Training Courses « DerbyCon : Louisville, Kentucky

Training Courses

Welcome to the DerbyCon 2013 Training page. From here you will see a breakdown of all of the training events that you can register for. Training costs $1,000 per course and also includes the ticket admission.

Training will be two days running from the morning on the September 25th and wrapping up at night on the 26th. Training is for a full two days prior to the conference. Training costs $1,000 and includes admission to the conference. Please note that there is a non refund policy. If you purchase a ticket and need a refund, you will need to sell your spot.

–> CAUTION: Under no circumstances will training be refunded. Once you bought a ticket, you have a ticket.

To purchase training, click the link below on the course you want, and below the course you will see a “BUY NOW” ($1000)

Jump to the training you want to view:

Intro to Powershell for Professionals
Corelan Live – Win32 Exploit Development Bootcamp
Foundstone’s Ultimate Hacking: Human
Attacking and Securing Mobile Devices
Learn to be a Penetration Tester
Tap That – An Introduction to Hacking Hardware
Red Team Testing
Web Application Hacking: OWASP and Beyond
Hardware Hacking with Joe Grand
Exploit Mobile with OWASP
Introduction to Malware Analysis
WiFi Hacking (with Mister_X)

Below is a list of training available training and descriptions!

Course Name: Introduction to PowerShell for Security Professionals

============================================
Trainer: Carlos “Darkoperator” Perez
============================================
Course Description: One of the biggest challenges for many IT Security Professionals is having enough time and resources to get their job done and work with large numbers of hosts and data to get their job done. PowerShell is becoming one of the best ways to automate tasks and interact with Windows systems from security professionals securing systems, doing incident response and for penetration tester performing post exploitation or attacks against systems. The course will cover:

Using help and builtin documentation
Understating PowerShell Cmdlets
PowerShell in post-exploitation thru a shell
PowerShell Remoting
Using PowerShell with WMI
Working with Processes
Manipulating EventLogs
Manipulating Registry
Manipulating Services
Writing BruteForce Scripts and much more.

Basic scripting knowledge in other languages is recommended but not required. A Windows 7 or better system is required with the latest version of PowerShell installed will be required to follow the exercises shown in the class.

Those that signup for the class will also get a digital copy of the material for the Automating Metasploit Framework class.
============================================

Student Requirements: Basic scripting knowledge in other languages is recommended but not required. A Windows 7 or better system is required with the latest version of PowerShell installed will be required to follow the exercises shown in the class.
As part of the class students will get for free the material of the class Automating the Metasploit Framework in digital format.

============================================

BIO: Carlos Perez also known as Darkoperator has worked for many years in the area of IT Infrastructure and Security helping clients around the world to design, build and secure their IT infrastructures. He is better known for being one of the hosts of Pauldotcom Security Weekly podcast, Pauldotcom Español, Community Developer to the Metasploit Framework project and author of several Open Source security tools in various languages ranging from Ruby, Python, Bash and PowerShell. He is currently working as the Director of Reverse Engineering for a security vendor developing new features for existing products.

Purchase Intro to PowerShell below:

Course Name: Corelan Live – Win32 Exploit Development Bootcamp

============================================
Trainer: Peter “corelanc0d3r” Van Eeckhoutte
============================================
Course Description: For the third year in a row, Peter Van Eeckhoutte will teach the Corelan training class on exploit development at Derbycon. The Corelan Live training is a unique opportunity to learn basic & more advanced exploitation techniques for the Win32 platform in true Bootcamp style. Prepare for a very long first day and exhausting second day.

This hardcore hands-on course will provide students with solid understanding of current Win32 (stack based) exploitation techniques and memory protection bypass techniques. During the course, we will explain and demonstrate techniques and mechanics, but we also want to make sure you understand why a given technique is used, why the technique works and why something it doesn’t work. We believe it is important to explain the basics of buffer overflows and exploit writing, but this is most certainly not “your average” entry level course. In fact, this is one of the finest and most advanced courses you will find on Win32 stack based exploit development. More information about the course can be found here:https://www.corelan-training.com/index.php/training/corelan-live/

If you are still in doubt whether you should enroll for this training or not, check out what former students have to say about the training :https://www.corelan-training.com/index.php/testimonials/

Keep in mind that this is your only chance to take this class at a conference in the US, in 2013.

