BLACK HAT TRAININGS

Black Hat Trainings at Sector are available through the Black Hat Trainings website. You can find out full details, pricing, availability and registration here. If you have any questions please contact training@blackhat.com.

Please note that this list may change based on availability. Please see the Black Hat Trainings page for full details.

Special Offer

Save $1000 when you combine a virtual Full Conference Pass with any of the following Black Hat Trainings at SecTor! Register now with discount code ST20BHT and secure this incredible offer!

Two-Day Trainings

 

A Beginners Guide to Reversing with Ghidra

Date: October 19-20
Presenters:
Tripwire VERT
Skill Level: Intermediate

 

Since 2019, the NSA’s software reverse engineering toolkit, Ghidra, has made powerful multi-architecture/multi-platform decompilation capabilities freely available. Join us for an introduction to Ghidra and a series of incremental challenges to build up hands-on experience. Students will learn how to navigate Ghidra, analyze binaries, and use integrated Python scripting. We’ll then shift focus to see what some common anti-reversing techniques look like when analyzed with Ghidra. Lessons will illustrate strategies for peeling back these layers of obfuscation using gradually more sophisticated examples. Between each lesson, students will get access to a new collection of topical reversing challenges with the opportunity to reinforce the techniques. By the end of the class, students will be writing their own Ghidra scripts to recover encrypted data from real malware samples.

Hacking and Securing Cloud Infrastructure

Date: October 19-20
Presenters:
NotSoSecure

Brand new for 2020, this 2-day course cuts through the mystery of Cloud Services (including AWS, Azure, and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and knowing how to protect yourself from them is critical. This course covers both the theory as well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure. Prior pentest/security experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common Unix command-line syntax will be beneficial.

Highlights of our Training:

  • Gaining Entry in cloud via exposed services
  • Attacking specific cloud services
  • Post Exploitation
  • Defending the Cloud Environment
  • Host base Defenses
  • Auditing and benchmarking of Cloud
  • Continuous Security Testing of Cloud

System Forensics and Incident Handling

Date: October 19-20
Presenters:
Paula Januszkiewicz (CEO of CQURE)

The training focuses on detecting, responding, and resolving computer security incidents and covers the following security techniques. You will learn about the steps of the incident handling process, detecting malicious applications and network activity. Moreover, we will cover common attack techniques that compromise hosts, detecting and analyzing system and network vulnerabilities, continuous process improvement by discovering the root causes of incidents.

Four-Day Training Courses

Advanced Infrastructure Hacking - 2020 Edition (4 Day)

Date: October 17-20
Presenters:
NotSoSecure
Skill Level:
Intermediate/Advanced

The 2020 edition of our best selling class, brings more new, neat and ridiculous network hacks. From old-school misconfiguration issues to the very latest cutting-edge techniques and exploits against the modern network platforms, we have got it all covered. The course will cover advanced penetration techniques to achieve exploitation against these platforms:

  • Modern Operating systems (Windows, Linux)
  • Multiple Databases, Web and Application servers
  • Switches/Routers
  • Docker
  • VLANs
  • Kubernetes
  • AWS/Azure/GCP specific attacks
  • IaaS, PaaS, CaaS, SaaS and Serverless exploitation
  • VPNs

Note: Students will have access to a state-of-the-art Hacklab with a wide variety of vulnerabilities to practice exploitation and will receive a FREE 1 month subscription after the class to allow more practice time.