Training Courses

DerbyCon provides customized training to con attendees for an additional charge. Our goal is to provide quality training at an affordable rate.

All training will be performed on the 24th and 25th of September, the conference is on the 26th, 27th, and 28th. Purchasing a training ticket is also an admission to the DerbyCon conference.

Two-Day Training – Cost – $1,000.00

We are sorry, all training is officially sold out :( If a class opens we’ll let you know.

Below is a list of the current trainer list. Scroll down past to see detailed descriptions.

Corelan Foundations (SOLD OUT)
Corelan Advanced (SOLD OUT)
Advanced Mobile Penetration Testing with OWASP (SOLD OUT)
Introduction to Malware Analysis (SOLD OUT)
Assessing and Exploiting Web Apps with SamuraiWTF (SOLD OUT)
Intermediate PowerShell for Security Professionals (SOLD OUT)
Wireless Essentials (SOLD OUT)
Hands on hardware hacking for complete beginners (SOLD OUT)
Red Team Testing (SOLD OUT)
Web Application Hacking: The OWASP Top 10 and Beyond (SOLD OUT)
Advanced Social Engineering Lite Edition (SOLD OUT)
So you wanna be a Pentester?! (SOLD OUT)

Corelan Foundations

Trainer(s): Lincoln

Description / Outline:

This course is geared towards those new to exploit development and will provide a fun and interactive environment to break Windows applications.

The Foundations course covers a significant portion of the popular Bootcamp class, excluding some of the more advanced topics while adding a few chapters of its own.

This course will give you a rock solid understanding of the fundamentals of exploit development for Windows. Course topics include:

• Stack Buffer Overflow Basics
o Saved Pointer Overwrites
o Structured Exception Handler (SEH) Overwrites
o Unicode Transformed Buffers
• Developing Reliable & Reusable Exploits
o Finding and avoiding bad characters
o Creative ways to deal with character set limitations
• Egg Hunters
o Custom egg-hunters
o Eggs-to-omelet
o Egg-hunters under WoW64
• Introduction to Shellcoding
• Metasploit Framework Exploit Modules

*** The class is known for “long” hours and will continue the tradition, so expect to be late :)

For a detailed outline of the course, visit this link here

Corelan Team Member “Lincoln” is a researcher, exploit developer, and senior security analyst with over 8 years industry experience.

For the past three years, he has assisted Peter Van Eeckhoutte in delivering the Corelan Bootcamp courses at Derbycon. This year for the first time, he will be delivering the Corelan Foundations course; an introduction (and beyond) to Windows exploit development. During the course, students will get “hands-on” experience working with real vulnerabilities in real applications and the techniques used to exploit them.

Corelan Advanced

Trainer(s): Peter “corelanc0d3r” Van Eeckhoutte

Description / Outline:

This painstaking and inhumane class by Peter “corelanc0d3r” Van Eeckhoutte starts where the “bootcamp” from previous editions ends. It’s heavily geared towards modern browser exploitation. Pain, suffering, and crying is assumed.

To see the full details and course requirements, visit here:

Peter Van Eeckhoutte is the founder of Corelan Team and the author of the well-known tutorials on Win32 Exploit Development Training, available at Peter has been an active member of the IT Security community for more than 10 years and has been working on exploit development since 2006. He presented at various international security conferences (Athcon, Hack In Paris, DerbyCon, ISSA Belgium) and delivered the Corelan Live Win32 Exploit Development Bootcamp at numerous places around the globe. He trained security enthusiasts & professionals from private companies, government agencies and military. Peter thinks sleep is a waste of time.

Peter is teaching an exploit dev class at Derbycon for the 4th year in a row. If you have taken the Bootcamp class before, or if you already master the “foundations” of windows exploit development and you’re ready for the next step, then this new advanced course is what you need to further deepen and sharpen your skillset.

The Corelan “ADVANCED” exploit development class is our brand new, fast-paced, mind-bending, hardcore hands-on course where you will learn advanced exploit development techniques from an experienced exploit developer, focusing on modern browser exploitation techniques.
This is most certainly not an entry level course. This painstaking and inhumane class starts where the “bootcamp” from previous editions ends. Pain, suffering, and crying is assumed.

You can find more information about the course outline here:

If you have no experience with Windows exploit development, or need a solid refresher, then the Corelan Foundations course would be perfect for you.

