their own first HW Hacking Lab Kit worth
around 300 USD.
For more info, check the following videos:
1. https://www.youtube.com/watch?v=zbUuBZJIHkE
2. https://www.youtube.com/watch?v=VpHBMELQmnk
Learn More
REGULAR
$4,200
ENDS JULY 19
Open Source Intelligence Tools & Techniques
Location: TBD
mandiant (now part of google cloud)
Tracks:
Defense,
Risk
Format: 2 Day Trainings
Location: Breakers - D
Skill Level: Beginner
Experience: In-Person
This two-day foundational level course is designed to teach intelligence
analysts the fundamentals of open source intelligence (OSINT) tools and
techniques. Students will employ a 3 Phase Branching Model across a
multitude of use cases to conduct investigations. They will also use
popular tools such as Virus Total and Google to drive these investigations
to completion. Learn More
REGULAR
$4,300
ENDS JULY 19
Patch Diffing In The Dark: Binary Diffing For Vulnerability Researchers and
Reverse Engineers (Virtual)
Location: TBD
john mcintosh
Tracks:
Forensics,
AppSec
Format: 2 Day Trainings
Skill Level: All
Experience: Virtual
Every day, a new CVE or blog post is published detailing a critical
vulnerability. Often, we know about a vulnerability but feel like we don't
have the skills or time to understand its root cause. What if you could
change that by learning a new skill that would guide you towards
understanding modern vulnerabilities?
The goal of this course is to teach participants how to use patch diffing
techniques to analyze real-world vulnerabilities in Windows and Android.
You will use open-source tools like the Ghidra SRE framework to reverse
engineer the latest CVEs and discover that you already have the information
and tools needed to get started. This course will help you develop the
confidence and competence to tackle complex vulnerabilities.
If you feel like you are always "in the dark" about the latest CVE and want
to take a step towards the light (understanding), this course is for you.
Learn More
REGULAR
$4,100
ENDS JULY 19
Python Hacker Bootcamp: Zero to Hero
Location: TBD
snowfensive
Tracks:
PenTesting,
Defense
Format: 2 Day Trainings
Location: Lagoon - K
Skill Level: All
Experience: In-Person
Scripting and automation have become standard requirements for
cybersecurity professionals. However, learning how to program is
challenging for many. Many people give up learning this skill because they
may need to learn how to start, find programming books confusing, or the
examples taught in online classes don't apply to their use cases. If you
want to learn how to program Python to automate tasks, increase accuracy,
and become more marketable in the workforce, this course is for you.
This course was designed to follow a hacker's methodology of programming.
Instead of learning formal programming practices that you'll never use
(we're looking at you bubble sort), this course focuses on core concepts
taught using information security-centric projects. The hands-on labs,
which accompany the practical application lectures, focus on solving
commonplace and real-world security challenges. The labs have been designed
to apply to information security professionals. Join us for a fun,
fast-paced bootcamp to take you from zero to hero! Learn More
REGULAR
$4,300
ENDS JULY 19
Reverse Engineering Firmware with Ghidra
Location: TBD
tetrel security
Tracks:
Hardware,
IOT
Format: 2 Day Trainings
Location: South Pacific - A
Skill Level: Intermediate
Experience: In-Person
This hands-on course teaches the concepts, tools, and techniques required
to reverse engineer firmware and assess embedded devices. To ensure the
tools taught are available to all, we will make use of Ghidra, a powerful
open-source reverse engineering tool developed by the National Security
Agency.
Within the two days, you will:
Learn general techniques for binary reverse engineering
Identify, unpack, load, and analyze various types of firmware into Ghidra
Use reverse engineering techniques to find exploitable vulnerabilities in
an embedded Linux device
Map device vector tables, peripheral memory, and system calls to find
exploitable vulnerabilities in a bare-metal device
Identify remotely exploitable vulnerabilities in a Bluetooth Low Energy
device
Learn to use a debugger to assist in reverse engineering
Labs attacking an embedded Linux system and a bare-metal Bluetooth Low
Energy device will be used to deliver a hands-on experience. You can expect
to leave this course with the skills to reverse firmware for a variety of
embedded targets. Learn More
REGULAR
$4,100
ENDS JULY 19
Tactical Recon for Pentesters - 2024 Edition
Location: TBD
redhunt labs
Track:
PenTesting
Format: 2 Day Trainings
Location: South Pacific - D
Skill Level: Beginner/Intermediate
Experience: In-Person
This 2024 Edition of our Tactical Recon for Pentesting training program not
ONLY focuses on OSINT but also focuses on in-depth attack tactics using the
information collected in the earlier phases. This course will focus on a
wide range of tools and techniques for performing real-world reconnaissance
in order to launch targeted attacks against modern and dynamic
infrastructures.
We will take a deep dive into various modern methodologies for extracting
useful information from the internet. Furthermore, we will cover how this
extracted information can be used in attack scenarios to get an initial
foothold in multiple ways within an organization's network beyond the
firewall and further exploit it to gain and maintain elevated access. The
course will cover topics like:
* Mapping the Modern Attack Surface
* Comprehensive Subdomain Enumeration
* Exploring Dark Web
* Hunting 3rd Party SaaS Apps
* Hunting & Attacking API Endpoints
* Supply Chain Enumeration & SBOM
* Template Based Scanning
* Attacks using Recon from Docker Image, EBS volumes, etc.
* Exploring Mobile Applications for Attack Chaining
* Practical Social Engineering, etc.
This 2-day course takes a hands-on approach to indulge the participants in
real-world scenarios, simulated lab environments, and case studies to get
proficient in techniques and methodologies. Each participant will also be
provided ONE MONTH FREE ACCESS to our Hybrid-Cloud Based Private Lab
mimicking the modern age infrastructure, as well as decoy accounts and the
organization's social presence, where they can practice the skills learned
during the course. Learn More
REGULAR
$4,100
ENDS JULY 19
The Shellcode Lab
Location: TBD
threat intelligence pty ltd
Tracks:
PenTesting,
Malware
Format: 2 Day Trainings
Location: Jasmine - G
Skill Level: Intermediate
Experience: In-Person
The Shellcode Lab is back for its 14th consecutive year Black Hat USA! With
feedback like "By far the best course I've taken at Black Hat", this is the
training that takes your penetration testing and low-level technical skills
to the next level!
With 17 multi-part hands-on labs and over 150 slides of hard-core technical
content, students start with basic knowledge, and by the end of the first
day write their own macOS 64-bit Port Bind shellcode from scratch to
remotely compromise a server.
In this exciting and hands-on training, you will:
* Create custom payloads for:
* Linux 32-bit
* macOS 64-bit
* Windows 32-bit
* Windows 64-bit
* Make payloads small to fit into more exploits
* Implement techniques to avoid bad characters
* Integrate your payloads into public exploits
* Create a Metasploit Payload Module using your payloads
* Compromise machines using your payloads
We take your security skills to the next level - fast!
Seats go fast. Register now to secure your spot! Learn More
REGULAR
$4,100
ENDS JULY 19
Windows Enterprise Incident Response
Location: TBD
mandiant (now part of google cloud)
Tracks:
Forensics,
Defense
Format: 2 Day Trainings
Location: Breakers - B
Skill Level: Beginner/Intermediate
Experience: In-Person
Windows Enterprise Incident Response is an intensive two-day course
designed to teach the fundamental investigative techniques and digital
forensics skills needed to respond to complex intrusions by motivated and
persistent attackers. The class is built upon a series of hands-on labs
that highlight the phases of a targeted attack, key sources of evidence,
and the forensic analysis know-how required to analyze them. Created and
taught by consultants who do this work daily, this class is based on
first-hand experience responding to incidents all around the world for
major organizations. At Mandiant, we investigate the incidents that matter,
and we're bringing that knowledge to the students of this class. Learn More
REGULAR
$4,300
ENDS JULY 19
* 2 Day (Mon-Tue)
* 360° Ransomware Response: Detection, Negotiation, Recovery, and Prevention
Location: TBD
lmg security (sherri davidoff and matt durrin)
Tracks:
Forensics,
Defense
Format: 2 Day Trainings
Location: Jasmine - F
Experience: In-Person
Learn to respond to ransomware effectively and efficiently. In this
hands-on boot camp, we'll show you a comprehensive approach to ransomware
response, covering key aspects such as early detection, negotiation
tactics, and decryption challenges. We'll analyze the latest ransomware
strains and learn about evolving detection strategies. Then we'll delve
into core elements of the initial response: triage, evidence preservation,
scoping, containment and mitigation. We'll study the decryption process,
including infected decryptors, double-encryption issues, and other common
challenges. You'll learn practical ransom negotiation tactics and gain
insights on the business impacts and communication strategies that will
help you effectively support legal teams, public relations and more
throughout the response. Hands-on labs are included throughout the class.
Each student gets 90 days of free access to the Ransomware Virtual
Laboratory. Along the way, we'll take students full circle and point out
effective technical measures that block attackers and prevent ransomware
deployment. Learn More
REGULAR
$4,300
ENDS JULY 19
Video Preview »
2024, A Space Hacking Odyssey
Location: TBD
final frontier security
Tracks:
PenTesting,
ICS
Format: 2 Day Trainings
Location: Palm - H
Skill Level: All
Experience: In-Person
Sure, maybe you've hacked the planet, but how about hacking off planet? The
final frontier has been designated as critical infrastructure. Satellites
and other space systems are an integral part of our daily lives from
navigation to communications, financial transactions, and national
security. Cybersecurity for these assets is environmentally and
operationally constrained in ways unfamiliar to most practitioners. What
better way to gain an appreciation for the challenges of cybersecurity in
space and an understanding of how attackers will behave against this attack
surface than exploiting it yourself? Learn More
REGULAR
$4,100
ENDS JULY 19
A Basic Guide to Bug Hunting with Ghidra
Location: TBD
craig young
Tracks:
AppSec,
PenTesting
Format: 2 Day Trainings
Location: Banyan - D
Skill Level: Intermediate
Experience: In-Person
Discover the art of uncovering vulnerabilities without the aid of source
code or commercial tooling. This class is a deep-dive on how to use open
source tools to shed light on closed source binaries. We will cover how bug
hunters use free tools like Ghidra, AFL, QEMU, Frida, and GDB, to find
exploitable bugs in modern software. Students will be introduced to each of
these tools and more as we walk through exercises demonstrating their use.
We will start with relatively simple techniques, like using Ghidra to
identify and trace potentially insecure function calls, but by the end we
will be looking at advanced techniques for stitching fuzzers together from
compiled code. We'll also explore opportunities for using dynamic analysis
to identify interesting code paths and reveal subtle bugs. Students in this
class should be comfortable working with C code and have a basic
understanding of memory safety vulnerabilities. Learn More
REGULAR
$4,200
ENDS JULY 19
A Beginner's Guide To Threat Hunting: How to Shift Focus from IOCs to
Behaviors and TTPs
Location: TBD
lee archinal (intel471/cyborg security)
Tracks:
Defense,
Human
Format: 2 Day Trainings
Location: Banyan - C
Experience: In-Person
This course is designed to provide the students with hands-on experience in
behavioral threat hunting. This includes covering common models and how
they relate to threat hunting, how to operationalize an intel report
focusing on tactics, techniques, and procedures (TTPs), how to leverage
intelligence to initiate and conduct a hunt, data pivoting from initial
query to results, proper documentation techniques to compile and organize
findings in a repeatable manner. The culmination of this process will be a
series of simulated attack chains using real world adversary TTPs, broken
down into two phases: crawling and walking.
The crawl phase will provide students with the opportunity to go hands-on
with the data in a step-by-step hunting tutorial. This practical session
will allow students to experience threat hunting in a structured and
controlled manner, and allow them to practice the topics that were covered.
The walk phase will see students break off into small SOC teams for an
activity that will put all of their practical knowledge to the test. Learn
More
REGULAR
$4,100
ENDS JULY 19
Accelerated AppSec – Hacking your Product Security Programme for Velocity
and Value (Virtual)
Location: TBD
josh grossman, bounce security
Tracks:
AppSec,
Defense
Format: 2 Day Trainings
Skill Level: Beginner/Intermediate
Experience: Virtual
Software is a key part of the organization's "perimeter" but to many
security people the engineering / development team can feel like a "black
box". At the same time, product security is a complex, constantly changing
and high-risk area for which the traditional security team is still
considered responsible.
In this one-of-a-kind course, exclusive to Black Hat, you will learn:
* How to bridge the gap with engineering by getting leadership buy-in
* How to build security processes which meet developers where they are
* How to use scanning tools to accelerate your efforts without causing
developer fatigue
To bring the course to life and let you apply what you learn, you will work
in teams (or individually if you prefer) on table-top exercises which
simulate real challenges and situations which you might come across when
building a software security programme.
These exercises are based on our highly successful model from previous
courses and give you the opportunity to plan your approach (using our
in-house developed templates and tools) and then explain and justify your
decisions to simulated stakeholders.
Be ready to leave the course with clear strategies and ideas on how to
build a valuable product security programme with strong engineering
support. Learn More
REGULAR
$4,100
ENDS JULY 19
Video Preview »
Accurate and Scalable: Web Application Bug Hunting
Location: TBD
michal kamensky, bounce security
Tracks:
AppSec,
PenTesting
Format: 2 Day Trainings
Location: Coral - C
Skill Level: Beginner/Intermediate
Experience: In-Person
Ever find yourself repeating manual searches while analyzing a massive
codebase? Do you often manually perform the same tests over and over when
reviewing a huge web application?
In this course you will learn how to take all that knowledge and repetitive
work and put it into custom checks and tailored scans that will do the work
for you, across the whole application.
You will practice performing scalable, assisted manual research, using
free, open-source tools such as Semgrep and Nuclei whilst leveraging your
familiarity with the application and its logic. Instead of generic
vulnerability scans that barely find the obvious problems and flood you
with false positives, you can develop tailor-made checks that find what is
important.
Through multiple hands-on examples and practical exercises, you'll learn
how this approach of customization at scale enables you to look far beyond
the low hanging fruit, with useful tools that spare you the trouble of
reinventing the wheel each time around. Learn More
REGULAR
$4,100
ENDS JULY 19
Active Directory Attacks for Red and Blue Teams – Advanced Edition
(Virtual)
Location: TBD
altered security
Tracks:
PenTesting,
Network
Format: 2 Day Trainings
Skill Level: Intermediate
Experience: Virtual
More than 95% of Fortune 500 companies use Active Directory! Enterprises
are managed using Active Directory (AD) and it often forms the backbone of
the complete network. To secure AD, you must understand different
techniques and attacks used by adversaries against it. Often burdened with
maintaining interoperability with a variety of products, AD lack ability to
tackle latest threats.