============================================
Student Requirements : see https://www.corelan-training.com/index.php/training/corelan-live/
============================================
BIO: Peter “corelanc0d3r” Van Eeckhoutte is the founder of Corelan Team and the co-author of numerous tutorials on Win32 Exploit Development. Peter has been an active member of the IT Security community for more than 10 years and has been working on exploit development since 2006.

Purchase CoreLan Live below:

Course Name: Foundstone’s Ultimate Hacking: Human

============================================
Trainer:
============================================
Course Description: The amount and impact of social engineering attacks increases exponentially every year. As with any other attack vector, hackers are trying to the weakest link (people) to steal data and compromise business systems. This class provides the knowledge to think like an attacker and assess the security of a your organization before they do. In a classroom setting, Ultimate Hacking Human instructors will teach the students the skills needed through demonstration, labs and lecture.

What You Will Learn

• Security considerations unique to the “people” aspects of risk
• Setting up an environment to perform social engineering tests
• Thorough knowledge of common and advanced human vulnerabilities, including trust and ego issues and psychological weaknesses
• Discussion and/or usage of social engineering penetration testing tools such as the Social Engineer Toolkit (SET), Katana, Teensy and many more
• Simple techniques to help educate management on the real risks of social engineering
Who Should Take This Class
Corporate security personnel, auditors and consultants concerned with personal and physical security should take this course. Basic social skills are required for the course to be fully beneficial. Familiarity with social engineering will be helpful.
Highlights
• Exploit and defend against social engineering attacks
• Learn tools and techniques to conduct thorough social engineering penetration tests
Duration
Two days
Student Takeaways
• Courseware and workbook
• Certificate of completion
• McAfee Foundstone backpack
• McAfee Foundstone notepad, pen, and highlighter
• An assortment of physical security testing tools, such as the Teensy ++ and lock picking set
Exercises

All topics are supported by hands-on exercises specifically designed to increase knowledge retention. Classroom exercises provide the basic hands-on experience needed to understand the social engineering threat landscape.

============================================
Student Requirements: Foundstone will provide all student equipment and courseware necessary for these courses.
============================================
BIO: Various instructors will deliver the trainings and regularly deliver consulting engagements in the service line associated with their respective classes. All lead instructors will be either the service line leaders and/or class stewards.

Purchase Human Hacking course below:

Course Name: Attacking and Securing Mobile Devices

============================================
Trainer: Georgia Weidman
============================================
Course Description: As smartphones take over the workplace, and customers begin deploying smartphone applications as frequently as traditional web applications, it falls to security professionals to integrate these new technologies into penetration testing. How will your organization fair when the smartphone apocalypse arrives? In this course we will study in-depth the techniques used by hackers to exploit mobile phone platforms and applications. We will look at smartphone jailbreaks/roots and real malicious code samples seen in the wild. We will look analyze smartphone apps, using open source tools and manual skills to detect potential attacks and vulnerabilities. Additionally, we will look at real world examples of smartphone apps with vulnerabilities exploitable by attackers. We will cover hands-on exercises exploiting real smartphone platforms and applications. After brushing up on the offensive side, we will switch gears and discuss available methods of defending smartphones in the workplace against the myriad attack vectors. We will look at using the same methods used by attackers for evil, for good to defend smartphone devices and the sensitive data they access. In this course we will use several open source tools for assessing smartphones such as the instructors own Smartphone Pentesting Framework.

Module 1: Smartphone Security Overview

Security policies of various platforms

Strengths/weaknesses of various approaches

Overview of threats to smartphone security

▪ malicious apps

▪ jailbreaking/rooting

▪ social engineering

▪ inability to update

Module 2: A Brief History of Mobile Hacks

Roots/jailbreaks for smartphone

Malicious applications

Mobile botnets

▪ traditional botnets in the mobile world

▪ mobile specific command and control (SMS based etc.) • Interesting malware payloads/post exploitation seen in the wild

