{"id":75,"date":"2018-06-02T13:06:15","date_gmt":"2018-06-02T13:06:15","guid":{"rendered":"https:\/\/www-new.brucon.org\/2018\/?page_id=75"},"modified":"2020-09-08T13:13:23","modified_gmt":"2020-09-08T11:13:23","slug":"brucon-2020-training","status":"publish","type":"page","link":"https:\/\/archive.brucon.org\/2020\/brucon-2020-training\/","title":{"rendered":"BruCON 2020 Training"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column]<div class=\"gem-textbox \"  ><div class=\"gem-textbox-inner\" style=\"\"><div class=\"gem-textbox-content\" style=\"background-color: #f4f6f7;background-image: url(https:\/\/archive.brucon.org\/2020\/wp-content\/uploads\/sites\/19\/2018\/06\/training_1.jpg);background-position: center top;\"><div class=\"gem-alert-box\"><div class=\"gem-alert-inner\"><div class=\"gem-alert-box-content\"><\/div><div class=\"gem-alert-box-buttons\"><style type=\"text\/css\">.thegem-button-6a28d542e585c1984 .gem-button svg {fill: #ffffff;}.thegem-button-6a28d542e585c1984 .gem-button:hover svg {fill: #b43836;}<\/style><div class=\"gem-button-container gem-button-position-center thegem-button-6a28d542e585c1984    \"  ><a class=\"gem-button gem-button-size-large gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ffffff';this.style.color='#b43836';\" href=\"#spring-training\" target=\"_self\">Spring Training<\/a><\/div> <style type=\"text\/css\">.thegem-button-6a28d542e58b0512 .gem-button svg {fill: #ffffff;}.thegem-button-6a28d542e58b0512 .gem-button:hover svg {fill: #b43836;}<\/style><div class=\"gem-button-container gem-button-position-center thegem-button-6a28d542e58b0512    \"  ><a class=\"gem-button gem-button-size-large gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ffffff';this.style.color='#b43836';\" href=\"#conference-training\" target=\"_self\">Conference Training<\/a><\/div> <\/div><\/div><\/div><\/div><\/div><\/div>[\/vc_column][\/vc_row][vc_row disable_element=&#8221;yes&#8221;][vc_column width=&#8221;1\/2&#8243;][vc_btn title=&#8221;Conference training&#8221; color=&#8221;danger&#8221; size=&#8221;lg&#8221; align=&#8221;center&#8221; i_icon_fontawesome=&#8221;fa fa-university&#8221; button_block=&#8221;true&#8221; add_icon=&#8221;true&#8221; link=&#8221;url:%23conference-training|||&#8221;][\/vc_column][vc_column width=&#8221;1\/2&#8243;][vc_btn title=&#8221;Spring Training&#8221; color=&#8221;inverse&#8221; size=&#8221;lg&#8221; align=&#8221;center&#8221; i_icon_fontawesome=&#8221;fa fa-graduation-cap&#8221; button_block=&#8221;true&#8221; add_icon=&#8221;true&#8221; link=&#8221;url:%23spring-training|||&#8221;][\/vc_column][\/vc_row][vc_row css=&#8221;.vc_custom_1545209374682{padding-top: 50px !important;}&#8221;][vc_column][vc_column_text]Immerse yourself into the world of security by attending the BruCON Training !\u00a0BruCON offers world-class, deep-technical training given by the most recognised experts with huge industry experience in their domain. We want to offer courses for anybody interesting in security, ranging from novice to advanced and for red and blue teams ![\/vc_column_text][\/vc_column][\/vc_row][vc_row disable_element=&#8221;yes&#8221; css=&#8221;.vc_custom_1599563588215{padding-top: 50px !important;}&#8221; el_id=&#8221;spring-training&#8221;][vc_column][vc_separator][vc_column_text]<\/p>\n<h2 style=\"text-align: center\">Spring Training<\/h2>\n<p>[\/vc_column_text][vc_column_text]<b>Corelan Bootcamp <\/b>is taking place on September 2 till 4, in person in Ghent (either the Hotel Novotel Gent Centrum and NH Gent Belfort.)