Advanced Mobile Penetration Testing with OWASP MOBISEC

Trainer(s): Kevin Johnson and James Jardine

Description / Outline:

In this hands-on, lab driven course students will be taught a methodology and series of techniques used to perform penetration testing of mobile devices and applications. This course, created by the project leads for the OWASP MobiSec project, uses intense lab driven learning that allows the student to learn techniques, tools and a methodology for testing mobile applications.

1. Day 1
2. Introduction
3. Mobile Applications
a. Penetration testing
b. Methodology
i. Mapping
ii. Discovery
iii. Exploitation
c. OWASP MobiSec
d. Exercise: Set up and use MobiSec
4. Testing Lab
a. Systems
i. Windows
ii. Linux
iii. Mac
b. Device OSs
i. Android
ii. iOS
iii. Windows Phone
c. Exercise: Lab Setup
5. Mapping
a. Obtaining applications
i. Source
ii. Compiled and in an app store
b. Installing apps onto test devices
i. Retrieving applications and supporting files from the device
c. Exercise: Manipulating devices and emulators
i. Android
ii. Windows Phone
iii. iOS
d. Intercepting traffic
i. Emulator methods
ii. Device methods
e. Tools
i. Fiddler
ii. Burp
iii. Mallory
iv. Exercise: Interception
1. Fiddler
2. Mallory
3. Burp
6. Discovery
a. Analyzing Application files
i. SQLlite databases
ii. Backup files
iii. Application binaries
iv. Exercise: Analyzing application files
b. Fuzzing
i. Burp Intruder
ii. Burp Repeater
iii. Fiddler
iv. Exercise: Burp Intruder and Repeater
v. SQLMap
vi. Python scripts
vii. WSFuzzer
viii. SOAPUI
ix. Exercise: WSFuzzer and SOAPUI
7. Day 2
8. Exploitation
a. SQL Injection
i. Absinthe
ii. SQLMap
iii. Exercise: SQL Injection
b. Cross-Site Scripting
i. BeEF
ii. Exercise: BeEF
c. Other Client-Side attacks
i. Client-Side SQL injection
d. Session and Wireless attacks
i. Wireless MiTM
ii. Wireless Probe Spoofing
iii. Session Hijacking
iv. Logic Attacks
v. Exercise: Session Hijacking and Logic Attacks
9. Capture the Flag
a. Flag-based challenges
b. Android
c. Windows phone
d. Back end infrastructure

Tools/Equipment needed:

Laptop with VMWare Workstation, Fusion or Player.
Wireless network card
Minimum of 4GB of RAM

Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is an instructor and author for the SANS Institute and a faculty member at IANS. He is also a contributing blogger at TheMobilityHub.

Kevin has performed a large number of trainings, briefings and presentations for both public events and internal trainings. Kevin teaches for the SANS Institute on a number of subjects. He is the author of three classes: SEC542: Web Application Penetration Testing and Ethical Hacking, SEC642: Advanced Web Application Penetration Testing and SEC571: Mobile Device Security. Kevin has also presented at a large number of conventions, meetings and industry events. Some examples of these are: DerbyCon, ShmooCon, DEFCON, Blackhat, ISACA, Infragard and ISSA.

Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.

James Jardine is a Principal Security Consultant with Secure Ideas, LLC. James has over 12 years of software development experience with over half of that focusing on application security. During his long development history, he has had the opportunity to write both large enterprise applications, thick clients, and mobile applications. He has held many roles including senior developer, software architect, and application security expert. In addition, James is an instructor and author for the SANS Institute. He is also a contributing blogger for the Secure Ideas blog, the Jardine Software blog, and the SANS Appsec blog.

James has performed a number of trainings and presentations for both public events and internal trainings. James teaches the Dev544: Secure Coding in .Net course at the SANS Institute. He is also a contributing author for that course. He has also presented on multiple webcasts, at the Kentucky ISSA InfoSec Summit, and BSides Orlando. In addition, James is the co-host of the Professionally Evil Perspective podcast and the Down the Security Rabbithole podcast.

James is also involved in the open source community. he runs a number of open source projects. These include WCSA; a security analyzer for web.config files, and EventValMod; a tool to modify event validation values in .Net. He is also a contributor to the Laudanum project; a collection of injectable web payloads.