Module 3: Penetration Testing Mobile Platforms

Using the Smartphone Pentest Framework

Assessing the security of mobile platforms

▪ remote attacks

▪ client side attacks

▪ local attacks

▪ social engineering

▪ physical access attacks

Hunting for new vulnerabilities in smartphone platforms

Exploit development for smartphone devices

Module 3: Mobile Malware Analysis

Reversing application code samples

Dynamic analysis

Static analysis

manual analysis

Module 4: Penetration Testing Mobile Applications

Unique smartphone app vulnerabilities

Exploiting common issues in custom apps

Bug hunting in custom smartphone apps

Module 5: Developing Secure Mobile Apps

Handling data securely ▪ storage

▪ transmission

Permissions/accessing potentially dangerous methods

Avoiding common issues

Module 6: Securing Devices in the Enterprise

Dealing with Bring Your Own Device

Enterprise smartphone policy and enforcement

On device enforcement solutions

Mobile Device Management Techniques

============================================
Student Requirements: TBA
============================================
BIO: Georgia Weidman is a penetration tester, security researcher, and trainer. She holds a Master of Science degree in computer science, secure software engineering, and information security as well as holding CISSP, CEH, NIST 4011, and OSCP certifications. Her work in the field of smartphone exploitation has been featured in print and on television internationally. She has presented her research at conferences around the world including Shmoocon, Hacker Halted, Security Zone, and Bsides. Georgia has delivered highly technical security training for conferences, schools, and corporate clients to excellent reviews. Building on her experience, Georgia recently founded Bulb Security LLC a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security.

Course Name: Learn to be a Penetration Tester

============================================
Trainers: Larry Spohn (spoonman), Chris Hodges (g11tch)
============================================
Course Description: Ever wanted to learn how to hack into systems and penetrate a network? Well this is the class for you! We will start off from the very basics, establishing fundamental methodologies around penetration testing, the identification of exposures, and how to leverage a repeatable methodology for penetration testing. The course assumes that you have dabbled a little bit in penetration testing, or haven’t performed a penetration test before. We will start from the absolute basics! Show you how to identify exposures, how to hack into systems, and jump start your career as a penetration tester. We will be leveraging the Penetration Testing Execution Standard (PTES) as a foundation for the course and walking through each phase of a penetration test and how to perform each step. Simulated environments will be provided to students as a real live penetration test. At the end of the course you’ll have a chance to perform your very first penetration test!
============================================
Student Requirements: A laptop loaded with the latest Back|Track version. Preferable to update all of your software beforehand however Internet access will be provided in case you need to update on the spot. In addition, a virtualization technology such as VMWare with appropriate NATing working (VM machines can communicate with one another).
============================================
BIO: TBA

Purchase Learn to be a Penetration Tester below:

Course Name: Tap That – An Introduction to Hacking Hardware

============================================
Trainers: Josh Thomas – Accuvant LABS Applied Research and Kevin Finisterre – Accuvant LABS Applied Research
============================================
Course Description: Find yourself hardware curious but clueless on where to start? Realizing that your “hack all the things” motto is “full of fail” when it comes to JTAG? Want a custom purple GoodFet? Come learn how to hack hardware, solder, analyze logic and JTAG the crap out of random objects. You know you want to spend 2 days in hands on labs walking through an example hardware gig.

This training will guide students through basic hardware hacking from:
* Setting up a home lab
* EE basics
* Soldering techniques
* JTAG basics with the GoodFet
* Firmware Analysis
* Logic Analysis
* Defeating Hardware Protections

Outline of the Training (hourly breakdown)

-=Day 1: The Basics=-

Hours 0-1 -> How to build a home hardware hacking lab (what you need to get dirty and where in china to pick it up)
Hours 1-2 -> from n00b to EE in an hour (what you really need to know before picking up an iron)
< bio break />
Hours 2-3 -> Hands on with hardware lab 1 (taking it apart and understanding the components / learning to google for docs)
Hours 3-4 -> WTF is JTAG? / What is a GoodFet( and why does Travis love to hate us)?

< Lunch /> -> try not to eat lead solder.

Hours 4-5 -> Hands on with hardware lab 2 (tapping the components to a GoodFet and dumping the code / learn to solder!)
Hours 5-6 -> Ok, we have a nice blob of stuff… what do we do now?
< bio break />
Hours 6-7 -> Hands on with hardware lab 3 (Connecting the Logic Analyzer and looking around)
Hours 7-8 -> Wrapping up the hands on labs and finishing intro information…

< Drink /> – Try no to drink molten lead solder

-=Day 2: Slightly more Advanced=-

(Day 2 will cover anything that slipped from day one + questions)

Hours 1-4 -> Soldering and reworking techniques AKA How to:
pop a chip with chipquick or hot-air
bridge a trace
break a connection
pull up / pull down lines
solder through hole & surface mount
(Sort of an open lab jacking the board we RE’d on day one)

< Lunch /> -> try not to eat lead solder.

