Próximos cursos de NotSoSecure en Black Hat USA 2020

cursos-blackhat-usa-2020.jpg

Como en cada edición de las Black Hat USA, NotSeSecure, empresa del Grupo Claranet especializada en servicios y formación en Ciberseguridad, formará parte del panel de proveedores de formación de alto nivel en hacking ético del congreso. La próxima edición, que se celebrará del 1 al 6 de agosto en Las Vegas, ha abierto ya las inscripciones a los cursos con precios early bird (disponibles hasta el 22 de mayo). A continuación os detallamos los cursos que NotSoSecure impartirá en el evento:

Advanced Infrastructure Hacking - 2020 Edition (2 Day)
Basic Infrastructure Hacking
Hacking and Securing Cloud Infrastructure
Web Hacking - Black Belt Edition 2020 (2 Day)
Advanced Infrastructure Hacking - 2020 Edition (2 Day)
Basic Infrastructure Hacking
Hacking and Securing Cloud Infrastructure
Web Hacking - Black Belt Edition 2020 (2 Day)
Advanced Infrastructure Hacking - 2020 Edition (4 Day)
Web Hacking - Black Belt Edition 2020 (4 Day)
Modalidad in-company

Advanced Infrastructure Hacking - 2020 Edition (2 Day)

Tracks: PenTesting, Network
Format: 2 Day Training
Skill Level: Intermediate/Advanced

The 2020 edition of our best selling class, brings more new, neat and ridiculous network hacks. From old-school misconfiguration issues to the very latest cutting-edge techniques and exploits against the modern network platforms, we have got it all covered. The course will cover advanced penetration techniques to achieve exploitation against these platforms:

  • Modern Operating systems (Windows, Linux)
  • Multiple Databases, Web and Application servers
  • Switches/Routers
  • Docker
  • VLANs
  • Kubernetes
  • AWS/Azure/GCP specific attacks
  • IaaS, PaaS, CaaS, SaaS and Serverless exploitation
  • VPNs

Note: Students will have access to a state-of-the-art Hacklab with wide variety of vulnerabilities to practice exploitation and will receive a FREE 1 month subscription after the class to allow more practice time.

Ver el programa completo

Basic Infrastructure Hacking

Tracks: PenTesting, Network
Format: 2 Day Training
Skill Level: Beginner

This is an entry-level course and is a recommended pre-requisite for our Advanced Infrastructure Hacking course. This class familiarizes the attendees with the basics of network hacking. A number of tools and techniques will be taught during the 2 days class. Attendees will be granted FREE 30 days' lab access to allow sufficient time to practice all the concepts taught during the class.

If you want to step into the world of ethical hacking/pentesting, then this is the right course for you. Attendees are encouraged to combine this class in succession with our Basic Web Hacking course, in a 4-day format for wider coverage of issues spanning both network and applications.

Ver el programa completo

Hacking and Securing Cloud Infrastructure

Tracks: PenTesting, Network
Format: 2 Day Training

Brand new for 2020, this 2-day course cuts through the mystery of Cloud Services (including AWS, Azure, and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This course covers both the theory as well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure. Prior pentest/security experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common Unix command-line syntax will be beneficial. Highlights of our Training:

  • Attacking Cloud Services
  • Gaining Entry via exposed services
  • Attacking specific cloud services
  • Post - Exploitation
  • Defending the Cloud Environment
  • Host base Defenses
  • Auditing and benchmarking of Cloud
  • Continuous Security Testing of Cloud

Ver el programa completo

Web Hacking - Black Belt Edition 2020 (2 Day)

Tracks: PenTesting, AppSec
Format: 2 Day Training

This class teaches the audience a wealth of hacking techniques to compromise modern-day web applications, APIs and associated end-points. This class focus on specific areas of appsec and on advanced vulnerability identification and exploitation techniques. The class allows attendees to learn and practice some neat, new and ridiculous hacks which affected real-life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known.

Attendees will also benefit from a state-of-art Hacklab and we will be providing FREE 30 days lab access after the class to allow attendees more practice time. Some of the highlights of the class include:

  • Modern JWT, SAML, oauth bugs
  • Core business logic issues.
  • Practical cryptographic flaws.
  • RCE via Serialisation, Object, OGNL and template injection.
  • Exploitation over DNS channels.
  • Advanced SSRF, HPP, XXE and SQLi topics.
  • Serverless exploits.
  • Web Caching issues.
  • Attack chaining and real life examples.

Ver el programa completo

Advanced Infrastructure Hacking - 2020 Edition (2 Day)

Tracks: PenTesting, Network
Format: 2 Day Training
Skill Level: Intermediate/Advanced

The 2020 edition of our best selling class, brings more new, neat and ridiculous network hacks. From old-school misconfiguration issues to the very latest cutting-edge techniques and exploits against the modern network platforms, we have got it all covered. The course will cover advanced penetration techniques to achieve exploitation against these platforms:

  • Modern Operating systems (Windows, Linux)
  • Multiple Databases, Web and Application servers
  • Switches/Routers
  • Docker
  • VLANs
  • Kubernetes
  • AWS/Azure/GCP specific attacks
  • IaaS, PaaS, CaaS, SaaS and Serverless exploitation
  • VPNs

Note: Students will have access to a state-of-the-art Hacklab with wide variety of vulnerabilities to practice exploitation and will receive a FREE 1 month subscription after the class to allow more practice time.