This training is aimed towards attacking modern AD using built-in tools,
scripting and other trusted OS resources. Some of the techniques, used in
the course:
* Extensive AD Enumeration
* Trust mapping and abuse
* Privilege Escalation
* Advanced Kerberos Attacks
* Advanced cross forest trust abuse
* Attacking Azure AD integration
* Abusing trusts for MS products
* Credentials Replay Attacks
* Persistence
* Defenses
* Bypassing defenses
Attendees will get free two-month access to an AD environment comprising of
multiple domains and forests and a Certified Red Team Expert Exam (CRTE)
certification attempt. Learn More
REGULAR
$4,100
ENDS JULY 19
Active Directory Security Fundamentals
Location: TBD
specterops
Tracks:
PenTesting,
Defense
Format: 2 Day Trainings
Location: South Seas Ballroom - A
Experience: In-Person
Stop being passive with your Active Directory! Kerberos, ADUC, Golden
Tickets, Security Principals – have you come across these or similar words
in penetration test reports or security bulletins and felt a little… lost?
Active Directory comprises many components that fulfill complex
architectural requirements but can also open cracks through which attackers
may slip. Active Directory: Security Fundamentals demystifies the various
Active Directory components and illustrates how these components can
potentially introduce risks to your organization. This course empowers
network defenders to directly look under the hood of their Active Directory
architecture and understand their environment better than attackers.
Instructors share their knowledge and personal experiences testing Active
Directory in hundreds of environments to reveal not only common pitfalls in
securing their environment but also how they commonly occur. Learn More
REGULAR
$4,300
ENDS JULY 19
Adam Shostack's Threat Modeling Intensive
Location: TBD
adam shostack
Tracks:
AppSec,
Defense
Format: 2 Day Trainings
Location: Lagoon - J
Skill Level: All
Experience: In-Person
Threat modeling is the best way for security professionals to get a seat at
the table and influence a project early. It's how we get systematic,
structured and comprehensive about the products and services we deliver.
This is a rare public opportunity to take a course from "the person who
wrote the books." (Threat Modeling: Designing for Security and Threats:
What Every Engineer Should Learn from Star Wars) Learn More
REGULAR
$4,200
ENDS JULY 19
Advanced Cloud Incident Response in Azure and Microsoft 365
Location: TBD
korstiaan stam from invictus incident response b.v.
Tracks:
Forensics,
Defense
Format: 2 Day Trainings
Location: Jasmine - B
Skill Level: Intermediate/Advanced
Experience: In-Person
In this comprehensive two-day hands-on training, immerse yourself in the
intricacies of forensics and incident response within the Microsoft cloud
environment. This course delves into both Microsoft 365 and Microsoft
Azure, providing practical insights into investigating cyber attacks and
navigating relevant log artifacts. All concepts taught are directly
applicable to real-life threats observed in the Microsoft cloud.
Benefit from the expertise of a trainer with firsthand experience in
cloud-based incident response and forensic investigations, sharing insights
not found on conventional websites. By the end of this training, you will
be well-equipped to confidently investigate any threat within the Microsoft
cloud.
Experience a highly interactive training with practical exercises, at the
end of the course you will investigate two comprehensive attack scenarios
in both Azure and M365 in the Capture The Flag (CTF) challenge. It is your
task to solve as many puzzle pieces as possible. Learn More
Class Full
REGULAR
$4,100
ENDS JULY 19
Advanced Hacking and Securing Windows Infrastructure
Location: TBD
paula januszkiewicz, ceo and cybersecurity expert; dr. mike
jankowski-lorek, director of consulting, cybersecurity expert
Track:
Defense
Format: 2 Day Trainings
Location: Jasmine - D
Skill Level: Intermediate/Advanced
Experience: In-Person
Take your cybersecurity skills to the next level with our infrastructure
services security course. Ideal for enterprise admins, security officers,
and architects seeking to protect critical infrastructure, this course is
taught by leading experts Paula Januszkiewicz and Mike Jankowski-Lorek,
Ph.D.
You'll gain practical knowledge from years of experience and successful
projects, with a focus on critical penetration testing tasks to effectively
safeguard your organization from cyberattacks. Learn efficient network
mapping, vulnerability identification, and exploitation techniques, while
mitigating the risk of attacks through secure measures. Learn More
REGULAR
$4,100
ENDS JULY 19
Advanced Hardware Hacking: Power Analysis & Fault Injection with the
ChipWhisperer
Location: TBD
newae technology inc.
Tracks:
Hardware,
IOT
Format: 2 Day Trainings
Location: Breakers - A
Skill Level: Intermediate
Experience: In-Person
This course brings you up to speed on advanced hardware hacking topics such
as power analysis and fault injection. The course is based around the
open-source ChipWhisperer project, and students will use a variety of
related tools in the course. This updated 2-day course includes more
focused labs using a wide variety of ChipWhisperer tools setup in the
classroom. Topics include power analysis for passwords & encryption
algorithms, along with fault injection using voltage, clock, and
electromagnetic fault injection. The course is structured so that students
can work through a wide variety of additional ChipWhisperer tutorials after
the course, focusing the course contents on the fundamentals along with how
to apply the material in practical scenarios. Learn More
REGULAR
$4,200
ENDS JULY 19
Advanced Malware Traffic Analysis: Adaptive Defence - 2024 Edition
Location: TBD
veronica valeros, sebastian garcia
Tracks:
Network,
Defense
Format: 2 Day Trainings
Location: Banyan - E
Skill Level: Intermediate/Advanced
Experience: In-Person
This intensive hands-on training provides students with the essential
know-how to analyze malware traffic and advanced attacks, gaining a deep
understanding of malware behaviors within a network. Through practical
exercises, participants gain proficiency in identifying malicious
connections and learn to differentiate between normal and malicious
behaviors while effectively handling very large traffic captures.
The most important lesson of the training is: that it is not about how to
use a tool. The goal is to transmit the experience of recognizing malicious
actions within the network. This includes understanding how malware hides,
how to track it, and how to analyze traffic patterns to discard false
positive connections. Students actively engage in executing their own
malware, exploiting active services, capturing its traffic, and conducting
comprehensive analysis, with a particular focus on real-life scenarios. It
also explores and incorporates the application of machine learning models
for detection. Learn More
REGULAR
$4,200
ENDS JULY 19
Advanced Threat Emulation: Active Directory
Location: TBD
bc security
Tracks:
PenTesting,
Malware
Format: 2 Day Trainings
Location: Shell Seekers - A
Skill Level: Intermediate/Advanced
Experience: In-Person
This training course covers various aspects of Active Directory and how to
attack it. Students will learn about network poisoning and authentication
protocols in Windows networks, the different kinds of Windows credential
types, and how to use them. Students will also learn common attacks on NTLM
and Kerberos, such as NTLM relay attacks, delegation attacks, and creating
forged tickets. Students will become familiar with identifying and
exploiting common Active Directory misconfigurations . Students will be
able to conduct attacks from both Windows and Linux operating systems and
learn the nuances between each platform for performing attacks. Students
will learn where credentials are stored on a Windows system and how to
extract credentials from LSASS, DPAPI, SAM, LSA, and the Kerberos ticket
cache. Students will learn about the different domain trusts and how to
perform multi-domain compromises. Learn More
REGULAR
$4,100
ENDS JULY 19
Advanced Threat Emulation: Evasion
Location: TBD
bc security
Tracks:
PenTesting,
Malware
Format: 2 Day Trainings
Location: Jasmine - C
Skill Level: Intermediate/Advanced
Experience: In-Person
Windows presents a vast attack surface, providing the Blue Team with many
detection opportunities. Students will learn about evading Blue Team
hunters by first learning to build detections, then masking their
signatures, and exploiting indicators to decrease detection probability. We
will also explore the impact of migrating through different programming
languages, such as C# and IronPython. By the end of the course, students
will be equipped with the knowledge to obfuscate open-source tools without
necessitating custom tooling for use across a diverse and dynamic
operations environment.
This class will explore the theory behind malware obfuscation, starting
with the Theory of Code Obfuscation and how it applies to Tactics,
Techniques, and Procedures (TTPs) implemented by modern Advanced Persistent
Threats (APTs). We will examine everything from standard variable
obfuscation to control flow manipulation to data procedurization. Students
will apply obfuscation theory to practical applications in hands-on labs
throughout the course. Learn More
REGULAR
$4,100
ENDS JULY 19
Adversarial Approach - Combating Social Engineering Attacks through
Situational Awareness
Location: TBD
jayson e. street
Track:
Human
Format: 2 Day Trainings
Location: Lagoon - E
Skill Level: Beginner/Intermediate
Experience: In-Person
Fueled by advancements in social media and AI, the evolution of social
engineering tactics has elevated cyber threats to unprecedented levels of
sophistication. So, why has the approach to Security Awareness Training
(SAT) stayed the same? This hands-on course will teach you how to go beyond
best practices and use modern social engineering techniques to transform
"security awareness" into "situational awareness."
Course Features:
* Apply AI for social engineering and other simulated nefarious purposes
* Learn DuckyScript and use it to expose the risk to executives and
coworkers
* Participate in 6 Practical Hands-On Exercises in Recon, Phishing
exploits, and Ways to Engage Your Employee Base
* Help educate others become more situationally aware of threats
* Take home a custom Hak5 field kit (consisting of Bash Bunny Mark II,
O.MG Elite USB-C Cable, & O.MG Programmer)
Traditional SAT programs cover password hygiene, recognizing phishing
emails, securing physical workspaces, and understanding the importance of
data privacy. This knowledge is essential but lacks the interactivity and
real-world simulation needed to effectively prepare someone for the dynamic
cyber threats of today. We will address that gap by teaching you:
* How adversaries perform reconnaissance using the Open-Source
Intelligence (OSINT) model
* How to effectively use spear phishing and physical compromise
demonstrations to showcase the direct impact of threats
* How to enhance your SAT program with engaging content to develop
security culture
At the end of this course, you will have the knowledge and tools you need
to demonstrate the impact of a social engineering attack. You will be able
to defeat optimism bias and show anyone how they can be personally impacted
by cybersecurity events. You'll also have strategies to secure leadership
endorsement and apply your new abilities to modernize the SAT program in
your organization.
Once you have successfully instilled situational awareness into the
personnel of your organization, you will have mobilized your organization's
most effective defense in the fight against cybercrime. This course serves
as a catalyst for transformative change, ensuring your organization's
resilience in the face of modern cybersecurity challenges.
Learn More
REGULAR
$4,300
ENDS JULY 19
Agile Whiteboard Hacking – aka Hands-on Threat Modeling (Virtual)
Location: TBD
toreon
Tracks:
AppSec,
Defense
Format: 2 Day Trainings
Skill Level: Beginner/Intermediate
Experience: Virtual
In this "Black Hat edition" training, we challenge you with hands-on threat
modeling exercises based on real-world projects. You will get insight into
our practical industry experience, helping you to become a Threat Modeling
Practitioner. We included an exercise on MITRE ATT&CK, and we focus on
embedding threat modeling in Agile and DevOps practices. And we introduce a
new challenge on threat modeling a Machine Learning-Powered Chatbot.
We levelled up the threat modeling war game. Engaged in CTF-style
challenges, your team will battle for control over an offshore wind turbine
park.
All participants get our Threat Modeling Playbook to improve you threat
modeling practice, one-year access to our online threat modeling learning
platform, and one-hour personal coaching to refine your threat modeling.
Our self-paced Threat Modeling Introduction training is included in this
course.
All participants get our Threat Modeling Playbook to improve you threat
modeling practice, one-year access to our online threat modeling learning
platform, and one-hour personal coaching to refine your threat modeling.
Are you new to threat Modeling? Our self-paced Threat Modeling Introduction
training is included in this course. Learn More
REGULAR
$4,300
ENDS JULY 19
AI Red Teaming in Practice
Location: TBD
dr. amanda minnich. microsoft ai red team gary lopez. microsoft ai red team
Tracks:
AI, ML, & Data Science,
AppSec
Format: 2 Day Trainings
Location: Oceanside - F
Skill Level: Intermediate/Advanced
Experience: In-Person
There is so much more to red teaming AI systems than prompt injection.
In this training, attendees will learn how to red team AI systems
leveraging three pillars: traditional software vulnerabilities in AI
systems, AI-specific vulnerabilities, and Responsible AI (RAI)
vulnerabilities. By the end of the class, attendees should be able to probe
comfortably any machine learning system for OWASP Top 10 LLM
vulnerabilities. We will exclusively use open- source tools and frameworks
such as Semantic Kernel, LangChain, NeMo Guardrails, Counterfit and the
MITRE ATLAS to red team AI systems.
The course is taught by Microsoft's AI Red Team, which was the first to
combine RAI Red Teaming alongside security red teaming. In the last year,
every high-risk AI system—including models and Copilots—was assessed by
this team. We will use this real-world experience to upskill Black Hat
attendees. Learn More
Class Full
REGULAR
$4,100
ENDS JULY 19
A Journey Into Mobile Application Hacking (iOS & Android)
Location: TBD
sensepost training | orange cyberdefense
Tracks:
Mobile,
PenTesting
Format: 2 Day Trainings
Location: Lagoon - B
Skill Level: Beginner/Intermediate
Experience: In-Person
The course is created by hackers for hackers looking to take over the
mobile application hacking world!
Through this course we will show you how to do mobile assessments from
absolute scratch.
We will show you all of the basic concepts and tools required to perform
meaningful mobile assessments which will add value to your customer's
mobile offerings.
The course consists of two days of which 60% is practical. Designed,
developed and delivered by the team behind one of the most commonly used
mobile application hacking tools known as Objection. We will give you a
solid foundation so you can build a castle if you wish to. We will cover
Android and iOS with a playground of apps that you can hack to your hearts
content. The course is structured to make use of emulators, so you don't
even need physical devices to take part in the course.
Key Take-Aways:
* Form a base understanding of the mobile application hacking industry
* Build up a solid methodology and skill-set to assess and break mobile
applications built for iOS and Android
* Understand the required testing environment and tools required to make
mobile app hacking fun and exciting
Join us and hack some mobile apps! Learn More
REGULAR
$4,300
ENDS JULY 19
Applied Data Science and Machine Learning For Cybersecurity
Location: TBD
gtk cyber
Tracks:
AI, ML, & Data Science,
Defense
Format: 2 Day Trainings
Location: Palm - D
Experience: In-Person
This interactive course will teach security professionals how to use data
science and AI to quickly manipulate and analyze security data. The course
will cover the entire data science process from data preparation,
exploratory data analysis, data visualization, machine learning, model
evaluation and finally, implementing at scale—all with a focus on security
related problems. Learn More
REGULAR
$4,300
ENDS JULY 19
Applied Hardware Attacks 2 - Hardware Pentesting
Location: TBD
joe fitzpatrick & the securinghardware.com team listed on black hat event
website
Tracks:
Hardware,
PenTesting
Format: 2 Day Trainings
Location: Breakers - F
Skill Level: Intermediate
Experience: In-Person
You've learned about JTAG, UART, and SPI in your introductory IOT hacking
class, but how does this apply to real world devices you encounter on
actual engagements?
