TECHNICAL TRAININGS
Operationalise OSINT
Operationalise OSINT
Training Level: Beginner; Intermediate
Duration: 2 Days
This is a comprehensive course to level up on cybersecurity skills by focusing on Open Source Intelligence (OSINT). Covers essential principles, advanced techniques, and ethical considerations for gathering intelligence from publicly available information in support of investigation. Throughout this course, you will learn to collect information effectively, detect fake images, analyze social media data, reverse images search and identify deceptive online identities.
This is about finding meaningful information that is applicable to the intelligence question and being able to provide meaningful intelligence about the data collected.
You might use open-source information to do a credibility check before hiring someone for a job and to find out more about the person selling you something on Facebook marketplace.
Exploit Development 101 with Qiling Framework
Exploit Development 101 with Qiling Framework
Training Level: Beginner; Intermediate
Duration: 2 Days
Qiling Framework (https://qiling.io) is an open-source sandbox emulator framework developed by Malaysian. It comes with a rich set of Python API to enable highly customizable analysis tools built on top. Using emulator technology inside, Qiling Framework can run the executable binary in a cross-platform-architecture way, so security researchers can analyze Windows PE files on Linux Arm64, IoT firmware based on Mips on MacOS, and so on.
This course is tailored for beginners who are eager to enhance their skill set on exploit development with the Qiling Framework. The training offers an in-depth overview of Qiling’s cutting-edge binary emulation features, along with a systematic guide to the process of emulation and bug analysis. Participants will be shown standard workflows that might be familiar from other tools, and how to harness the power of Qiling’s vast capabilities to execute these workflows more efficiently and swiftly.
In addition, the course will explore how to utilize Qiling Framework’s robust Python API, and how to use or extend its analysis outcomes to expedite your emulation process. The highlight of this course is to guide beginners how to start learning exploit development, where you’ll learn to emulate binary and re-discover one-day bugs, starting from fuzzing right up to making the exploit work.
Threat Hunting and Detection Engineering
Threat Hunting and Detection Engineering
Training Level: Beginner; Intermediate
Duration: 2 Days
This class is designed to introduce students to the understanding of threat hunting and detection engineering. Threat hunting is a proactive cybersecurity approach aimed at identifying and mitigating potential security threats before they can cause harm to an organization’s systems, networks, or data and Detection Engineering (DE) is a discipline within cybersecurity that focuses on developing and improving the capabilities of security systems to detect malicious activities and threats effectively. DE involves the creation, implementation, and refinement of detection mechanisms, rules, algorithms, and processes to identify suspicious or unauthorized behaviour within an organization’s IT infrastructure.
Through an applied understanding of introduction of the concept TH & DE, students should be able to identify available processes and frameworks to detect undetected threats, that can be used to enhance security posture, stay ahead of threat actors and improve incident response by uncovering the indicator of compromise and suspicious activities.
Our threat hunting approach is based on students’ familiarity with their IT environments, with DE students should learn how to develop rules, signatures, or patterns that can identify specific types of malicious activities or behaviours. DE students also will work on developing and refining machine learning algorithms and statistical models to detect anomalies or patterns indicative of cyber threats.
This class will focus on a few type active APT groups and hope every student can apply the skills and experience in their IT environment.
The Car Hacker’s Methodology and Checklist for Application Security Hackers
The Car Hacker’s Methodology and Checklist for Application Security Hackers
Training Level: Beginner; Intermediate
Duration: 2 Days
Unlocking the doors of a car is sort of like a “Hello World” in Car Hacking. But this isn’t the end – it’s not a tip of an iceberg but there are other things you can also hack or play. There is more to just opening the doors and hacking infotainments. And so the speaker drafted a Car Hacker’s Methodology and Checklist geared towards application security hackers and professionals based on his experience as an automotive security bug triager and a car hacker himself.
Join Jay as he summarizes his own checklist for the following attack surfaces and activate this proposed talk into a workshop mode:
– Infotainment, Telematics and every IoT Devices in the Car
– CAN Access and Injection – RF (Radio Frequency) Hub
– Apps Connected to the Vehicle
– Web Endpoints, Firmware Update Servers, PKI Bridge
The instructor would also demonstrate real world attacks against known vehicles and how you may be able to replicate it or do it on a cheap hardware or known hardware. The author would like to point out some attacks that are also misunderstood or overlooked like sometimes you don’t need to jam or perform rolljam to open a car. canTot which is made by the instructor will also be shown as part of a tool he uses for automation in car hacking.