Introduction to Malware Analysis

Trainer(s): Tyler Hudak

Description / Outline:

Due to the prevalence and business impact of malware, security professionals increasingly need the skills necessary to analyze worms, bots and trojan horses. This two day course teaches attendees the proven concepts, techniques and processes for analyzing malware. Students will take multiple “”from-the-wild”” malware samples in a hands-on environment and learn how to analyze their characteristics and behavior to determine what they do and what risk they present. The course culminates in an analysis that utilizes all of the tools and techniques that have been learned.

No previous malware analysis experience is necessary as this course is designed for those who have never performed malware analysis before.

Day 1:

– Introduction to Malware Analysis
– Setting up a Lab
– Static Analysis
– File Identification
– Hashing
– Header Analysis
– Embedded Strings Analysis
– Packers

Day 2:
– Dynamic Analysis
– System Integrity Monitoring
– System Activity Monitoring
– Baselining
– Process Analysis
– Network Analysis and Monitoring
– Sandnets and Automation
– Advanced Malware Analysis Topics
– Malware Analysis Challenge

Technical Skills: No previous experience in malware analysis is necessary as this course is designed for those who have never performed it before. High-level understanding of malware is recommended, and students must be experienced with a virtual machine (e.g. Taking snapshots, etc.)

Tools: Students will be required to bring their own laptops for the class. Laptops will need a VMWare Workstation or VirtualBox installation with an install of Windows (XP or higher) as the guest OS prior to the class. If the base OS is Windows, an installation of Cygwin may be helpful as well. All other tools will be provided.

Tyler Hudak uses his 15 years of experience to provide KoreLogic’s clients with expertise and guidance in the areas of malware analysis, incident response, and computer forensics. He has successfully led cases that have involved system compromises, malware outbreaks, data exfiltration, and denial of service attacks. Tyler has developed and runs malware analysis training courses at information security conferences and privately for KoreLogic clients. He also regularly gives presentations on a variety of security topics including malware analysis, intrusion detection and incident response.

Assessing and Exploiting Web Apps with SamuraiWTF

Trainer(s): Tim (@lanmaster53) Tomes

Description / Outline:

The official Samurai-WTF (Web Testing Framework) course provides training on the latest Samurai-WTF open source tools and the latest manual techniques to perform an end-to-end penetration test. After a quick overview of pen testing methodology, the instructor will lead students through the process of testing and exploiting web applications, including client side attacks using flaws within the application. Students will be introduced to the best open source tools currently available, and taught how these tools integrate with manual testing techniques. One of the major goals in this course is teaching students the glue that keeps all these techniques and tools together to successfully perform a pen test from beginning to end, which is overlooked in most web pen testing courses.

The majority of the course will be spent performing an instructor lead, hands-on penetration test. Students won’t be given overly simplistic steps execute independently. Instead, at each stage of the test, the instructor will present the goals that each testing task is to accomplish and perform the pen test on the projector while students do it on their own machine. Primary emphasis of these instructor lead exercises is placed on how to integrate the tools with manual testing procedures to improve the overall workflow. This experience will help students gain the confidence and knowledge necessary to perform web application assessments and expose them to the wealth of freely available, open source tools.

Day 1:
* Methodology
* Reconnaissance
* Mapping
Day 2:
* Automated Discovery
* Manual Discovery
* Exploitation

Students need:

* Laptop with at least two (2) USB ports (three ports preferred).
* Latest VMware Player, VMware Workstation, VWware Fusion installed. Other virtualization software such as Parallels or VirtualBox will probably work if the attendee is familiar with its functionality. However, VMware Player should be prepared as a backup.
* Ability to disable all security software on their laptop such as Antivirus and/or firewalls (Administrator).
* At least twenty (20) GB of hard drive space.
* At least four (4) GB of RAM.

Tim Tomes is a Senior Security Consultant and Developer for Black Hills Information Security with extensive experience in web application and network penetration testing. A veteran, Tim spent nine years as an Officer in the United States Army conducting various information security related activities. As a developer, Tim manages multiple open source projects such as the Recon-ng Framework, PeepingTom, the HoneyBadger Geolocation Framework, and PushPin. Tim shares his passion for information security by blogging at, frequently presenting at information security conferences, and occasionally teaching SEC542: Web Application Penetration Testing for the SANS Institute.

