TECHNICAL TRAININGS

Operationalise OSINT

Operationalise OSINT

Training Level: Beginner; Intermediate
Duration: 2 Days

This is a comprehensive course to level up on cybersecurity skills by focusing on Open Source Intelligence (OSINT). Covers essential principles, advanced techniques, and ethical considerations for gathering intelligence from publicly available information in support of investigation. Throughout this course, you will learn to collect information effectively, detect fake images, analyze social media data, reverse images search and identify deceptive online identities.

This is about finding meaningful information that is applicable to the intelligence question and being able to provide meaningful intelligence about the data collected.

You might use open-source information to do a credibility check before hiring someone for a job and to find out more about the person selling you something on Facebook marketplace.

Find out more …

Exploit Development 101 with Qiling Framework

Exploit Development 101 with Qiling Framework

Training Level: Beginner; Intermediate
Duration: 2 Days

Qiling Framework (https://qiling.io) is an open-source sandbox emulator framework developed by Malaysian. It comes  with a rich set of Python API to enable highly customizable analysis tools built on top. Using emulator technology inside, Qiling Framework can run the executable binary in a cross-platform-architecture way, so security researchers can analyze Windows PE files on Linux Arm64, IoT firmware based on Mips on MacOS, and so on.

This course is tailored for beginners who are eager to enhance their skill set on exploit development with the Qiling Framework. The training offers an in-depth overview of Qiling’s cutting-edge binary emulation features, along with a systematic guide to the process of emulation and bug analysis. Participants will be shown standard workflows that might be familiar from other tools, and how to harness the power of Qiling’s vast capabilities to execute these workflows more efficiently and swiftly.

In addition, the course will explore how to utilize Qiling Framework’s robust Python API, and how to use or extend its analysis outcomes to expedite your emulation process. The highlight of this course is to guide beginners how to start learning exploit development, where you’ll learn to emulate binary and re-discover one-day bugs, starting from fuzzing right up to making the exploit work.

Find out more …

Threat Hunting and Detection Engineering

Threat Hunting and Detection Engineering

Training Level: Beginner; Intermediate
Duration: 2 Days

This class is designed to introduce students to the understanding of threat hunting and detection engineering. Threat hunting is a proactive cybersecurity approach aimed at identifying and mitigating potential security threats before they can cause harm to an organization’s systems, networks, or data and Detection Engineering (DE) is a discipline within cybersecurity that focuses on developing and improving the capabilities of security systems to detect malicious activities and threats effectively. DE involves the creation, implementation, and refinement of detection mechanisms, rules, algorithms, and processes to identify suspicious or unauthorized behaviour within an organization’s IT infrastructure.

Through an applied understanding of introduction of the concept TH & DE, students should be able to identify available processes and frameworks to detect undetected threats, that can be used to enhance security posture, stay ahead of threat actors and improve incident response by uncovering the indicator of compromise and suspicious activities.

Our threat hunting approach is based on students’ familiarity with their IT environments, with DE students should learn how to develop rules, signatures, or patterns that can identify specific types of malicious activities or behaviours. DE students also will work on developing and refining machine learning algorithms and statistical models to detect anomalies or patterns indicative of cyber threats.

This class will focus on a few type active APT groups and hope every student can apply the skills and experience in their IT environment.

Find out more …

The Car Hacker’s Methodology and Checklist for Application Security Hackers

The Car Hacker’s Methodology and Checklist for Application Security Hackers

Training Level: Beginner; Intermediate
Duration: 2 Days

Unlocking the doors of a car is sort of like a “Hello World” in Car Hacking. But this isn’t the end – it’s not a tip of an iceberg but there are other things you can also hack or play. There is more to just opening the doors and hacking infotainments. And so the speaker drafted a Car Hacker’s Methodology and Checklist geared towards application security hackers and professionals based on his experience as an automotive security bug triager and a car hacker himself.

Join Jay as he summarizes his own checklist for the following attack surfaces and activate this proposed talk into a workshop mode:

– Infotainment, Telematics and every IoT Devices in the Car

– CAN Access and Injection – RF (Radio Frequency) Hub

– Apps Connected to the Vehicle

– Web Endpoints, Firmware Update Servers, PKI Bridge

The instructor would also demonstrate real world attacks against known vehicles and how you may be able to replicate it or do it on a cheap hardware or known hardware. The author would like to point out some attacks that are also misunderstood or overlooked like sometimes you don’t need to jam or perform rolljam to open a car. canTot which is made by the instructor will also be shown as part of a tool he uses for automation in car hacking.

Find out more …

Practical Red Team Tradecraft for Adversary Simulation

Practical Red Team Tradecraft for Adversary Simulation

Training Level: Beginner; Intermediate
Duration: 2 Days

Practical Red Team Tradecraft for Adversary Simulation features three course sections where students learn and develop skills to plan & execute adversary simulations against a mature Enterprise network that comprises of Active Directory and Endpoint Protection Services.

This training covers practical Red Team tradecraft ranging from the building of a modern-day Red Team Infrastructure to weaponizing evasive techniques to slip-by endpoint detections, and ends with the infiltration of an multi-forest Active Directory network.

By the end of this training, students will be able to carry out a full-blown Red Team engagements consistently to measure the effectiveness of People, Process, and Technology pillars employed by an organization.

Find out more …

Scroll to top