Available trainings

- Introduction to Cryptography - by Sam Bowne - REGISTER
- Enterprise Penetration Testing Methods by Rod Soto - REGISTER
- Analyzing IoT Empire - by Michael Schloh von Bennewitz  - REGISTER
- Open Source intelligence for Pentesters - by Shubham Mittal - REGISTER
- Binary Ninja BootCamp - by Josh Watson - REGISTER


Enterprise Penetration Testing Methods By Rod Soto

During this comprehensive course, tools and methodologies that are used during penetration tests in enterprise network/application environments will be detailed.The course will utilize a lab environment for a hands-on instruction of manual penetration testing methods, in addition to training for use of exploitation frameworks, such as Metasploit. 

Focus will be geared towards methodology, processes, vectors, tools, and techniques used for exploitation. By the end of the course, the student will have an in-depth understanding of the underlying principals of network/application exploitation and will have gained experience in the successful execution of attacks.

‍Minimum Course Requirements:
Bring a Laptop with: 4 GB of RAM at Minimum and Quad-Core Processor at Minimum Ability to Run Virtual Machines
Understanding of Basic Networking Concepts
Basic Linux Comprehension

Target Audience:
This seminar is geared towards those seeking to enter the information security industry while also enriching those who seek to develop the skills and experience necessary to succeed as a penetration tester (for fun and for profit).

Rod Soto has over 15 years of experience in information technology and security.  He has spoken at ISSA, ISC2, OWASP, RSA, DerbyCon,BlackHat, DEFCON, Hackmiami, Bsides and also been featured in Rolling Stone Magazine, Pentest Magazine, Univision and CNN. Rod Soto was the winner of the 2012 BlackHat Las vegas CTF  competition and is the founder and lead developer of the Kommand && KonTroll/ NOQRTRCTF competitive hacking Tournament series.He has also architected and co-develop military cyber ranges.


Analyzing IoT Empire - Michael Schloh von Bennewitz 

The dual nature (build and attack) of 'Analyzing an IoT Empire' uniquely offers security enthusiasts and penetration testers alike, the ability to understand how to assess and exploit the security of consumer and industrial smart devices in a variety of contexts including: 

* Health functions (temperature, blood pressure, heart rate) * Entertainment 
(storage and control of entertainment media) * Logistics transport (IVI, auto control, public transportation) 
* Resource management (water and energy consumption abatement) * Physical security (entry control, heating, alarm systems) 
* Applied agriculture (drone control, water distribution) * Retail support (customer loyalty, point of sales) 
* Nighttime safety (light and movement detection) * Modern automotive (IVI and CAN Bus control) To achieve this, 
we study generic embedded topics: * MCU/MPU control * Sensors and actuators * Telemetry and telecommand * 
Serial connectivity (I2C, SPI, UART, JTAG/SWD) * Transports (802.3, 802.11, 802.15.4, Bluetooth Smart) 
* Protocols (MQTT, AMQP, CoAP, IoTivity) 

We use a comprehensive toolset from the Kali suite as well as some unique USB connected oscilloscopes for logic analysis and arbitrary waveform generation. * Mirai Botnet Dyn Attack We will additionally model a IP webcam system in order to understand the recent DoS attack, as well as create a baby phone or similar device and consider defense strategy. 

Who should take this course? 
Anyone tasked with understanding IoT relevant transports (802.3, 802.11, 802.15.4, Bluetooth Smart) and modern 
network protocols (MQTT, AMQP, CoAP) benefit the most from 'Analyzing an IoT Empire.' 

This includes: Security enthusiasts Professional analysts Embedded developers Penetration testers Student 
Requirements Participants are required to know little beforehand about embedded engineering or IoT security. 
We program using C, C++, Python and JavaScript. Competence is not required because we will simply copy and paste existing source code, a few dozen lines at a time.