Intermediate PowerShell for Security Professionals

Trainer(s): Carlos Perez (darkoperator)

Description / Outline:

On the introduction class covered in the last 2 Derbycons we covered the basics and started to deal with the advanced parts. A brief intro will be given at the start but we will require that you are already a bit familiar with most of the basics of PowerShel to get the most out of the class. This class will focus on using PowerShell for incident response, network discovery, attack and Post-Exploitation. We will cover how to abuse the Windows API, .Net API, REST Services to modify existing tools and create your own. We will cover how to use PowerShell inside of Metasploit and standalone in post exploitation.

Recap on the basics:
Finding commands
Working with Modules and Snapin
Working with basic Types
Working with Registry
Working with WMI and CIM
Processing XML, JSON and CSV files from security tools
Windows Incident Response
Network Discovery
PowerShell and Metasploit
Post Exploitation with PowerShell
Working with none Windows Systems

Student Requirements: Windows Laptop or VM running the latests version of Windows. You must be administrator of your machine. Ability to run one or more virtual machines in addition to Windows.

Carlos Perez works as the Director of Reverse Engineering at a security vendor. He is very active in security open source community contributing to projects like Metasploit, Kali Linux and his own tools in several languages. He is also the host of Infosec Tactico Podcast and a Co-host of the Security Weekly Podcast and presents and teaches at security conferences like BSides, Hack3rcon, Derbycon and others. You can find more on him at his blog at and his GitHub

Wireless Essentials

Trainer(s): Mike Kershaw (Dragorn), Zero_Chaos, Russell Handorf

Description / Outline:

This class will cover the essentials of using Pentoo, current and emerging 802.11 wireless threats, and the wonderful world of Software Defined Radios. A completed bootstrapped curriculum that will provide new tips and tricks for the advanced, and a completely new experience to those who are just now learning about any of these topics. The class is broken into four parts so that students can come and go as they please.

(Part 1, Part 2 and Part 4)
TPLink Atheros adapter

(Part 3 and Part 4)


(Part 1, Part 2, Part 3 and Part 4)
A modern PC-based laptop (user-provided). Netbooks not recommended.
* Macbooks – VMWare Fusion, or your milage may vary.

(Part 1, Part 2, Part 3 and Part 4)


Students may bring their own additional antennas. For Wi-Fi applications, all connectors should be RP-SMA”

“A full 8 hour day is recommended for this course.

Part 1: Wireless 101
Introduction to Wi-Fi hardware, terminology, and common setups, as well as how to monitor Wi-Fi installs, WIDS/WIPS, and common risks.

Part 2: What the EAP?
Common vulnerabilities and attacking Wi-Fi systems with hands-on practice attacking WEP, WPA-PSK, WPA-EAP, and client systems.

Part 3: That’s no moon!
Wireless goes beyond 802.11 and 2.4GHz – an introduction to the world of software defined radio using the low-cost RTL-SDR device, as well as discussion about higher-end radio devices.

Part 4: Physical challenge
Find the transmitters we’ve hidden around the conference and crack the puzzles using the skills from parts 1-3″

Mike Kershaw (Dragorn) – Author of the Kismet wireless sniffer and creator of various other wireless tools and hardware, and the Chief Architect of Blackphone.

Zero_Chaos – Lead developer and maintainer of Pentoo, the best Linux distribution for penetration testing and information security research. Bans criminals from #aircrack-ng and paid training classes.

Russell Handorf – Built, owned and operated a wireless ISP for 6 years; Infosec professionally for 10 years (unprofessionally for 15); information security researcher (wireless, attacker attribution techniques, honeypots); and other things. Obviously a longer background to make up for the lack of awesomeness that is Mike and Zero_Chaos.

Hands on hardware hacking for complete beginners

Trainer(s): Kevin Bong

Description / Outline:

Many believe the next big trend in infosec will be around securing mobile devices, industrial control systems, and The Internet of Things. In this course, participants will gain an introduction to hardware hacking tools and techniques through a number of simple real-world projects, such as modifying an RFID lock to sniff RIFD tags, soldering together an RFID spoofer, and configuring a router with OpenWrt as a pentesting drop box or pocket wardriving rig. To complete these projects, students will be provided the tools and gadgets required to perform activities such as circuit analysis, debug interfacing, bus snooping, microcontroller programming, soldering, and flashing and configuring OpenWrt. Students will keep the equipment at the end of class.