Hours 5-8 -> JTAG and Logic Analysis techniques AKA How to:
defeat very simple hardware protection
just know WTF you are looking at

============================================
Student Requirements: An interest in hardware, a Laptop with a USB port.
============================================
BIO: Josh Thomas – Accuvant LABS Applied Research and Kevin Finisterre – Accuvant LABS Applied Research

Purchase the hardware hacking course below:

Course Name: Red Team Testing

============================================
Trainers: Ian Amit and Chris Nickerson
============================================
Course Description: Red Team testing is the pinnacle of security simulations. It is the most accurate and realistic scenario an organization can use to see how it really fares up against a real-world attacker, without taking the risk of an actual breach or loss. Red Team testing requires skill sets that far exceed a standard penetration test, and provides a much greater value on top of one.

In this training, you will learn how Red Team (or full scope) testing works, how to create a methodology for using a red team test not just as a one-off “see how I got in” case, but as a repeatable test with metrics and actionable results.

We will go through all elements of a red team test, from planning and scoping, intelligence gathering, target selection, vulnerability analysis, risk analysis, exploitation and execution, resource usage and ad-hoc agent deployment, post-exploitation, documentation and recording of evidence, damage analysis, and reporting.

The training includes hands-on exercises where participants will practice electronic intelligence gathering and profiling, lock-picking, social engineering, and end to end attack scenario planning. This experience, along with the methodological analysis of how to assess an organization, will enable participants to more accurately assess, measure, and report on security flaws not only in information system, but in organizations in general. Based on the red-team engagements organizations can more accurately and efficiently focus their defensive efforts in a way that can be proven to work.

Finally, the training will cover the elements of risk management that would be relevant for both the engagement planning (attack simulations) as well as the reporting. This crucial part is often overlooked when technical tests are conducted on information systems, thus lacking context and actionable plans for the tested organization.

Participants will walk out with a fresh view on security, and the ability to plan, and participate in red-team tests effectively.

============================================
Who should attend:
============================================

From penetration testers who want to take a step up into more realistic testing (Attack Modeling and Attack Simulation) through security professionals working in offense and defense who would like to expand their knowledge and scope to managers who want to be able to expand their risk management practice more effectively. While this training can be technical at some points, it is not a “tools” training, and the classes are usually very heterogeneous. This is NOT a Metasploit class. This class is about learning to THINK like an attacker and how to see “the other side.”

============================================
Student Requirements:
At least two years of experience in the security industry is highly recommended. Familiarity with general purpose hacking and security tools is recommended but not strictly required.

Laptop with Windows & Linux on it (a VM with an additional OS is highly recommended as some tools run on Linux and some on Windows).
============================================
Ian BIO: With over 15 years of experience in the information security industry, Iftach Ian Amit brings a mixture of Software development, OS, Network and web security to work on a daily basis. He is a frequent speaker at leading security conferences around the world (including BlackHat, DefCon, OWASP, InfoSecurity, etc…), and have published numerous articles and research material in leading print, online and broadcast media.

Ian is currently serving at IOActive.

Chris BIO: Christopher “Tiger Team” Nickerson, the British soldier, was one of the most decorated World War II soldiers. Nickerson loved fighting, drinking, and doing both at the same time. He would drink for hours in between missions and would then challenge every man in the bar to a fight. On the battlefield it was a different story. He single-handedly rescued a
squadron by lifting the wounded one-by-one into his Jeep before destroying Nazi gunners in a nearby farmhouse. Nickerson once attacked a commanding officer who gave orders that killed 130 of Nickerson’s men. Most would have been court-martialed, but the British Army quickly remembered that he had pioneered drunkenly driving a Jeep into enemy airfields with guns blazing. He had destroyed over 100 enemy aircraft by himself using this method and no one thought it sound to disturb Mr. Nickerson.

Click below to purchase the Red Teaming course:

Course Name: Web Application Hacking: The OWASP Top 10 and Beyond

============================================
Title: Web Application Hacking: OWASP Top 10 and Beyond
============================================
Trainer: Scott White
============================================
Course Description:
Updated and back by popular demand after selling out last year!