What to bring?
What Students Should Bring Students must bring a portable computer with two free USB type-A sockets and administrative control (root or similar login.) 
Computers with unlocked UEFI/BIOS interfaces are recommended, and bringing a telephone or similar portable devices with a modern Bluetooth (>4.0) stack is optional but recommended. Additionally, feel welcome to bring any device you feel represents an 'embedded' platform that interests you or your
workshop neighbors. We'll take it in consideration and see how to build and defend a system based on it. What Students Will be Provided With A relevant subset (probably about half) of the following devices will be loaned to students for the duration of the course: 

Raspberry Pi 2/3 Beaglebone Black Tessel2 (with modules) 
FRDM-KL25Z devkit 
FRDM-K64F devkit 
nRF51 BTLE kit Live USB drives 
PCB shield assemblies CC2650 
SensorTag Estimote beacons Blesh beacons Faux smartcams 
Ubertooth One LAN Taps Oscilloscopes 

Bonus Chapters 

Time permitting, we may attack RF and CAN systems, simulating passive data theft and considering defense strategy. Take Home Tools A number of custom built devices (like firmware analyzers and serial scanning tools) 
are free to take home and keep for further study including: Bus Pirate LAN Tap Crypto Wallet Microcontroller

Michael Schloh von Bennewitz is a computer scientist specializing in network engineering, embedded systems analysis, and hardware secure development. Responsible for research, development, and maintenance of packages in several community software repositories, he actively contributes to the Opensource development community. A prolific speaker in four fluent languages, Michael presents at technical meetings every year. He teaches security
workshops on Internet of Things and Embedded Computing technology, travelling with a mobile laboratory of over 300 sensors, actuators, and computer devices. Michael's IoT knowledge profits from years of work at telecoms and 
relationships with industry leaders. He is a Black Hat trainer, Intel innovator, Samsung partner, and Mozilla committer with the mandate to promote IoT technology.

Open Source intelligence for Pentesters - Shubham Mittal

Overview of the Course:

Reconnaissance is the very first phase of any Risk Assessment Exercise, 
which is often underrated by many security professionals and investigators.
Every pentester’s arsenal should, therefore, include Open Source Intelligence (OSINT) and active reconnaissance for effective assessments.

This research-backed training not only talks about using OSINT to extract data but also focuses on the significance of this data and how it could be directly used in offensive security. 

This instructor-led fast-paced covers a wide range of OSINT techniques for finding, collecting and correlating publicly available information related to the target, be it a person, company, email, domain or an IP Address. This Extracted information will be further used for launching targeted and effective attacks.

The training will cover topics like unconventional search engines, Social Media Intelligence (SOCMINT), automated data mining, metadata extraction, data-dump harvesting, breach monitoring, Tor and much more. Utilizing a variety of such techniques along with freely available tools and services like DataSploit, Maltego, Foca, etc. as well as tailored scripts, participants will perform real-life attack scenarios. Training will not only cover these topics but will also go in-depth on how OSINT techniques can be chained together and even a small piece of information can lead to the catastrophic results for an organization.
Free 1 Month Private Lab Access will also be provided to each participant where they can practice the skills learned during the course.

The training program will cover the following topics:

Organization Profiling and Scoping

Mapping the Exhaustive Attack Surface

Whois & Reverse Whois, ASN ID, IP Lookups, Allocated IP Range Extraction

Advance Subdomain Enumeration

Custom Search Engines (beyond Google)

Identifying Sensitive information from Code Aggregators and Public Disclosures/Forums

Spraying OSINT data over Organization Assets

Attacking Assets with Spidering and Metadata Extraction

Email correlation Account identification and User Profiling

Intelligent and Comprehensive Brute Force Attacks

Writing custom Module for DATASPLOIT

Automating Dorking and Pattern Matching

Attacking Domain IP History

Automating the ‘Walkthrough Public Dumps’.

