MALWARE discovery and basic analysis by Michael Gough

REGISTER NOW ($1450)

COURSE DESCRIPTION:

Malware Discovery is an essential skill for today’s InfoSec and IT professionals. Many malware courses start you off with an infected system and how to deep analyze or even reverse engineer the malware. This course focuses on how to discover if a system has malware and then how to do basic malware analysis and build a simple lab to do testing in.

The goal being speed so you can get back to other tasks. We will look at what tools you need, the techniques and steps to analyze malware so you can determine if a system is clean or truly infected. This course is intended for everyday commodity malware that you might get in email or surfing, to advanced malware in a targeted attack. The focus will be on Windows systems; but will touch on some tools for Apple and Linux systems as well. 

Introduction to Incident Response

  • Malware Analysis Data Labs
  • Building a Malware Analysis environment
  • The Windows Logging Cheat Sheet(s) – What to set
  • Malware Analysis Tools
  • Command Line Logging and Network connections – Real intelligence
  • Automated Analysis & Lab
  • Basic Malware Analysis & Lab
  • Logging for Malware
  • Questions and Discussion
REQUIREMENTS
- Barebones system is recommended with re-imaging after the course OR
- Laptop running a Virtual Machine (VirtualBox, VMWare, ESXi, Parallels, etc.) a. Windows 7, 8 or 10
- Microsoft Office, PDF Reader (FoxIt), Notepad++ & 7Zip
- A list of tools will be provided on USB Card on the day of the training
- PowerShell 5.0 and .NET 4.5 or greater
- Malware samples and tools will be provided

ENTERPRISE PENETRATION
TESTING METHODS BY ROD SOTO

REGISTER NOW ($1450)

COURSE DESCRIPTION:

During this comprehensive course, tools and methodologies that are used during penetration tests in enterprise network environments will be detailed. The course will utilize a lab environment for a hands-on instruction of manual penetration testing methods, in addition to, training for use of exploitation frameworks, such as Metasploit. Focus will be geared towards methodology, processes, vectors, tools, and techniques used for exploitation (Infrastructure, Network. Web, Mobile).

By the end of the course, the student will have an in-depth understanding of the underlying principals of network exploitation and will have gained experience in the successful execution of attacks.

Minimum Course Requirements: Bring a Laptop with: 4 GB of RAM at Minimum and Quad-Core Processor at Minimum Ability to Run Virtual Machines Understanding of Basic Networking Concepts Basic Linux Comprehension.

TARGET AUDIENCE:

This seminar is geared towards those seeking to enter the information security industry while also enriching those who seek to develop the skills and experience necessary to succeed as a penetration tester (for fun and for profit).

INSTRUCTOR BIO:

Rod Soto has over 15 years of experience in information technology and security.  He has spoken at ISSA, ISC2, OWASP, BlackHat, DEFCON, Hackmiami, Bsides and also been featured in Rolling Stone Magazine, Pentest Magazine, Univision and CNN. Rod Soto was the winner of the 2012 BlackHat Las vegas CTF competition and is the founder and lead developer of the Kommand && KonTroll competitive hacking Tournament series.

Seminar Requirements

  • Laptop With at Least 4GB of RAM and at Minimum a Quad-Core Processor
  • Ability to Run Virtual Machines
  • Understanding of Basic Networking Concepts
  • Basic Linux Comprehension

Course Description

During this comprehensive course, tools and methodologies that are used during penetration tests in enterprise network environments will be detailed. The course will utilize a lab environment for a hands-on instruction of manual penetration testing methods, in addition to, training for use of exploitation frameworks, such as Metasploit. Focus will be geared towards methodology, processes, vectors, tools, and techniques used for exploitation (Infrastructure, Network. Web, Mobile).

By the end of the course, the student will have an in-depth understanding of the underlying principals of network exploitation and will have gained experience in the successful execution of attacks.

Minimum Course Requirements: Bring a Laptop with: 4 GB of RAM at Minimum and Quad-Core Processor at Minimum Ability to Run Virtual Machines Understanding of Basic Networking Concepts Basic Linux Comprehension.



Malware Analysis Training - bY ROBERT SIMMONS

REGISTER NOW ($1450)

COURSE DESCRIPTION:

The landscape of open source malware analysis tools improves every day. A malware analysis lab can be thought of as a set of entry points into a tool chain. The main entry points are a file, a URL, a network traffic capture, and a memory image. This talk is an examination of the major open source tools that satisfy the analysis requirements for each of these entry points. Each tool’s output can potentially feed into another tool for further analysis. The linking of one tool to the next in a tool chain allows one to build a comprehensive automated malware analysis lab using open source software.

For file analysis, the three major versions of Cuckoo Sandbox will be examined. To analyze a potentially malicious URL, the low-interaction honeyclient, Thug, will be covered. Next, if one has a network capture (PCAP) to analyze, the Bro Network Security Monitor is a great option, and will be covered. Finally, if the analysis target is a memory image, the Volatility Framework will be examined. Each of the inputs and outputs of the tools will be reviewed to expose ways that they can be chained together for the purpose of automation. For each tool covered, the class will login to live instances of each and learn the basics of malware analysis using each one.

TARGET AUDIENCE:

This seminar is geared towards those seeking to understand open source malware analysis tools.

INSTRUCTOR BIO:

Robert Simmons is Director of Research Innovation at ThreatConnect, Inc. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Robert has spoken on malware analysis at many of the top security conferences including DEFCON, HOPE, and DerbyCon among others. Robert, also known as Utkonos, has a background in biology, linguistics, and Russian area studies. He has lived extensively in Russia and Ukraine and has been known to swear profusely and constantly in Russian.

Seminar Requirements

Equipment needed: Bring a laptop with the current version of Chrome installed and a tested and working network connection (provide your own internet, please - only rely on the conference network if absolutely needed). Everything is remote and connected to via web browser - no malware will be worked on your equipment.

Attendee requirements: Basic to Intermediate python programming knowledge