Training
BootCamp Reloaded Infrastructure
Why Infrastructure Hacking Isn’t Dead If you work in IT Security you may have heard people utter the phrase, “Infrastructure hacking is dead!” We hear this all the time but in all honesty, our everyday experience of working in the industry tells a completely different story. With this in mind we’ve decided to factor out our “infrastructure related h@x0ry” from our Bootcamp Course and create a brand spanking new…
Combat Reloaded
The British Special Air Service (SAS) have a motto that’s rather fitting for their line of work – Who Dares Wins To a degree, the same could be said for our newly updated Hacking by Numbers course, Combat. Penetration testing is sometimes more than following a checklist or going for the easy kill. A good penetration tester knows how to handle all thrown at them, be it a Joomla implementation,…
Hacking by Numbers – The mobile edition
West Coast in the house, well actually more like an African visiting Seattle for Blackhat’s West Coast Trainings. We’ve had a great year delivering the latest course in our amazing Hacking by Numbers training series: Mobile. What’s cool about this course, is like the others, we teach a hacking methodology rather than punting a tool or a magic, do it all solutions. Mobile was created to match the continuous growth in…
Honey, I’m home!! – Hacking Z-Wave & other Black Hat news
You’ve probably never thought of this, but the home automation market in the US was worth approximately $3.2 billion in 2010 and is expected to exceed $5.5 billion in 2016. Under the hood, the Zigbee and Z-wave wireless communication protocols are the most common used RF technology in home automation systems. Zigbee is based on an open specification (IEEE 802.15.4) and has been the subject of several academic and practical…
Black Hat Vegas 2013 – Course Summaries
We have an updated breakdown of our BlackHat courses here With the ‘early registration’ discount period coming to an end on May 31, I wanted to provide an overview of what courses we’re offering and how those courses fit together. Please be sure to take advantage of these discounted prices whilst they’re still available. This summary will help you decide which course is best for you… 1. “Cadet” is our…
BlackOps Hacking Training – Las Vegas
BlackOps you say? At SensePost we have quite a range of courses in our Hacking by Numbers series. We feel each one has its own special place. I’ve delivered almost all the courses over the years, but my somewhat biased favourite is our relatively new BlackOps Edition. Myself (Glenn) and Vlad will be presenting this course at BlackHat Vegas in July. Where Does BlackOps fit in? Our introductory courses (Cadet…
Your first mobile assessment
Monday morning, raring for a week of pwnage and you see you’ve just been handed a new assessment, awesome. The problem? It’s a mobile assessment and you’ve never done one before. What do you do, approach your team leader and ask for another assessment? He’s going to tell you to learn how to do a mobile assessment and do it quickly, there are plenty more to come. Now you set…
Wifi Hacking & WPA/2 PSK traffic decryption
When doing wireless assessments, I end up generating a ton of different scripts for various things that I thought it would be worth sharing. I’m going to try write some of them up. This is the first one on decrypting WPA/2 PSK traffic. The second will cover some tricks/scripts for rogue access-points. If you are keen on learn further techniques or advancing your wifi hacking knowledge/capability as a whole, please…
Solution for the 44Con Challenge
Last week, we published our 44Con “SillySIP” Challenge for free entry to our BlackOps training course at the 44Con conference this year. We’d like to thank all those who attempted this challenge. $queue->add($beatbox_drumroll); The winner, who responded with the first correct answer, is Ben Campbell. As a result, he gets to hang out with our trainers on a free BlackOps training course. Congratulations Ben! We look forward to meeting you…
44Con Challenge
In a similar fashion to the BlackHat challenge held earlier this year, we’re giving away a free ticket to our BlackOps course at this year’s 44Con. As a penetration tester, knowledge of an issue is not enough when one needs to demonstrate risk to a client. Furthermore, when large numbers of potential targets are involved, it becomes crucial that effective attacks are packaged and automated to allow for mass-pwnage. During an…