Basic Web Hacking - 2019 Edition
Oct
8
to Oct 9

Basic Web Hacking - 2019 Edition

Presenter: 

Track: Basic Web Hacking - 2019

Format: 2 Day Training

This intensive hands-on training gives you the most important thing when it comes to malware traffic analysis: the experience and knowledge of understanding malware behaviors on the network. Heavily hands-on, this training will give you the experience and methodology to recognize malicious connections, how to distinguish normal from malicious behaviors, how to recognize anomalous patterns, and how to deal with large amounts of traffic. 


The most important lesson of the training is not about how to use the tools. The goal is to transmit the experience of recognizing the malicious actions of malware in the network. Specifically how malware hides, how to recognize the encryption, how to analyze the web patterns and how to discard false connections. You will execute your own malware and learn to think like the adversary. The participants should leave with the knowledge to do a good analysis of network traffic to recognize malicious behaviors.

View Event →
Basic Infrastructure Hacking - 2019 Edition
Oct
8
to Oct 9

Basic Infrastructure Hacking - 2019 Edition

Presenter: shubham mittal

Tracks: PenTesting, Human

Format: 2 Day Training

This Offensive OSINT training program focuses on a wide range of tools and techniques for performing real-world reconnaissance in order to launch targeted attacks against modern infrastructures.

We will take a deep-dive into various methodologies for extracting useful information from the internet. Furthermore, we will cover how this extracted information can be used in attack scenarios and social engineering campaigns to get initial foothold in multiple ways within an organisation's network and further exploit it to gain elevated access. Topics like Mapping the Attack Surface, Enriching Collected Data, Tech Stack Enumeration, Cloud Recon, Employee Profiling, Credential Spraying, Compromising Federation Server, Exploiting Domain Trust, Practical Social Engineering, Watering Hole Attack, Post Exploitation and much more will be covered.

This 2 day course takes a hands-on approach to indulge the participants into real time scenarios, simulated lab environment and case studies in order to get a comprehensive understanding of the techniques and methodology. Each participant will also be provided ONE MONTH FREE ACCESS to our Private Lab mimicking the modern age infrastructure, as well as decoy accounts and organization's social presence, where they can practise the skills learnt during the course.

View Event →
A Practical Approach To Malware Analysis And Memory Forensics - 2019 Edition
Oct
8
to Oct 9

A Practical Approach To Malware Analysis And Memory Forensics - 2019 Edition

Presenter: monnappa & sajan shetty

Tracks:  Malware,  Forensics

Format: 2 Day Training

This hands-on training teaches the concepts, tools, and techniques to analyze, investigate and hunt malwares by combining two powerful techniques malware analysis and memory forensics. This course will introduce attendees to basics of malware analysis, reverse engineering, Windows internals and memory forensics, it then gradually progresses deep into more advanced concepts of malware analysis & memory forensics. Attendees will learn to perform static, dynamic, code and memory analysis. This course consists of scenario-based hands-on labs after each module which involves analyzing real-world malware samples and infected memory images (Crimeware, APT malware, Fileless malware, Rootkit etc). This hands-on training is designed to help attendees gain a better understanding of the subject in a short span. Throughout the course, the attendees will learn the latest techniques used by the adversaries to compromise and persist on the system. The training also demonstrates how to integrate the malware analysis and forensics techniques into a custom sandbox to automate the analysis of malicious code. After taking this course attendees will be better equipped with the skills to analyze, investigate and respond to malware-related incidents.

View Event →
Advanced Infrastructure Hacking - 2019 Edition
Oct
8
to Oct 9

Advanced Infrastructure Hacking - 2019 Edition

Presenter: notsosecure

Tracks:  PenTesting,  Network

Format: 2 Day Training

Our best-selling class, Advanced Infrastructure Hacking (AIH), returns to BH Asia. The 2019 edition brings more new, neat and ridiculous network hacks. From old-school misconfiguration issues to the very latest cutting-edge techniques and exploits against the modern network platforms, we have got it all covered. The course will cover advanced penetration techniques to achieve exploitation against these platforms:

  • Modern Operating systems (Windows, Linux)

  • Multiple Databases, Web and Application servers

  • Switches/Routers

  • Docker

  • VLANs

  • VoIP

  • Kubernetes

  • AWS/Azure/GCP specific attacks

  • VPNs


Note: Students will have access to a state-of-the-art Hacklab with wide variety of vulnerabilities to practice exploitation and will receive a FREE 1 month subscription after the class to allow more practice time 

View Event →