python.png

Spencer McIntyre

Python for OS Hacking

9:15 am - 5:30 pm

June 21st, 2019

This course will cover using Python to interact with native system functionality on Windows and Linux.

 

The focus of the class will be the basic theory behind the common APIs that are relevant for many security-related tasks including memory manipulation, shellcode injection, and process hooking. Throughout the course students will learn how to create low-level wrappers of Python code to leverage existing functionality and combine these pieces to create basic tool sets.

This Python course is intended for penetration testers and security researchers who are interested in writing their own tools to prototype attack techniques and exploits. This course will not cover traditional "Python For Penetration Testers" material such as automating external tools, making HTTP requests, or parsing data.

 

Students should be familiar with Python basics: how to use pip, how to write functions and modules, and familiarity with the basic data types and bring a system capable of running a 64-bit virtual machine (either VMware of Virtual Box)

Get tickets here

1_Ilz5Loz2lNiux9ltqDzWXw.png

Tyler Hudak

Intro to Reverse Engineering

9:15 am - 5:30 pm

June 21st, 2019

There are times when running a malicious program through a sandbox just isn’t enough – sometimes you need to go a deeper level and find out how it works, not just what it’s doing. When this happens, you need to use Reverse Engineering.
 

Reverse Engineering (RE) is the practice of analyzing a compiled executable, examining it at the assembly level, and determining how it works. In this class, students will learn the basics of Intel x86 and x64 assembly, the concepts behind reverse engineering, and how they can learn the secrets of a malicious executable using debuggers and disassemblers. Throughout the class, students will learn this by reversing an in-the-wild ransomware executable.

 

Requirements: Reverse engineering experience is not required. However, students should be familiar with the basics of programming (e.g. variables, constants, hexadecimal, etc.) Programs used in the class will be the debugger x64dbg (https://x64dbg.com/) and disassembler Ghidra (https://ghidra-sre.org/), although students are welcome to use any tools they are familiar with.
 

Students will also be required to use a Windows Virtual Machine that supports snapshots. VMWare Workstation, Fusion, or Virtualbox will work; VMWare Player will not. The Windows VM should be at least Windows 7. If students do not have a Windows license available, a time-limited copy of Windows can be downloaded from https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ prior to class. All other tools will be provided to students.

Get tickets here

splunk-logo.png

Tom Kopchak

Getting to know Splunk

9:15 am - 1:15 pm

June 21st, 2019

Have you heard of Splunk, but don't know how to wield it to gain authority over big data? Have you used Splunk, but want to learn how to set it up and build it out properly? If so, this course is for you. In this course, you will work with Splunk from the ground up.

 

You'll learn the basics of Splunk terminology, along with how to use the Splunk web interface to find data. You'll also build your own Splunk environment, add data to the Common Information Model (CIM), create dashboards, and find events within the data. Finally, you'll gain more advanced searching techniques that are especially useful to those in network, security, and system administration roles.

 

By the end of the course, you will be confident in using Splunk and will be on the road to become a proficient Splunk architect and administrator as quickly as possible!

Required Materials: Laptop with Internet access (a web browser and SSH client) ; Splunk.com account

Get tickets here

internet-1606098_1280.png

Wayne Pruitt

Intro to Wireless Hacking

9:15 am - 5:30 pm

June 21st, 2019

Wireless is everywhere. This course is designed to give students a basic understanding of how wireless works.

 

This course will help build awareness of the security issue of wireless and demonstrated some of the vulnerabilities inherent in wireless technology.

 

Students will become familiar with the process of identifying wireless access points and clients, determining the encryption level used, and attempt to crack the encryption to gain access.

 

Students will use of hands-on labs designed to simulate actual wireless environments.

 

Required Materials: Bring a laptop that can boot from USB

Get tickets here

pathfinder_core.0.0.jpg

Amanda Berlin

Security D&D

(Defense and Detection)

1:15 pm - 5:30 pm

June 21st, 2019

In this workshop we will cover hands on attacks, defenses, and detection, from beginning to end, D&D style.

Oh, no!! You’ve rolled a 1, critical failure, and you’ve found out all of your backups are corrupt!  

You’ve rolled an 8, looks like the attacker didn’t get Domain Admin because you have properly separated your admin accounts, good job!

A handful of the attacks we will run through include: gathering OSINT on our target, iterating through AD, capturing password hashes, and more.

We will use these attacks to craft better defenses and mitigation, while looking into what logs will be generated.

At the end of this class you will walk away with an incident response playbook that you can use as a template to create more in the future.

Requirements: Either a vmware or virtual box client. We’ll be supplying vm's to use as a class

Get tickets here