[\/vc_column_text][\/vc_column][\/vc_row][vc_row disable_element=&#8221;yes&#8221;][vc_column][vc_column_text]<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_tta_tour controls_size=&#8221;md&#8221; active_section=&#8221;1&#8243;][vc_tta_section title=&#8221;Corelan Exploit Dev Bootcamp for Windows 10 &#8211; In Person&#8221; tab_id=&#8221;1528017211991-3021362b-266a&#8221;][vc_column_text]<strong>Description:<\/strong> The Corelan\u00a0 Exploit Dev Bootcamp for Windows 10 is a truly unique opportunity to learn both basic &amp; advanced techniques from an experienced exploit developer, at a conference. During this (typically 3 \u2018long\u2019 day) course, students will be able to learn all ins and outs about writing reliable exploits for the Windows platform.\u00a0 The trainer will share his \u201c<em>notes from the field<\/em>\u201d and various tips &amp; tricks to become more effective at writing exploits.<\/p>\n<p><strong>Remarks :\u00a0<\/strong><\/p>\n<ul>\n<li>This training will be hosted onsite in Ghent Belgium in either the Novotel or NH Ghent Centrum. We will take all precautions necessary to ensure the safety of our students<\/li>\n<li>We will host the Corelan Advanced training on September 28,29 and 30 in the same format<\/li>\n<\/ul>\n<p><strong>Instructor:\u00a0<\/strong>Peter Van Eeckhoutte<\/p>\n<p><strong>Duration:<\/strong>\u00a03-day course<\/p>\n<p><a href=\"https:\/\/archive.brucon.org\/2020\/brucon-2020-training\/corelan-bootcamp-exploit-development-for-windows-10\/\" target=\"_blank\" rel=\"noopener noreferrer\">Read More<\/a>[\/vc_column_text]<style type=\"text\/css\">.thegem-button-6a28d542e5d952339 .gem-button svg {fill: #ffffff;}.thegem-button-6a28d542e5d952339 .gem-button:hover svg {fill: #ffffff;}<\/style><div class=\"gem-button-container gem-button-position-fullwidth thegem-button-6a28d542e5d952339    \"  ><a class=\"gem-button gem-button-size-giant gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ef5047';this.style.color='#ffffff';\" href=\"https:\/\/brucon0x0c-spring-corelan.eventbrite.co.uk\" target=\"_self\">Buy Training Ticket<\/a><\/div> [\/vc_tta_section][\/vc_tta_tour][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<\/div>[\/vc_column_text][\/vc_column][\/vc_row][vc_row css=&#8221;.vc_custom_1545209392402{padding-top: 50px !important;}&#8221; el_id=&#8221;conference-training&#8221;][vc_column][vc_separator][vc_column_text]<\/p>\n<h2 style=\"text-align: center\">Conference Training<\/h2>\n<p>[\/vc_column_text][vc_column_text]<b>Conference training\u00a0<\/b>is taking place between 28 and 30 September 2020 and will be virtual with the exception of Corelan Advanced. This one takes place in Ghent (either the Hotel Novotel Gent Centrum and NH Gent Belfort.)<\/p>\n<p><strong>REMARK :\u00a0<\/strong>As of BruCON0x0B (2019), the two-day courses will start on Tuesday (instead of Monday) so you will not loose a day between training and conference.[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_tta_tour controls_size=&#8221;md&#8221; active_section=&#8221;1&#8243;][vc_tta_section title=&#8221;Corelan Advanced (In Person &#8211; COVID-19 Proof)&#8221; tab_id=&#8221;1528017211991-3021362b-266a&#8221;][vc_column_text]<strong>Description:<\/strong>\u00a0The Corelan \u201cADVANCED\u201d exploit development class is a fast-paced, mind-bending, hands-on course where you will learn advanced exploit development techniques from an experienced exploit developer. During this (typically 3 \u2018long\u2019 day) course, students will get the opportunity to learn how to write exploits that bypass modern memory protections for the Win32 platform, using Windows 7 and Windows 10 as the example platform, but using techniques that can be applied to other operating systems an applications. We will discuss differences between Windows 7 and Windows 10 and explore previously undocumented techniques to achieve important exploitation primitives in Windows 10.