Attack Research utilizes a very hands on approach to teaching by having the students spend 50% of class time performing practical exercises in a lab environment designed to simulate real world enterprise networks. This type of class structure has been a proven success in retention of skills learned and student engagement. Our unique lab environments are replicas of the types of production networks that students will encounter in the real world. The lab environments range from a Windows and Unix interdependent network with services such as NFS, SMB, and Active Directory to a Windows web hosting environment.
Offensive TechniquesOffensive Techniques offers students the opportunity to learn real offensive cyber operation techniques. The focus is on recon, target profiling and modeling, and exploitation of trust relationships. The class will teach students how to break into computers without using exploits and non-traditional techniques which follow closely what advanced adversaries do rather than compliance based penetration testing. | Apr. 16-17, 2013 @ Source Boston, Boston, MA Signup @ Source Boston Sept. 26-27, 2013 @ Brucon 2013, Gent, Belgium Nov. 4-6, 2013 @ Countermeasure 2013, Ottawa, Canada Signup @ Countermeasure 2013 |
Rapid Reverse EngineeringRapid Reverse Engineering is a must now days with APT style attacks and advanced adversaries. This class combines deep reverse engineering subjects with basic rapid triage techniques to provide students with a broad capability when performing malware analysis. This course will take the student from 0-60, focusing on learning the tools and key techniques of the trade for rapidly reverse engineering files. Students will understand how to rapidly assess all types of files in a rapid manner.Rapid Reverse Engineering Course Description | Apr. 25-26, 2013 @ Attack Research/Trail of Bits, New York City, NY Signup @ Trail of Bits Nov. 4-6, 2013 @ Countermeasure 2013, Ottawa, Canada Signup @ Countermeasure 2013 |
Operational Post ExploitationWhat to do after a successful penetration into a target including introducing vulnerabilities rather than backdoors for persistence. This class covers data acquisition, persistence, stealth, password management on many different operating systems and scenarios.This is going to be a unique class. As mobile devices are becoming more and more prevalent we will be incorporating this concept into this class. Each student will be getting a Nexus 7 that will be incorporated for use in the class! | May 21-22, 2013 @ Attack Research Headquaters, White Rock, NM Signup |
Attacking WindowsAttacking Windows is Attack Research's unique approach to actually securing Windows. Students will become proficient in attacking Windows systems, learning the commands that are available to help move around systems and data, and examining and employing logging and detection. It will also cover authentication mechanisms, password storage and cracking, tokens, and the domain model. Once finished with this course, students will have a foundation on how attack models on Windows actually happen and how to secure against them. | Notify me when offered! |
Attacking UnixAttacking Unix is Attack Research's unique approach to actually securing Unix. Students will become proficient in attacking Unix systems, focusing mostly on Linux, Solaris and FreeBSD. SSH, Kerberos, kernel modules, file sharing, privilege escalation, home directories, and logging all will be covered in depth. Once finished with this course, students will have a foundation on how attack models on Unix actually happen and how to secure against them. | Notify me when offered! |
Website ExploitationThe web is one of the most prevalent vectors of choice when attacking targets because websites reside outside the firewall. This course will teach the basics in SQL injection, CGI exploits, content management systems, PHP, asp, and other backdoors, and the mechanics of exploiting web servers. | Notify me when offered! |
MetaPhishingMetaPhishing is a class designed to teach the black arts for targeted phishing operations, file format reverse engineering & infection, and non-attributable command and control systems. Once completed with this class students will have a solid foundation for all situations of phishing. | Notify me when offered! |
Basic Exploit DevelopmentIn order to use the tools one must have an understanding of the basics of how they work. This module will cover the step by step basics, tools, and methods for doing buffer/heap overflows on windows and unix. | Notify me when offered! |
Advanced ExploitationReliable exploitation on Vista and Windows 7 systems requires advanced techniques such as heap layout manipulation, return oriented programming and ASLR information leaks. In addition, robust exploitation necessitates repairing the heap and continuing execution without crashing the process. This course focuses on teaching the principles behind these advanced techniques and will give the students hands-on experience developing real-world exploits. | Notify me when offered! |