Training
SensePost at BlackHat & Defcon 2017
July is our favourite time of year, when thousands descend into Las Vegas for Blackhat/Defcon, or more commonly referred to as ‘Hacker Summer Camp’. This year, our camp councillors have been working hard to bring you all our latest creations. We’re running our usual training at BlackHat, and as usual have been working hard to build new courses and update others. Here’s a list: BLACK OPS HACKING FOR PENTESTERS –…
Pentesting Enterprise Infrastructure – Journeyman Level
Sophisticated attacks aim to hide from endpoint solutions Advanced hacking. Expert approaches We are inundated by advanced this, expert that, when it comes to hacking and hacking training. When a breach occurs, the media portray it as some epic hack that mere mortals would struggle to comprehend, when in reality it’s actually a run of the mill SQLi attack. Often it’s not advanced, but makes use of a series of…
What to look for in a training provider
In the last few years, the infosec training scene has exploded. Arguably, the largest training provider is Blackhat, and in the last 15 years we’ve seen it grow from a handful of courses to 106 at the last BlackHat USA. With many courses purportedly offering the same or similar content, it’s getting harder to choose as a student. This blog entry will cover some of the stuff we think makes…
SensePost at Blackhat & Defcon 2016
The annual Hacker Summer Camp is nearly upon us, everyone at SensePost is getting ready. This is a brief overview of what we’ll be doing. The tl;dr is: BlackHat Training, BlackHat Arsenal x2, Defcon talk & Stickers :) We’re back at BlackHat for our 15th year of training with a selection of courses ranging from introductory courses for beginners through to hardcore courses for experts. Basic Tools & Techniques for Hackers…
PwnBank en route to Vegas
Everyone has a mobile phone (ok some have two) and the wealth of information people put into them is staggering. This single platform gives attackers an incredibly large attack surface area to target, so it’s no surprise we *love* owning mobile devices. With this in mind, the countdown to Blackhat USA has begun and we will be launching our latest iteration of the Mobile hacking course to the eager and…
Where SensePost meets the real world
SensePost Training at Blackhat USA What is SensePost infrastructure training about and what does it give you as a novice pentester? What does it give you as a pentester looking to move into infrastructure hacking? Training at SensePost focuses on learning the Trade and not just the trick, thus our focus is on your testing methodology rather than simply showing you some cool tools. And what is this methodology you may ask,…
Into The Cloud
Picture this. Every year, a group of Plakkers (our nickname for those who work at SensePost) descended into Las Vegas with more luggage than Imelda Marcos on a shoe shopping spree. In recent years, our kit list was immense. 200+ laptops, 25 servers, screens, switches and more backup disks than one should ever carry past TSA. Often we got there days before Blackhat started and spent 24 hours making sure…
Maltego Webinar Series: Episode 01, Introduction
Hello Internet, We’re going to be hosting monthly Maltego webinar sessions, and our first one is this Friday (24th April)! Being our first episode we’re going to start with the basics of the basics. Our agenda is as follows: What is Maltego? Why Maltego? Where can I get it? How does this user interface work? What are these Maltego terms and buzzwords? What’s a transform and how I can run…
Break the Web at BlackHat Singapore
Web application security training in 2015? It’s a valid question we get asked sometimes. With the amount of books available on the subject, the tools that seemingly automate the process coupled with the fact that findings bugs in web apps should be harder now that frameworks and developers are more likely to produce secure code, is there a need to still train people up in the art of application exploitation?…
SensePost Training
Over those years, we’ve trained thousands of students in the art of offensive and defensive security through our Hacking by Numbers courses. Our courses are taken directly from the work we do. When we compromise networks, or applications with new techniques, they’re turned into modules in the appropriate course. We also don’t use trainers; every course is given by one of our analysts to keep it authentic. For our fifteenth…