Day 1 morning:
– Embedded device and industrial control system concepts
– Common electronic components and their uses
– Electronic component inspection and analysis
– Using a Multimeter and Logic Probe to analyze a circuit

Day 1 afternoon:
– Reading memory
– Communication bus protocols
– RFID Protocols
– Converting the RFID lock into an RFID sniffer

Day 2 morning:
– Circuit design concepts
– Arduino Programming
– Soldering together the RFID spoofer
– Debugging home-made circuits

Day 2 afternoon:
– OpenWrt embedded device firmware
– Serial Interfaces
– Flashing a TP-Link router
– Installing packages, creating a pentest drop box
– Configuring OpenWrt, creating a pocket wardriving rig

Students will need to bring a laptop with a USB port and a wired Ethernet interface. Students will need to be able to install software and drivers on the laptop.

The instructor will provide a variety of tools and equipment (multimeter, logic probe, soldering iron and stand, Arduino, AD2000-M RFID lock and tags, custom RFID snooper circuit board and components, wire cutter, power adapter, TL-Link Router, etc.) totaling up to $150 per student, which students will keep.

Kevin Bong is a Manager at 403 Labs focusing on information security and compliance issues faced by financial institutions. Kevin has extensive experience in audit, penetration testing, risk assessment, bank security, and computer forensics. Kevin has a BS in Computer Science and Physics from Carroll University and an MS in Information Security Engineering from the SANS Institute, and holds multiple certifications including PCI QSA, PMP and GIAC GSE. Kevin is the creator of the MiniPwner pen testing drop box and has hosted a talk or workshop at DerbyCon for the last two years. He is also an amateur astronomer, a beekeeper, and a pretty neat dad.

Red Team Testing

Trainer(s): Ian Iamit, Chris Nickerson

Description / Outline:

This is is NOT a tools course! Becoming proficient in Red Teaming is NOT something that can be taught only in a classroom. We will have multiple field exercises as well as hands-on classroom sessions.

This course will go over some of the tools and methods you MAY use in a Red Team assessment. Feel free to come up with your own styles.

* You will learn the basics of how to profile attackers and use your imagination to become one.
* Learn to act like a viable adversary of the target.
* Learn to analyze the security processes and technologies that are in place.
* Using what you observe, take advantage of what others have missed, to blend Electronic, Social and Physical security into a converged attack surface.

Course outline: TBD

Laptop with virtual machines running BackTrack and Windows (XP and above). Native OS can replace one of the VMs (i.e. a Windows OS hosting a Kali VM, or vice-versa).

Iftach Ian Amit
With over 15 years of experience in the information security industry, Iftach Ian Amit brings a mixture of Software development, OS, Network and web security to work on a daily basis. He is a frequent speaker at leading security conferences around the world (including Black Hat, DefCon, OWASP, InfoSecurity, etc…), and have published numerous articles and research material in leading print, online and broadcast media.Ian is currently serving as a Director of Services at the leading boutique security consulting company IOActive, where he leads the financial and healthcare verticals in the US, as well as the red team practice globally.

Iftach Ian is one of the founders of the Penetration Testing Execution Standard (PTES), its counterpart – the SexyDefense initiative, and a core member of the DirtySecurity crew.

Iftach Ian holds a Bachelor’s degree in Computer Science and Business Administration from the Interdisciplinary Center at Herzlya.

Chris Nickerson is a Certified Information Systems Security Professional (CISSP) whose main area of expertise is focused on information security and Social Engineering. In order to help companies better defend and protect their critical data and key information systems. He has created a blended methodology to assess, implement, and manage information security realistically and effectively.

At Lares, Chris leads a team of security consultants who conduct Security Risk Assessments, which can cover everything from penetration testing and vulnerability assessments, to policy design, computer forensics, Social Engineering, Red Team Testing and regulatory compliance. Prior to starting Lares, Chris was Director of Security Services at Alternative Technology, a Sr. Auditor for SOX compliance at KPMG, Chief Security Architect at Sprint Corporate Security, and developed an enterprise security design as network engineer for an international law firm. Chris also served in the U.S Navy.

Certified Information Systems Security Professional (CISSP)Certified Information Security Auditor (CISA)BS7799 Lead Auditor Accreditation (BS7799)NSA Infosec. Assessment Methodology (NSA IAM)Specialties: Vulnerability Assessment, Risk Assessment, Compliance, HIPAA,GLBA,PCI,SOX,17799/ 27001, Penetration Testing, Application Security Assessment, Physical Security, Social Engineering.

