Training
Hacking by Numbers: Bootcamp Edition
Salut à tous,
It’s that time of the year again and like every year, we’ll once again be running our ever-popular “BOOTCAMP EDITION” at the BlackHat Briefings in Las Vegas this July-August. This course is part of our established Hacking by Numbers series. BUT, this year, only the name remains the same. We are slaving away at making this course cutting edge, providing you with a hands-on hacking experience on the latest operating systems, application frameworks and programming languages utilizing the latest tools and techniques. Gone are the days of IIS 5.0, Windows XP and we truly understand that [ed: for Bootcamp, maybe… Combat certainly contains an OS older than Win95].
Cadet Training
You’ve seen the movies. You’ve seen the cooler than life characters hacking systems using obscure keyboards and operating systems that seem to float through the network, so how about now really learning how it’s done?
Hacking by Numbers, Cadet Edition is being presented at Black Hat USA this year by two super star SensePost hackers. This entry-level course will delve into the following topics:
• Understanding the hacker mind-set.
• Method based approached of understanding the penetration testing life cycle.
BlackHat Barcelona Training
Hola amigos,
We will be running our elite “Combat Training” at the BlackHat Briefings in Barcelona this March (talk lineup) and this course is the flagship of our established Hacking by Numbers series. From the first hour to the final minutes students are placed in different attacker scenarios as they race the clock to “capture the flag”. The trainers are highly skilled (as well as having the standard Southern African humour, looks, and charm) and the course is full of new hacks.
Training – lots of stuff(c)
Hey. Charl here. Lots of stuff is happening on the training front right now (ed: right now!), and I wanted to make sure everyone is aware of it.
1. New schedule published
At the start of the year we always try publish a schedule of when and where our various training courses are happening. Of course it changes a bit as the year progresses, but its a pretty good overview of where you need to be if you want to participate in one of the courses. The current 2011 schedule can be found here.
Black Hat Abu Dhabi – Full … NOT!
The bad news is that our course at Black Hat Abu Dhabi is completely full. The good news is … they’ve given us a bigger room! So if you’ve been told the course is full, or if you haven’t registered yet, please do it quickly before it fills up again.
Problems? Please contact us or mail training[at]sensepost[dot]com.
Sensepost Training in November
Our next scheduled training sessions have been planned for November. If you’re interested in attending, the dates and locations are:
1) HBN Bootcamp Edition 7-9th November, BlackHat Abu Dhabi
‘Hacking By Numbers – Bootcamp Edition‘ is our ‘introduction to hacking’ course. It is strongly method-based and emphasizes structure, approach and thinking over tools and tricks. The course is popular with beginners, who gain their first view into the world of hacking, and experts, who appreciate the sound, structured approach.
Hacking By Numbers – South Africa – September ’10
From the team that won the world’s first Soccer Hack Cup, we bring you the latest and the greatest in computer hacking training – SensePost Hacking By Numbers Extended Edition – a local course that combines two of the brand new courses we just finished presenting at Black Hat Las Vegas.
The training will be offered in Brooklyn Pretoria from 14 – 17 September 2010. Here’s how it will work:
14 – 15 September: Cadet Edition 16 – 17 September: Bootcamp Edition Ok ok ok, so Pretoria is not exactly Vegas, but the courses are fresh and updated and packed full of exciting new content, tools and techniques.
SensePost Corporate Threat(Risk) Modeler
Since joining SensePost I’ve had a chance to get down and dirty with the threat modeling tool. The original principle behind the tool, first released in 2007 at CSI NetSec, was to throw out existing threat modeling techniques (it’s really attack-focused risk) and start from scratch. It’s a good idea and the SensePost approach fits nicely between the heavily formalised models like Octave and the quick-n-dirty’s like attack trees. It allows fairly simple modeling of the organisation/system to quickly produce an exponentially larger list of possible risks and rank them.
SensePost’s Training @ Black Hat Vegas ’10 (win something)
After hearing our talk was accepted at BlackHat, we’re happy to announce that our training will be back for it’s 9th straight run. Speaking of a run, we’re going to be hosting the usual marathon of courses: cadet, bootcamp, combat, web 2.0. But, while the names remain, we’ve spent some time updating the material. In particular, bootcamp, combat & web 2.0 have been through the ringer. We’re hoping to get some detailed info on the updates out in the coming weeks.
SensePost at BlackHat USA 2010
A brief update from South Africa on some recent talks as well as the upcoming BH USA: our talk proposal has been accepted for BH USA 2010 which makes it the ninth year running that SensePost is talking in Las Vegas. One more and we qualify for free milkshakes at the Peppermill. This year we’ll be discussing caching in large scale web apps and why exposing caches to the interwebs is a Very Bad Thing. We’ll also be looking at caching services, an idea whose time should never come.