This course distills the art of hardware hacking the into the science of a
standardized penetration testing procedure.
We'll analyze how and why hardware hacks belong in scope of certain pen
tests, and what that means to threat modeling and deliverables. We'll build
upon your basic skills and see how more advanced hardware and firmware
analysis tells us more about the software vulnerabilities in a system.
We'll prototype some hardware exploits into compelling demos or helpful
red-team tools. Learn More
REGULAR
$4,300
ENDS JULY 19
A Practical Approach to Breaking & Pwning Kubernetes Clusters
Location: TBD
madhu akula
Tracks:
PenTesting,
Risk
Format: 2 Day Trainings
Location: Jasmine - E
Skill Level: Beginner/Intermediate
Experience: In-Person
The adoption of Kubernetes use in production has increased to 83% from a
survey by CNCF. Still, most security teams struggle to understand these
modern technologies. In this real-world scenario-based training, each
participant will be learning Tactics, Techniques, and Procedures (TTPs) to
attack and assess Kubernetes cluster environments at different layers like
Supply chain, Infrastructure, Runtime, and many others.
Some of the things you will be doing in this course:
* Exploiting Misconfigurations and private Registries by performing simple
Recon
* Escaping out of containers to host systems and clusters to gain more
access
* Escalating privileges, DoS cluster resources, Lateral movement from
container
* Gaining unauthorized access to namespaces, microservices, data, and logs
* Breaking the boundaries of NSP(Network Security Policy), RBAC, Profiles
* Defense evasion techniques & Persistence in Cluster Environments
* Bypassing the solutions like Policy Engines, Resource limits, and
Controls
* Evaluating the cluster security using CIS benchmarks and Cluster Audits
to find all possible risks
Also, the trainer will provide a step-by-step guide(Digital Book) with
resources and references to further your learning. Learn More
REGULAR
$4,100
ENDS JULY 19
Astute AWS/Azure/GCP Cloud Red Team: It's Raining Shells! - 2025 Edition (2
Day)
Location: TBD
ultraviolet cyber
Tracks:
PenTesting,
Network
Format: 2 Day Trainings
Location: Mandalay Bay - C
Skill Level: Intermediate
Experience: In-Person
Stay frosty within AWS, Azure, & GCP environments with this fast-paced and
hands-on course which teaches each participant the Tactics, Techniques, and
Procedures (TTPs) needed to infiltrate and expand access within cloud
platforms.
In this course you will:
* Exploit serverless (e.g. Lambda, Azure Functions) applications for
initial access into targets.
* Pivot between data and control planes to expand access (e.g. collecting
secrets, snapshots)
* Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain
undetected.
* Breach and backdoor boundaries (e.g. VPCs) to access hard-to-reach
systems.
* Expanding access within Kubernetes (K8s) envs (e.g. GCP bypass of
metadata protections)
Compete throughout the course in our hands-on Capture the Flag (CTF)
tournament! Learn More
REGULAR
$4,200
ENDS JULY 19
Attack and Defend Android Applications (Virtual)
Location: TBD
cyfinoid research
Tracks:
Mobile,
Defense
Format: 2 Day Trainings
Experience: Virtual
This course focuses on the Android application ecosystem covering both the
offense & defense of the application development process. We start with
attacks, covering various possible attacks on Android applications. Then we
provide solutions to various challenges routinely encountered by Android
security engineers and pen testers:
* Traffic interception (HTTP/HTTPS/web socket/non-HTTP)
* Root detection bypass
* Static & dynamic analysis
* Perform dynamic instrumentation (Frida / Magisk)
* Analyzing non-Java/ Kotlin apps (React Native, Xamarin and Flutter)
Next, we shift gears and focus on defending the applications, and major
areas covered are:
* Application Threat Modeling
* Identifying weaknesses
* Adding Security into CI / CD Pipeline for the application
* Analysis of the results
* Defense in Depth Design Techniques
The aim is not to create a "zero to hero" experience, but to provide a
methodical approach with which the participants could perform any Android
application assessment. We provide students with access to learning
portals, cloud VM's, a soft copy of slides, detailed answer sheets as well
as AMI's to continue learning after class. Learn More
REGULAR
$4,100
ENDS JULY 19
Automating Security with Open Source
Location: TBD
threat intelligence pty ltd
Tracks:
Defense,
Forensics
Format: 2 Day Trainings
Location: Mariners - B
Skill Level: Beginner/Intermediate
Experience: In-Person
The security industry is running fast towards security automation to
increase the capability and capacity of security teams so they can
effectively and efficiently stay on top of the constantly evolving threats,
attacks, and security breaches that occur every day!
Learn how to implement streamlined security operations and help prevent
breaches through security automation, including:
* Automated Intelligence Collection and Analysis
* Automated Vulnerability Identification and Penetration Testing
* Automated Security Monitoring and Incident Response
* Automated Security Infrastructure Orchestration and Integration
* Automated Chaining of Security Capabilities
* Automated Security Notifications
Get ahead of the hackers and start automating the protection of your
organisation now!
Register now to secure your spot! Learn More
REGULAR
$4,100
ENDS JULY 19
Basic Web Hacking - 2 Day
Location: TBD
notsosecure / karan shah
Tracks:
AppSec,
PenTesting
Format: 2 Day Trainings
Location: Mandalay Bay - I
Skill Level: Beginner
Experience: In-Person
This is an entry-level web application security testing course and a
recommended pre-requisite course before enrolling for our "Web Hacking
Black Belt Edition" course. This foundation course of "Web Hacking"
familiarizes the attendees with the basics of web application and web
application security concerns. Several tools and techniques, backed up by a
systematic approach on the various phases of hacking will be discussed
during this 2-day course. If you would like to step into a career of
Ethical Hacking / Pen Testing with the right amount of knowledge, this is
the right course for you.
This course familiarizes the attendees with a wealth of tools and
techniques required to breach and compromise the security of web
applications. The course starts by discussing the very basics of web
application concepts, and gradually builds up to a level where attendees
can not only use the tools and techniques to hack various components
involved in a web application, but also walk away with a solid
understanding of the concepts on which these tools are based. The course
will also talk about industry standards such as OWASP Top 10 and PCI DSS,
which form a critical part of web application security. Numerous real-life
examples will be discussed during the course to help the attendees
understand the true impact of these vulnerabilities. Learn More
REGULAR
$4,100
ENDS JULY 19
Black Hat Cryptography: Attacks, Tools & Techniques for Security
Professionals
Location: TBD
ruben gonzalez
Tracks:
PenTesting,
Crypto
Format: 2 Day Trainings
Location: Banyan - F
Skill Level: Beginner/Intermediate
Experience: In-Person
Crypto-related vulnerabilities are super common! OWASP even ranks
"Cryptographic Failure" as the second most common security vulnerability
class in software. Yet, very often these vulnerabilities are overlooked by
developers, code auditors, blue teamers, and penetration testers alike.
Because, let's face it: Nobody knows how cryptography works.
This course turns you into a powerful weapon. It will teach you how applied
cryptography is commonly misused in the field and how this leads to
exploitable bugs. Using case studies
from our own pentesting and red teaming engagements, we'll introduce core
concepts of applied cryptography and how they fail in practice.
During the course you'll:
* Understand how modern cryptography works
* Find common crypto vulnerabilities in real software
* Write crypto exploits for real software (and an IoT device)
At the end of the course you'll be able to spot an exploitable crypto bug
from miles away (and be able to avoid them yourself)! No prior knowledge
required. Learn More
REGULAR
$4,100
ENDS JULY 19
Black Hat Machine Learning
Location: TBD
nvidia
Tracks:
AI, ML, & Data Science,
PenTesting
Format: 2 Day Trainings
Location: Palm - A
Skill Level: Intermediate/Advanced
Experience: In-Person
Machine Learning technologies continue to improve and expand into new areas
at a blistering pace: from driving cars to detecting cancer, defending
networks to analyzing the human genome, writing code, generating synthetic
artwork, flying drones, and more. With this success, ML is starting to
receive scrutiny from regulators, security teams, and hackers across all
industries. ML Systems represent a new attack surface and bring up genuine
security concerns. In this training, students will explore the security
risks and vulnerabilities that adopting machine learning might expose you
to. This course will provide students with a realistic environment and
methodology to explore the unique risks presented by the use of ML in
today's environments. Students will leave equipped to assess the threat
model, vulnerabilities, and attack surface of ML systems. Learn More
REGULAR
$4,100
ENDS JULY 19
Cloud Security Hands-On (CCSK+) for Azure
Location: TBD
securosis
Track:
Defense
Format: 2 Day Trainings
Location: Palm - B
Skill Level: Beginner
Experience: In-Person
This course provides a solid foundation in cloud security, including 50% of
hands-on labs in AWS to apply the principles in practice. We cover all the
material needed to pass the Cloud Security Alliance Certificate of Cloud
Security Knowledge (CCSK) exam while adding a pragmatic approach to
immediately kick-start your cloud security projects. This class has been
updated to align with version 5 of the CSA Guidance. Learn More
REGULAR
$4,300
ENDS JULY 19
Cognitive Security: Preparing for Cyber Deception Through Synthetic Media
Attacks
Location: TBD
psyber labs, llc
Tracks:
Human,
Defense
Format: 2 Day Trainings
Location: Tropics - B
Experience: In-Person
Threat actors are rapidly moving beyond traditional cyber-attacks by
leveraging generative AI and synthetic media to carry out cognitive warfare
and cyber deception tactics against their victims. Extorting high net worth
individuals in deepfake virtual kidnapping scams, disseminating
disinformation by impersonating well-established brands, and spoofing the
voices of executives to convince employees to transfer funds to
illegitimate accounts; are just a few examples of tactics already observed
in the wild. You will leave this course with the tools and training
required to integrate deepfakes and synthetic media into your red team
assessments, be able to conduct cyber threat assessments, and practice
developing mitigation strategies to reduce potential harm from these
attacks. By engaging with attacks from both the offensive and defensive
perspectives you will gain a deep understanding of the critical factors
that differentiate highly sophisticated attacks from mediocre attempts.
Learn More
REGULAR
$4,100
ENDS JULY 19
Defeating Microsoft's Default Bitlocker Implementation
Location: TBD
popp schweiz ag
Tracks:
Forensics,
Hardware
Format: 2 Day Trainings
Location: Breakers - J
Skill Level: All
Experience: In-Person
This training guides you through the whole process involved for a
successful BitLocker TPM bus sniffing attack. Within two days you will be
given the necessary knowledge about micro soldering, notebook internals,
TPM basics, logic analyzers, basic forensic data acquisition and some
BitLocker theory. In the end you will not just be able to conduct the
attack against a test notebook which you can take home, but also fully
understand what you are actually doing and applying it to your devices.
Learn More
REGULAR
$4,100
ENDS JULY 19
Defending Enterprises - 2024 Edition
Location: TBD
in.security
Tracks:
Defense,
PenTesting
Format: 2 Day Trainings
Location: Palm - C
Experience: In-Person
Updated for 2024, our immersive 2-day Defending Enterprises training is the
natural counterpart to our popular Hacking Enterprises course.
You'll play a SOC analyst in our Microsoft Sentinel cloud-based lab and try
to rapidly locate IOA's and IOC's from a live enterprise breach executed by
the trainers in real-time.
Whether you're new to Kusto Query Language (KQL) or a seasoned pro, there's
plenty for you in the 2-days! Yes, we're using Microsoft Sentinel, but the
underlying threat detection theory, logic and threat hunting approach is
transferable into your own environments, whatever your preferred platform.
We look at the top 10+ methods we use in offensive engagements and show how
these can be caught, along with numerous other examples and methods that go
above and beyond these common TTPs!
With 14 hands-on exercises you'll gain real-world experience in the
following areas:
* MITRE ATT&CK, CAR and D3fend frameworks
* Introduction to Kusto Query Language (KQL)
* Reviewing popular phishing attacks and living off the land techniques
* Locating C2 traffic and beaconing activity
* Digging into credential exploitation (Pass-the-Hash, Pass-the-Ticket,
Kerberoasting, Azure Managed Service Accounts, DCSync)
* Reviewing Active Directory Certificate Services (ADCS) attacks
* Identifying lateral movement (WMIC, WinRM, MSSQL, SMB)
* Catching data exfiltration attempts (ICMP, DNS)
* Detecting persistence activities
* + much more!
We know 2 days isn't a lot of time, so you'll also get 14 days FREE lab
time after class and Discord access for support. Learn More
REGULAR
$4,200
ENDS JULY 19
DevSecOps Masterclass: AppSec Automation Edition (Virtual)
Location: TBD
appsecengineer
Tracks:
AppSec,
Defense
Format: 2 Day Trainings
Experience: Virtual
DevOps has changed the way we deliver apps. However, security remains a
serious bottleneck, especially Application Security. This is largely due to
the speed of innovation in DevOps, contrasted with the escalating attacks
against Applications.
The training is based on our 4.9/5 Rated DevSecOps Masterclass at Blackhat.
The training is a hardcore hands-on journey into:
Hands-on SAST for Apps and Infrastructure-as-Code, with a focus on Semgrep
and CodeQL. Develop Custom SAST rules like a bawse!
Supply-Chain Security Automation: SBOMs, Source Composition Analysis and
Security Engineering techniques
Assurance and Provenance for artifacts. Mastery over Cosign and SLSA for
Supply-Chain Provenance
DAST Automation and Security Regressions with ZAP and Nuclei.
Policy-As-Code: Leverage Open Policy Agent (OPA) with use-cases from API
Access Control to OS Policy Controls.
Participants get 2 months of access to our online lab environment for
DevSecOps training Learn More
REGULAR
$4,300
ENDS JULY 19
Elite Web Application Hacking
Location: TBD
sensepost | orange cyberdefense
Tracks:
PenTesting,
AppSec
Format: 2 Day Trainings
Location: Lagoon - I
Skill Level: Intermediate/Advanced
Experience: In-Person
In an era where digital landscapes evolve, knowledge of web application
security is imperative for developers & pentesters. This course builds upon
existing knowledge, elevating your skills in web application hacking
through various attacks and hands-on challenges.
As the digital ecosystem continues to advance, web applications become
increasingly intricate, demanding a higher level of proficiency in securing
them against sophisticated threats.
This course is crafted to equip you with more intermediate skills to
identify, assess, and exploit web applications through vulnerabilities and
approaches.
Key Points:
• Web security concepts, building on foundational knowledge.• Engage in
hands-on exercises simulating real-world challenges.• Hone skills in
conducting thorough risk assessments for strategic decision-making amid
intricate security challenges.
This course is tailored for individuals with a solid foundation in web
application security. Whether you're a cybersecurity practitioner seeking
to enhance your skill set or a developer aiming to deepen your security
knowledge, this course provides a strategic and hands-on approach to
explore the nuances of web application hacking.
