Enterprise Penetration Testing Methods 

By Rod Soto

During this comprehensive course, tools and methodologies that are used during penetration tests in enterprise network environments will be detailed.The course will utilize a lab environment for a hands-on instruction of manual penetration testing methods, in addition to, training for use of exploitation frameworks, such as Metasploit. Focus will be geared towards methodology,processes, vectors, tools, and techniques used for exploitation. By the end ofthe course, the student will have an in-depth understanding of the underlying principals of network exploitation and will have gained experience in the successful execution of attacks.

Minimum Course Requirements:
Bring a Laptop with: 4 GB of RAM at Minimum and Quad-Core Processor at Minimum Ability to Run Virtual Machines
Understanding of Basic Networking Concepts
Basic Linux Comprehension

Target Audience:This seminar is geared towards those seeking to enter the information security industry while also enriching those who seek to develop the skills and experience necessary to succeed as a penetration tester (for fun and for profit).

Register for training 
Rod Soto

Rod Soto has over 15 years of experience in information technology and
security.  He has spoken at ISSA, ISC2, OWASP,
BlackHat, DEFCON, Hackmiami, Bsides and also been featured in Rolling
Stone Magazine,
Pentest Magazine, Univision and CNN. Rod Soto was the winner of the
2012 BlackHat Las vegas CTF  competition and is the founder and lead
developer of the Kommand && KonTroll competitive hacking Tournament
series.
Register for training 

Open Source Intelligence for Pentesters

By Shubham Mittal

Overview of the Course:

Reconnaissance is the very first phase of any Risk Assessment Exercise, which is often underrated by many security professionals and investigators. Every pentester’s arsenal should, therefore, include Open Source Intelligence (OSINT) and active reconnaissance for effective assessments.

This research-backed training not only talks about using OSINT to extract data but also focuses on the significance of this data and how it could be directly used in offensive security. This instructor-led fast-paced covers a wide range of OSINT techniques for finding,collecting and correlating publicly available information related to the target, be it a person, company, email, domain or an IP Address.This Extracted information will be further used for launching targeted and effective attacks.

The training will cover topics like unconventional search engines,Social Media Intelligence (SOCMINT), automated data mining, metadata extraction, data-dump harvesting, breach monitoring, Tor and much more. Utilizing a variety of such techniques along with freely available tools and services like DataSploit, Maltego, Foca, etc. as well as tailored scripts, participants will perform real-life attack scenarios. Training will not only cover these topics but will also go in-depth on how OSINT techniques can be chained together and even a small piece of information can lead to the catastrophic results for an organization.

The training program will cover the following topics:

Organization Profiling and Scoping

Mapping the Exhaustive Attack Surface

Whois & Reverse Whois, ASN ID, IP Lookups, Allocated IP Range Extraction

Advance Subdomain Enumeration

Custom Search Engines (beyond Google)

Identifying Sensitive information from Code Aggregators and Public

Disclosures/Forums

Spraying OSINT data over Organization Assets

Attacking Assets with Spidering and Metadata Extraction

Email correlation Account identification and User Profiling

Intelligent and Comprehensive Brute Force Attacks

Writing custom Module for DATASPLOIT

Automating Dorking and Pattern Matching

Attacking Domain IP History

Automating the ‘Walkthrough Public Dumps’.

Monitoring and Alerting for Attacks / Competitive Espionage

Online Anonymity

What Students Will Be Provided With:

Student Pack which contains

Slide deck and OSINT CheatSheet

Important Tools and custom Scripts

Code Skeletons

Custom OSINT Browser

Vagrant Configs - To create instant OSINT Machine(s).

Answers to challenges (covered during the training program)

1 Month Free Lab Access.

Free 1 Month Private Lab Access will also be provided to each participant where they can practice the skills learned during the course.

Register for training 
Shubham Mittal

Shubham Mittal is an active Information Security researcher with 6+
years of experience in offensive/defensive security, with interests in
OSINT. He has spoken/trained/presented at multiple conferences
including Black Hat, DEFCON, NullCon, c0c0n, and IETF. He is the
author of OSINT Framework - DataSploit (listed in Top Ten Security
Tools of 2016) and is core organizer of @Recon Village which runs
@DEFCON and other security conferences. He works from the command
line, uses vi and loves beer.
Register for training 

Crypto Dojo

By Seth Wahle

Overview of the Course:

An exhaustive one day bootcamp for the would be cryptocurrency miner. This course starts with the very basics of how cryptocurrencies work and equips you with the knowledge you need to start and run a cryptocurrency mining operation.

Fundamentals

  • Cryptographic Hash Functions
  • Hash Collisions
  • Hash Pointers
  • Public/private key pairs
  • Merkle Trees
  • Centralization/Decentralization

How Bitcoin Works

  • Basics premise of the bitcoin blockchain.
  • Blockchain mechanics from the standpoint of a wallet node.
  • Consensus
  • Blockchain mechanics from the standpoint of a mining node.
  • Nonce
  • Difficulty

Crypto Storage Techniques

  • Full nodes
  • Paper Wallets
  • Hardware Wallets
  • Best Practices

Intro to cryptocurrency mining

  • How mining works
  • Evolution of mining hardware
  • Solo Mining
  • Pooled Mining
  • Rig-rental Mining
  • Automatic Profit Switching

Setting up a mining farm

  • ‍Power Requirements
  • Cooling Requirements
  • Traditional cooling methods
  • High heat load methods(large scale mining)
  • Space Requirements
  • Other Considerations

Building a mining rig

  • Part Selection
  • Sourcing the parts
  • Calculating power requirements
  • Calculating cooling requirements
  • Chassis considerations

Group Mining Rig Build

  • Common mistakes and misconceptions
  • Best practices
  • Tips and tricks
  • Understanding BIOS configurations
  • Troubleshooting tricks for mining rigs
  • Operating system Tweaks for best performance

Register for training 
Seth Wahle

Seth Wahle is a Navy veteran turned tech entrepreneur. Seth has developed hardware that allows for 4k streaming video, produced a device that detects and eliminates enemy I.E.D.’s, and developed radio communications equipment for the next generation of fighter jets. After being featured in Forbes and BBC in 2015, Seth founded a cyber security intrusion detection company which was acquired in 2016.  Seth is now supporting a cybersecurity contract for NASA, while expanding his cryptocurrency mining company Guerra Mining.  Additionally, Seth is the author of Demoncoin and the founder of the DemonBucket file sharing network.
Register for training