\u00a0 The trainer will share his \u201cnotes from the field\u201d and various tips &amp; tricks to become more effective at writing exploits.This is most certainly not an entry level course. In fact, this is one of the finest and most advanced courses you will find on Win32 exploit development.<\/p>\n<p><strong>REMARK :<\/strong> This training starts at 9:00 and will end around 22:00 PM. That means +10 hours each day (Dinner will be foreseen)<\/p>\n<p><strong>Instructor:\u00a0<\/strong>Peter Van Eeckhoutte<\/p>\n<p><strong>Duration:<\/strong>\u00a03-day course<\/p>\n<p><a href=\"https:\/\/archive.brucon.org\/2020\/brucon-2020-training\/corelan-advanced\/\" target=\"_blank\" rel=\"noopener noreferrer\">Read More<\/a>[\/vc_column_text]<style type=\"text\/css\">.thegem-button-6a28d542e62d34794 .gem-button svg {fill: #ffffff;}.thegem-button-6a28d542e62d34794 .gem-button:hover svg {fill: #ffffff;}<\/style><div class=\"gem-button-container gem-button-position-fullwidth thegem-button-6a28d542e62d34794    \"  ><a class=\"gem-button gem-button-size-giant gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ef5047';this.style.color='#ffffff';\" href=\"https:\/\/brucon0x0c-training.eventbrite.co.uk\" target=\"_self\">Buy Training Ticket<\/a><\/div> [\/vc_tta_section][vc_tta_section title=&#8221;<del>Advanced Windows Tradecraft (Virtual)<\/del> (CANCELLED)&#8221; tab_id=&#8221;1528017212014-71159b30-4998&#8243;][vc_column_text]<strong>Description:\u00a0<\/strong>Organizations with a mature security model want to test their security controls against sophisticated adversaries. Red teams that want to simulate such adversaries need an advanced tradecraft. Such a tradecraft must include the ability to adapt to the target environment, modify existing tactics and techniques to avoid detection, swiftly switch between tools written in different languages supported on Windows, break out of restrictions, utilize functionality abuse and keep up with the game of bypassing countermeasures. If you want to take your Windows tradecraft to the next level then this is the course for you.<\/p>\n<p>This training takes you through a tradecraft for Red Teaming a Windows environment with nothing but trusted OS resources and languages. We will cover multiple phases of a Red Team operation like initial foothold, enumeration, privilege escalation, persistence, lateral movement, exfiltration etc. in a fully updated and patched lab with countermeasures enabled.<\/p>\n<p>Some of the topics covered in the class:<\/p>\n<ul>\n<li>Offensive C#, PowerShell, Jscript\/VBScript<\/li>\n<li>Bypassing Application Whitelisting<\/li>\n<li>Bypassing host countermeasure<\/li>\n<li>Evading process tree based detection<\/li>\n<li>Evading advanced logging (Command line, PowerShellv5, Sysmon etc.)<\/li>\n<li>In-memory assembly and shellcode execution<\/li>\n<li>Offensive WMI COM hijacking<\/li>\n<li>Advanced Client Side Attacks on restricted and secure environments<\/li>\n<li>Local and domain privilege escalation<\/li>\n<\/ul>\n<p><em>Attendees will get free one month access to a lab configured like an enterprise environment during and after the training.<\/em><\/p>\n<p><strong>Instructor:\u00a0<\/strong>Nikhil Mittal<\/p>\n<p><strong>Duration:<\/strong> 3-day<\/p>\n<p><a href=\"https:\/\/archive.brucon.org\/2020\/brucon-2020-training\/advanced-windows-tradecraft\/\" target=\"_blank\" rel=\"noopener noreferrer\">Read More<\/a>[\/vc_column_text]<style type=\"text\/css\">.thegem-button-6a28d542e63261610 .gem-button svg {fill: #ffffff;}.thegem-button-6a28d542e63261610 .gem-button:hover svg {fill: #ffffff;}<\/style><div class=\"gem-button-container gem-button-position-fullwidth thegem-button-6a28d542e63261610    \"  ><a class=\"gem-button gem-button-size-giant gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ef5047';this.style.color='#ffffff';\" href=\"https:\/\/brucon0x0c-training.eventbrite.co.uk\" target=\"_self\">Buy Training Ticket<\/a><\/div> [\/vc_tta_section][vc_tta_section title=&#8221;<del>In &amp; Out \u2013 Detection as Code vs Adversary Simulations \u2013 Purple Edition (Virtual)<\/del> (CANCELLED)&#8221; tab_id=&#8221;1528017973492-69465b61-de00&#8243;][vc_column_text]<strong>Description:\u00a0<\/strong>The primary goal of this training is to generate offensive attack events\/symptoms within PurpleLABS infrastructure that later should be detected by Open Source SOC stack including Sigma &#8211; the open standard event description rule set and the rest of dedicated, open-source security solutions in use.<\/p>\n<p>In this way, participants will thoroughly familiarize themselves with the content of the available Sigma detection rules and their structure, better understand the essence of offensive actions, learn the low-level relationships between data sources, and thus achieve knowledge in creating their own detection rules and eventually bypassing them. We called this approach &#8216;Flip mode&#8217;, i.e. learn detection through the attack in an attractive, standardized form driven by the Open Source community. In addition, participants will use a whole range of open-source (and free commercial) solutions dedicated to SOC environments.<\/p>\n<p>This training is based on\u00a0<em>PurpleLABS<\/em>\u00a0\u2013 a dedicated virtual infrastructure for conducting detection and analysis of attackers\u2019 behaviour in terms of used techniques, tactics, procedures, and offensive tools. The environment has been set up to serve the constant improvement of competences in the field of threat hunting (threat hunting) and learning about current trends of offensive actions (red-teaming) vs detection phases (blue-teaming).<\/p>\n<p>PurpleLABS provides analytical interfaces for all relevant data sources from individual systems and network services available in the virtual infrastructure (sysmon, windows events, fw, bro, suricata, fpc, osquery, auth, powershell, waf, proxy, audit, and more).<\/p>\n<p><em>Saying that you will get a chance for doing *bonus* detection and hunting steps against all the offensive labs we have available during the training. The coolest thing is after the training you will get an additional 14-days of access to PurpleLabs! Just take a look:\u00a0<a href=\"https:\/\/www.defensive-security.com\/purplelabs\/\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/www.defensive-security.com\/purplelabs\/\u00a0<\/a><\/em><\/p>\n<p><strong>Instructor:\u00a0<\/strong>Leszek Mi\u015b<\/p>\n<p><strong>Duration:<\/strong> 3-day<\/p>\n<p><a href=\"https:\/\/archive.brucon.org\/2020\/brucon-2020-training\/in-out-detection-as-code-vs-adversary-simulations-purple-edition\/\" target=\"_blank\" rel=\"noopener noreferrer\">Read More<\/a>[\/vc_column_text]<style type=\"text\/css\">.thegem-button-6a28d542e6371436 .gem-button svg {fill: #ffffff;}.thegem-button-6a28d542e6371436 .gem-button:hover svg {fill: #ffffff;}<\/style><div class=\"gem-button-container gem-button-position-fullwidth thegem-button-6a28d542e6371436    \"  ><a class=\"gem-button gem-button-size-giant gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ef5047';this.style.color='#ffffff';\" href=\"https:\/\/brucon0x0c-training.eventbrite.co.uk\" target=\"_self\">Buy Training Ticket<\/a><\/div> [\/vc_tta_section][vc_tta_section title=&#8221;Assessing and Exploiting Control System &amp; IIoT (Virtual)&#8221; tab_id=&#8221;1528017987986-d85cab87-28e0&#8243;][vc_column_text]<strong>Description:<\/strong>This is not your traditional SCADA\/ICS\/IIoT security course! How many courses send you a $300 kit before the course start (international shipping !) including your own PLC and a set of RF hacking tools?!? This course teaches hands-on penetration testing techniques used to test individual components of a control system, including embedded electronic field devices, network protocols, RF communications, Human Machine Interfaces (HMIs), and various forms of master servers and their ICS applications.