Learn More
REGULAR
$4,400
ENDS JULY 19
Fundamentals of Industrial Control Systems (ICS) Security
Location: TBD
mandiant (now part of google cloud)
Track:
ICS
Format: 2 Day Trainings
Location: Breakers - C
Skill Level: Beginner
Experience: In-Person
This course provides IT security professionals and ICS/OT engineers
interested in ICS/OT security with the fundamental knowledge and skills
required to build and expand an ICS/OT security team.
Learners will become familiar with ICS/OT security concepts, secure
architecture, threat models and ICS/ OT security standards and best
practices. The course will also discuss today's security trends and the
current threat landscape. Throughout the course, exercises and
demonstrations inspired by actual cases and incidents in the ICS world will
enable learners to advance their knowledge in their day jobs. Learn More
REGULAR
$4,300
ENDS JULY 19
Going beyond shells! - Hacking AWS, Google Cloud, DigitalOcean and Aliyun
(Virtual)
Location: TBD
cyfinoid research
Tracks:
PenTesting,
AppSec
Format: 2 Day Trainings
Experience: Virtual
A fast paced, scenario driven hands-on training built on real world
discovery and exploitation of services and assets in AWS, Google Cloud,
DigitalOcean and Alibaba Cloud. The training will take students through
automated infrastructure creation, security misconfigurations and their
abuses that will allow them to go beyond the standard shells that attackers
aim for.
In this course you will experience
* Environments spanning across multiple cloud platforms.
* Exploiting different services in the array of cloud environments
* How same services are implemented differently by each cloud service
provider
* How to chain attacks from a web exploit to becoming iam owner
The students will be tracking their progress using a capture the flag
platform throughout the course duration. Learn More
REGULAR
$4,100
ENDS JULY 19
Hacking Cybersecurity Leadership: An Interactive Training to Strengthen
Skills for Leading Teams & Multi-Team Systems
Location: TBD
multiteam solutions
Tracks:
Human,
Defense
Format: 2 Day Trainings
Location: Oceanside - G
Experience: In-Person
This 2-day, highly interactive course is designed for cybersecurity
professionals currently in a role leading a team within a multi-team system
(e.g., team lead) or leading an entire multi-team system (e.g., CISO). The
training provides participants a chance to familiarize with and practice
using 10 analog leadership tools designed to strengthen soft skills to
support and motivate individuals, teams, and multi-team systems. The
training, which acts as a sandbox, is built on social-behavioral research
of CSIRTs and SOCs that was funded by the US and European governments, is
assured by the UK NCSC, and will be delivered through expert-facilitated
exercises. The exercises are not cybersecurity specific, which allows
participants to disrupt their normal, routine ways of leading and open up
to the possibilities for growth and change as leaders. The tools readily
allow for the concrete transfer of knowledge and soft skills from the
training back into the workplace. Learn More
REGULAR
$4,100
ENDS JULY 19
Hacking Enterprises - 2024 Red Edition
Location: TBD
in.security
Tracks:
PenTesting,
Network
Format: 2 Day Trainings
Location: Jasmine - A
Experience: In-Person
Updated for 2024, our Hacking Enterprises training is the natural
counterpart to our popular Defending Enterprises course.
In this multi-layered offensive engagement, you will fully compromise a
simulated enterprise in this immersive hands-on course that covers a
multitude of TTP's. Targeting modern operating systems including Windows
11, you'll use modern techniques and focus on exploiting configuration
weaknesses rather than throwing traditional exploits. Logical thinking and
creativity will definitely be put to the test!
You will work to get initial access in a fictional organisation where
multiple networks exist, some easily accessible, others not so. You'll
implant and establish C2, but manual techniques will always be emphasised
so you're equipped with the knowledge to work without reliance on
frameworks.
Course content has been designed to reflect real-world challenges and
you'll perform numerous hands-on exercises including executing exploitative
phishing campaigns against our simulated users for initial access, finding
new networks that in turn bring new challenges including IPv6 exploitation,
subverting AMSI and AWL, credential harvesting, passphrase cracking,
pivoting, lateral movement, ADCS abuse, userland and privileged persistence
via OOB channels and much more!
With 14 hands-on exercises you'll gain real-world experience in the
following areas:
* IPv6 discovery, enumeration and exploitation
* Pivoting, routing, tunnelling and SOCKS proxies
* C2 infrastructure and beacon deployment
* Exploitative phishing
* Privilege escalation and credential harvesting
* P@ssphras3 cracking
* Bypassing AWL
* Active Directory Certificate Services (AD CS) abuse
* Lateral movement for domain trust exploitation
* Out of Band (OOB) data exfiltration
* + much more!
We know 2 days isn't a lot of time, so you'll also get 14 days FREE lab
time after class, Discord access for support and access to a post-training
CTF containing hosts and networks not seen during training! Learn More
REGULAR
$4,200
ENDS JULY 19
Hands-On Hacking Fundamentals - 2024 Edition
Location: TBD
sensepost training | orange cyberdefense
Tracks:
PenTesting,
Network
Format: 2 Day Trainings
Location: Lagoon - A
Skill Level: Beginner
Experience: In-Person
Start your journey into information security with a hands-on course that
will expose you to the technical fundamentals of penetration testing and
security practises in the realms of networking, infrastructure, web
applications and wireless technologies.
Key Points:
* How to think like a hacker
* Finding vulnerabilities and exploiting them
* How to approach a pentesting methodology in real-world scenarios
This is an introductory course for those starting the journey into
penetration testing or those working in environments where understanding
how hackers think and the tools, tactics and techniques they use are of the
essence. Learn how to attack, and utilise the concepts to enhance your
defensive understandings.
The course presents the background information, technical skills, and basic
concepts required to those desiring a foundation in the world of
information security.
By the end of the course, you will have a good grasp of how vulnerabilities
and exploits work, how attackers think about networks and systems and have
compromised several of them, from infrastructure, and web applications to
Wi-Fi.
This course aims to expose you to the methodologies used by active
penetration testers on their day-to-day journey with clients and
assessments.
Join us and hack hard! Learn More
REGULAR
$4,300
ENDS JULY 19
Implementation of Telco Networks for Pentesters: 2G, 4G and 5G
Location: TBD
ethon shield
Tracks:
Mobile,
Network
Format: 2 Day Trainings
Location: Palm - E
Skill Level: Intermediate/Advanced
Experience: In-Person
This course allows a pentester or researcher to learn how to implement on a
single computer 2G, 4G and 5G SA and NSA mobile networks only with an Ettus
SDR device. He will learn how to install the necessary SW, configure the
tools, basic notions about the architecture and protocols of each
technology, configure his programmable SIM card and finally connect a
mobile device to these networks to perform tests such as traffic
interception, analyze how to perform a downgrade attack, play with
encryption or authentication algorithms.
Do you want to go through this world with professionals who will help you
to understand and implement these networks on your computer? Learn More
REGULAR
$4,400
ENDS JULY 19
IntelTechniques 2-Day OSINT Training
Location: TBD
inteltechniques
Tracks:
Human,
PenTesting
Format: 2 Day Trainings
Location: Mandalay Bay - A
Skill Level: All
Experience: In-Person
The IntelTechniques open source intelligence course provides the tactics,
tools, and workflow necessary for developing actionable intelligence from
various online data sources and social media platforms. The curriculum is
built around developing an efficient process that consistently produces a
professional intelligence product. Instructors will demonstrate the latest
methods for triage, research, capture, analysis, documentation, and
presentation. The class will be provided with custom tools, scripts, and a
series of practical exercises. Learn the most current tactics by watching
experienced investigators work through live scenarios, with a focus on
workflow and methodology.
Included in this course:
* 25 modules taking you from beginner to advanced OSINT tactics
* 60-day access to 100+ hours of IntelTechniques video training content
* 700+ page digital handbook and over a dozen report templates
* Custom OSINT toolset
* Build a custom OSINT virtual machine
* New tactics for leak/breach/stealer-log data acquisition, analysis, and
implementation
* 200+ practical exercises in an online CTF format
Learn More
REGULAR
$4,300
ENDS JULY 19
Intermediate RF Reverse Engineering with SDR
Location: TBD
paul clark
Tracks:
Wireless,
IOT
Format: 2 Day Trainings
Location: Tropics - A
Skill Level: Intermediate
Experience: In-Person
Learn to build more powerful digital radios, controlled by a combination of
GNU Radio and Python. Then use these tools to reverse engineer digital
radios with SDR!
This is no lecture-based course, but one built on 19 different RF reverse
engineering projects. You'll practice on a mix of simple systems, which
you'll fully reverse, and on individual steps of more complex reversing
projects.
When you're done you'll understand how to identify unknown modulation
schemes, determine signal timing, use statistical methods to identify bit
functions, and reverse error checking. We'll also cover a number of
reversing best practices along the way. Learn More
REGULAR
$4,100
ENDS JULY 19
iOS Threat Hunting (Virtual)
Location: TBD
matthias frielingsdorf
Tracks:
Mobile,
Malware
Format: 2 Day Trainings
Skill Level: Intermediate
Experience: Virtual
Since 2016 Pegasus is well known in the industry as the prime example for
mercenary spyware targeting iOS devices. But did you know about Quadream's
Reign, Cytrox's Predator, Tykelab's Hermit, Candiru or Operation
Triangulation?
This new and innovative training will enable you to detect a wide variety
of iOS Malware. Our forensic-based approach will provide you with a deep
understanding of the forensic artifacts left behind by these malware
samples and how to detect them through various techniques. Through a
combination of hands-on exercises and expert-led sessions, you will develop
the skills and knowledge necessary to become a proficient iOS Threat
Hunter. Join us in this unique training opportunity that has not been
offered before and gain valuable insights into the world of iOS Malware
detection and forensics. Learn More
REGULAR
$4,100
ENDS JULY 19
IoT and Embedded Device Exploitation
Location: TBD
loudmouth security
Tracks:
IOT,
Hardware
Format: 2 Day Trainings
Location: Tradewinds - E
Skill Level: Beginner/Intermediate
Experience: In-Person
In the rapidly evolving landscape of the Internet of Things (IoT),
understanding the security vulnerabilities and exploitation techniques of
IoT devices has become crucial for cybersecurity professionals. This course
aims to equip participants with the skills and practical knowledge to find
vulnerabilities in IoT devices. Participants will gain hands-on experience
in IoT hardware debugging, memory extraction, firmware analysis and bug
hunting using a custom-built IoT device and firmware based on real-world
examples. In addition, this course will introduce participants to device
emulation and wireless communications in IoT devices, with hands-on labs to
put the knowledge into practice. This course bridges multiple disciplines
within cybersecurity, including application security, operating system
penetration testing, wireless signal analysis, and embedded hardware
security. It is designed to empower professionals to perform penetration
testing of IoT devices, ensuring they are equipped with the knowledge and
experience to find and exploit vulnerabilities in them. Learn More
REGULAR
$4,100
ENDS JULY 19
Malware Detection and Triage with Volatility 3
Location: TBD
andrew case and dave lassalle
Tracks:
Forensics,
Malware
Format: 2 Day Trainings
Location: Reef - C
Skill Level: Intermediate
Experience: In-Person
Memory forensics—the analysis of volatile memory (RAM)—is an extremely
powerful technique for detecting and triaging modern malware. Memory
forensics is often a critical component of modern incident response due to
the frequent use of memory-only payloads and rootkits that bypass modern
EDRs, hide from live analysis tools, and often leave no file system
artifacts. Memory analysis reconstructs system state without relying on
operating system APIs, allowing it to both detect modern malware and
provide automated triage results. In this course, a mix of lectures and
hands-on labs provides students with the knowledge and experience necessary
to perform real-world incident response using memory analysis for detection
and hunting of sophisticated malware on Windows 10+ systems. The course is
taught by two core developers of Volatility 3, the exciting new version of
the world's most widely used memory analysis framework, and provides early
access to upcoming capabilities. Learn More
REGULAR
$4,100
ENDS JULY 19
Malware Detection in the AI Era: Attacks and Defenses on Machine Learning
Classifiers
Location: TBD
dmitrijs trizna and luca demetrio
Tracks:
AI, ML, & Data Science,
Malware
Format: 2 Day Trainings
Location: Surf - A
Skill Level: Beginner/Intermediate
Experience: In-Person
Endpoint Detection and Response (EDR) systems and Antivirus (AV) solutions
have incorporated machine learning (ML) as core components of their
decision-making processes. However, the integration of ML has introduced
new vulnerabilities, rendering these systems susceptible to specific types
of attacks that can weaken their effectiveness.
In this course, participants will first gain a comprehensive understanding
of how machine learning models can perform the task of malware detection in
both static and dynamic settings, and they will use techniques that explain
their behavior.
Furthermore, we will introduce the concepts of Adversarial Machine
Learning, the field of science that formalizes the presence of an adversary
whose intent is the exploitation of AI models. Attendees will first learn
and then execute known adversarial strategies designed to compromise ML
malware classifiers under different threat models. Lastly, we will show how
these attacks can be limited, by discussing recent advancements in research
of defensive mechanisms. Learn More
REGULAR
$4,100
ENDS JULY 19
Military Strategy and Tactics for Cybersecurity
Location: TBD
kopidion
Tracks:
Defense,
Human
Format: 2 Day Trainings
Location: Tradewinds - F
Skill Level: Intermediate/Advanced
Experience: In-Person
Air, sea, land, space, and now cyber. Cyberspace has been named an
operational domain by the U.S. Department of Defense. This designation and
subsequent application of U.S. doctrine to cyberspace operations has shed
light on new tactics and techniques for network defense based on military
doctrine developed over millennia; techniques you can use now to improve
the defense of your network. This course will introduce you to the
intricacies of this complex new landscape through discussion and hands-on
exercises developed by career Army officers with a combined 50+ years of
experience. Learn More
REGULAR
$4,100
ENDS JULY 19
Offensive Hardware Hacking Training
Location: TBD
whid - we hack in disguise
Tracks:
Hardware,
IOT
Format: 2 Day Trainings
Location: Palm - F
Skill Level: Beginner/Intermediate
Experience: In-Person
The Offensive Hardware Hacking Training is a hands-on course designed to
fulfill the skills gap that in the recent years emerged within the InfoSec
scene in respect of the (I)IoT landscape. In it, students will be able to
gather the needed theoretical knowledge and practical skills to engage with
confidence hardware security audits involving those devices, that started
to flood both consumer and corporate markets. The course is structured to
be accessible to both junior and senior security personnel: it goes from a
generic panoramic of the theory behind electronics, protocols, memories,
microprocessors & tools-of-the-trade; then proceeds deeper into the topics
by reviewing various TTPs. Moreover, the students' workbook contains more
than 40 practical exercises involving real hardware devices and will allow
each student to physically work on them during the training AND also to
bring it at home together with their own first HW Hacking Lab Kit worth
around 300 USD.