Web Application Hacking: The OWASP Top 10 and Beyond

Trainer(s): Scott White

Description / Outline:

Updated and back by popular demand after selling out last year!
This introductory course is tailored towards individuals that would like to gain a better understanding of web application security and the OWASP Top 10. The course is taught through student participation (learning by doing) with live hacking exercises, real world examples, and discussion. The second day will showcase real world attacks allowing students to hack into applications in more advanced scenarios to compromise data/systems by linking multiple vulnerabilities together to obtain a desired end result.

Familiarity with the HTTP protocol, networking, and basic relational database concepts. The student must have a laptop computer with wireless capabilities, FireFox web browser, and Burp Suite (free edition is fine). The operating system on the laptop does not matter.

Web Application Security Overview
OWASP Top 10 Overview
A10 – Unvalidated Redirects and Forwards
A9 – Using Components with Known Vulnerabilities
A7 – Missing Function Level Access Control
A6 – Sensitive Data Exposure
A5 – Security Misconfiguration
A4 – Insecure Direct Object References
A3 – XSS
A2 – Broken Authentication and Session Management
A1 – Injection
Securing Applications
Advanced attacks

Scott White is a Principal Security Consultant at TrustedSec and also runs the DerbyCon Capture the Flag(CTF) competition. He has presented to organizations such as OWASP, ISSA, ISACA, FBI’s Infragard, and others. He has also spoken at Defcon, and has been called upon by organizations such as the FBI and Secret Service as a subject matter expert. He is the technical reviewer for the popular book, “Metasploit: The Penetration Tester’s Guide”. He holds a bachelors degree in Computer Science and a master’s degree in Network Security. He has held various past positions in support, system administration, web development, penetration testing, and application security for both public and private sectors with clients in both government and commercial spaces. His experience includes performing web application security assessments, internal, external, and physical penetration tests, source code reviews, social engineering, and web application security training. He has assessed everything from casinos to kiosks, 911 networks to power plants, and Fortune 500 companies to state and foreign federal governments. His extensive work in penetration testing coupled with over 15 years of programming experience gives him a thorough web application security understanding from both developer and attacker viewpoints. Scott loves long walks on the beach, hugging men only, and large group hugs. He also has no control over his BIO because Dave (ReL1K) always edits it.

Advanced Social Engineering Lite Edition

Trainer(s): Chris Hadnagy, Michele Fincher

Description / Outline:

This 2-Day course will take each student through some of the core principles for a social engineer:

* DISC Profiling – learn how to profile anyone’s communication style fast
* Influence – Learn how to use the 8 principles of influence like a Jedi
* Rapport Building – there are 10 steps to building rapport with anyone fast
* Nonverbals – This light edition of the nonverbal section will cover some of the classic body language signs to look for

When the student is done with this course they will have a foundation on using the practical skills needed to be a master social engineer”

Day 1:
DISC Profiling
Rapport Principles

Day 2:
Influence VS Manipulation Continued
Nonverbal Body Language

Student Requirements:

Willingness to learn
The ability to do some evening engagements
A desire to expand your mental horizons

Chris Hadnagy Chief Human Hacker

Chris Hadnagy, aka loganWHD, is the President and CEO of Social-Engineer, Inc. He specializes in understanding the ways in which malicious attackers are able to exploit human weaknesses to obtain access to information and resources through manipulation and deceit. He has been in security and technology for over 16 years.

Chris is a graduate of Dr. Paul Ekman’s courses in Microexpressions, having passed the certification requirements with an Expert Level grade. He also has significant experience in training and educating students in non-verbal communications. He also hold certifications as an Offensive Security Certified Professional (OSCP) and an Offensive Security Wireless Professional (OSWP).

Chris has written a number of articles for local, national, and international publications and journals to include Pentest Mag,, and local and national Business Journals. In addition, he is the author of the best-selling book, Social Engineering: The Art of Human Hacking.

Chris has developed one of the web’s most successful security podcasts. The Social-Engineer.Org Podcast spends time each month analyzing an individual who must use influence and persuasion in their daily lives. By dissecting their choices and actions, we can learn to enhance our abilities. That same analysis applies to the equally-popular SEORG Newsletter. Over the years, both have become a staple in most serious security practices and are used by Fortune 500 companies around the world to educate their staff.