<\/p>\n<p>Skills you will learn in this course will apply directly to systems such as the Smart Grid, PLCs, RTUs, smart meters, building management, manufacturing, Home Area Networks (HAN), smart appliances, SCADA, substation automation, synchrophasors, and even IoT. This course is structured around the formal penetration testing methodology created by UtiliSec for the United States Department of Energy. Using this methodology and Control Things Pentest Platform (previously SamuraiSTFU), an open source Linux distribution for pentesting energy sector systems and other critical infrastructure, we will perform hands-on penetration testing tasks on user interfaces (on master servers and field device maintenance interfaces), control system protocols (modbus, DNP3, IEC 60870-5-104), and proprietary RF communications (433MHz, 869MHz, 915MHz). We will tie these techniques and exercises back to control system devices that can be tested using these techniques. The course exercises will be performed on a mixture of real world and simulated devices to give students the most realistic experience as possible in a portable classroom setting<\/p>\n<p><strong>Instructor:\u00a0<\/strong>Tyler Robinson and Pablo Endres<\/p>\n<p><strong>Duration:<\/strong> 3-day<\/p>\n<p><a href=\"https:\/\/archive.brucon.org\/2020\/brucon-2020-training\/assessing-and-exploiting-control-systems-iiot\/\" target=\"_blank\" rel=\"noopener noreferrer\">Read More<\/a>[\/vc_column_text]<style type=\"text\/css\">.thegem-button-6a28d542e63b83324 .gem-button svg {fill: #ffffff;}.thegem-button-6a28d542e63b83324 .gem-button:hover svg {fill: #ffffff;}<\/style><div class=\"gem-button-container gem-button-position-fullwidth thegem-button-6a28d542e63b83324    \"  ><a class=\"gem-button gem-button-size-giant gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ef5047';this.style.color='#ffffff';\" href=\"https:\/\/brucon0x0c-training.eventbrite.co.uk\" target=\"_self\">Buy Training Ticket<\/a><\/div> [\/vc_tta_section][vc_tta_section title=&#8221;Advanced Infrastructure Hacking &#8211; Fast Track (Virtual)&#8221; tab_id=&#8221;1528018016531-357a1ad0-ffcb&#8221;][vc_column_text]<strong>Description:\u00a0<\/strong>Our Advanced Infrastructure Hacking course is designed for those who wish to push their knowledge. Whether you are Pen Testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical.<\/p>\n<p>This course teaches the audience a wealth of advanced Pen Testing techniques, from the neat, to the new, to the ridiculous, to compromise modern Operating Systems, networking devices and Cloud environments. From hacking Domain Controllers to local root, to VLAN Hopping, to VoIP Hacking, to compromising Cloud account keys, we have got everything covered.<\/p>\n<p>Attendees will be able to :<\/p>\n<ul>\n<li>Enumerate, investigate, target and exploit weaknesses in an organisation\u2019s network devices, online presence, and people.<\/li>\n<li>Understand complex vulnerabilities and chained exploitation processes in order to gain access and perform restriction bypasses, privilege escalation, data ex\ufb01ltration and gain long term persistence in: Web facing services, databases, Windows, Active Directory, *nix, container-based, VPN, VLAN, VoIP and Cloud environments.<\/li>\n<li>Use compromised devices to pivot onto other private networks and\/or access services protected by whitelisting or only accessible via the loopback interface.