Monitoring and Alerting for Attacks / Competitive Espionage

Online Anonymity

What Students Will Be Provided With:

Student Pack which contains

Slide deck and OSINT CheatSheet

Important Tools and custom Scripts

Code Skeletons

Custom OSINT Browser

Vagrant Configs - To create instant OSINT Machine(s).

Answers to challenges (covered during the training program)

1 Month Free Lab Access.

Shubham Mittal is an active Information Security researcher with 6+ years of experience in offensive/defensive security, with interests in OSINT. He has spoken/trained/presented at multiple conferences including Black Hat, DEFCON, NullCon, c0c0n, and IETF. He is the author of OSINT Framework - DataSploit (listed in Top Ten Security Tools of 2016) and is core organizer of @Recon Village which runs @DEFCON and other security conferences. He works from the command line, uses vi and loves beer. 


Binary Ninja BootCamp - Josh Watson

This comprehensive one-day course will introduce both novice and advanced reverse engineers to the powerful features of Binary Ninja, a relatively new binary analysis tool. Students will hit the ground running with a fast paced comprehensive overview of Binary Ninja’s user interface before diving directly into the defining features of the tool: the Binary Ninja Intermediate Languages, or BNIL. We will cover both the Low Level IL and Medium Level IL and why they are both superior to native disassembly for  program analysis. From there, we will work in-depth with the Python API and explore how to develop plugins to serve as force multipliers in students’ analysis tasks; this will include techniques that are relatively unknown, such as automating creation of types and structures. Finally, students will work with the various patching methods available in Binary Ninja, including the embedded Shellcode C Compiler, to develop both exploits and shellcode payloads from within Binary Ninja. Further advanced topics may be covered if time permits.

Minimum course requirements
This training is tailored for those interested in reverse engineering with at least a basic familiarity with an assembly language, particularly x86/x64 or ARM. Additionally, some level of competence in Python is expected. Basic knowledge of C/C++ will also be helpful.

Students are also expected to bring a laptop with the following requirements:
- 25GB disk space
- USB port (or a USB-C to USB-A adapter)
- VMWare Player or VMWare Fusion installed

What will be provided?

A USB drive containing the slide deck and all example scripts and binaries
A voucher for a free copy of Binary Ninja Personal edition (which can also be upgraded to Commercial at a pro-rated price)
Josh Watson is a Senior Security Engineer at Trail of Bits and an active member of the Binary Ninja community. He has published numerous articles about reverse engineering with the Binary Ninja APIs and released several open source plugins and tools. Due to his intimate knowledge of its features and API, he is often confused for a Binary Ninja developer.


Introduction to Cryptography - Sam Bowne,Elizabeth Biddlecome,Dylan James

Learn essential cryptographic methods and attacks in a fun, CTF-style hands-on format.  Topics include: Binary and Modular Arithmetic, XOR, Subtitution, AES, RSA, quantum computation, quantum-resistant cryptography, and blockchains including Bitcoin, Ethereum, Hyperledger, Stellar, and Multichain.

No prior experience in cryptography or programming is required for the easier challenges, but the more advanced ones will challenge participants who are experienced in algebra, number theory, programming, or quantum mechanics.  For most challenges any computer will suffice, but some of them require you to use VMware or rent a Linux cloud server.

Minimun course requirements
Students are also expected to bring a laptop with the following requirements: 
- 4GB RAM 
- VMWare Player or VMWare Fusion installed

Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEFCON, HOPE, B-Sides SF, B-Sides LV, BayThreat, LayerOne, Toorcon, and many other schools and conferences.

Elizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals, and a part-time instructor at City College San Francisco.   She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs.  Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.

Dylan James Smith has assisted Sam Bowne with classes as a tutor and TA and at hands-on workshops at DEF CON, RSA, B-Sides LV and other conferences. He has worked in and around the computer support and network administration industries since adolescence. Now he’s old(er.) Currently tearing things apart and putting them back together and seeking opportunities to practice and teach "the cybers".