For more info, check the following videos:
1. https://www.youtube.com/watch?v=zbUuBZJIHkE
2. https://www.youtube.com/watch?v=VpHBMELQmnk
Learn More
REGULAR
$4,200
ENDS JULY 19
Patch Diffing In The Dark: Binary Diffing For Vulnerability Researchers and
Reverse Engineers (Virtual)
Location: TBD
john mcintosh
Tracks:
Forensics,
AppSec
Format: 2 Day Trainings
Skill Level: All
Experience: Virtual
Every day, a new CVE or blog post is published detailing a critical
vulnerability. Often, we know about a vulnerability but feel like we don't
have the skills or time to understand its root cause. What if you could
change that by learning a new skill that would guide you towards
understanding modern vulnerabilities?
The goal of this course is to teach participants how to use patch diffing
techniques to analyze real-world vulnerabilities in Windows and Android.
You will use open-source tools like the Ghidra SRE framework to reverse
engineer the latest CVEs and discover that you already have the information
and tools needed to get started. This course will help you develop the
confidence and competence to tackle complex vulnerabilities.
If you feel like you are always "in the dark" about the latest CVE and want
to take a step towards the light (understanding), this course is for you.
Learn More
REGULAR
$4,100
ENDS JULY 19
Practical Drone Hacking - Zero to Hero (Intensive)
Location: TBD
captain kelvin and boris so (pilot owl)
Tracks:
Hardware,
Wireless
Format: 2 Day Trainings
Location: Jasmine - H
Experience: In-Person
Advancements in UAV technology are opening new opportunities and
applications in various fields of life. However, these advancements are
also causing new challenges in terms of security, adaptability, and
consistency. Especially the small drones are even suffering from
architectural issues and the definition of security and safety issues. In
this course, a programable small drone will be provided to learn the common
drone attack vectors and hacking skills. Learn More
Class Full
REGULAR
$4,100
ENDS JULY 19
Pragmatic API Exploration (Virtual)
Location: TBD
sensepost | orange cyberdefense
Tracks:
AppSec,
Defense
Format: 2 Day Trainings
Skill Level: Beginner
Experience: Virtual
Embark on a learning journey to explore the art of attacking and securing
Application Programming Interfaces (APIs) with our comprehensive API
course. As API usage grows, so does the threat landscape for organisations.
This practical-driven training will equip you to conduct impactful
penetration tests on API implementations and further your understanding on
how to mitigate the majority of vulnerabilities.
Explore modules covering API fundamentals, engagement strategies, attack
surface enumeration, and demystifying the OWASP Top 10 for APIs. Delve into
additional focus areas such as logging, monitoring, injection attacks, and
securing Azure API implementations. Gain practical experience in exploiting
vulnerabilities on RESTful APIs and GraphQL, culminating in a thrilling
Capture the Flag challenge.
Join us, hack hard and make APIs safe Learn More
REGULAR
$4,400
ENDS JULY 19
Python Hacker Bootcamp: Zero to Hero
Location: TBD
snowfensive
Tracks:
PenTesting,
Defense
Format: 2 Day Trainings
Location: Lagoon - K
Skill Level: All
Experience: In-Person
Scripting and automation have become standard requirements for
cybersecurity professionals. However, learning how to program is
challenging for many. Many people give up learning this skill because they
may need to learn how to start, find programming books confusing, or the
examples taught in online classes don't apply to their use cases. If you
want to learn how to program Python to automate tasks, increase accuracy,
and become more marketable in the workforce, this course is for you.
This course was designed to follow a hacker's methodology of programming.
Instead of learning formal programming practices that you'll never use
(we're looking at you bubble sort), this course focuses on core concepts
taught using information security-centric projects. The hands-on labs,
which accompany the practical application lectures, focus on solving
commonplace and real-world security challenges. The labs have been designed
to apply to information security professionals. Join us for a fun,
fast-paced bootcamp to take you from zero to hero! Learn More
REGULAR
$4,300
ENDS JULY 19
Reverse Engineering Firmware with Ghidra
Location: TBD
tetrel security
Tracks:
Hardware,
IOT
Format: 2 Day Trainings
Location: South Pacific - A
Skill Level: Intermediate
Experience: In-Person
This hands-on course teaches the concepts, tools, and techniques required
to reverse engineer firmware and assess embedded devices. To ensure the
tools taught are available to all, we will make use of Ghidra, a powerful
open-source reverse engineering tool developed by the National Security
Agency.
Within the two days, you will:
Learn general techniques for binary reverse engineering
Identify, unpack, load, and analyze various types of firmware into Ghidra
Use reverse engineering techniques to find exploitable vulnerabilities in
an embedded Linux device
Map device vector tables, peripheral memory, and system calls to find
exploitable vulnerabilities in a bare-metal device
Identify remotely exploitable vulnerabilities in a Bluetooth Low Energy
device
Learn to use a debugger to assist in reverse engineering
Labs attacking an embedded Linux system and a bare-metal Bluetooth Low
Energy device will be used to deliver a hands-on experience. You can expect
to leave this course with the skills to reverse firmware for a variety of
embedded targets. Learn More
REGULAR
$4,100
ENDS JULY 19
Tactical Recon for Pentesters - 2024 Edition
Location: TBD
redhunt labs
Track:
PenTesting
Format: 2 Day Trainings
Location: South Pacific - D
Skill Level: Beginner/Intermediate
Experience: In-Person
This 2024 Edition of our Tactical Recon for Pentesting training program not
ONLY focuses on OSINT but also focuses on in-depth attack tactics using the
information collected in the earlier phases. This course will focus on a
wide range of tools and techniques for performing real-world reconnaissance
in order to launch targeted attacks against modern and dynamic
infrastructures.
We will take a deep dive into various modern methodologies for extracting
useful information from the internet. Furthermore, we will cover how this
extracted information can be used in attack scenarios to get an initial
foothold in multiple ways within an organization's network beyond the
firewall and further exploit it to gain and maintain elevated access. The
course will cover topics like:
* Mapping the Modern Attack Surface
* Comprehensive Subdomain Enumeration
* Exploring Dark Web
* Hunting 3rd Party SaaS Apps
* Hunting & Attacking API Endpoints
* Supply Chain Enumeration & SBOM
* Template Based Scanning
* Attacks using Recon from Docker Image, EBS volumes, etc.
* Exploring Mobile Applications for Attack Chaining
* Practical Social Engineering, etc.
This 2-day course takes a hands-on approach to indulge the participants in
real-world scenarios, simulated lab environments, and case studies to get
proficient in techniques and methodologies. Each participant will also be
provided ONE MONTH FREE ACCESS to our Hybrid-Cloud Based Private Lab
mimicking the modern age infrastructure, as well as decoy accounts and the
organization's social presence, where they can practice the skills learned
during the course. Learn More
REGULAR
$4,100
ENDS JULY 19
The Shellcode Lab
Location: TBD
threat intelligence pty ltd
Tracks:
PenTesting,
Malware
Format: 2 Day Trainings
Location: Jasmine - G
Skill Level: Intermediate
Experience: In-Person
The Shellcode Lab is back for its 14th consecutive year Black Hat USA! With
feedback like "By far the best course I've taken at Black Hat", this is the
training that takes your penetration testing and low-level technical skills
to the next level!
With 17 multi-part hands-on labs and over 150 slides of hard-core technical
content, students start with basic knowledge, and by the end of the first
day write their own macOS 64-bit Port Bind shellcode from scratch to
remotely compromise a server.
In this exciting and hands-on training, you will:
* Create custom payloads for:
* Linux 32-bit
* macOS 64-bit
* Windows 32-bit
* Windows 64-bit
* Make payloads small to fit into more exploits
* Implement techniques to avoid bad characters
* Integrate your payloads into public exploits
* Create a Metasploit Payload Module using your payloads
* Compromise machines using your payloads
We take your security skills to the next level - fast!
Seats go fast. Register now to secure your spot! Learn More
REGULAR
$4,100
ENDS JULY 19
Windows Enterprise Incident Response
Location: TBD
mandiant (now part of google cloud)
Tracks:
Forensics,
Defense
Format: 2 Day Trainings
Location: Breakers - B
Skill Level: Beginner/Intermediate
Experience: In-Person
Windows Enterprise Incident Response is an intensive two-day course
designed to teach the fundamental investigative techniques and digital
forensics skills needed to respond to complex intrusions by motivated and
persistent attackers. The class is built upon a series of hands-on labs
that highlight the phases of a targeted attack, key sources of evidence,
and the forensic analysis know-how required to analyze them. Created and
taught by consultants who do this work daily, this class is based on
first-hand experience responding to incidents all around the world for
major organizations. At Mandiant, we investigate the incidents that matter,
and we're bringing that knowledge to the students of this class. Learn More
REGULAR
$4,300
ENDS JULY 19
* 4 Day (Sat-Tue)
* 802.11 Unplugged: Modern Wi-Fi Hacking
Location: TBD
sensepost | orange cyberdefense
Tracks:
Wireless,
PenTesting
Format: 4 Day Trainings
Location: Lagoon - C
Experience: In-Person
If you want to learn how to understand and compromise Wi-Fi networks, this
is your course.
Key Points:
* Foundations of wireless network technologies
* How to approach wireless network exploitation when facing obstacles
* New approaches and tooling in the Wi-Fi hacking field
If you want to really understand what's going on and master Wi-Fi attacks
in such a way that you can vary them when you encounter real-world
complexities, this course will teach you what you need to know.
This course is highly practical, with concepts taught through theory
delivered while your hands are on the keyboard, and semi-self-directed
practicals at the end of each section to reinforce the learning. The course
is hosted in a "Wi-Fi in the cloud" environment we invented several years
ago, which means no more fiddling with faulty hardware or turning the
classroom into a microwave. Designed, developed and delivered by the team
behind some of the most commonly used Wi-Fi hacking tools such as
hostapd-mana, berate_ap and wpa_sycophant. This course aims to expose you
to the Wi-Fi hacking methodologies used by active penetration testers on
their day-to-day journey with clients and assessments. Learn More
REGULAR
$5,400
ENDS JULY 19
Ability Driven Red Teaming
Location: TBD
egypt & mubix
Tracks:
PenTesting,
Network
Format: 4 Day Trainings
Location: Banyan - A
Skill Level: Intermediate/Advanced
Experience: In-Person
What sets this course apart is that we focus on explaining the "WHY".
Choosing one C2 or technique over another often comes with tradeoffs that
might not be obvious at first glance. After a combined 35 years of
experience in red teaming and offensive security, egypt and mubix distill
their TTPs in everything from building binaries for avoiding antivirus to
building your own company for taking over another. Our labs aren't trying
to teach you any particular OS, tool, or technique, but rather how to think
about those same OSs, tools and techniques, when to use them, and how to
assess new ones as the field of infosec changes.
Want to learn how to make your tools work overtime for you? This is the
place to be.
In this course, we will walk you through how we
* Build Red Team Infrastructure
* Use OSINT to Get Initial Access
* Attack Active Directory, including Kerberos, Azure, and SMB
* Find Common DevOps vulns
* Use Web App attacks that give you shells
* Extend Metasploit and other frameworks to do your bidding
* Escalate privileges, move laterally (pivoting), & persist on Windows,
OSX, and Linux
* Avoid common detections for all of the above
We'll do the above in a custom-built CTF where you'll pwn a variety of
boxes in a variety of environments. Learn More
REGULAR
$5,300
ENDS JULY 19
Abusing and Protecting Kubernetes, Linux, and Containers
Location: TBD
jay beale, inguardians
Tracks:
PenTesting,
Defense
Format: 4 Day Trainings
Location: Mandalay Bay - D
Skill Level: Intermediate/Advanced
Experience: In-Person
Learn how to attack and defend Kubernetes, Linux and containers from Jay
Beale, the creator of Bastille Linux and two Kubernetes security tools: the
Peirates attack tool and the Bust-a-Kube CTF cluster. In this fully
hands-on course, you'll get a computer to keep, filled with
capture-the-flag (CTF) containers and Kubernetes clusters, which you will
attack and defend. You'll also get access to our cloud environment,
allowing you to attack cloud-based Kubernetes clusters.
Every single topic in the class has an attack exercise, where you use Kali
Linux to compromise a system or a Kubernetes cluster scenario. Most have a
matching defense exercise, where you will use new skills to break that
attack, confident that it will break other attacks.
This Kubernetes, Linux, and Containers training focuses on giving you
practical attack skills from real penetration tests, coupled with solid
defenses to break attacks.
Includes a free laptop! Learn More
REGULAR
$5,600
ENDS JULY 19
A Complete Practical Approach to Malware Analysis and Memory Forensics -
2024 Edition
Location: TBD
monnappa k a & sajan shetty
Tracks:
Malware,
Forensics
Format: 4 Day Trainings
Location: Banyan - B
Skill Level: All
Experience: In-Person
This 4-day hands-on training teaches the concepts, tools, and techniques to
analyze, investigate, and hunt malwares by combining two powerful
techniques malware analysis and memory forensics. This course will
introduce attendees to the basics of malware analysis, reverse engineering,
Windows internals, and memory forensics. It then gradually progresses deep
into more advanced concepts of malware analysis & memory forensics.
Attendees will learn to perform static, dynamic, code, and memory analysis.
To make the training completely practical, it consists of scenario-based
hands-on labs after each module, which involves analyzing real-world
malware samples and investigating malware infected memory images
(crimeware, APT malware, Fileless malware, Rootkits, etc.). This hands-on
training is designed to help attendees gain a better understanding of the
subject in a short span of time. Throughout the course, the attendees will
learn the latest techniques used by the adversaries to compromise and
persist on the system. In addition to that, it also covers various code
injection, hooking, and rootkit techniques used by the adversaries to
bypass forensic tools and security products. During the training, you will
also gain an understanding of how to integrate malware analysis and memory
forensics techniques into a custom sandbox to automate the analysis of
malicious code. After taking this course, attendees will be better equipped
with the skills to analyze, investigate, hunt, and respond to
malware-related incidents.
Whether you are a beginner interested in learning malware analysis and
memory forensics from scratch or an experienced professional who would like
to enhance your existing skills to perform a forensic investigation or
threat hunting, this training will help you accomplish your goals.
Note: Students will be provided with malware samples, malware infected
memory images, course material, lab solution manual, video demos, custom
scripts, and Linux VM. Learn More
REGULAR
$5,200
ENDS JULY 19
Video Preview »
A DFIR Masterclass with Offensive and Defensive Techniques on Windows 11
and Server 2022
Location: TBD
internet initiative japan inc.
Tracks:
Forensics,
Malware
Format: 4 Day Trainings
Location: Breakers - K
Skill Level: Intermediate/Advanced
Experience: In-Person
This is a hands-on course for learning attack, detection and DFIR
techniques on Windows environment.