<\/li>\n<\/ul>\n<p><strong>Instructor:\u00a0<\/strong>Anthony Webb<\/p>\n<p><strong>Duration:<\/strong> 3-day<\/p>\n<p><a href=\"https:\/\/archive.brucon.org\/2020\/brucon-2020-training\/advanced-infrastructure-hacking-fast-track\/\" target=\"_blank\" rel=\"noopener noreferrer\">Read More<\/a>[\/vc_column_text]<style type=\"text\/css\">.thegem-button-6a28d542e64077901 .gem-button svg {fill: #ffffff;}.thegem-button-6a28d542e64077901 .gem-button:hover svg {fill: #ffffff;}<\/style><div class=\"gem-button-container gem-button-position-fullwidth thegem-button-6a28d542e64077901    \"  ><a class=\"gem-button gem-button-size-giant gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ef5047';this.style.color='#ffffff';\" href=\"https:\/\/brucon0x0c-training.eventbrite.co.uk\" target=\"_self\">Buy Training Ticket<\/a><\/div> [\/vc_tta_section][vc_tta_section title=&#8221;Black Belt Pentesting \/ Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation (Virtual &#8211; Live online training)&#8221; tab_id=&#8221;1528018036023-50094a93-3fee&#8221;][vc_column_text]<strong>Description:\u00a0<\/strong>HackerOne bug hunters have earned $20 million in bug bounties until 2017 and they are expected to earn $100 million by the end of 2020. Some of HackerOne customers include the United States Department of Defense, General Motors, Uber, Twitter, and Yahoo. It clearly shows where the challenges and opportunities are for you in the upcoming years. What you need is a solid technical training by one of the Top 10 HackerOne bug hunters.<\/p>\n<p>Modern web applications are complex and it\u2019s all about full-stack nowadays. That\u2019s why you need to dive into full-stack exploitation if you want to master web attacks and maximize your payouts. Say \u2018No\u2019 to classical web application hacking. Join this unique hands-on training and become a full\u2011stack exploitation master.<\/p>\n<p><a href=\"https:\/\/silesiasecuritylab.com\/black-belt-pentesting-bug-hunting-millionaire-mastering-web-attacks-with-full-stack-exploitation\/?v=BruCON\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/silesiasecuritylab.com\/black-belt-pentesting-bug-hunting-millionaire-mastering-web-attacks-with-full-stack-exploitation\/?v%3DBruCON&amp;source=gmail&amp;ust=1597490786603000&amp;usg=AFQjCNFIScK8DMDgDqq8C96o5aQ0md8Edg\"><b>Watch 3 exclusive videos (~1 hour)<\/b><\/a>\u00a0and feel the taste of this live online training.<\/p>\n<p>After completing this live online training, you will have learned about&#8230;<\/p>\n<ul>\n<li>REST API hacking<\/li>\n<li>AngularJS-based application hacking<\/li>\n<li>DOM-based exploitation<\/li>\n<li>bypassing Content Security Policy<\/li>\n<li>server-side request forgery<\/li>\n<li>browser-dependent exploitation<\/li>\n<li>DB truncation attack<\/li>\n<li>NoSQL injection<\/li>\n<li>type confusion vulnerability<\/li>\n<li>exploiting race conditions<\/li>\n<li>path-relative stylesheet import vulnerability<\/li>\n<li>reflected file download vulnerability<\/li>\n<li>subdomain takeover<\/li>\n<li>and more\u2026<\/li>\n<\/ul>\n<p><strong>Instructor: <\/strong>Dawid Czagan<\/p>\n<p><strong>Duration:<\/strong> 2-day (Starting Tuesday)<\/p>\n<p><a href=\"https:\/\/archive.brucon.org\/2020\/brucon-2020-training\/black-belt-pentesting-bug-hunting-millionaire-mastering-web-attacks-with-full-stack-exploitation\/\" target=\"_blank\" rel=\"noopener noreferrer\">Read More<\/a>[\/vc_column_text]<style type=\"text\/css\">.thegem-button-6a28d542e64511687 .gem-button svg {fill: #ffffff;}.thegem-button-6a28d542e64511687 .gem-button:hover svg {fill: #ffffff;}<\/style><div class=\"gem-button-container gem-button-position-fullwidth thegem-button-6a28d542e64511687    \"  ><a class=\"gem-button