Tag Archive

DeepSec 2019 Training: IoT/Embedded Development – Attack and Defense Lior Yaari

Published on September 19, 2019 By sanna

Every developer makes mistakes. If you are unlucky, these mistakes result in a security vulnerability, an almost untraceable bug for the normal developer. Going around the world, helping developers to find and understand the vulnerabilities they’ve accidentally created, we learned that unlike bugs, vulnerabilities are invisible to the eye, mind and UT. No one teaches […]

DeepSec 2019 Training: Analysing Intrusions with Suricata – Peter Manev & Eric Leblond

Published on September 18, 2019 By sanna

Defending your network starts with understanding your traffic. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In this course, attendees will learn the skills required to identify, respond and protect against threats in their network day to […]

DeepSec Training: Black Belt Pentesting / Bug Hunting Secrets you’ve always wanted to know

Published on August 26, 2019 By René Pfeiffer

The Web and its technologies have become the perfect frontier for security experts for finding bugs and getting a foothold when doing penetration tests. Everything has a web server these days. And everything web server will happily talk to web clients. The components involved are more than just simple HTML and JavaScript. The developer notion […]

DeepSec Training: Black Belt Pentesting / Bug Hunting Millionaire – Mastering Web Attacks with Full-Stack Exploitation

Published on August 19, 2019 By René Pfeiffer

Web applications are gateways for users and attackers alike. Web technology is used to grant access to information, public and sensitive alike. The latest example is the Biostar 2 software, a web-based biometric security smart lock platform application. During a security test the auditors were able to access over 1 million fingerprint records, as well […]

Training Teaser: Black Belt Pentesting a.k.a. Bug Hunting Millionaire – Mastering Web Attacks with Full-Stack Exploitation

Published on July 11, 2019 By René Pfeiffer

Modern web applications consist of far more components than HTML content and a few scripts. In turn properly attacking web applications requires a diverse set of skills. You need to know how the back-end and the front-end works. This includes all of the scripting languages, data storage technologies, user interface peculiarities, frameworks, hosting technologies, and […]

Ongoing DeepSec Call for Workshops – Trainers welcome!

Published on April 2, 2019 By René Pfeiffer

The Call for Workshops for the DeepSec conference in November 2019 is still open. If you have something to teach, let us know as soon as possible! We intend to inform potential trainees in the beginning of May about their options. This allows for a better planning and preparation, because we receive early requests for […]

Special Offer for “Mastering Web Attacks with Full-Stack Exploitation” Training – get 3 for the Price of 1

Published on November 19, 2018 By René Pfeiffer

The DeepSec training Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation by Dawid Czagan has some seats left. Dawid has agreed to give away free access to two of his online courses for everyone booking tickets until Wednesday, 21 November 2018 (2359 CET). This gives you a perfect preparation for penetration testing, software development, […]

Last Call for your Web Application Security Training – Break all teh Web and enjoy it!

Published on November 9, 2018 By René Pfeiffer

The Internet is full of web applications. Sysadmins used to joke that HTTP is short for Hypertext Tunnelling Protocol, because anything but web content is transported via HTTP these days. It’s the best way to break out of restricted environment, too. So the chances are good that you will need the skills for dealing with […]

DeepSec 2018 Training: Advanced Infrastructure Hacking – Anant Shrivastava

Published on November 5, 2018 By sanna

Whether you are penetration testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical. This course covers a wide variety of neat, new and ridiculous techniques to compromise modern Operating Systems and networking devices. We asked Anant a few more questions about his […]

ROOTS Schedule almost ready, mind your DeepSec Training Tickets, DeepINTEL Schedule is coming up

Published on October 19, 2018 By René Pfeiffer

The review process for ROOTS has been completed a few days ago. Proper reviews are hard, this is why it took a bit longer. The accepted papers will be in the schedule at the beginning of next week for we need the redacted abstracts of all presentations. The research topics are worth it, so make […]

DeepSec 2018 Training: Malware Analysis Intro – Christian Wojner

Published on September 28, 2018 By sanna

With malware (malicious software) featuring crypto-trojans (ransomware), banking-trojans, information- and credential-stealers, bot-nets of various specifications, and, last but not least, industry- or even state-driven cyber espionage, the analysis of this kind of software ıs becoming more and more important these days. With a naturally strong focus on Microsoft Windows based systems this entertaining first-contact workshop […]

DeepSec 2018 Training: ERP Security: Assess, Exploit and Defend SAP Platforms – Pablo Artuso & Yvan Genuer

Published on September 27, 2018 By sanna

Your SAP platform contains the business crown jewels of your company. However, while leading organizations are protecting their systems from new types of SAP threats, still many are prone to SAP-specific vulnerabilities that are exposing their business to espionage, sabotage and financial fraud risks. Gaston’s and Pablo’s training empowers Security Managers, Internal/External Auditors and InfoSec […]

DeepSec 2018 Training: Professional Bug Hunting for Early Bird Millionaires – Sensitive Data Exposure

Published on September 24, 2018 By René Pfeiffer

DeepSec’s Early Bird Tariff is still valid for today. If you are interested in bug hunting for money, i.e. bug bounties, then you should hurry. Dawid Czagan is conducting a training at DeepSec 2018 where you can learn all you need to get started. If you don’t know what to expect, we recommend one of […]

DeepSec 2018 Training: Advanced Penetration Testing in the Real World – Davy Douhine & Guillaume Lopes

Published on September 24, 2018 By sanna

Guillaume and Davy, senior pentesters, will share many techniques, tips and tricks with pentesters, red teamers, bug bounty researchers or even defenders during a 2-day 100% “hands-on” workshop. This is the very training you’d like to have instead of wasting your precious time trying and failing while pentesting. The main topics of the training are: […]

DeepSec 2018 Training: Attacking Internet of Things with Software Defined Radio – Johannes Pohl

Published on September 10, 2018 By sanna

In Johannes Pohls training participants will learn how to reverse engineer the wireless communication between Internet of Things (IoT) devices with Software Defined Radios (SDR) using the Universal Radio Hacker (URH). The workshop covers required HF (high frequency) basics such as digital modulations and encodings and shows how to reveal the protocol logic step by […]