You will first attack a Windows domain network with in-the-wild targeted
attack malware and post-exploitation tools using the same techniques as
attackers, such as:
* NTLM Relay Attack
* Golden/Silver/Diamond/Sapphire Ticket Attack
* DCSync/DCShadow
* Credential Harvesting
* Remote Command Execution/Logon
* Domain Persistence
* Delegation Attack
Then, you will acquire artifacts from the environment and analyze them with
the DFIR techniques such as:
* Memory Forensics
* Persistence Analysis
* Program Execution Artifacts Analysis
* Event Log Analysis
* Timeline Analysis
* Triage Collection
Since you will learn attack *AND* defense, including detection and DFIR,
techniques, you will have a better understanding of both. Then, even if new
attacks emerge, you will already know how to test and detect them yourself
after completing this course.
We will be waiting for you with numerous exercises! Learn More
REGULAR
$5,200
ENDS JULY 19
Advanced Detection Engineering in the Enterprise
Location: TBD
olaf hartong / falconforce
Tracks:
Defense,
Risk
Format: 4 Day Trainings
Location: Lagoon - D
Skill Level: Intermediate/Advanced
Experience: In-Person
Building resilient and automated detection capabilities require a detailed
understanding of attackers and their known or expected behavior. By
thinking like an attacker, understanding the different techniques and
procedures used by attackers and what indicators can be extracted, better
detection capabilities can be developed.
The training covers a full, realistic attacker scenario in an enterprise
environment: from the endpoint, through the Active Directory and into the
cloud environment.
This training focuses on the entire methodology of a detection engineering
cycle. We guide participants in defining a scope, researching the relevant
(sub-)techniques, building the detection analytic, investigating which logs
can be utilized, and validating the resilience of the analytic against
evasion. Maintenance, testing and improvement is part of proper
engineering.
The training is highly interactive and retains a good balance between
theory and a lot of hands-on exercises, in which the students execute all
attacks themselves in a dedicated lab environment. Learn More
REGULAR
$5,400
ENDS JULY 19
Advanced Infrastructure Hacking - 4 Day
Location: TBD
notsosecure / tiago carvalho
Tracks:
Network,
PenTesting
Format: 4 Day Trainings
Location: Mandalay Bay - J
Skill Level: Intermediate/Advanced
Experience: In-Person
Whether you are penetration testing, Red Teaming or trying to get a better
understanding of managing vulnerabilities in your environment,
understanding advanced hacking techniques is critical. This course covers a
wide variety of neat, new and ridiculous techniques to compromise modern
Operating Systems and networking devices.
While prior pentest experience is not a strict requirement, familiarity
with both Linux and Windows command line syntax will be greatly beneficial.
The 2024 edition of our best-selling class, brings more new, neat and
ridiculous network hacks. From old-school misconfiguration issues to the
very latest cutting-edge techniques and exploits against the modern network
platforms, we have got it all covered. The course will cover advanced
penetration techniques to achieve exploitation against these platforms:
* Modern Operating systems (Windows, Linux)
* New Attack Chain
* ADCS
* Resource-Based Constrained Delegation
* Web and Application servers
* Switches/Routers
* Docker
* VLANs
* Kubernetes
* AWS/Azure/GCP specific attacks
* IaaS, PaaS, CaaS, SaaS and Serverless exploitation
* Logging and Monitoring Network Attacks
Note: Students will have access to a state-of-the-art Hacklab with a wide
variety of vulnerabilities to practice exploitation and will receive a FREE
1-month subscription after the class to allow more practice time. Learn
More
REGULAR
$5,700
ENDS JULY 19
Advanced Security Operations and Threat Hunting
Location: TBD
digital defense institute
Tracks:
Defense,
Forensics
Format: 4 Day Trainings
Location: Oceanside - E
Skill Level: Intermediate/Advanced
Experience: In-Person
Advanced Security Operations & Threat Hunting is a meticulously crafted
course designed for cybersecurity defenders focusing on detection
engineering, threat hunting, adversary detection, and incident response.
Over an intensive four-day program, participants will delve deep into the
strategies and techniques essential for identifying, tracking, and
neutralizing sophisticated cyber threats.
The course begins with exploring detection engineering principles, teaching
attendees how to create robust detection systems. It then transitions into
advanced threat-hunting methods, enabling participants to proactively seek
out and identify potential or active threats. The segment on adversary
detection covers the latest tactics used by cyber attackers, providing
insights into their methodologies. Finally, the course culminates with
practical incident response exercises, equipping attendees with the skills
to respond to and mitigate cyber incidents effectively.
Designed for immediate application, this course empowers professionals to
enhance the security posture of their organizations through advanced
operational techniques and threat intelligence. Learn More
REGULAR
$5,200
ENDS JULY 19
Advanced Windows Exploitation
Location: TBD
offsec powered by applied technology academy
Track:
PenTesting
Format: 4 Day Trainings
Location: South Seas Ballroom - I
Skill Level: Advanced
Experience: In-Person
EXP-401: Advanced Windows Exploitation is OffSec's most intense course,
featuring a sophisticated hands-on computer lab environment challenging
learners to bring out their best penetration testing skills.
Modern exploits for Windows-based platforms require modern bypass methods
to circumvent Microsoft's defenses. In EXP-401, OffSec challenges learners
to develop creative solutions that work in today's increasingly difficult
exploitation environment.
The case studies in AWE are large, well-known applications that are widely
deployed in enterprise networks. The course dives deep into topics ranging
from security mitigation bypass techniques to complex heap manipulations
and 64-bit kernel exploitation.
EXP-401 is a particularly demanding penetration testing course. It requires
a significant amount of learner-instructor interaction. Therefore, we limit
these courses to a live, hands-on environment at one of our live training
at the Black Hat conference.
This course can qualify learners for 40 (ISC)2 CPE Credits at the end of
the training course or after passing the certification challenge.
Learners who complete EXP-401 and pass the exam will earn the Offensive
Security Exploitation Expert (OSEE) certification.
Benefits:
* Put your team's skills to the test with intense in-person training
* Enrich your team's penetration testing learning journey with advanced
exploit development skills
* Improve your team's preparedness for the OSEE certification exam
* Benchmark your team's skill level for increased confidence around
securing your IT infrastructure through industry-recognized
certifications
Learn:
* Bypass and evasion of user mode security mitigations such as DEP, ASLR,
CFG, ACG and CET
* Advanced heap manipulations to obtain code execution along with
guest-to-host and sandbox escapes
* Disarming WDEG mitigations and creating version independence for
weaponization
* 64-Bit Windows Kernel Driver reverse engineering and vulnerability
discovery
* Bypass of kernel mode security mitigations such as kASLR, NX, SMEP,
SMAP, kCFG and HVCI
Learn More
REGULAR
$8,300
ENDS JULY 19
Adversary Simulation and Capability Development
Location: TBD
mdsec
Track:
PenTesting
Format: 4 Day Trainings
Location: Breakers - G
Experience: In-Person
During this training, you will be equipped with the necessary knowledge
provided by recognised industry red team experts to plan, manage and
perform an advanced red team operation.
These steps include the essential knowledge to perform efficient and
targeted opensource intelligence, design and automate the deployment of
operation infrastructure, gain initial access to a target using
sophisticated payloads with defensive evasion techniques, perform host
triage, persistence and privilege escalation and move laterally whilst
exploiting common Active Directory misconfigurations.
At the end of the training students will walk away equipped to target even
the most mature environments and budding with knowledge about the
indicators they didn't know their tools were emitting, but the blue team
did! Learn More
REGULAR
$5,200
ENDS JULY 19
Adversary Tactics: Detection
Location: TBD
specterops
Tracks:
Defense,
Network
Format: 4 Day Trainings
Location: South Seas Ballroom - B
Experience: In-Person
You bought all the latest detection tools, but somehow still can't seem to
detect mimikatz. IT is screaming about the resource consumption from the
multitude of security tools on the endpoints, analysts are barely staying
afloat in the oceans of data your toolsets have created, and the latest red
team report detailed how response actions were ineffective again. If this
sounds familiar for your organization, this is the course for you. We'll
walk you through starting with a detection engineering strategy first and
then focusing on methodologies to build robust alerting, with the end
result of improving detection and response capabilities throughout security
operations. This course will provide you the understanding and ability to
build robust detections, starting with the why and going all the way to the
technical implementation of detecting threat actor activity. You will learn
how to apply the methodologies and technical approaches practiced,
regardless of the security toolsets deployed in your organization.
In this course, you will:
* Learn how to best integrate different components of a detection program
for maximum effect
* Integrate "threat hunting" activity into current detection programs to
drive meaningful detection engineering
* Understand different threat hunting campaign approaches
* Perform data sensor and data source analysis
* Understand various MITRE TTPs and Threat Intelligence
* Practice standardized processes for developing technical detections
* Document detection research into standardized formats for use in
security operations
* In technical labs, practice data aggregation & analysis at scale to
detect threat actor activity
Learn More
REGULAR
$5,700
ENDS JULY 19
Adversary Tactics: Red Team Operations
Location: TBD
specterops
Tracks:
PenTesting,
Network
Format: 4 Day Trainings
Location: South Seas Ballroom - H
Experience: In-Person
Upgrade your red team tradecraft with cutting-edge Tactics, Techniques, and
Procedures (TTPs) used by attackers in real-world breaches. This course
will teach students how to infiltrate networks, gather intelligence, and
covertly persist to simulate advanced adversaries. Students will use the
skillsets taught in this course to go up against live incident responders
in an enterprise lab environment designed to mimic an enterprise network
and learn to adapt and overcome active response operations through
collaborative feedback as the course progresses.
Topics covered include:
* Design and deploy sophisticated, resilient covert attack infrastructure
* Gain an initial access foothold on systems using client-side attacks in
real-world scenarios
* Utilize advanced Active Directory attack techniques to execute domain
enumeration, escalation, and persistence
* Perform sophisticated post-exploitation actions, including sophisticated
data mining, going beyond just achieving "Domain Admin"
* Use cutting-edge lateral movement methods to move through the enterprise
* Practice "offense-in-depth" by utilizing a variety of tools and
techniques in response to defender actions and technical defenses
* Effectively train network defenders to better protect themselves against
advanced, persistent adversaries
Learn More
REGULAR
$5,700
ENDS JULY 19
Adversary Tactics: Tradecraft Analysis
Location: TBD
specterops
Tracks:
Defense,
PenTesting
Format: 4 Day Trainings
Location: South Seas Ballroom - J
Experience: In-Person
Your organization has just implemented the leading detection and response
products. Are they configured with default configuration? How much faith
should you have in your ability to detect sophisticated attacks? How would
you simulate attacks to ensure robust detections are in place? This course
will teach the importance of understanding the inner workings of attack
techniques and telemetry availability and provide a workflow for developing
robust detection analytics or data driven evasion decisions. Focusing on
various Windows components and attacker TTPs, you will dive deep into how
software abstracts underlying capabilities and how attackers can interact
with deeper layers to bypass superficial detection capabilities. Learn More
REGULAR
$5,700
ENDS JULY 19
Applied Network Security
Location: TBD
matt pawloski
Tracks:
Network,
Defense
Format: 4 Day Trainings
Location: Breakers - H
Skill Level: Beginner/Intermediate
Experience: In-Person
This course is a hands-on lesson in networking fundamentals that are
critical to cyber security. Curriculum will start from layer 1 of the OSI
model, working up to the most critical layer 7 protocols for modern network
communication. These protocols underpin local area networks (LANs), IoT
devices, and critical infrastructure. Security implications at each layer
and protocol will be discussed and demonstrated through hands-on lab
exercises. Lab exercises include traffic modification and redirection
methods, building an open-source Linux router and unified threat management
(UTM) appliance, proxying and modifying HTTP/S traffic with Squid and Burp,
and advanced uses for SSH. Solid foundational knowledge, gained in this
class, will allow students to easily understand more advanced topics. The
technical confidence students will gain in this class will enable them to
quickly tackle technical hurdles in their day-to-day work. Attendees with
all levels of technical backgrounds will benefit from this class. Learn
More
REGULAR
$5,200
ENDS JULY 19
Applied Threat Hunting and Detection Engineering
Location: TBD
trustedsec
Tracks:
Defense,
PenTesting
Format: 4 Day Trainings
Location: Lagoon - G
Skill Level: All
Experience: In-Person
Finding attacker behavior and patterns is vital to an organization's
security posture. The Applied Threat Hunting and Detection Engineering
class will equip the student with the knowledge of attacker methodologies
and highlight the most popular attacks by APT groups. Students will then
experience live threat hunts for attacker behavior and work through the
detection engineering process to build high-fidelity detections. This class
is designed for security professionals of all levels and will give
real-world examples of attacks and practical skills to improve an
organization's ability to detect attacker behavior. Learn More
REGULAR
$5,600
ENDS JULY 19
Assessing and Exploiting Control Systems and IIoT
Location: TBD
justin searle / inguardians
Tracks:
ICS,
PenTesting
Format: 4 Day Trainings
Location: Mandalay Bay - B
Skill Level: Intermediate
Experience: In-Person
This is not your traditional SCADA/ICS/IIoT security course! How many
courses send you home with lifetime access to course updates and a $500 kit
including your own PLC and a set of hardware/RF hacking tools?!? This
course teaches hands-on penetration testing techniques used to test
individual components of industrial control systems. The first day of the
course teaches how to perform safe assessments of commissioned components
in production without negatively affecting reliability and safety of the
systems. The remaining bulk of the course will then focus on performing
deeper component-level penetration testing in lab settings, attempting to
discover and address 0-day vulnerabilities before those components are
commissioned in production environments. Learn More
REGULAR
$5,700
ENDS JULY 19
Attacking and Defending AWS, Azure, and GCP Cloud Applications: 2024
Edition
Location: TBD
appsecengineer
Tracks:
AppSec,
Defense
Format: 4 Day Trainings
Location: South Pacific C
Skill Level: Beginner/Intermediate
Experience: In-Person
Applications on the cloud present some unique opportunities and challenges
in terms of security. In this training, we're going to explore Application
Security on the cloud with three popular cloud providers, AWS, Azure, and
GCP.
The aim of this training is to take the participant through a journey of
highly practical, scalable, and granular knowledge of AWS, Azure, and GCP
offense, defense, and detection engineering. Our No.1 objective is that
participants can apply skills learned from this class nearly immediately at
their workplaces.
This class is an intense, deep-dive experience in attacking and defending
applications on AWS, Azure, and GCP. We would take participants through our
ADD (Attack-Detect-Defend) labs in all these areas to give them a
360°perspective of attacking and defending applications of various stacks
deployed on the cloud
Participants will walk away with 2 months of access to our online training
portal and labs Learn More
REGULAR
$5,200
ENDS JULY 19
Attacking Mobile Applications: Practical Security Testing for Android and
iOS
Location: TBD
mandiant (now part of google cloud)
Tracks:
Mobile,
AppSec
Format: 4 Day Trainings
Location: Breakers - L
Skill Level: Beginner/Intermediate
Experience: In-Person
The Attacking Mobile Applications course is a hands-on 4-day journey into
the world of mobile application penetration testing. The course has 19
labs, each based on Mandiant's first-hand experience assessing mobile
applications. Students will gain experience building a test environment,
understanding application packages, analyzing Swift/Objective-C assembly
and Dalvik bytecode, performing dynamic instrumentation to bypass jailbreak
or root detection, intercepting network communications, and testing modern
cross-platform applications (Xamarin, ReactJS, Flutter, etc.).