gem-button-size-giant gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ef5047';this.style.color='#ffffff';\" href=\"https:\/\/brucon0x0c-training.eventbrite.co.uk\" target=\"_self\">Buy Training Ticket<\/a><\/div> [\/vc_tta_section][\/vc_tta_tour][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<\/div>[\/vc_column_text][\/vc_column][\/vc_row][vc_row disable_element=&#8221;yes&#8221;][vc_column][vc_column_text]At BruCON, we try to offer a qualitative line-up of courses, delivered by experts in their fields for an affordable price.In order to make sure it is interesting for the trainers, we jointly agree on a minimum amount of students. In case we have to cancel a course, we will inform you no later as one month before the training (thus September 7th for BruCON 0x0B). You will always have the option to go for a full refund, or to be moved to another course.<\/p>\n<p>Below you&#8217;ll find a list of all courses and whether this minimum has already been reached. This will be updated frequently.[\/vc_column_text][vc_raw_html]JTNDdGFibGUlM0UlMEElMEElM0N0aGVhZCUzRSUwQSUwQSUzQ3RyJTNFJTBBJTBBJTNDdGglM0VDb3Vyc2UlMjBuYW1lJTNDJTJGdGglM0UlMEElMEElM0N0aCUzRU1pbmltdW0lMjByZWFjaGVkJTNDJTJGdGglM0UlMEElMEElM0MlMkZ0ciUzRSUwQSUwQSUzQyUyRnRoZWFkJTNFJTBBJTBBJTNDdHIlM0UlMEElMEElM0N0ZCUzRUNvcmVsYW4lMjBBZHZhbmNlZCUzQyUyRnRkJTNFJTBBJTBBJTNDdGQlM0VZRVMlM0MlMkZ0ZCUzRSUwQSUwQSUzQyUyRnRyJTNFJTBBJTBBJTNDdHIlM0UlMEElMEElM0N0ZCUzRUFkdmFuY2VkJTIwV2luZG93cyUyMFRyYWRlY3JhZnQlM0MlMkZ0ZCUzRSUwQSUwQSUzQ3RkJTNFWUVTJTNDJTJGdGQlM0UlMEElMEElM0MlMkZ0ciUzRSUwQSUwQSUzQ3RyJTNFJTBBJTBBJTNDdGQlM0VNYWxpY2lvdXMlMjBEb2N1bWVudHMlMjBmb3IlMjBSZWQlMjBUZWFtcyUzQyUyRnRkJTNFJTBBJTBBJTNDdGQlM0VOTyUzQyUyRnRkJTNFJTBBJTBBJTNDJTJGdHIlM0UlMEElMEElM0N0ciUzRSUwQSUwQSUzQ3RkJTNFQSUyMFByYWN0aWNhbCUyMEFwcHJvYWNoJTIwdG8lMjBNYWx3YXJlJTIwQW5hbHlzaXMlMjBhbmQlMjBNZW1vcnklMjBGb3JlbnNpY3MlM0MlMkZ0ZCUzRSUwQSUwQSUzQ3RkJTNFTk8lM0MlMkZ0ZCUzRSUwQSUwQSUzQyUyRnRyJTNFJTBBJTBBJTNDdHIlM0UlMEElMEElM0N0ZCUzRVByYWN0aWNhbCUyMElvVCUyMGhhY2tpbmclM0MlMkZ0ZCUzRSUwQSUwQSUzQ3RkJTNFTk8lM0MlMkZ0ZCUzRSUwQSUwQSUzQyUyRnRyJTNFJTBBJTBBJTNDdHIlM0UlMEElMEElM0N0ZCUzRUFzc2Vzc2luZyUyMGFuZCUyMEV4cGxvaXRpbmclMjBDb250cm9sJTIwU3lzdGVtcyUyMCUyNiUyMElJb1QlM0MlMkZ0ZCUzRSUwQSUwQSUzQ3RkJTNFWUVTJTNDJTJGdGQlM0UlMEElMEElM0MlMkZ0ciUzRSUwQSUwQSUzQ3RyJTNFJTBBJTBBJTNDdGQlM0VEZXRlY3Rpb24lMjBvZiUyMEluJTIwJTI2JTIwT3V0JTIwLSUyME5ldHdvcmslMjBFeGZpbHRyYXRpb24lMjBhbmQlMjBQb3N0LUV4cGxvaXRhdGlvbiUyMFRlY2huaXF1ZXMlMjAtJTIwQkxVRSUyMEVESVRJT04lM0MlMkZ0ZCUzRSUwQSUwQSUzQ3RkJTNFTk8lM0MlMkZ0ZCUzRSUwQSUwQSUzQyUyRnRyJTNFJTBBJTBBJTNDdHIlM0UlMEElMEElM0N0ZCUzRUxpdmUlMjBmb3JlbnNpY3MlMjB0cmFpbmluZyUzQyUyRnRkJTNFJTBBJTBBJTNDdGQlM0VOTyUzQyUyRnRkJTNFJTBBJTBBJTNDJTJGdHIlM0UlMEElMEElM0N0ciUzRSUwQSUwQSUzQ3RkJTNFSGFja2luZyUyMGFuZCUyMFNlY3VyaW5nJTIwQ2xvdWQlMjBJbmZyYXN0cnVjdHVyZSUzQyUyRnRkJTNFJTBBJTBBJTNDdGQlM0VOTyUzQyUyRnRkJTNFJTBBJTBBJTNDJTJGdHIlM0UlMEElMEElM0N0ciUzRSUwQSUwQSUzQ3RkJTNFT2ZmZW5zaXZlJTIwV2hpdGVib2FyZCUyMEhhY2tpbmclMjBmb3IlMjBQZW5ldHJhdGlvbiUyMFRlc3RlcnMlM0MlMkZ0ZCUzRSUwQSUwQSUzQ3RkJTNFTk8lM0MlMkZ0ZCUzRSUwQSUwQSUzQyUyRnRyJTNFJTBBJTBBJTNDdHIlM0UlMEElMEElM0N0ZCUzRUJ1ZyUyMEh1bnRpbmclMjBNaWxsaW9uYWlyZSUzQSUyME1hc3RlcmluZyUyMFdlYiUyMEF0dGFja3MlMjB3aXRoJTIwRnVsbC1TdGFjayUyMEV4cGxvaXRhdGlvbiUzQyUyRnRkJTNFJTBBJTBBJTNDdGQlM0VOTyUzQyUyRnRkJTNFJTBBJTBBJTNDJTJGdHIlM0UlMEElM0MlMkZ0YWJsZSUzRQ==[\/vc_raw_html][vc_column_text]Last update : 8th June 2019[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h3>Additional info<\/h3>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_toggle title=&#8221;Pricing&#8221;]The price for 2-day courses is 1300 Euro early bird (+ VAT) per attendee.<br \/>\nThe price for 3-day courses is 1600 Euro early bird (+ VAT) per attendee.