Security Conferences

You are here:

Home
Public Speaking
Security Conferences

[vc_row][vc_column][vc_custom_heading text=”SPECIALIZED TRAINING COURSES” font_container=”tag:h3|text_align:left” use_theme_fonts=”yes”][vc_column_text]Bulb Security provides hands-on security training at security conferences around the world. Contact us today to book a training at your event.

Past Conference Trainings:

Derbycon
Brucon
The Blackhat Briefings
Hack in Paris
Security Bsides
Security Zone
Skydogcon[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_empty_space][/vc_column][/vc_row][vc_row][vc_column][vc_custom_heading text=”Example Classes:” font_container=”tag:h4|text_align:left|color:%23303135″ use_theme_fonts=”yes”][vc_tta_tabs style=”flat” shape=”square” active_section=””][vc_tta_section i_position=”right” i_icon_fontawesome=”fa fa-chevron-down” title=”2 Day Exploit Development” tab_id=”1458657055330-40ec81da-a581a73f-9072″ add_icon=”true”][vc_column_text]

Abstract:

In this class we will start with introductory exploit development for Windows and Linux platforms. In class you will gain hands on experience finding vulnerabilities, writing working exploits from scratch, and porting public exploit code to meet your needs. We will start with the basics of stack based buffer overflows including saved return pointer and structured exception handler overwrites. We will look at dealing with space issues for shellcode such as egghunting and relative jumps. Then we will move onto bypassing more advanced anti-exploitation measures such as stack cookies, ASLR, DEP, etc. In addition to writing exploits from scratch we will look at public exploit code and porting it to fit our environment’s needs. We will also look at writing Metasploit modules and porting our exploits into Metasploit. Hands on labs for both Windows and Linux will be covered, exploiting real vulnerable programs. No previous programming or exploitation experience is required. Exploit skeletons will be provided for each exercise allowing students to focus on the attack string rather than programming syntax.[/vc_column_text][vc_empty_space height=”10px”][vc_custom_heading text=”Outline:” font_container=”tag:h4|text_align:left|color:%23303135″ use_theme_fonts=”yes”][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 1: Stack Based Buffer Overflow Basics” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 2: Structured Exception Handler Overwrites” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 3: Simple Fuzzing” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 4: Porting Public Exploit Code” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 5: Writing Metasploit Modules” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 6: Space Issues: Relative Jumps” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 7: Space Issues: Shellcode Splitting” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 8: Space Issues: Egghunter” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 9: Bypassing ASLR” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 10: Bypassing Data Execution Prevention” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][vc_column_text]

Prerequisites:

Laptop capable of running at least 2 virtual machines simultaneously.
Vmware product (Player, Workstation, or Fusion)
Kali Linux Virtual Machine: http://www.kali.org
No programming experience is required. Exploit skeletons will be provided for each exercise.

Students will be provided with:

Target virtual machines (Windows XP, Windows 7, Ubuntu, ARM). Windows virtual machines will be 30 day trials that will expire unless the student provides a license key. If possible, download details will be made available a week prior to class.
Detailed Slides
Lab Manual

[/vc_column_text][/vc_tta_section][vc_tta_section i_position=”right” i_icon_fontawesome=”fa fa-chevron-down” title=”3 Day Penetration Testing” tab_id=”1458657055383-37e894b1-b129a73f-9072″ add_icon=”true”][vc_column_text]

Abstract:

This course will give you hands-on experience in many facets of penetration testing. We will briefly touch on the basics of using Kali Linux as well as programming and scripting. We will study the Metasploit Framework before using it and supporting tools to simulate a penetration test against target virtual machines. Starting with information gathering, we will move through the phases of penetration testing. The class will begin with basic, easily exploitable vulnerabilities, but will also cover the latest client side issues being exploited in the wild. This course will heavily focus on post exploitation techniques such as privilege escalation, lateral movement, and pivoting. We will study advanced techniques such as bypassing anti-virus and IDS systems. The basics of developing exploits manually will be covered. We will turn our custom exploits into Metasploit modules. Finally, we will take a look at the rapidly developing field of mobile hacking. The course will finish with a live capture the flag environment where students can test what they have learned.[/vc_column_text][vc_empty_space height=”10px”][vc_custom_heading text=”Outline:” font_container=”tag:h4|text_align:left|color:%23303135″ use_theme_fonts=”yes”][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 1: Using Kali Linux” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 2: Programming” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 3: Using Metasploit” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 4: Information Gathering” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 5: Vulnerability Identification” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 6: Capturing Traffic” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 7: Exploitation” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 8: Password Attacks” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 9: Client Side Attacks” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 10: Social Engineer Toolkit” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 11: Bypassing Detection” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 12: Post Exploitation” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 13: Web Application Assessments” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 14: Wireless Attacks” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 15: Exploit Development” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 16: Developing Metasploit Modules” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 17: Mobile Attacks” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 18: Capture the Flag” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][vc_column_text]

Prerequisites:

Laptop capable of running at least 2 virtual machines simultaneously.
Vmware product (Player, Workstation, or Fusion)
Kali Linux Virtual Machine: http://www.kali.org
Linux will be used extensively in this class. We will cover the basics briefly in the first module, but some prior knowledge is helpful. Likewise no prior programming knowledge is required though it will be helpful in the exploit development module. Some programming and scripting will be covered at the beginning of class.

Students will be provided with:

Target virtual machines (Windows XP, Windows 7, Ubuntu). Windows virtual machines will be 30 day trials that will expire unless the student provides a license key. If possible, download details will be made available a week prior to class.
Detailed Slides
Lab Manual
Access to an online VPN with additional targets for capture the flag. Additional online lab time will be provided after class.

[/vc_column_text][/vc_tta_section][/vc_tta_tabs][/vc_column][/vc_row]