Ver el programa completo

Basic Infrastructure Hacking

Tracks: PenTesting, Network
Format: 2 Day Training
Skill Level: Beginner

This is an entry-level course and is a recommended pre-requisite for our Advanced Infrastructure Hacking course. This class familiarizes the attendees with the basics of network hacking. A number of tools and techniques will be taught during the 2 days class. Attendees will be granted FREE 30 days' lab access to allow sufficient time to practice all the concepts taught during the class.

If you want to step into the world of ethical hacking/pentesting, then this is the right course for you. Attendees are encouraged to combine this class in succession with our Basic Web Hacking course, in a 4-day format for wider coverage of issues spanning both network and applications.

Ver el programa completo

Hacking and Securing Cloud Infrastructure

Tracks: PenTesting, Network
Format: 2 Day Training

Brand new for 2020, this 2-day course cuts through the mystery of Cloud Services (including AWS, Azure, and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This course covers both the theory as well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure. Prior pentest/security experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common Unix command-line syntax will be beneficial. Highlights of our Training:

  • Attacking Cloud Services
  • Gaining Entry via exposed services
  • Attacking specific cloud services
  • Post - Exploitation
  • Defending the Cloud Environment
  • Host base Defenses
  • Auditing and benchmarking of Cloud
  • Continuous Security Testing of Cloud

Ver el programa completo

Web Hacking - Black Belt Edition 2020 (2 Day)

Tracks: PenTesting, AppSec
Format: 2 Day Training

This class teaches the audience a wealth of hacking techniques to compromise modern-day web applications, APIs and associated end-points. This class focus on specific areas of appsec and on advanced vulnerability identification and exploitation techniques. The class allows attendees to learn and practice some neat, new and ridiculous hacks which affected real-life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known.

Attendees will also benefit from a state-of-art Hacklab and we will be providing FREE 30 days lab access after the class to allow attendees more practice time. Some of the highlights of the class include:

  • Modern JWT, SAML, oauth bugs
  • Core business logic issues
  • Practical cryptographic flaws
  • RCE via Serialisation, Object, OGNL and template injection
  • Exploitation over DNS channels
  • Advanced SSRF, HPP, XXE and SQLi topics
  • Serverless exploits
  • Web Caching issues
  • Attack chaining and real life examples

Ver el programa completo

Advanced Infrastructure Hacking - 2020 Edition (4 Day)

Tracks: PenTesting, Network
Format: 4 Day Training
Skill Level: Intermediate/Advanced

The 2020 edition brings more new, neat and ridiculous network hacks. From old-school misconfiguration issues to the very latest cutting-edge techniques and exploits against the modern network platforms, we have got it all covered. The course will cover advanced penetration techniques to achieve exploitation against these platforms:

  • Modern Operating systems (Windows, Linux)
  • Multiple Databases, Web and Application servers
  • Switches/Routers
  • Docker
  • VLANs
  • VoIP
  • Kubernetes
  • AWS/Azure/GCP specific attacks
  • IaaS, PaaS, CaaS, SaaS and Serverless exploitation
  • VPNs

Note: Students will have access to a state-of-the-art Hacklab with a wide variety of vulnerabilities to practice exploitation and will receive a FREE 1-month subscription after the class to allow more practice time.

Ver el programa completo

Web Hacking - Black Belt Edition 2020 (4 Day)

Tracks: PenTesting, AppSec
Format: 4 Day Training

This class teaches audience a wealth of hacking techniques to compromise modern day web applications, APIs and associated end-points. This class focus on specific areas of appsec and on advanced vulnerability identification and exploitation techniques. The class allows attendees to learn and practice some neat, new and ridiculous hacks which affected real life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known. Attendees will also benefit from a state-of-art Hacklab and we will be providing FREE 30 days lab access after the class to allow attendees more practice time. Some of the highlight of the class includes:

  • Modern JWT, SAML, oauth bugs
  • Core business logic issues
  • Practical cryptographic flaws
  • RCE via Serialisation, Object, OGNL and template injection
  • Exploitation over DNS channels
  • Advanced SSRF, HPP, XXE and SQLi topics
  • Serverless exploits
  • Web Caching issues
  • Attack chaining and real life examples

Ver el programa completo

Sobre los cursos de NotSoSecure

Los cursos que ofrece NotSoSecure en las Black Hat USA y Black Hat Europe están disponibles para cualquier empresa interesada, en modalidad in-company o remoto. Si estáis interesados en el programa formativo, no dudéis en contactar con nosotros.

Solicita información

Contacta con nosotros

Habla con nuestro equipo

Para peticiones comerciales, ponte en contacto con nosotros en el 902 884 633. Te atenderemos de lunes a viernes, de 9.00 a 18.00 horas.

Si eres cliente de Claranet y buscas soporte técnico, contacta con nuestro Centro de Soporte de Soluciones en el 902 884 622.