Training

Available trainings

- Introduction to Cryptography - by Sam Bowne - REGISTER
- Enterprise Penetration Testing Methods by Rod Soto - REGISTER
- Binary Ninja BootCamp - by Josh Watson - REGISTER


 


Enterprise Penetration Testing Methods By Rod Soto

During this comprehensive course, tools and methodologies that are used during penetration tests in enterprise network/application environments will be detailed.The course will utilize a lab environment for a hands-on instruction of manual penetration testing methods, in addition to training for use of exploitation frameworks, such as Metasploit. 

Focus will be geared towards methodology, processes, vectors, tools, and techniques used for exploitation. By the end of the course, the student will have an in-depth understanding of the underlying principals of network/application exploitation and will have gained experience in the successful execution of attacks.

‍Minimum Course Requirements:
Bring a Laptop with: 4 GB of RAM at Minimum and Quad-Core Processor at Minimum Ability to Run Virtual Machines
Understanding of Basic Networking Concepts
Basic Linux Comprehension

Target Audience:
This seminar is geared towards those seeking to enter the information security industry while also enriching those who seek to develop the skills and experience necessary to succeed as a penetration tester (for fun and for profit).

Bio
Rod Soto has over 15 years of experience in information technology and security.  He has spoken at ISSA, ISC2, OWASP, RSA, DerbyCon,BlackHat, DEFCON, Hackmiami, Bsides and also been featured in Rolling Stone Magazine, Pentest Magazine, Univision and CNN. Rod Soto was the winner of the 2012 BlackHat Las vegas CTF  competition and is the founder and lead developer of the Kommand && KonTroll/ NOQRTRCTF competitive hacking Tournament series.He has also architected and co-develop military cyber ranges.

REGISTER FOR TRAINING



Binary Ninja BootCamp - Josh Watson
REGISTER FOR TRAINING

This comprehensive one-day course will introduce both novice and advanced reverse engineers to the powerful features of Binary Ninja, a relatively new binary analysis tool. Students will hit the ground running with a fast paced comprehensive overview of Binary Ninja’s user interface before diving directly into the defining features of the tool: the Binary Ninja Intermediate Languages, or BNIL. We will cover both the Low Level IL and Medium Level IL and why they are both superior to native disassembly for  program analysis. From there, we will work in-depth with the Python API and explore how to develop plugins to serve as force multipliers in students’ analysis tasks; this will include techniques that are relatively unknown, such as automating creation of types and structures. Finally, students will work with the various patching methods available in Binary Ninja, including the embedded Shellcode C Compiler, to develop both exploits and shellcode payloads from within Binary Ninja. Further advanced topics may be covered if time permits.

Minimum course requirements
This training is tailored for those interested in reverse engineering with at least a basic familiarity with an assembly language, particularly x86/x64 or ARM. Additionally, some level of competence in Python is expected. Basic knowledge of C/C++ will also be helpful.

Students are also expected to bring a laptop with the following requirements:
- 4GB RAM
- 25GB disk space
- USB port (or a USB-C to USB-A adapter)
- VMWare Player or VMWare Fusion installed

What will be provided?

A USB drive containing the slide deck and all example scripts and binaries
A voucher for a free copy of Binary Ninja Personal edition (which can also be upgraded to Commercial at a pro-rated price)
Bio
Josh Watson is a Senior Security Engineer at Trail of Bits and an active member of the Binary Ninja community. He has published numerous articles about reverse engineering with the Binary Ninja APIs and released several open source plugins and tools. Due to his intimate knowledge of its features and API, he is often confused for a Binary Ninja developer.

REGISTER FOR TRAINING




Introduction to Cryptography - Sam Bowne,Elizabeth Biddlecome,Dylan James
REGISTER FOR TRAINING

Learn essential cryptographic methods and attacks in a fun, CTF-style hands-on format.  Topics include: Binary and Modular Arithmetic, XOR, Subtitution, AES, RSA, quantum computation, quantum-resistant cryptography, and blockchains including Bitcoin, Ethereum, Hyperledger, Stellar, and Multichain.

No prior experience in cryptography or programming is required for the easier challenges, but the more advanced ones will challenge participants who are experienced in algebra, number theory, programming, or quantum mechanics.  For most challenges any computer will suffice, but some of them require you to use VMware or rent a Linux cloud server.

Minimun course requirements
Students are also expected to bring a laptop with the following requirements: 
- 4GB RAM 
- VMWare Player or VMWare Fusion installed

Bio
Sam Bowne has been teaching computer networking and security classes at City College San Francisco since 2000. He has given talks and hands-on trainings at DEFCON, HOPE, B-Sides SF, B-Sides LV, BayThreat, LayerOne, Toorcon, and many other schools and conferences.

Elizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals, and a part-time instructor at City College San Francisco.   She leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs.  Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.

Dylan James Smith has assisted Sam Bowne with classes as a tutor and TA and at hands-on workshops at DEF CON, RSA, B-Sides LV and other conferences. He has worked in and around the computer support and network administration industries since adolescence. Now he’s old(er.) Currently tearing things apart and putting them back together and seeking opportunities to practice and teach "the cybers".
REGISTER FOR TRAINING