Cutting-edge Hacking
Techniques - Ninja Edition
What to bring?
Just bring your laptop. All necessary
equipment will be provided including wired/wireless network connection,
tools and utilities.
Computer attackers continue the relentless march in improving
their tools and techniques. The simple scanning of yesteryear
has given way to powerful suites of bundled, automated scanning
and exploitation tools. Straightforward backdoors have evolved
into powerful kernel-mode RootKits, manipulating the very hearts
of our systems. Covert channels exfiltrate sensitive information
and hash collision attacks are rapidly advancing, with your
systems in the cross hairs. In all of these trends, thorough
reconnaissance and deep subterfuge dominate the attackers' game.
If we don't keep up with their latest methods, our overall
defenses and incident response practices will grow rusty. To
help fight back, this action-packed four-day course describes
these latest attack trends and what you can do to thwart the bad
guys.
This course is more detailed and hands-on oriented of our
popular Cutting-edge Hacking Techniques course. It will provide you with up-to-date knowledge on
the latest hackers techniques and protection technologies. In addition to detailed descriptions of how the attacks
function, you'll get hands-on experience with the tools and
their defenses.
Sample topics include:
- Advanced network
reconnaissance including stealth scans and identification of
services running on non-standard ports
- Enumerating information
from Windows hosts
- Late-breaking Nmap features
- hands-on
- Assessing and Penetrating
Windows® & Unix® networks and hosts
- Linking Windows and Unix
vulnerabilities for maximum impact
- New Metasploit modules,
including the Meterpreter and SAM Juicer – hands-on
- Rolling together recon,
scanning, and exploitation with BiDiBLAH
- New Google search
techniques for finding vulnerable systems
- IPS Fingerprinting
- Virtual Machine Detection
- Recent application-mode, user-mode and
kernel-mode RootKits for Windows and UNIX, including Hacker
Defender and Nushu
- Compilation and test of
malicious Linux® Kernel Modules
- Client-side Attacks
- Layer 2 attacks via STP,
DTP, and CDP with Yersinia
- Monitoring switched
networks using arp spoofing and other techniques
- The dangers and detection
of covert channels are explored using ICMP, UDP, TCP and HTTP
protocols
- SQL hacking methodologies
- Buffer Overflow - hands on!
- Securing Windows & Unix
hosts
- Advanced UNIX®
configuration techniques
- Techniques attackers use to
steal a million credit cards, and how to stop them
Hands-on include:
- Evolution
- Nmap
- Xprobe
- Hping2
- Nessus
- Metasploit
- BiDiBLAH
- Ettercap
- Whireshark
- Tcpdump
- Snort
- and many more...!
What Do I Get?
You get more than just knowledge of the latest hacker tricks
and techniques. You take home the following stuff:
- Certificate of Completion
- Our customized VMware image
loaded with security tools that will be discussed in training.
- A bootable BackTrack(tm)
distribution - BackTrack is the Top rated Linux live
distribution focused on penetration testing. The merging of two
very popular distributions (Whax and Auditor Security
Collection) has catapulted BackTrack to the #1 spot on the "Top
100 Network Security Tools" list -
http://sectools.org.!
Who Should Take the Course?
If you are a system or network administrator,
security personnel, auditor, and/or consultant concerned with
network and system security, then you should take this course. Basic
Unix and Windows competency is required for the course to be fully
beneficial.
Trainers:
Faiz Ahmad Shuja, CISSP, GCIH,
GSEC
A security expert and seasoned entrepreneur, Faiz Ahmad Shuja is Founder
and CEO of rewterz. He brings a tremendous amount of designing,
implementing, and managing secure infrastructure expertise. In his current
role, he is responsible for overall management and guiding the rewterz'
strategy. Prior to this role, Faiz worked as Senior Information Security
Consultant for Cyber Internet Services (Pvt.) Ltd, Pakistan 's largest ISP.
The focus of his position was on information security management and network
infrastructure protection.
In 2003, Faiz founded Pakistan Honeynet Project, a non-profit,
all-volunteer organization dedicated to Honeynet research. Pakistan Honeynet
Project's goal is to learn and raise awareness about the motives and tactics
of the Black Hat community targeting Pakistan 's networks. Its aim is to
share and dissipate knowledge about the various tools and hacker practices
in use on the Internet today. Pakistan Honeynet Project is member of The
Honeynet Project's Research Alliance.
In 2004, Faiz founded PAKCON, a non-profit organization which organizes
yearly cyber security conventions in Pakistan . PAKCON is the brainchild of
a group of capable security professionals who have employed their genius and
aptitude to provide an overall extensive and comprehensive experience of
information security in the form of a wide-ranging convention on information
security.
Faiz holds a Bachelors degree in Computer Science from the University of
Karachi, GIAC Security Essentials Certification (GSEC), GIAC Certified
Incident Handler Certification (GCIH) and Certified Information Systems
Security Professional (CISSP). He has spoken at various conferences and
organizations, including US NSA (National Security Agency), ISS World,
PAKCON, IEEE, and more.
Muhammad Omar Khan, CISSP
Muhammad Omar Khan brings a tremendous amount of information security
management expertise to his role as the Chief Technology Officer. In this
role, Omar is responsible for all aspects of service delivery including
security operations, development and infrastructure. Prior to joining
rewterz, Omar worked for Pakistan 's largest Internet Service Provider,
CYBERNET. Omar earned a Bachelor's degree in Computer Science from Sir Syed
University of Engineering and Technology and Certified Information Systems
Security Professional (CISSP) certification.
Muhammad Ahmed Siddiqui, CISSP
Muhammad Ahmed Siddiqui brings a tremendous amount of penetration
testing, application security assessment, exploit coding, vulnerability
research and secure application development experience to his role as the
Chief Architect. In this role, Ahmed is responsible for managing product
development and implementation, and quality assurance. He is an active
security researcher and has published several security advisories. Ahmed
holds a bachelor's degree in Computer Science from Sir Syed University of
Engineering and Technology and Certified Information Systems Security
Professional (CISSP) certification.
Register Now
Course Length:
Four
days. All course materials, lunch and two tea breaks
will be provided. A Certificate of Completion will
be offered.
