2-Day Training OpportunitiesRegister Now
Application Security: For Hackers and Developers
Training by VDA Labs
Presenter: Dr. Jared DeMott, Founder & CEO
Software (both managed and native code) has been plagued by security errors for a long time. To combat that reality, security researchers, software quality assurance/test engineers, developers, and software managers need to acquire 6 critical skills for continuous bug hunting and repair (or exploitation): SDL, System Investigation, Static Analysis (open source and commercial), Dynamic Analysis (Burp and Fuzzers), Manual Code Auditing (source and with reversing engineering), and PoC/Repair (bug fixing vs. ROP exploits, etc). Each of these domains is covered in detail in this mature course. VDA has been teaching for over a decade at Black Hat. As a bonus, students will leave with homework content, so they can continue pushing their abilities, well beyond the duration of the course.
Why should people attend this course?
We all want to use safer software. Come learn from the best, on how to design better apps. Come learn how to continuously find and fix (or exploit) software bugs.
Top 3 takeaways students will learn:
AppSec TTPs - the tools, techniques, and procedures to find vulnerabilities. Security automation, code auditing, fuzzing, exploitation, reversing, and much more.
Day 1: How to Conduct a Security Assessment
We cover the 6 domains, give real world examples of TTPs (tools, techniques, and procedures), and work a long lab to give an end-to-end project audit experience. This first section focuses on a real (.net) web application: decompiling to defeat licensing logic, and hacking with burp to find exploitable bugs are all part of the fun. We then shift gears and prep for the 2nd day of deep code inspection, as we learn to audit, fuzz, and exploit native (C/C++) applications.
Day 2: Deeper Bug Hunting and Memory Corruption
Source Code Auditing
Understanding how and when to audit source code is key for both developers and hackers. Students learn to zero in on the important components. Automated and manual approaches are covered.
Fuzzing is a runtime method for weeding out bugs in software, and is a topic book author DeMott knows about well. Mutation, framework, and feedback fuzzers (Peach, AFL, Mayhem, and MSRD) are just some of the lecture and lab topics, we dive into.
Students learn to reverse managed (.net) code as well as compiled software written in C/C++. dotPeek, IDA Pro, and Ghidra are some of the tools covered. Expect to learn things like: Calling conventions, C to assembly, identifying and creating structures, RTTI reconstruction, etc. Students will also use IDA's more advanced features, such as scripting.
Students will walk out of this class knowing how to find and exploit bugs in software. This is useful to both developers and hackers. The exploit component will teach common bug types such as: OWASP top 10 (command injection, SQLi, XSS, etc) and memory corruption issues (stack overflows, function pointer overwrites, heap overflows, off-by-ones, FSEs, return to libc, integer errors, uninitialized variable attacks, heap spraying, ROP, and more). Shellcode creation/pitfalls and other tips and tricks will all be rolled into the exciting, final component.
What Students Should Bring?
Students are required to provide a laptop for the course. You need admin rights on the laptop. Your laptop should have a USB port, at least 60GB of free HD space, 6GB+ of RAM, and VMware Fusion for the Mac or workstation/player for Windows/Linux. Vmware should be installed ahead of time, or you’ll spend a bit of class time doing that. For Linux users you’ll need to enable exFAT file system support. If you have USB-C ports you should have a regular USB 3 adapter with you.
What Students Will Be Provided With?
Students will be given a Windows 10 VM. Copy the VM to your disk drive, and pass the portable Media to your neighbor. You will need a normal USB port (bring an adapter if you have the newer/smaller USB-C) and an OS that can read an ExFat file system thumb drive. (Most Mac and Windows have that, but with Linux, check for the driver.) You may not share course media with non-students.
Introduction to Red Team Operations
Training by k>fivefour
Presenter: Mr. Nicholas Downer, Systems Security Engineer / Instructor
Malicious cyber-attacks against enterprise networks can be devastating. Understanding how our adversaries accomplish high-profile attacks is the cornerstone of this course. This 2-day course is based on k>fivefour's 5 day “Red Team Apprentice Course” and serves as an introduction to realistic attack tactics and techniques that can be found in open source, industry threat reports. Topics include: NMAP enumeration techniques, phishing campaigns, Microsoft windows enumeration, Microsoft active directory enumeration, basic privilege escalation techniques, and compromising a Microsoft domain controller.