Students will receive USB devices loaded with training materials: A
self-contained Linux virtual machine with the labs and tools used in the
course, a PDF collection of the course slides, multiple cheat sheets, and
sample source code. Virtual Android and iOS devices will be supplied for
attendees for use during the course. Learn More
REGULAR
$5,300
ENDS JULY 19
Automating Reverse Engineering Processes with AI/ML, NLP, and LLMs
Location: TBD
malachi jones, phd
Tracks:
AI, ML, & Data Science,
Malware
Format: 4 Day Trainings
Location: Tradewinds - D
Skill Level: Advanced
Experience: In-Person
This course enhances reverse engineering (RE) processes through automation,
focusing on efficiency and scalability in malware and firmware analysis by
integrating Neural Networks (NN), Natural Language Processing (NLP), and
Large Language Models (LLMs). It introduces Blackfyre, an open-source
system combining a Ghidra plugin and Python library, essential for binary
analysis and applying NN/NLP/LLM techniques in RE. The curriculum covers NN
and NLP in malware analysis for threat classification and anomaly
detection, and in firmware analysis for predicting function/binary names
and detecting similarities. It also introduces BinaryRank, inspired by
PageRank, but more efficient with linear complexity, for static analysis,
improving NLP's effectiveness in binaries data representations. Advanced
topics include LLMs for function and binary summarization, and malware
analysis for signature and report generation. Designed for those with a
foundational understanding of RE, Python object-oriented programming
skills, and basic mathematical knowledge, the course aims to bolster
NN/NLP/LLM capabilities in automating RE processes. Learn More
REGULAR
$5,200
ENDS JULY 19
Blue Team Arsenal: Python and Generative AI for Threat Intelligence
Location: TBD
roberto rodriguez, thomas roccia
Tracks:
AI, ML, & Data Science,
Defense
Format: 4 Day Trainings
Location: Breakers - E
Skill Level: Beginner/Intermediate
Experience: In-Person
In the fast-paced world of cyber security, threat intelligence plays a
critical role in an organization's defense strategy, empowering defenders
with deep understanding of adversary tradecraft and their threat landscape.
For a threat intelligence analyst, the abilities to collect and connect
information from a wide variety of data sources and dive deep into
malicious software are essential. Imagine streamlining these processes by
building your own tools leveraging artificial intelligence.
In this 4-day class, you will learn to use Python to collect and analyze
threat data, handle malware, build your own custom tools, and integrate the
power for Generative AI to transform your technical approach to threat
intelligence. We will combine theory with practical, hands-on exercises,
giving you the opportunity to apply all these concepts in real-world
scenarios. By the end of this course, you will have the necessary skills
and tools to unlock new capabilities into your threat intelligence cycle.
Learn More
Class Full
REGULAR
$5,300
ENDS JULY 19
DevSecOps Masterclass: 2024 Edition
Location: TBD
appsecengineer
Tracks:
AppSec,
Defense
Format: 4 Day Trainings
Location: South Pacific - B
Experience: In-Person
DevOps has become a pervasive force within organizations globally, driving
the continuous delivery of applications. Despite its success, security
remains a significant challenge for DevOps. Organizations need help
including security in continuous delivery processes.
This training is a comprehensive, focused, and practical approach to
implementing Security for your Continuous Delivery Pipeline. Backed by tons
of hands-on labs, original research, and real-world implementations of
DevSecOps, this training offers a comprehensive and practical guide for
professionals seeking to enhance their skills and implement robust security
measures in the ever-evolving landscape of continuous delivery and
application development.
The training starts with Application Security Automation for SAST, DAST,
SCA, IAST, and RASP, apart from Vulnerability Management and Correlation.
Subsequently, the training focuses on Cloud Security and automating
security processes in cloud and cloud-native environments. Next, the
training closes with a deep dive into DevSecOps Practices for Kubernetes
and Containers, providing detailed perspectives on implementing scalable
security for these deployments. In anticipation of Cloud-focused DevSecOps
requirements, this training arms the learners with a plethora of
cloud-native options that will serve as drop-in replacements for their
on-prem pipeline components. Practical learnings picked up throughout the
class are brought to AWS Codepipeline and Azure Pipelines along with a
handbook of best practices and blueprints to prepare the students for the
changed landscape.
Participants receive a free (OSS) toolkit for DevSecOps Implementations and
2 months of access to our hands-on labs, engaging challenges, and recorded
classes for this DevSecOps training. Learn More
REGULAR
$5,300
ENDS JULY 19
Foundational Security Operations and Defensive Analysis
Location: TBD
offsec powered by applied technology academy
Track:
Risk
Format: 4 Day Trainings
Location: South Seas Ballroom - C
Skill Level: Intermediate
Experience: In-Person
The student receives a 1 Year OffSec Learn Unlimited license.
OffSec Learn Unlimited - A $5,400 Value!
* Provides access to the Proving Grounds (Play and Practice)
* All 100, 200 and 300-level training materials and labs
* Unlimited exam attempts to the corresponding courses (OSCP, OSDA, OSWA,
OSWP, KLCP, OSWE, OSEP, OSED & OSMR)
A skilled security operations team is crucial for any organization's
cybersecurity readiness and ability to effectively detect cyber threats.
With OffSec's SOC-200: Foundational Security Operations and Defensive
Analysis course, employers worldwide are upskilling their teams with
hands-on learning on detecting and assessing security incidents.
This foundational course teaches learners how to uncover the consequences
of common attacks from a defensive perspective, recognize methodologies for
end-to-end attack chaining, use a SIEM to identify and access cyber
attacks, and conduct guided audits of compromised systems across multiple
OSs.
Learners who complete the SOC-200 course and pass the associated exam earn
the Offensive Security Defense Analyst (OSDA) certification. A certified
OSDA candidate is prepared to join and participate in a Security Operations
Center (SOC) as a Junior Analyst.
Benefits:
* Upskill talent to roles such as SOC Analysts and Jr. roles in Threat
Hunting and Digital Forensics and Incident Response
* Ensure your team can preempt threats and detect vulnerabilities before
they're exploited
* Fortify your organization's cybersecurity defense and maintain your
security posture
* Recognized certifications demonstrate a high-performing team
* Train your team to detect threats using the only dedicated lab framework
built to execute live attacks against a network for defensive purposes
* Learners can use the SOC-200 Challenge Labs to learn how to review logs
and identify attackers and their methods in real-time
Learn More
REGULAR
$6,300
ENDS JULY 19
Full Scope Social Engineering and Physical Security
Location: TBD
snowfensive
Tracks:
Human,
PenTesting
Format: 4 Day Trainings
Location: Lagoon - L
Skill Level: All
Experience: In-Person
Full Scope Social Engineering is designed for students who want to learn
all aspects of Social Engineering in one course. No prior experience is
needed, students will start by learning core techniques and Open-Source
Intelligence (OSINT) gathering. Students will take these fundamental
concepts into the next three phases by applying them to craft robust and
captivating Vishing (voice-phishing), Phishing, and Physical Security
campaigns.
Each phase includes multiple labs and challenges. FSSE is extremely
hands-on and student participation is highly encouraged. Upon completion,
students will feel confident performing OSINT, choosing targets, developing
pretexts, and performing effective Social Engineering engagements.
FSSE provides considerable value to pentesters and red teamers as clients
frequently request this type of testing. Defenders can also benefit from
this training and leverage these skills to defend against attacks and
provide awareness training. Learn More
REGULAR
$5,200
ENDS JULY 19
Hacking and Securing Cloud Infrastructure - 4 Day
Location: TBD
notsosecure / manish rohilla
Tracks:
Network,
PenTesting
Format: 4 Day Trainings
Location: Mandalay Bay - K
Skill Level: Intermediate
Experience: In-Person
With the rapid adoption of cloud infrastructure and the prevalence of
hybrid cloud environments among organizations, the need to address cloud
misconfigurations has become paramount. This course offers a holistic
approach to understanding and mitigating misconfigurations in AWS, Azure,
and GCP.
From building and migrating to managing and innovating in the cloud,
organizations face increasing pressure to secure their cloud infrastructure
effectively. To achieve this, a deep understanding of cloud attack
architecture and hands-on experience with relevant tools and techniques are
essential.
This comprehensive 4-day course immerses participants in the attacker's
mindset, providing the opportunity to deploy over 25 novel attacks through
state-of-the-art labs. The training is delivered by seasoned penetration
testers with extensive experience in cloud hacking, gained through
real-world engagements.
By the end of the course, participants will be well-equipped to confidently
identify vulnerabilities within cloud deployments. Additionally, the
training covers cloud detection and response strategies, empowering
participants to proactively address weaknesses and monitor their cloud
environment for potential attacks. This course is a crucial step toward
enhancing cloud security in an ever-evolving threat landscape. Learn More
REGULAR
$5,700
ENDS JULY 19
Industrial Control Systems: Build, Break, Secure
Location: TBD
arnaud soullie
Tracks:
ICS,
PenTesting
Format: 4 Day Trainings
Location: Lagoon - F
Skill Level: Beginner/Intermediate
Experience: In-Person
Discover the world of Industrial Control Systems with an attack mindset! We
will follow a hands-on approach, growing from a very simple local process
to a realistic ICS environment with 3 words in mind:
* Build: how does it work?
* Break: what are the weaknesses and how to exploit it?
* Secure: what can we do to fix it?
Day 1 & 2 will allow you to discover and understand ICS and its components,
by creating your own training environment and programming it. We'll spend
day 3 attacking a realistic ICS environment, and on day 4 we'll learn how
to secure it.
Moreover, the training doesn't stop on the last day! Each participant will
receive 30-day access to our "ICS cybersecurity academy" e-learning portal,
which allows them to watch the training content in video, as well as
perform all the exercises on a cloud platform. Learn More
REGULAR
$5,200
ENDS JULY 19
Offensive Mobile Reversing and Exploitation (iOS & Android) - 2024 Edition
Location: TBD
8ksec
Tracks:
Mobile,
AppSec
Format: 4 Day Trainings
Location: Coral - B
Skill Level: Intermediate/Advanced
Experience: In-Person
After running sold-out trainings at multiple conferences over the last few
years, we are back with an updated version of our course which now covers
ARM64, mobile browser security, and detailed Mobile apps and operating
system security. The class starts with a basic introduction to the ARM
instruction set and calling conventions followed by some reverse
engineering exercises. We then learn how to craft simple exploits for the
ARM64 environment. Next, we move to Mobile browser security and understand
some of the browser mitigations followed by writing some simple exploits
for the mobile browser. We then cover iOS and Android internals in further
detail. We then discuss some of the exploitation techniques using
real-world vulnerabilities (e.g., voucher_swap, checkm8, etc) followed by a
walkthrough of how jailbreaks are written. We also discuss some of the
common vulnerability types (Heap Overflows, Use-after-free, Uninitialized
Stack variables, Race conditions). The training then moves on to
application security based on exploiting the Damn Vulnerable iOS app,
Android-InsecureBankv2, and InsecurePass application written by the authors
of this course in addition to a broad range of other real-world
applications. We also cover a variety of mitigations deployed in real-world
apps and discuss how to bypass them. The course then covers the kernel
exploitation and details for both Android and iOS platforms along with
steps for breaking into Mobile Kernel exploitation. Slides, videos, and
detailed documentation on the labs will be provided to the students for
practice after the class. Corellium access will be provided to students
during the duration of the training course.
Summary
* Fully updated for iOS 17 and Android 14
* Get 30 Days of Lab Access to our VMs
* Virtual Devices on iOS and Android using Corellium
* Get Certified as Mobile Security Expert
* Learn Reverse Engineering Mobile Apps from Scratch
* Learn Malware Reversing for iOS and Android
* Learn the internals of iOS and Android Kernel and their mitigations
* Learn Penetration Testing of iOS and Android apps
* Get an understanding of ARM64 architecture
* Learn Advanced Binary Instrumentation techniques using Frida
* Learn how to set up your own Mobile Research Environment
Learn More
REGULAR
$5,300
ENDS JULY 19
Penetration Testing with Kali Linux
Location: TBD
offsec powered by applied technology academy
Track:
PenTesting
Format: 4 Day Trainings
Location: South Seas Ballroom - D
Skill Level: Intermediate
Experience: In-Person
The student receives a 1 Year OffSec Learn Unlimited license.
OffSec Learn Unlimited - A $5,400 Value!
* Provides access to the Proving Grounds (Play and Practice)
* All 100, 200 and 300-level training materials and labs
* Unlimited exam attempts to the corresponding courses (OSCP, OSDA, OSWA,
OSWP, KLCP, OSWE, OSEP, OSED & OSMR)
Penetration Testing with Kali Linux is a unique online penetration testing
course that introduces learners to the latest pentesting methodologies,
tools, and techniques via hands-on experience. PEN-200 simulates a full
penetration test from start to finish by immersing the learners into a
target-rich and vulnerable network environment.
This foundational-level course is designed for security and other
technology professionals who want to take a meaningful step into the world
of professional pentesting, as well as seasoned pentesters seeking to
sharpen their skills and earn one of the most coveted pentesting
certifications.
As one of the most respected cybersecurity courses, PEN-200 is considered
more technical than other similar courses – it requires evidence of
practical pentesting skills, ensuring real-world and job-ready skills. With
this focus on the practical application of real-world pentesting skills,
this course goes one step further by teaching learners the "Try Harder"
mindset – a true exercise of grit and will that is crucial for any
pentester.
Learners who complete the PEN-200 course and the associated exam earn the
Offensive Security Certified Professional (OSCP) certification.
Benefits:
* In-depth training from infosec experts
* Improved security posture with a team skilled in the latest pentesting
tools and techniques
* Higher employee retention rates with an engaging and industry-recognized
learning plan
* Have complete visibility and data on your team's progression as they
work through a variety of network security skills
Learn More
Class Full
REGULAR
$7,300
ENDS JULY 19
Physical Penetration, RFID Hacking, & Electronic Access Control Systems
Location: TBD
red team alliance
Tracks:
PenTesting,
Hardware
Format: 4 Day Trainings
Location: Surf - D
Skill Level: Beginner/Intermediate
Experience: In-Person
Beyond firewalls and network hardening, government and enterprise alike
must consider how security infrastructure safeguards digital, material, and
human assets. Physical security is foundational to the ability to resist
unauthorized access or malicious threat.
In this training, students will be immersed in the world of mechanical
locking systems, door hardware, manipulation and bypassing techniques, PACS
tokens, RFID credentials, alarm contacts, tamper switches, door
controllers, and backhaul protocols that underpin Physical Access Control
Systems (PACS) across the globe.
