Training

Attack Research utilizes a very hands on approach to teaching by having the students spend 50% of class time performing practical exercises in a lab environment designed to simulate real world enterprise networks. This type of class structure has been a proven success in retention of skills learned and student engagement. Our unique lab environments are replicas of the types of production networks that students will encounter in the real world. The lab environments range from a Windows and Unix interdependent network with services such as NFS, SMB, and Active Directory to a Windows web hosting environment.

Offensive Techniques

Offensive Techniques offers students the opportunity to learn real offensive cyber operation techniques. The focus is on recon, target profiling and modeling, and exploitation of trust relationships. The class will teach students how to break into computers without using exploits and non-traditional techniques which follow closely what advanced adversaries do rather than compliance based penetration testing.
Notify me when offered!

Rapid Reverse Engineering

Rapid Reverse Engineering is a must now days with APT style attacks and advanced adversaries. This class combines deep reverse engineering subjects with basic rapid triage techniques to provide students with a broad capability when performing malware analysis. This course will take the student from 0-60, focusing on learning the tools and key techniques of the trade for rapidly reverse engineering files. Students will understand how to rapidly assess all types of files in a rapid manner.
Apr. 23-25, 2014 @ Brucon Spring Training, Belgium
Signup @ Brucon Belgium

Tactical Windows Exploitation and Response

Tactical Windows Exploitation and Response is a multidisciplinary approach to understanding the methodologies, techniques, and tools for both offensive and defensive Windows technologies. In the class, students will first focus on the exploitation of an enterprise Windows network. After successful exploitation, students will then switch focus to the incident response of the same enterprise Windows network. This will provide students with real world experience in the attack and defense of an enterprise Windows network. It will also provide a unique viewpoint into both the offensive and defensive process.

BlackHat Exclusive!
Notify me when offered!

Tactical Exploitation

Penetration testing often focuses on individual vulnerabilities and services, but the quickest ways to exploit are often hands on and brute force. This two-day course introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using a combination of new tools and lesser-known techniques, attendees will learn how hackers compromise systems witho1ut depending on standard exploits. The class alternates between lectures and hands-on testing, providing attendees with an opportunity to try the techniques discussed.

BlackHat Exclusive!
Notify me when offered!

Operational Post Exploitation

What to do after a successful penetration into a target including introducing vulnerabilities rather than backdoors for persistence. This class covers data acquisition, persistence, stealth, password management on many different operating systems and scenarios.
Notify me when offered!

Attacking Windows

Attacking Windows is Attack Research's unique approach to actually securing Windows. Students will become proficient in attacking Windows systems, learning the commands that are available to help move around systems and data, and examining and employing logging and detection. It will also cover authentication mechanisms, password storage and cracking, tokens, and the domain model. Once finished with this course, students will have a foundation on how attack models on Windows actually happen and how to secure against them.
Notify me when offered!

Attacking Unix

Attacking Unix is Attack Research's unique approach to actually securing Unix. Students will become proficient in attacking Unix systems, focusing mostly on Linux, Solaris and FreeBSD. SSH, Kerberos, kernel modules, file sharing, privilege escalation, home directories, and logging all will be covered in depth. Once finished with this course, students will have a foundation on how attack models on Unix actually happen and how to secure against them.
Notify me when offered!

Website Exploitation

The web is one of the most prevalent vectors of choice when attacking targets because websites reside outside the firewall. This course will teach the basics in SQL injection, CGI exploits, content management systems, PHP, asp, and other backdoors, and the mechanics of exploiting web servers.
Notify me when offered!

MetaPhishing

MetaPhishing is a class designed to teach the black arts for targeted phishing operations, file format reverse engineering & infection, and non-attributable command and control systems. Once completed with this class students will have a solid foundation for all situations of phishing.
Notify me when offered!

Basic Exploit Development

In order to use the tools one must have an understanding of the basics of how they work. This module will cover the step by step basics, tools, and methods for doing buffer/heap overflows on windows and unix.
Notify me when offered!

Advanced Exploitation

Reliable exploitation on Vista and Windows 7 systems requires advanced techniques such as heap layout manipulation, return oriented programming and ASLR information leaks. In addition, robust exploitation necessitates repairing the heap and continuing execution without crashing the process. This course focuses on teaching the principles behind these advanced techniques and will give the students hands-on experience developing real-world exploits.
Notify me when offered!