Attack Research utilizes a very hands on approach to teaching by having the students spend 50% of class time performing practical exercises in a lab environment designed to simulate real world enterprise networks. This type of class structure has been a proven success in retention of skills learned and student engagement. Our unique lab environments are replicas of the types of production networks that students will encounter in the real world. The lab environments range from a Windows and Unix interdependent network with services such as NFS, SMB, and Active Directory to a Windows web hosting environment.

Class Pricing
Classes at various cons set their own pricing structure. For on-site classes they are as follows:

  • Early Bird (4+ Months Out): $2,500 USD per student
  • Regular Rate (2-4 Months Out): $2,700 USD per student
  • Last Minute (1-2 Months Out): $3,000 USD per student

Please feel free to contact us at: for more information.

Offensive Techniques

Offensive Techniques offers students the opportunity to learn real offensive cyber operation techniques. The focus is on recon, target profiling and modeling, and exploitation of trust relationships. The class will teach students how to break into computers without using exploits and non-traditional techniques which follow closely what advanced adversaries do rather than compliance based penetration testing.
Notify me when offered!

Rapid Reverse Engineering

Rapid Reverse Engineering is a must now days with APT style attacks and advanced adversaries. This class combines deep reverse engineering subjects with basic rapid triage techniques to provide students with a broad capability when performing malware analysis. This course will take the student from 0-60, focusing on learning the tools and key techniques of the trade for rapidly reverse engineering files. Students will understand how to rapidly assess all types of files in a rapid manner.
Notify me when offered!

Tactical Exploitation

Penetration testing often focuses on individual vulnerabilities and services, but the quickest ways to exploit are often hands on and brute force. This two-day course introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using a combination of new tools and lesser-known techniques, attendees will learn how hackers compromise systems witho1ut depending on standard exploits. The class alternates between lectures and hands-on testing, providing attendees with an opportunity to try the techniques discussed.
Notify me when offered!

Enterprise Incident Response

Enterprise Incident Response is a multidisciplinary approach to understanding the methodologies, techniques, and tools for both offensive and defensive security. This course introduces a tactical approach for instrumenting, alerting, and responding for enterprises. Using a combination of new tools, and uncommon techniques students will learn how to defend a network against today's evolving threats. Real world attacks concentrate heavily on a number of methodologies including; compromising systems without depending upon standard exploits, Personal Security Product (PSP) evasion, unique stealth approaches, persistence mechanisms, and varying degrees of collection strategies. Attendees will learn how real attackers use these strategies and how to detect, alert, respond, and defend against these techniques.

Featured at BlackHat as Tactical Incident Response!
Notify me when offered!

Operational Post Exploitation

What to do after a successful penetration into a target including introducing vulnerabilities rather than backdoors for persistence. This class covers data acquisition, persistence, stealth, password management on many different operating systems and scenarios.
Notify me when offered!

Attacking Windows

Attacking Windows is Attack Research's unique approach to actually securing Windows. Students will become proficient in attacking Windows systems, learning the commands that are available to help move around systems and data, and examining and employing logging and detection. It will also cover authentication mechanisms, password storage and cracking, tokens, and the domain model. Once finished with this course, students will have a foundation on how attack models on Windows actually happen and how to secure against them.
Notify me when offered!

Attacking Unix

Attacking Unix is Attack Research's unique approach to actually securing Unix. Students will become proficient in attacking Unix systems, focusing mostly on Linux, Solaris and FreeBSD. SSH, Kerberos, kernel modules, file sharing, privilege escalation, home directories, and logging all will be covered in depth. Once finished with this course, students will have a foundation on how attack models on Unix actually happen and how to secure against them.
Notify me when offered!

Web Application Exploitation

The web is one of the most prevalent vectors of choice when attacking targets because websites reside outside the firewall. This course will teach the basics in SQL injection, CGI exploits, content management systems, PHP, asp, and other backdoors, and the mechanics of exploiting web servers.
Notify me when offered!

Secure Coding

This course combines a deep understanding of secure coding practices through practical knowledge and experience. AR utilizes offensive knowledge and techniques to teach defensive coding practices. This class establishes some best practices for secure coding and evolves into practical examples and exercises. The training dives into the mechanisms of C/C++, shell scripting, and Android to help students gain the concepts and knowledge of secure coding. Students will also gain real world experience in the labs that are based upon true vulnerabilities found in the wild. This class is tailored for customers developing on a POSIX based platform and C/C++.
Notify me when offered!