[vc_row][vc_column][vc_custom_heading text=”BRING THE KNOWLEDGE TO YOU” font_container=”tag:h3|text_align:left” use_theme_fonts=”yes”][vc_column_text]Rather than send your employees to a training, instead bring the training to you. Private onsite training can be completely customized to meet your training needs.

About the instructor: Georgia Weidman

Georgia Weidman is a penetration tester, security researcher, and trainer. She holds a Master of Science degree in computer science, secure software engineering, and information security as well as holding CISSP, CEH, NIST 4011, and OSCP certifications. Her work in the field of smartphone exploitation has been featured in print and on television internationally. She has presented her research at conferences around the world including Shmoocon, Blackhat, Security Zone, and Bsides. Georgia has delivered highly technical security training for conferences, schools, and corporate clients to excellent reviews. Building on her experience, Georgia recently founded Bulb Security LLC (https://www.bulbsecurity.com), a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security. She is the author of the upcoming book Penetration Testing: A Hands-on Introduction to Hacking from No Starch Press.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_empty_space][/vc_column][/vc_row][vc_row][vc_column][vc_tta_tabs style=”flat” shape=”square” active_section=””][vc_tta_section i_position=”right” i_icon_fontawesome=”fa fa-chevron-down” title=”2 Day Exploit Development” tab_id=”1458657055330-40ec81da-a581″ add_icon=”true”][vc_column_text]

Abstract:

In this class we will start with introductory exploit development for Windows and Linux platforms. In class you will gain hands on experience finding vulnerabilities, writing working exploits from scratch, and porting public exploit code to meet your needs. We will start with the basics of stack based buffer overflows including saved return pointer and structured exception handler overwrites. We will look at dealing with space issues for shellcode such as egghunting and relative jumps. Then we will move onto bypassing more advanced anti-exploitation measures such as stack cookies, ASLR, DEP, etc. In addition to writing exploits from scratch we will look at public exploit code and porting it to fit our environment’s needs. We will also look at writing Metasploit modules and porting our exploits into Metasploit. Hands on labs for both Windows and Linux will be covered, exploiting real vulnerable programs. No previous programming or exploitation experience is required. Exploit skeletons will be provided for each exercise allowing students to focus on the attack string rather than programming syntax.[/vc_column_text][vc_empty_space height=”10px”][vc_custom_heading text=”Outline:” font_container=”tag:h4|text_align:left|color:%23303135″ use_theme_fonts=”yes”][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 1: Stack Based Buffer Overflow Basics” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 2: Structured Exception Handler Overwrites” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 3: Simple Fuzzing” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 4: Porting Public Exploit Code” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 5: Writing Metasploit Modules” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 6: Space Issues: Relative Jumps” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 7: Space Issues: Shellcode Splitting” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 8: Space Issues: Egghunter” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 9: Bypassing ASLR” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 10: Bypassing Data Execution Prevention” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][vc_column_text]

Prerequisites:

  • Laptop capable of running at least 2 virtual machines simultaneously.
  • Vmware product (Player, Workstation, or Fusion)
  • Kali Linux Virtual Machine: http://www.kali.org
  • No programming experience is required. Exploit skeletons will be provided for each exercise.

Students will be provided with:

  • Target virtual machines (Windows XP, Windows 7, Ubuntu, ARM). Windows virtual machines will be 30 day trials that will expire unless the student provides a license key. If possible, download details will be made available a week prior to class.
  • Detailed Slides
  • Lab Manual

[/vc_column_text][/vc_tta_section][vc_tta_section i_position=”right” i_icon_fontawesome=”fa fa-chevron-down” title=”3 Day Penetration Testing” tab_id=”1458657055383-37e894b1-b129″ add_icon=”true”][vc_column_text]

Abstract:

This course will give you hands-on experience in many facets of penetration testing. We will briefly touch on the basics of using Kali Linux as well as programming and scripting. We will study the Metasploit Framework before using it and supporting tools to simulate a penetration test against target virtual machines. Starting with information gathering, we will move through the phases of penetration testing. The class will begin with basic, easily exploitable vulnerabilities, but will also cover the latest client side issues being exploited in the wild. This course will heavily focus on post exploitation techniques such as privilege escalation, lateral movement, and pivoting. We will study advanced techniques such as bypassing anti-virus and IDS systems. The basics of developing exploits manually will be covered. We will turn our custom exploits into Metasploit modules. Finally, we will take a look at the rapidly developing field of mobile hacking. The course will finish with a live capture the flag environment where students can test what they have learned.[/vc_column_text][vc_empty_space height=”10px”][vc_custom_heading text=”Outline:” font_container=”tag:h4|text_align:left|color:%23303135″ use_theme_fonts=”yes”][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 1: Using Kali Linux” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 2: Programming” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 3: Using Metasploit” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 4: Information Gathering” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 5: Vulnerability Identification” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 6: Capturing Traffic” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 7: Exploitation” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 8: Password Attacks” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 9: Client Side Attacks” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 10: Social Engineer Toolkit” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 11: Bypassing Detection” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 12: Post Exploitation” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 13: Web Application Assessments” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 14: Wireless Attacks” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 15: Exploit Development” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 16: Developing Metasploit Modules” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 17: Mobile Attacks” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][ult_content_box bg_color=”rgba(139,138,135,0.15)” box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|” padding=”padding-top:5px;padding-bottom:2px;” hover_box_shadow=”horizontal:px|vertical:px|blur:px|spread:px|color:#f7f7f7|style:none|”][vc_custom_heading text=”Module 18: Capture the Flag” font_container=”tag:p|text_align:center|color:%23303135″ use_theme_fonts=”yes”][/ult_content_box][vc_empty_space height=”10px”][vc_column_text]

Prerequisites:

  • Laptop capable of running at least 2 virtual machines simultaneously.
  • Vmware product (Player, Workstation, or Fusion)
  • Kali Linux Virtual Machine: http://www.kali.org
  • Linux will be used extensively in this class. We will cover the basics briefly in the first module, but some prior knowledge is helpful. Likewise no prior programming knowledge is required though it will be helpful in the exploit development module. Some programming and scripting will be covered at the beginning of class.

Students will be provided with:

  • Target virtual machines (Windows XP, Windows 7, Ubuntu). Windows virtual machines will be 30 day trials that will expire unless the student provides a license key. If possible, download details will be made available a week prior to class.
  • Detailed Slides
  • Lab Manual
  • Access to an online VPN with additional targets for capture the flag. Additional online lab time will be provided after class.

[/vc_column_text][/vc_tta_section][/vc_tta_tabs][/vc_column][/vc_row]