Attendee's will learn: nmap scanning, spear phishing techniques, active directory enumeration, basic privilege escalation, Windows authentication token manipulation, Windows persistence techniques, and Windows remote execution
1-Day Training OpportunitiesRegister Now
The Evolution of PowerShell: Red and Blue Team Tactics
Training by Fernando Tomlinson
Presenter: Fernando Tomlinson, Technical Director, Cyber Operations
PowerShell is one of the most versatile languages in use today and is being used beyond system administration. In today's environment, the language is being used for defensive hunting, forensics, attacker reconnaissance, escalation, exfiltration, or lateral movement. This training event will provide hands-on exposure to the aforementioned areas all from within PowerShell within the filesystem, Active Directory, Group Policy, and more! Walking away, you will be better postured to identify these tactics or use them for specific purposes without adding anything additional to the network.
This workshop is for those who are just starting out with the language or those who have experience in one side (admin, blue team, or red team) and are looking to gain exposure from another aspect. Attendees will be better postured to identify red and blue team tactics or use them for specific purposes without adding anything additional to the network.
Hands On Open Source Forensic Tools with Academic Cases
Training by Veterant Systems LLC
Presenter: Professor Mun-Wai Hun, Adjunct Professor
Participants can engage with Professor Hon with sample cyber cases that involve forensic images and network packet captures. The goal is hands on use of open source tools such as Autopsy and Wireshark on example cases presented in the NVCC NSA/DHS accredited program. Attendees will need their own laptops that meet session specifications to fully engage and work on the provided files. Conducted like a compressed course, Professor Hon will provide a brief overview of the tools and techniques before looking at samples and then challenging attendees to find the evidence to solve the mysteries. Check out his biography at https://www.nvcc.edu/cybersecurity/faculty.html
Attendees will hopefully better understand how to apply open source forensic tool sets for cyber analysis of digital evidence. The hands on portion with simple cases will illustrate the complexity of needing multiple domain knowledge to find relevant evidence.
Professor Hon intends to draw from material used in the Virginia Community College System curriculum.
Resilient Cyber Physical Systems
Training by Dynetics
Presenter: Mr. Bruce Tucker, Senior Cyber Resilience Engineer
This technical tutorial is focused on an engineering-level DoD audience, but it is suitable for a wide-range of professionals involved in making cyber physical systems, including weapon systems, more resilient to cyber-attack.
Cyber physical systems use digital computers to control physical systems, such as industrial control systems, flight control systems, weapon systems, and embedded systems. This tutorial is designed to provide an understanding of design considerations for cyber physical systems so that they are more resistance and resilient to cyber-attack.
Cyber resilience is the ability for a system to continue to perform its mission, perhaps at a diminished level of performance, in the presence of cyber events (deliberate cyber-attack, unintended CEMA effects, or other adverse conditions).
The over-arching objective of this tutorial is to enhance understanding of practical engineering methods to make cyber physical systems more resilient to cyber-attack. The tutorial will build up to that over-arching objective with the following learning objectives:
- Understand the concept of cyber resilience. This will include discussion of how the systems engineering process can incorporate cyber resilience.
- Understand the definition of cyber physical systems
- Understand that “trusted systems” is really a misnomer for “less risk.” This will include discussion of hardware assurance, software assurance, supply chain risk management, hardware-root-of-trust, and best practices to make systems more resistant and resilient to cyber-attack.
- Understand the concepts of resistance and resilience in cyber physical systems
- Understand that cybersecurity in cyber physical systems is significantly different than cybersecurity in enterprise computing systems. This will include a discussion of the differing roles of cyber defenders in enterprise systems and cyber physical systems.
- Understand engineering principles that are relevant to designing cyber physical systems that are both resistant and resilient to cyber-attack. This will include discussion of methods that can be applied to harden legacy system, as well as systems under development, to cyber-attack.
If time allows, this tutorial will include practical demonstrations of “hacking” cyber physical systems.
The key learning objective is to design physical systems that are more resistant and resilient to cyber events. The over-arching objective of this tutorial is to enhance understanding of practical methods to make cyber physical systems more resilient to cyber-attack.
CompTIA CASP+ Exam Review
Training by ITProTV
Presenter: Mr. Adam Gordon, Edutainer at ITProTV
This course is designed for IT professionals in the cybersecurity industry whose primary job responsibility is to secure complex enterprise environments. The target student should have real-world experience with the technical administration of these enterprise environments. This course is also designed for students who are seeking the CompTIA Advanced Security Practitioner (CASP+) certification and who want to prepare for Exam CAS-003.
Preparation for the CompTIA Advanced Security Practitioner (CASP+) certification and who want to prepare for Exam CAS-003. This training qualifies for the following CompTIA certifications:
CompTIA A+ | CompTIA Network+ | CompTIA Security+ | CompTIA PenTest+ | CompTIA CySA+ | CompTIA CASP | individuals who are certified in CASP – Exam CAS-002 and earlier.