This introductory course is tailored towards individuals that would like to gain a better understanding of web application security and the OWASP Top 10. The course is taught through student participation (learning by doing) with live hacking exercises, real world examples, and discussion. The second day will showcase real world attacks allowing students to hack into applications in more advanced scenarios to compromise data/systems by linking multiple vulnerabilities together to obtain a desired end result.
============================================
Student Requirements:
Familiarity with the HTTP protocol, networking, and basic relational database concepts. The student must have a laptop computer with wireless capabilities, FireFox web browser, and Burp Suite (free edition is fine). The operating system on the laptop does not matter.

Desired Experience:
Experience with a programming language, web server administration and configuration, and local proxy use.
============================================
BIO:
Scott White is a Principal Security Consultant at TrustedSec and also runs the DerbyCon Capture the Flag(CTF) competition. He has presented to organizations such as OWASP, ISSA, ISACA, FBI’s Infragard, and others. He has also spoken at Defcon, and has been called upon by organizations such as the FBI and Secret Service as a subject matter expert. He is the technical reviewer for the popular book, “Metasploit: The Penetration Tester’s Guide”. He holds a bachelors degree in Computer Science and a master’s degree in Network Security. He has held various past positions in support, system administration, web development, penetration testing, and application security for both public and private sectors with clients in both government and commercial spaces. His experience includes performing web application security assessments, internal, external, and physical penetration tests, source code reviews, social engineering, and web application security training. He has assessed everything from casinos to kiosks, 911 networks to power plants, and Fortune 500 companies to state and foreign federal governments. His extensive work in penetration testing coupled with over 15 years of programming experience gives him a thorough web application security understanding from both developer and attacker viewpoints.
============================================

Purchase the OWASP training below:

Course Name: Hands-On Hardware Hacking and Reverse Engineering

============================================
Trainers: Joe Grand
============================================
Course Description: This course focuses on teaching board-level hardware hacking and reverse engineering techniques and skills. It is a combination of lecture and hands-on exercises covering the hardware hacking process, proper use of tools and test measurement equipment, circuit board analysis and modification, embedded security, and common hardware attack vectors. The course concludes with a final hardware hacking challenge in which students must apply what they’ve learned in the course to defeat the security mechanism of a custom circuit board. No prior electronics experience is required.

Outline of the Training (hourly breakdown): http://grandideastudio.com/wp-content/uploads/hh_training_agenda_2day.pdf

Provided to the students:

- Electronics and test measurement tools, including a soldering iron, multimeter, digital oscilloscope, and device programmer
– Safety equipment
– Custom hardware hacking training circuit boards (one for each student to keep)
– All other hardware tools, components, and circuitry necessary for the course

============================================
Student Requirements: Students should bring their own laptop running Windows (or equivalent virtual machine) and containing a functional USB interface. The laptop will be used for online research and to control test equipment. Software and drivers may need to be installed.
============================================
BIO: Joe Grand was born as a hacker. In a time when tinkering with computers and electronics was a guarantee for ridicule and torment, Joe (formerly known as Kingpin) pushed back to forge his own path – figuring out how to make free telephone calls as a 7-year-old in 1982, helping set the standard for modern computer security vulnerability research and disclosure with the infamous hacker group L0pht Heavy Industries, bringing engineering to the masses on Discovery Channel’s Prototype This, and running his own product design firm, Grand Idea Studio (www.grandideastudio.com). Joe has spent nearly twenty years discovering finding security flaws in hardware devices and has been teaching hardware hacking to engineers and computer security researchers since 2005.

To purchase the hardware hacking course with Joe Grand:

Course Name: Assessing and Exploiting Mobile Applications with OWASP MobiSec

============================================
Trainers: Kevin Johnson and James Jardine
============================================
Course Description: In this hands-on, lab driven course students will be taught a methodology and series of techniques used to perform penetration testing of mobile devices and applications. This course, created by the project leads for the OWASP MobiSec project, uses intense lab driven learning that allows the student to learn techniques, tools and a methodology for testing mobile applications.

