SensePost is SecureData’s independent elite consulting arm, renowned for its expertise, 19 year track record and innovation on the frontlines of cybersecurity.

With team members that include some of the world’s most preeminent cybersecurity experts, SensePost has helped governments and blue-chip companies both review and protect their information security and stay ahead of evolving threats.

SensePost is also a prolific publisher of leading research articles and tools on cybersecurity which are widely recognised and used throughout the industry and feature regularly at industry conferences including BlackHat and DefCon.

SensePost - September 2019 Public Training

Hands-On Hacking fundamentals (HHF) 9-10 September

Hands-On Hacking fundamentals is the first in a series of courses offered by SensePost, we are hackers who have been pwning, presenting talks, researching and giving training for over 18 years across the world. The course jumps straight into action by covering why vulnerabilities exist, how one would discover them and how to proceed with epic pwnage. This gets you into the mindset of a hacker and by exploiting real-world vulnerabilities yourselves, you start to see how attackers operate. This course is hands-on with practical’s that will have you extracting credentials from memory,popping shells, taking over a database servers and cracking WIFI networks. All of the exercises are based on real-world infrastructure, so you will be targeting and exploit systems found in modern networks and corporations around the world.

Please Click here to see full description of the course.

Pentesting Enterprise Infrastructure 11-12 September

Targeting and owning internal networks is as popular as it has ever been. Internal networks are attractive to attackers as they are often the least secure of a company’s infrastructure. This course mimics what attackers and criminals are doing - compromising networks and hunting down key players and information. This hands-on course looks at the methods and approaches attackers take when targeting organizations. Each student will have a fully functional network, simulating an organization, with a target rich environment geared towards hacking with no bounds. Your aim will be to think like an attacker and map out your target, find weaknesses and fully exploit trust relationships in place. Using scenarios along with presentations, this course is a healthy mix of thinking, strategies and the methodologies you might need for every step along the way. You will leave this course knowing what tools and techniques hackers use in the wild, and with a deep enough understanding to defend your organization against them

Please Click here to see full description of the course.

Web Application Hacking 16-17 September

Web applications underpin almost every facet of modern life, from transacting via online-banking, buying products from e-Commerce sites or interacting with friends on social media. As a result of its far reaching impact and the confidential data that it transports web technologies have become a lucrative target for criminals. To better understand the attacks that these criminals perform against web technologies, and thus better defend against them, it is required to have an in-depth understanding of web vulnerabilities and how they can be exploited. This course will provide students with an in-depth knowledge and practical experience to identify and exploit web application vulnerabilities, the way real attackers do. We highlight everyday attacks and provide students with an interactive lab environment to perform each attack. Students will master the techniques leveraged by real world attackers through a fast passed course in Web Application Hacking.

Please Click here to see full description of the course.

Black Ops - Master Level 18-19 September

Penetration testers and researchers have made some fantastic contributions to the InfoSec industry and we've seen how that contribution has been picked up by the underground. Whether we like to admit it or not, both ethical hackers and the underground draw inspiration from each other in their tools, techniques and methodologies. In recent years we saw the Petya ransomware exploit systems using nation-state capabilities (EternalBlue and EternalRomance), credential theft with Mimikatz and pivot across network with PsExec and WMI. At SensePost we posted a new method to obtain Macro-less code execution in MS Excel/Word and expanded Ruler with a 3rd method for code execution; Outlook homepages. Now imagine the offensive capabilities or defensive insight that can be added to your red team/blue team/hacker crew through the combination of carefully selected underground and penetration testing techniques; welcome to Black Ops Hacking – Master level.

Please Click here to see full description of the course.

Training Portal

Our training portal will be made available to all students when they attend the training. This portal allows students to register an account and gain access to the slides used and any prerequisite information we feel would help you get the best out of this course. All content for the courses, including tools required and instructions to connect to your dedicated lab environment during training will be made available via the online training portal. Access to this portal will continue after the course, allowing students to revisit slides and tools long after the training has concluded.

Student Requirements

Students should bring a laptop that is capable of running remote desktop software, has an Ethernet port available (or a USB Ethernet adapter) and a user that has administrator rights. Please do not bring any devices that contain "Corporate" information.

Contact Details

Get in touch with our sales team, use below: