.

BackTrack to the Max: Exclusive First Time EVER!

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Jan 30, 2008 2:21 pm

BackTrack to the Max: Exclusive First Time EVER!

ChicagoCon 2008s Exclusive


This is the first time EVER that this course will be offered as an instructor led class. Add to that the fact that the core developer of BackTrack, Mati Aharoni, is there at your disposal for 5 full days of ethical hacking, and it makes this a once in a lifetime opportunity to learn from one of the brightest members of the security community.

Register NOW and say that you were there when it all started.


Pricing: Course includes use of computers, course materials, exam, breakfast, lunch, snacks all day, some dinners and a conference pass for $3495. Register before March 15 for an extra $200 Off!!

The following quote is from the ChicagoCon 2008s Description Page for BackTrack to the Max:
http://www.chicagocon.com/content/view/75/7/


"BackTrack to the Max" is a course designed for seasoned security professionals who want to learn about the inner workings of BackTrack. Topics such as offensive scripting, VPN auditing, Software Exploitation, Web Application Auditing and more are discussed. This course gives an advanced understanding of the penetration testing process -using BackTrack - and is a highly recommended course for security auditors.
 
What Is BackTrack?

BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions - Whax and Auditor. BackTrack has been dubbed as the best Security Live CD today, and has been rated 1st in its category, and 32nd overall in Insecure.org. Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc.

This course will be taught using BackTrack 3 which has yet to be released as a stable version. Until then try the Ethical Hacker Network's version of BackTrack 2, the only official version of BT with Metasploit 3. It is also packaged as a VMware Virtual Appliance for the ultimate in learning convenience.

Certification Information

Students attending this class will be able to take the 'BackTrack to the Max' certification Challenge online after the course ends. The challenge can be scheduled up to the end of Aug 2008.




BackTrack to the Max
Cracking the Perimeter


Overview:

The first real hurdle during an external pentest is cracking the organizational perimeter. Back in 2003, the average RPC remote exploit would do the job, however this is not the case anymore. Defensive security technologies have adapted themselves to the harsh reality of the internet, and security awareness is on the steady increase. “Cracking” the organizational perimeter is getting harder and harder as time goes on.

“BackTrack to the Max” is an intensive, hardcore, hands on Security class by the creators of Backtrack designed to take you through advanced, modern day “Perimeter Cracking” scenarios ‐ all based on the award winning live Distribution ‐ BackTrack 3. The course is composed of several "hardcore drilldowns", such as bypassing ASLR during exploit development, injecting malicious code into files under Windows Vista, bypassing Antivirus systems, practical Cisco GRE sniffing attacks, VPN attacks, etc ‐ all based on the award winning live Distribution‐ BackTrack 3.

The course is heavily laced with the “do it yourself” approach, and will expose you to the raw underlying mechanisms of the various attack vectors, enhancing your skills in these areas significantly.

Topics Covered:

• The 0day angle:

     o Fuzzing with spike

     o Basic shellcode development

     o Working in limited buffer spaces Egghunters

     o Practical exploitation methods (under Vista)

     o Developing client side attacks

• The Web Application angle:

     o Code analysis to pwnage – PHP based analysis

     o SQL Injection revisited – ASP based analysis

• The Network Infrastructure angle:

     o Bypassing ACL’s using spoofed SNMP packets

     o Common VPN attacks

     o Remote packet sniffing over GRE tunnels (demo)

• Trojan Horses:

     o Backdooring PE files under Windows Vista

     o Simple “Super Trojans” – Bypassing Personal Firewalls with 15 lines of code

     o Antivirus Avoidance

Course Prerequisites:

o Students need to be comfortable in Linux ‐ We'll be using BackTrack during the whole course as our attacking platform. Navigating through directories, executing scripts and tools and writing basic bash scripts are the basic skills expected from the student.

o A solid understanding of TCP/IP and various network services (DNS, DHCP, etc).

o A fair understanding of penetration testing methodology and familiarity with common tools of the trade and attack vectors (basic SQL injection, password attacks, etc).

o An understanding of the mechanisms behind Win32 Buffer Overflows.

o Knowledge of a scripting language (Perl, Python, Ruby) is recommended, but not required.

Who should attend?

“BackTrack to the Max” is a highly technical course aimed at security professionals. People with entry level “hacking” security certifications in need of modern and practical real world penetration testing experience and insights should attend. This is not an entry level course. Students are expected to be familiar with the basic methods and methodologies of an attack as a prerequisite.

Lab Description

This course includes complex hands on labs throughout the training. All students will be provided with pre‐configured VMware machines for the duration of the course for a personal and in depth learning experience. We will break Windows 2000, XP SP2, Vista and Cisco – all using a special version of BackTrack 3 specially designed for this course.



And the hits just keep on comin'. As always, feedback is welcomed,

Don
Last edited by don on Wed Jan 30, 2008 2:24 pm, edited 1 time in total.
CISSP, MCSE, CSTA, Security+ SME
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Jan 30, 2008 2:29 pm

Re: BackTrack to the Max: Exclusive First Time EVER!

Sorry about replying to my own post, but I just realized that this is the 2000th thread.

w00t!

Thanks EH-Net Community,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Jan 30, 2008 3:08 pm

Re: BackTrack to the Max: Exclusive First Time EVER!

This course sounds pretty sweet :)

And YaY for thread 2000!
<<

pseud0

User avatar

Recruiters
Recruiters

Posts: 210

Joined: Sat Nov 17, 2007 8:26 pm

Location: Detroit, Michigan

Post Wed Jan 30, 2008 3:12 pm

Re: BackTrack to the Max: Exclusive First Time EVER!

My manager just said they can't fit that into our budget.  Can you sneak me in?  Will they fall for the "I'm with the band" routine?
CISSP, CISM, CISA, GCIH, GREM, CEH, HMFIC, KTHXBIROFLCOPTER
<<

g00d_4sh

User avatar

Sr. Member
Sr. Member

Posts: 394

Joined: Tue Sep 18, 2007 1:50 pm

Location: Guayaquil, Ecuador

Post Wed Jan 30, 2008 9:13 pm

Re: BackTrack to the Max: Exclusive First Time EVER!

Ug, that is dr00l worthy.. unfortunately mr. piggy bank says no.
"Bad.. Good?  I'm the guy with the gun"
<<

TonyG

Newbie
Newbie

Posts: 8

Joined: Wed Sep 26, 2007 9:14 am

Location: Battle Creek, MI

Post Wed Mar 12, 2008 10:58 am

Re: BackTrack to the Max: Exclusive First Time EVER!

Don,
If this conference is anything like the 1st one, I'm beating on the door! Have to get approval from the boss, and of course from work too.

Hope to see you there!
Network+, Security+, C|EH, SnortCP, GSLC, PITA certified (yes, Pain In the A$$), United States Marine, thru and thru
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Wed Mar 12, 2008 12:54 pm

Re: BackTrack to the Max: Exclusive First Time EVER!

I am sure that Eh members that post a lot will get a deal of some kind. Yes, I agree the course looks good.  After meeting Muts and talking for some time, I can say he really knows his stuff! 
<<

shawal

Jr. Member
Jr. Member

Posts: 88

Joined: Mon Mar 10, 2008 1:24 pm

Post Wed Mar 12, 2008 2:03 pm

Re: BackTrack to the Max: Exclusive First Time EVER!

Do we know if that is going to be available online also? and what would be the price? it looks very interesting, very focused on the Windows domain though
RHCE, GIAC GCIH.
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Wed Mar 12, 2008 2:29 pm

Re: BackTrack to the Max: Exclusive First Time EVER!

Damn! wish I could afford that.....
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Wed Mar 12, 2008 2:41 pm

Re: BackTrack to the Max: Exclusive First Time EVER!

email them and see.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Apr 21, 2008 4:40 pm

Re: BackTrack to the Max: Exclusive First Time EVER!

If anyone is interested in a discount, PM me with your contact info. We are only offering the course, so I can't guarantee anything. We do have a great working relationship with OffSec, though, so it's worth a shot.

As I always say, it's amazing what you'll get if you simply ask.  ;D

Don
CISSP, MCSE, CSTA, Security+ SME

Return to ChicagoCon 2008s

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software