Outline of the Training (hourly breakdown)
1. Day 1
2. Introduction
3. Mobile Applications
a. Penetration testing
b. Methodology
i. Mapping
ii. Discovery
iii. Exploitation
c. OWASP MobiSec
d. Exercise: Set up and use MobiSec
4. Testing Lab
a. Systems
i. Windows
ii. Linux
iii. Mac
b. Device OSs
i. Android
ii. iOS
iii. Windows Phone
c. Exercise: Lab Setup
5. Mapping
a. Obtaining applications
i. Source
ii. Compiled and in an app store
b. Installing apps onto test devices
i. Retrieving applications and supporting files from the device
c. Exercise: Manipulating devices and emulators
i. Android
ii. Windows Phone
iii. iOS
d. Intercepting traffic
i. Emulator methods
ii. Device methods
e. Tools
i. Fiddler
ii. Burp
iii. Mallory
iv. Exercise: Interception
1. Fiddler
2. Mallory
3. Burp
6. Discovery
a. Analyzing Application files
i. SQLlite databases
ii. Backup files
iii. Application binaries
iv. Exercise: Analyzing application files
b. Fuzzing
i. Burp Intruder
ii. Burp Repeater
iii. Fiddler
iv. Exercise: Burp Intruder and Repeater
v. SQLMap
vi. Python scripts
vii. WSFuzzer
viii. SOAPUI
ix. Exercise: WSFuzzer and SOAPUI
7. Day 2
8. Exploitation
a. SQL Injection
i. Absinthe
ii. SQLMap
iii. Exercise: SQL Injection
b. Cross-Site Scripting
i. BeEF
ii. Exercise: BeEF
c. Other Client-Side attacks
i. Client-Side SQL injection
d. Session and Wireless attacks
i. Wireless MiTM
ii. Wireless Probe Spoofing
iii. Session Hijacking
iv. Logic Attacks
v. Exercise: Session Hijacking and Logic Attacks
9. Capture the Flag
a. Flag-based challenges
b. Android
c. Windows phone
d. Back end infrastructure

============================================
Student Requirements: Laptop with 4-8GB of RAM, 500GB of space and a wireless NIC.
============================================
BIO: Kevin Johnson
Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is an instructor and author for the SANS Institute and a faculty member at IANS. He is also a contributing blogger at TheMobilityHub.

Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.

James Jardine
James Jardine is a Principal Security Consultant with Secure Ideas, LLC. James has over 12 years of software development experience with over half of that focusing on application security. During his long development history, he has had the opportunity to write both large enterprise applications, thick clients, and mobile applications. He has held many roles including senior developer, software architect, and application security expert. In addition, James is an instructor and author for the SANS Institute. He is also a contributing blogger for the Secure Ideas blog, the Jardine Software blog, and the SANS Appsec blog.

James has performed a number of trainings and presentations for both public events and internal trainings. James teaches the Dev544: Secure Coding in .Net course at the SANS Institute. He is also a contributing author for that course. James will also be teaching a mobile security course that he co-authored at BlackHat USA 2013. He has also presented on multiple webcasts, at the Kentucky ISSA InfoSec Summit, and BSides Orlando. In addition, James is the co-host of the Professionally Evil Perspective podcast.

James is also involved in the open source community. he runs a number of open source projects. These include WCSA; a security analyzer for web.config files, and EventValMod; a tool to modify event validation values in .Net. He is also a contributor to the Laudanum project; a collection of injectable web payloads.

To purchase the mobile OWASP course below:

Course Name: Introduction to Malware Analysis

============================================
Trainers: Tyler Hudak
============================================
Course Description: Due to the prevalence and business impact of malware, security professionals increasingly need the skills necessary to analyze worms, bots and trojan horses. This two day course teaches attendees the proven concepts, techniques and processes for analyzing malware. Students will take multiple “from-the-wild” malware samples in a hands-on environment and learn how to analyze their characteristics and behavior to determine what they do and what risk they present. The course culminates in an analysis that utilizes all of the tools and techniques that have been learned.

No previous malware analysis experience is necessary as this course is designed for those who have never performed malware analysis before.

Outline of the Training (hourly breakdown)
Day 1:

- Introduction to Malware Analysis
- Setting up a Lab
- Static Analysis
– File Identification
– Hashing
– Header Analysis
– Embedded Strings Analysis
- Packers

Day 2:
- Dynamic Analysis
– System Integrity Monitoring
– System Activity Monitoring
– Baselining
- Process Analysis
- Network Analysis and Monitoring
- Sandnets and Automation
- Advanced Malware Analysis Topics
- Malware Analysis Challenge

============================================
Student Requirements:

Technical Skills: No previous experience in malware analysis is necessary as this course is designed for those who have never performed it before. High-level understanding of malware is recommended, and students must be experienced with a virtual machine (e.g. Taking snapshots, etc.)

