This year’s ToorCon San Diego is offering exclusive 2-3 day hands-on training workshops focused on various aspects of computer security. The workshops will be taking place on Oct. 12th-14th and includes meals, hardware, and tools necessary to participate in the workshop (you just supply the laptop). All workshops attendees get admission to the Seminar (Oct. 14th) and Conference (Oct. 14th-16th). The workshops are being held at the Emerald Plaza Westin. Online registration is open and closes on Sept. 30, 2016. Tickets can still be purchased at the door. Our pricing schedule is listed below:
Check-in opens at 8:30AM Wednesday, October 12th, 2016. Continental breakfast will be provided. If you have trouble finding it, ask the concierge in the lobby.
8:30AM – Registration and Breakfast
9:00AM – Session Starts
10:30AM – Morning Break
12:30PM – Lunch Break
3:30PM – Afternoon Break
5:PM – End Session
Learn the ins and outs of renowned information security tools directly from the developers in this two day, handson Hak5 Toolkit class. From wireless auditing with the WiFi Pineapple to clandestine remove access with the USB Rubber Ducky and LAN Turtle. This class serves as an introduction to the techniques and best practices of exploiting these pentesting tools.
Using the WiFi Pineapple, students will learn the theory of wireless network operation, how to passively analyze the WiFi landscape, identify targets, configure attacks, and actively monitor and manipulate client traffic. Using the USB Rubber Ducky, students will learn how to effectively employ keystroke injection attacks by writing payloads to exfiltrate data, attain remote access, harvest credentials and brute force smartphone PIN codes. Using the LAN Turtle, students will learn how to maintain persistent remote access into networks using reverse shells as well as employ various maninthemiddle attacks.
Nearly 30 exercises reinforce the theory and best practices taught throughout this class. Students will receive a special Hak5 field kit including print course material and one each of the Hak5 tools; WiFi Pineapple, USB Rubber Ducky and LAN Turtle. See Syllabus…
There are four technical skills required by security researchers, software quality assurance and test engineers, or developers concerned about security: Source code auditing, fuzzing, reverse engineering, and exploitation. Each of these domains is covered in detail. C/C++ code has been plagued by security errors resulting from memory corruption for a long time. Problematic code is discussed and searched for in lectures and labs. Fuzzing is a topic book author DeMott knows about well. Mutation file fuzzing and framework definition construction (Sulley and Peach) are just some of the lecture and lab topics. When it comes to reversing C/C++ (Java and others are briefly discussed) IDA pro is the tool of choice. Deep usage of this tool is covered in lecture and lab. Exploitation discussions and labs are the exciting final component. You’ll enjoy exploitation basics, and will also use the latest techniques. See Syllabus…
Hardware security analysis differs from software security analysis primarily in the tools and techniques required for the task at hand. However, many security researchers overestimate the learning curve required to begin successfully performing embedded hardware analysis. This training is specifically designed for security researchers who wish to improve their familiarity with hardware security and hardware implementations in particular. The training is built as a set of Capture the Flag (CTF) style assignments designed to familiarize students with common flaws in hardware implementations. In this training, students will learn to develop custom hardware implementations utilizing programmable logic, i.e. Field-Programmable Gate Arrays (FPGAs) and Complex Programmable Logic Devices (CPLDs). Students will thoroughly understand the advantages of building tools based on programmable logic, understand how hardware implementations are realized and exploit several common hardware security flaws. See Syllabus…
The two day Software Defined Radio (SDR) workshop at ToorCon is an introduction to digital signal processing, software radio, and the powerful tools that enable the growing array of SDR projects within the hacker community. This course takes a unique “software radio for hackers” approach, building on the participants’ knowledge of computer programming and introducing them to the forefront of digital radio technology. Participants will learn how to transmit, receive, and analyze radio signals and will be prepared to use this knowledge in the research of wireless communication security. See Syllabus…