BLACK HAT TRAININGS

Black Hat Trainings at Sector are available through the Black Hat Trainings website. You can find out full details, pricing, availability and registration here. If you have any questions please contact training@blackhat.com.

Please note that this list may change based on availability. Please see the Black Hat Trainings page for full details.

Two-Day Trainings

 

A Beginners Guide to Reversing with Ghidra (Virtual)

Date: November 1, 2
Presenters:
Craig Young, Tripwire
Skill Level: Beginner / Intermediate

Note: This course will be offered virtually via Zoom

Since 2019, the NSA’s software reverse engineering toolkit, Ghidra, has made powerful multi-architecture/multi-platform decompilation capabilities freely available. Join us for an introduction to Ghidra and a series of incremental challenges to build up hands-on experience. Students will learn how to navigate Ghidra, analyze binaries, and use integrated Python scripting. We’ll then shift focus to see what some common anti-reversing techniques look like when analyzed with Ghidra. Lessons will illustrate strategies for peeling back these layers of obfuscation using gradually more sophisticated examples. By the end of the class, students will be writing their own Ghidra scripts to recover encrypted data from real malware samples.

Advanced Infrastructure Hacking 2 Day (Virtual)

Date: November 1,2
Presenters:
NotSoSecure
Skill Level:
Intermediate/Advanced

Note: This course will be offered virtually via Zoom

The 2021 edition of our best selling class, brings more new, neat and ridiculous network hacks. From old-school misconfiguration issues to the very latest cutting-edge techniques and exploits against the modern network platforms, we have got it all covered. The course will cover advanced penetration techniques to achieve exploitation against these platforms:

  • Modern Operating systems (Windows, Linux)
  • Multiple Databases, Web and Application servers
  • Switches/Routers
  • Docker
  • VLANs
  • Kubernetes
  • AWS/Azure/GCP specific attacks
  • IaaS, PaaS, CaaS, SaaS and Serverless exploitation
  • VPNs

Advanced Hacking and Securing Windows Infrastructure (Virtual)

Date: November 1,2
Presenters:
Paula Januszkiewicz & Mike Jankowski-Lorek, CQURE

Note: This course will be offered virtually via Zoom

The course covers all aspects of Windows infrastructure security from the hacker’s mind perspective! Our goal is to show and teach you what kind of mechanisms are allowing you to get inside the infrastructure and how to get into operating systems. After the course, you will gain penetration tester’s knowledge and tools. And to get more practice we offer three extra weeks of labs online! We really want you to leave the class with practical, ready-to-use knowledge of how to get into the infrastructure.

Attacking and Securing APIs (Virtual)

Date: November 1, 2
Presenters:
Mohammed Aldoub (@voulnet)

NOTE: This course will be offered virtually via Zoom

This is a fully hands-on practical concentrated course on securing and attacking web and cloud APIs. APIs are everywhere nowadays: In web apps, embedded systems, enterprise apps, cloud environments and even IoT, and it is becoming increasingly necessary to learn how to defend, secure and attack API implementation and infrastructure. This training aims to engage you in creating secure modern APIs, while showing you both modern and contemporary attack vectors.

With more than 55 labs in two days, you are in for a glue-me-to-the-keyboard adventure covering:

  • Defending and attacking Web APIs (REST, GraphQL..etc)
  • Attacking and securing AWS APIs and infrastructure.
  • Launching and mitigating modern Injection attacks (SSTI, RCE, SQLi, NoSQLi, Deserialization, object injection and more)
  • Securing and attacking passwords and secrets in APIs.
  • API authentication, authorization and access control.
  • Targeting and defending API architectures (Serverless, microservices, web services & APIs)

 

Hacking and Securing Cloud Infrastructure (Virtual)

Date: November 1, 2
Presenters:
NotSoSecure

NOTE: This course will be offered virtually via Zoom

Brand new for 2020, this 2-day course cuts through the mystery of Cloud Services (including AWS, Azure, and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and knowing how to protect yourself from them is critical. This course covers both the theory as well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure. Prior pentest/security experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common Unix command-line syntax will be beneficial.

Highlights of our Training:

  • Gaining Entry in cloud via exposed services
  • Attacking specific cloud services
  • Post Exploitation
  • Defending the Cloud Environment
  • Host base Defenses
  • Auditing and benchmarking of Cloud
  • Continuous Security Testing of Cloud

 

Reverse Engineering Firmware with Ghidra (Virtual)

Date: November 1, 2
Presenter:
Eric Evenchick
Skill Level:
Beginner/Intermediate

NOTE: This course will be offered virtually via Zoom

This hands-on course teaches the concepts, tools, and techniques required to reverse engineer firmware and assess embedded devices. To ensure the tools taught are available to all, we will make use of Ghidra, a powerful open-source reverse engineering tool developed by the National Security Agency.

Within the two days, you will:

  • Learn general techniques for binary reverse engineering
  • Identify, unpack, load, and analyze various types of firmware into Ghidra
  • Use reverse engineering techniques to find exploitable vulnerabilities in an embedded Linux device
  • Map device vector tables, peripheral memory, and system calls to find exploitable vulnerabilities in a bare-metal device
  • Identify remotely exploitable vulnerabilities in a Bluetooth Low Energy device
  • Learn to use a debugger to assist in reverse engineering

Labs attacking an embedded Linux system and a bare-metal Bluetooth Low Energy device will be used to deliver a hands-on experience. You can expect to leave this course with the skills to reverse firmware for a variety of embedded targets.

Four-Day Training Courses

A Complete Practical Approach To Malware Analysis And Memory Forensics - 2021 Edition (Virtual)

Date: October 30 – Nov 2
Presenters:
: Monnappa & Sajan Shetty
Skill Level:
All

NOTE: This course will be offered virtually via Zoom

This 4-day hands-on training teaches the concepts, tools, and techniques to analyze, investigate, and hunt malwares by combining two powerful techniques malware analysis and memory forensics. This course will introduce attendees to the basics of malware analysis, reverse engineering, Windows internals, and memory forensics. It then gradually progresses deep into more advanced concepts of malware analysis & memory forensics. Attendees will learn to perform static, dynamic, code, and memory analysis. To make the training completely practical, it consists of scenario-based hands-on labs after each module, which involves analyzing real-world malware samples and investigating malware infected memory images (crimeware, APT malware, Fileless Malware, Rootkits, etc.). This hands-on training is designed to help attendees gain a better understanding of the subject in a short span of time. Throughout the course, the attendees will learn the latest techniques used by the adversaries to compromise and persist on the system. In addition to that, it also covers various code injection, hooking, and rootkit techniques used by the adversaries to bypass forensic tools and security products. During the training, you will also gain an understanding of how to integrate malware analysis and memory forensics techniques into a custom sandbox to automate the analysis of malicious code. After taking this course, attendees will be better equipped with the skills to analyze, investigate, hunt, and respond to malware-related incidents.

Whether you are a beginner interested in learning malware analysis and memory forensics from scratch or an experienced professional who would like to enhance your existing skills to perform a forensic investigation or threat hunting, this training will help you accomplish your goals.

Note: Students will be provided with malware samples, malware-infected memory images, course material, lab solution manual, video demos, custom scripts, and Linux VM.