Tools: Students will be required to bring their own laptops for the class. Laptops will need a VMWare Workstation or VirtualBox installation with an install of Windows (XP or higher) as the guest OS prior to the class. If the base OS is Windows, an installation of Cygwin may be helpful as well. All other tools will be provided.
============================================
BIO: Tyler Hudak BIO TBA.

Click below to purchase the Malware Analysis Course:

Course Name: Assessing and Exploiting Mobile Applications with OWASP MobiSec

Kevin has performed a large number of trainings, briefings and presentations for both public events and internal trainings. Kevin teaches for the SANS Institute on a number of subjects. He is the author of three classes: SEC542: Web Application Penetration Testing and Ethical Hacking, SEC642: Advanced Web Application Penetration Testing and SEC571: Mobile Device Security. Kevin has also presented at a large number of conventions, meetings and industry events. Some examples of these are: DerbyCon, ShmooCon, DEFCON, Blackhat, ISACA, Infragard and ISSA.

Kevin is also very involved in the open source community. He runs a number of open source projects. These include SamuraiWTF; a web pen-testing environment, Laudanum; a collection of injectable web payloads, Yokoso; an infrastructure fingerprinting project and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.

James Jardine
James Jardine is a Principal Security Consultant with Secure Ideas, LLC. James has over 12 years of software development experience with over half of that focusing on application security. During his long development history, he has had the opportunity to write both large enterprise applications, thick clients, and mobile applications. He has held many roles including senior developer, software architect, and application security expert. In addition, James is an instructor and author for the SANS Institute. He is also a contributing blogger for the Secure Ideas blog, the Jardine Software blog, and the SANS Appsec blog.

James has performed a number of trainings and presentations for both public events and internal trainings. James teaches the Dev544: Secure Coding in .Net course at the SANS Institute. He is also a contributing author for that course. James will also be teaching a mobile security course that he co-authored at BlackHat USA 2013. He has also presented on multiple webcasts, at the Kentucky ISSA InfoSec Summit, and BSides Orlando. In addition, James is the co-host of the Professionally Evil Perspective podcast.

To purchase the mobile OWASP course below:

Course Name: WiFi Hacking (with MisterX)

============================================
Trainers: Thomas d’Otreppe de Bouvette aka “Mister X” (Aircrack-NG)
============================================
Course Description: This course is broken out into 2 parts:
The first portion is theory about wireless network, how they work, their structures and wireless frames.
The second one is hands on where you will learn how to use Aircrack-ng, Wireshark and other (wireless) tools.

The course will covers topics including:
- WiFi network structure
- The different wireless frames
- How WiFi network work (at the frame level)
- Basic antenna theory
- Using the different Aircrack-ng tools
- Cracking WEP and WPA networks
- Generating custom dictionaries for WPA cracking
- Packet analysis using Wireshark (understanding what’s wrong or what’s going on)
- Wireless reconnaissance

At the end of this class, you will have an understanding of WiFi network (from the big picture to the frame level), will be able to do wireless penetration test/audit as well as choose the right hardware for the job (card/antenna) and also secure wireless networks.

============================================
Student Requirements:

- Be comfortable using the command line on Linux
- Have basic Wireshark knowledge
- Have basic Linux knowledge

Tools/Equipment needed:

- A laptop with Kali (latest version) running natively (installed or as a Live CD/USB) or as a virtual machine. If you are going to virtualize it, Virtualbox is not recommended because its USB driver is highly unstable. VMware Player (v5+) / Workstation (v9+) / Fusion (v5+) are recommended.
- An Alfa AWUS036H

Target Audience:

Penetration testers, wireless security researchers, IT folks who wants to learn WiFi security or anyone interested in WiFi security.

============================================
BIO: Thomas d’Otreppe “Mister X” is a wifi hacker and the author of Aircrack-ng, a Wi-Fi auditing suite as well as OpenWIPS-ng, an open source WiFi Intrusion Prevention System.
He has designed Offensive-Security WiFu, a proactive wireless security course, with Mati Aharoni (muts) and also contributes to BackTrack Linux.
He works as a software developer for MainNerve.

Twitter: @aircrackng @openwipsng

Click below to purchase the Wifi Hacking:

Training Courses « DerbyCon – 3.0 September 25-29th, 2013