Chris also likes walks on the beach holding Dave Kennedy (ReL1K’s) hand. Romantic moonlit dinners with Dave, and most importantly, Bruce Hornsby. Mandolin Rain. Mmmm…. MMMMMMMMMMM.

Finally, Chris has launched a line of professional social engineering training and penetration testing services at Social-Engineer.Com. His goal is to assist companies in remaining secure by educating them on the methods used by malicious attackers. He accomplishes this by analyzing, studying, dissecting, then performing the very same attacks used during some of the most recent incidents (i.e. Sony, HB Gary, LockHeed Martin, etc), Chris is able to help companies understand their vulnerabilities, mitigate issues, and maintain appropriate levels of education and security.

Chris may be reached at, and twitter as @humanhacker and @socengineerinc.

Michele Fincher Chief Influencing Agent

Michele Fincher’s background includes training and education as well as information security, with experience in both government contracting and the private sector.

Michele graduated with academic distinction with a Bachelor of Science degree from the US Air Force Academy and also holds a Master of Science degree from Auburn University. She is a US Air Force veteran and served as a tactical communications electronics maintenance officer. After obtaining her graduate degree, she finished her USAF career as an assistant professor and National Board Certified Counselor (NBCC) at the US Air Force Academy. Her counseling duties included the assessment and treatment of the cadet population for issues ranging from study skills to post-traumatic stress disorder.

Upon separating from the Air Force, Michele worked in the semiconductor industry, where her duties included product engineering and technical support of customers and a sales force covering the western half of the United States and central and southern Europe. She went on to hold positions with a research and software development firm in support of the US Air Force Research Laboratory as well as an information security firm, conducting National Security Agency appraisals and Certification and Accreditation for federal government information systems. Finally, she has provided training and education on various technical subjects for law enforcement, the intelligence community, and the private sector in venues to include the Black Hat Briefings and Techno Security. She is a Certified Information Systems Security Professional (CISSP).

So you wanna be a Pentester?!

Trainer(s): Larry “Lawry” Spohn (@spoonman), Paul Koblitz (@ph4que)

Description / Outline:

So you’re just starting out in the Pentesting career field and want some real world training? Been pentesting for a couple years and need some brush-up training? This is the course for you! We will take you on a hands-on guided tour through a penetration test; starting with the recon phase, moving on to the targeting phase, setting up the exploitation, delivering the payload to your target, and finally, exploiting your target system. We will walk you through many of the tools that Pentesters use every day, including SET (Social Engineers Toolkit) and Metasploit by doing a real, live pentest on a vulnerable system.

We will also walk through the powerful art of Social Engineering. Learn from real world examples just how devastating this type of test can be. We will give examples of the equipment and techniques used to perform a penetration test that is successful over 90% of the time.

This course is intended for the novice and beginner pentesters that want to learn.

Day 1:

Familiarization with tools and jumping into each portion of a real pentest.

Day 2:

Re-enforcement of everything learned on Day 1 and continuation, ending with full compromise of a vulnerable system.

Required is a laptop with an up-to-date version of Kali Linux installed:

VMWare should also be installed and ensure that NATing is working, meaning that two VM machines can talk to each other. There is a free trial version of VMWare Player available:

For Windows and Linux:

For Mac:

Larry is a Senior Security Consultant at TrustedSec. He has more than 15 years of experience in the IT field and holds the OSCP, CISSP, and MSCE certifications. He is experienced in multiple operating systems, including Linux, Unix, OS X, Android, and Windows. His background in network security administration made him responsible for patch management, anti-virus administration, vulnerability management, intrusion prevention, internet gateway administration, group policy management, and Active Directory administration in several companies. This has all strengthened his ability to perform security assessments for numerous organizations and industries, including health care, education, manufacturing, banking, insurance and foreign governments. He also maintains the site for sharing knowledge with other security professionals. Larry likes cheese.

Paul is a Security Consultant at TrustedSec. He has a strong background in physical security that has directly transferred over to this career field. He has held jobs as a emergency locksmith, security system consultant, and department store loss prevention. He also has held several jobs in the IT community, including Senior NOC Technician, and Networking Technician, and Desktop Support. Paul also likes cheese.