Red Team members and penetration testers will gain a practical
understanding of what physical security looks like in the field, and how to
manipulate, bypass, intercept, clone, downgrade, replay, and bypass one's
way through such defenses. Blue Team members including SOC staff,
defenders, designers, and directors will come with away with best practices
and techniques that will resist attacks.
Those who attend this course will leave with a full awareness of how to
best protect buildings and grounds from unauthorized access, as well as how
to compromise most existing physical security in order to gain access
themselves. Learn More
REGULAR
$5,700
ENDS JULY 19
Practical Car Hacking - A Hands-On Approach
Location: TBD
willem melching
Track:
Hardware
Format: 4 Day Trainings
Location: Breakers - I
Skill Level: Beginner/Intermediate
Experience: In-Person
This course will cover a variety of topics related to automotive security.
The most common networks used in modern vehicles will be discussed, and we
will cover a variety of attacks on these communication networks found in
cars, such as spoofing, DoS and MITM.
We will look at a variety of diagnostics protocols to talk to ECUs and
extract their firmware, such as UDS, CCP and XCP. Other methods of
obtaining firmware such as extracting proprietary update files, JTAG and
Fault Injection will be shown.
After firmware is obtained you will learn how to quickly identify the
relevant part of an ECUs firmware and reverse engineer it. Finally we will
consider the wireless attack surface of a vehicle, such as TPMS, key fobs
and EV charging. Learn More
REGULAR
$5,300
ENDS JULY 19
Practical Linux Attack Paths and Hunting for Red and Blue Team (Virtual)
Location: TBD
leszek mis@defensive-security
Tracks:
Defense,
PenTesting
Format: 4 Day Trainings
Experience: Virtual
Dive into the world of Linux attack paths, local and remote exploitation,
process injection, process hiding, tunneling, network pivoting, and syscall
hooking techniques. See hands-on how Linux malware, userspace, and kernel
space rootkits work in well-prepared Detection PurpleLabs Cyber Range,
analyze and modify the source codes, find interesting behavior patterns in
binaries and logs, learn what telemetry is needed to catch modern Linux
threat actors, and find how to proactively validate and improve detection
coverage with step-by-step Linux adversary emulations. On top of that, run
your VMs RAM acquisition 'on click' and analyze
memory images at any stage of the course. Learn More
REGULAR
$5,300
ENDS JULY 19
Tactical Hacking Essentials - 2024 Edition
Location: TBD
sensepost | orange cyberdefense
Tracks:
PenTesting,
Network
Format: 4 Day Trainings
Location: Lagoon - H
Skill Level: Beginner/Intermediate
Experience: In-Person
Are you looking to leap into a penetration testing career and gain
essential practical hacking skills? Then this course is for you!
This extremely hands-on course is designed to provide you with a complete
overview and methodology to start a career in penetration testing. Our core
methodologies are instilled throughout this course. You'll be taken on an
immersive journey into the day-to-day tactical operations of a penetration
tester.
Key Points:
* Complete methodologies to conduct penetration tests
* Deep dive into the complete attack path of a real-world attacker
* Fundamentals to continue a career in the security testing/ethical
hacking field
The course starts off with fundamental security knowledge to provide you
with a solid technical base to build upon. The attack model starts from an
external perspective with the main objective of taking over an
organisation. You'll be exposed to open-source intelligence gathering
techniques, external and web application hacking skills, and working your
way into an organisation, ending with advanced internal network compromises
and objective completion. Throughout the course, you will gain actual
attacker skills and knowledge to apply in real-world scenarios.
This course is highly practical and will provide you with tools and
techniques to achieve objectives through the course in our immersive online
lab environment.
Join us and learn to hack hard! Learn More
REGULAR
$5,400
ENDS JULY 19
The Art of Hacking - 4 Day
Location: TBD
notsosecure / tom large / karan shah
Tracks:
PenTesting,
AppSec
Format: 4 Day Trainings
Location: Mandalay Bay - I
Skill Level: Beginner
Experience: In-Person
This is our entry-level security testing course that covers approaches for
both web application security and infrastructure security, the course is
also a pre-requisite course before enrolling for either our "Web Hacking
Black Belt Edition" or "Advanced Infrastructure Hacking" courses. This
foundation course familiarises the attendees with the basics of penetration
testing by demonstrating a number of tools and techniques to find and
exploit vulnerabilities, backed up by discussing a systematic approach on
the various phases of a penetration test. If you would like to step into
Ethical Hacking/Penetration Testing with the right amount of knowledge,
this is the right course for you. Learn More
REGULAR
$5,400
ENDS JULY 19
Theory and Practice: Machine Learning Introduction with Threats and
Vulnerabilities
Location: TBD
aib security
Tracks:
AI, ML, & Data Science,
AppSec
Format: 4 Day Trainings
Location: Shell Seekers - B
Experience: In-Person
This 4-day course provides a comprehensive yet concise overview of AI/ML
models (kNN, Linear Models, Decision Trees, Random Forest, Neural Networks
and Transformer based LLMs) as well as the attacks on those models. The
goal is to give security professionals a quick introduction to AI/ML models
and how they work in addition to providing the foundational security skills
to identify and understand the risks associated with AI/ML/LLM
applications. With this knowledge attendees will be able to understand how
ML works and assess the threats against AI/ML systems to better understand
how to protect against AI/ML specific security threats. This course is
primarily focused on offensive techniques however some defensive techniques
will be briefly mentioned as well. Learn More
REGULAR
$5,300
ENDS JULY 19
Web Hacking Black Belt Edition - 4 day
Location: TBD
notsosecure / sanjay gondaliya
Tracks:
AppSec,
PenTesting
Format: 4 Day Trainings
Location: Mandalay Bay - L
Skill Level: Intermediate/Advanced
Experience: In-Person
This course uses a Defence by Offence methodology based on real-world
engagements and offensive research (not theory). That means everything we
teach has been tried and tested on live environments and in our labs, so
you can put it into practice as soon as the training is over. By the end of
the course, you'll know:
* How to think and behave like an advanced, real-world threat actor
* How to identify commonly used vulnerabilities known to have caused
damage and disruption in recent months
* How to deploy the latest and most common web application hacks
(including many novel techniques that can't be detected by scanners)
* How to analyse vulnerabilities within your own organisation and
customise your hacking techniques in response
Join this hands-on, 4-day course to push your web hacking to the next level
and widen your career prospects. Get your hands dirty with our popular labs
and learn from experienced, practicing penetration testers with a legacy of
training at Black Hat. Learn More
REGULAR
$5,700
ENDS JULY 19
Windows Kernel Rootkit Techniques
Location: TBD
t.roy, codemachine
Tracks:
Malware,
PenTesting
Format: 4 Day Trainings
Location: Reef - B
Skill Level: Advanced
Experience: In-Person
To achieve maximum stealth and obtain unabated access to the system,
rootkits execute in kernel mode. This advanced course provides a
comprehensive end-to-end view of the modus-operandi of rootkits by taking
an in-depth look at behind the scenes working of the Windows kernel and how
these mechanisms are exploited by malware through hands-on labs and
real-world case studies. Kernel security enhancements that have been
progressively added to Windows including ones that depend on Virtualized
Based Security (VBS) are discussed along with some circumvention
techniques. Attendees will study key techniques used by rootkits to
understand the real-world applicability of these concepts for offensive and
defensive purposes. This course has been updated for Windows 11 23H2.
The training consists of theory, instructor-led demos, code walkthroughs,
and most importantly, hands-on labs where students use Visual Studio 2022
and Windows Driver Kit (WDK), to implement rootkit functionality and use
WinDBG to detect, identify, and analyze rootkit behavior on Windows 11
64-bit. Learn More
REGULAR
$5,300
ENDS JULY 19
* Back to Trainings
ON THIS PAGE
* Pricing
* Overview
* Key Takeaways
* Who Should Take this Course
* Student Requirements
* What Students Should Bring
* What Students Will Be Provided With
HACKING CYBERSECURITY LEADERSHIP: AN INTERACTIVE TRAINING TO STRENGTHEN SKILLS
FOR LEADING TEAMS & MULTI-TEAM SYSTEMS
MULTITEAM SOLUTIONS | AUGUST 3-4 | LOCATION: OCEANSIDE - G
--------------------------------------------------------------------------------
Early
$3,800
ENDS MAY 24
Regular
$4,100
ENDS JULY 19
Late
$4,300
ENDS AUGUST 2
On-Site
$4,400
ENDS AUGUST 8
--------------------------------------------------------------------------------
EXPERIENCE
In-Person
--------------------------------------------------------------------------------
OVERVIEW
Cybersecurity is an infinite game being played by teams and multi-team systems
made up of individuals with finite capacity. Leaders readily invest in
technology to maximize human capacity, yet because the use of technology is a
human task, a significantly lesser investment in human capital leads to
cybersecurity professionals burning out and quitting this infinite game. To
protect against burnout, there must be a concerted, human-centered approach that
focuses on the tenets of motivation, including the balance of autonomy and
connectivity to others, in order to build individual and system-wide resilience.
Drawing from the largest social-behavioral cybersecurity field research to date
(over 80 focus groups/interviews and hundreds of survey participants across 28
multi-team systems in 17 international organizations–funded by the US, Dutch, &
Swedish governments), this training will provide current and future leaders in
cybersecurity multi-team systems with the knowledge, skills, and tools to
support and motivate the people they lead.
This 2-day, highly interactive course is designed for cybersecurity
professionals currently in a role leading a team within a multi-team system
(e.g., team lead) or leading an entire multi-team system (e.g., CISO). The
training provides participants a chance to familiarize with and practice using
10 analog leadership tools designed to strengthen soft skills and support and
motivate individuals, teams, and multi-team systems. The training, which acts as
a sandbox, is built on social-behavioral research of CSIRTs and SOCs that was
funded by the US and European governments, is assured by the UK NCSC, and will
be delivered through expert-facilitated exercises. The exercises are not
cybersecurity specific, which allows participants to disrupt their normal,
routine ways of leading and open up to the possibilities for growth and change
as leaders. The tools readily allow for the concrete transfer of knowledge and
soft skills from the training back into the workplace.
A high-level overview of the 5 exercise topics:
Team Alignment
Team Adaptation
Individual Roles & Team Goals
Individual Resilience & Team Agility
Multi-team Collaboration
Each exercise is facilitated using a classroom-style workbook complete with
experiences, debriefing questions, teamwork tools, and action planning on how to
transfer lessons learned from the workshop to the workplace. Throughout the
exercises, participants are engaging in small and large group activities. Use of
the workbook standardizes real-time learning across all participants.
Course highlights include:
1) 10 analog leadership tools that build soft skills and that participants can
take back to their teams and multi-team systems
2) The course is led by three SME facilitators–two social-behavioral scientists
with expertise in cybersecurity and leadership coaching along with a workplace
performance coach
3) 2 days of interactive, stress-free exercises that allow participants to play
and explore new perspectives around how to lead others so they are better
equipped when they return to the volatile and uncertain environment of
cybersecurity
4) A unique focus on the human component of cybersecurity that includes both
personal and professional development for each participant
--------------------------------------------------------------------------------
KEY TAKEAWAYS
(1) A framework for proactively organizing and setting the direction for
multi-team systems so that they can better react in highly dynamic and
unpredictable environments.
(2) 10 evidence-based analog tools that will build soft skills for leading and
supporting teams in ways that increase collaboration and motivation and, in
turn, reduce burnout while increasing resilience.
(3) Practical guidance from expert trainers for introducing and implementing
these tools into one's workplace, including a framework for increasing buy-in
and engagement from the teams they lead.
--------------------------------------------------------------------------------
WHO SHOULD TAKE THIS COURSE
Cybersecurity professionals currently in a role leading a team (e.g., team lead)
or leading an entire multi-team system (e.g., CISO).
--------------------------------------------------------------------------------
STUDENT REQUIREMENTS
Recommended: At least 1 year in a formal leadership role overseeing one or more
teams.
--------------------------------------------------------------------------------
WHAT STUDENTS SHOULD BRING
n/a
--------------------------------------------------------------------------------
WHAT STUDENTS WILL BE PROVIDED WITH
Physical copies of the exercise workbooks and the workbench of 10 analog
collaboration tools
--------------------------------------------------------------------------------
TRAINERS
Dr. Daniel Shore has a PhD in Workplace Psychology and works as a facilitator,
consultant, and researcher leading development initiatives for multi-team
systems in complex and unpredictable environments. His expertise in
cybersecurity teamwork was borne out of his involvement on a 5-year research
project–funded by the US Department of Homeland Security and multiple European
governments–that was designed to identify social-behavioral drivers of
cybersecurity effectiveness for teams and leaders. Dr. Shore applies the
insights from this work to bring a human-centered approach to improving
motivation and collaboration in cybersecurity. As a co-founder of MultiTeam
Solutions, he currently trains cybersecurity teams in the public and private
sectors on collaboration and communication both within and between teams.
Dr. Stephen Zaccaro has been a professor of Workplace Psychology for over 30
years at George Mason University, Fairfax, Virginia. He has been doing research
on teams across many fields, including military teams, for over 30 years and
co-authored the seminal research on multi-team systems. He was also a PI on a
5-year research project funded by the US Department of Homeland Security and
multiple European governments that was designed to identify social-behavioral
drivers of cybersecurity effectiveness for teams and leaders. Additionally, Dr.
Zaccaro was a co-editor of a recent book on the psychosocial aspects of
cybersecurity. Relatedly, he has conducted a number of recent workshops on the
social maturity of cybersecurity incident response teams and multi-team systems.
Applying his research and writings, Dr. Zaccaro is an experienced leadership
development and team performance consultant. He is a Fellow of the Association
for Psychological Science, and of the American Psychological Association, in
both Industrial-Organizational & Military Psychology.
Zac Broomfield is devoted to helping teams and multi-team systems enhance
communication skills, collaboration, and workplace performance. With a decade of
experience working with diverse professionals, designing training curricula, and
coaching, Zac has immersed himself in understanding how people from different
backgrounds perceive the world, interpret challenges, and find solutions. Zac's
expertise lies in translating the principles of effective communication and
collaboration into digestible and actionable language that can be applied in
everyday work situations, fostering stronger relationships and improved results
for teams and organizations. He currently trains cybersecurity teams in the
public and private sectors on motivation and strength-based teamwork.
Discover more from Informa Tech
* Dark Reading
* SecTor
* Black Hat Trainings
* Omdia
Working With Us
* About Us
* Code of Conduct
* Contact us
* Upcoming Events
Follow on Social
*
*
*
*
*
*
* Cookie
* CCPA: Do not sell my personal info
* Privacy
* Terms
Copyright © 2024 Informa PLC. Informa PLC is registered in England and Wales
with company number 8860726 whose registered and head office is 5 Howick Place,
London, SW1P 1WG.
×
>
This site uses cookies to provide you with the best user experience possible. By
continuing to use this site, you accept our use of cookies.
I Agree