<\/p>\n<p><b>Spring training &#8211; As of the 1st of September 2020<\/b>\u00a0this will become 1400 Euro (2-day) \/ 1700 Euro (3-day) (+ VAT) per attendee.<\/p>\n<p>(*) The Corelan trainings are a little bit more expensive but consist of 3 long days (+ 10 hours) including dinner.<\/p>\n<p>(**) The Assessing and Exploiting Control Systems &amp; IIoT is also a bit more expensive but comes with a kit that will be shipped beforehand to all students[\/vc_toggle][vc_toggle title=&#8221;Location and dates&#8221;]With the exception of Corelan Bootcamp \/ Advanced (hosted at the <b>Hotel Novotel Gent Centrum, Goudenleeuwplein 5<\/b> or <b>NH Gent Belfort, Hoogpoort 63, B-9000 Ghent\u00a0<\/b>all courses will be held virtually using Zoom<\/p>\n<p>The courses\u00a0<b>begin promptly at 09h00<\/b>\u00a0and\u00a0<b>end at 17h00<\/b> (CET) (Except Corelan trainings). Out of consideration for your instructor(s) and fellow students, please try to be seated and ready to go by 08h45.[\/vc_toggle][vc_toggle title=&#8221;Why attend a BruCON Training ?&#8221;]At BruCON, we try to keep our <strong>prices affordable<\/strong>, both for the conference and training. We focus on the having smaller classes with <strong>enough time to get to learn and exchange experience<\/strong>. We will host <strong>a social gathering for students, trainers and crew<\/strong> to meetup over a beer (or more) and you will receive <strong>a small gift<\/strong>[\/vc_toggle][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h3>Frequently Asked Question regarding the impact of the Coronavirus on BruCON Training<\/h3>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_toggle title=&#8221;Courses will be held virtually, will I have to pay the same ?&#8221;]We have decided to keep the same price for our courses, but to ensure the students get something in return. For Spring training we shipped a very special trainee gift (<a href=\"https:\/\/archive.brucon.org\/2020\/2020\/06\/03\/brucon-0x0c-virtual-spring-training-trainee-gift\/\" target=\"_blank\" rel=\"noopener noreferrer\">more details<\/a>) to all students. We will do the same for regular training courses as a compensation for the students[\/vc_toggle][vc_toggle title=&#8221;What about Corelan, will it be held in-person ?&#8221;]YES, Corelan will be held in person. Bootcamp will be held on the 2nd, 3rd and 4th of September and Advanced will be held on the 28th, 29th and 30th of September[\/vc_toggle][\/vc_column][\/vc_row][vc_row disable_element=&#8221;yes&#8221;][vc_column][vc_toggle title=&#8221;How to register a conference ticket after purchasing a training ticket ?&#8221;]After you have purchased a training ticket, you will receive a confirmation email from EventBrite. In this email, towards the bottom there will be an &#8220;Additional Information&#8221; section that looks as follows<\/p>\n<p><img class=\"alignnone size-medium wp-image-1929\" src=\"https:\/\/archive.brucon.org\/2020\/wp-content\/uploads\/sites\/19\/2019\/06\/Capture-300x200.jpg\" alt=\"\" width=\"300\" height=\"200\" srcset=\"https:\/\/archive.brucon.org\/2020\/wp-content\/uploads\/sites\/19\/2019\/06\/Capture-300x200.jpg 300w, https:\/\/archive.brucon.org\/2020\/wp-content\/uploads\/sites\/19\/2019\/06\/Capture.jpg 559w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>With this code, you can go to the conference registration page (<a href=\"https:\/\/brucon-0x0b.eventbrite.co.uk\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/brucon-0x0b.eventbrite.co.uk<\/a>), click on <strong>Tickets\u00a0<\/strong>and click on the link on the top right &#8220;<em>Enter Promotional Code<\/em>&#8220;. Once you have entered the code you have found in your confirmation email, you will be able to purchase a conference ticket.<\/p>\n<p><strong>Remark :\u00a0<\/strong>This code is <strong>only valid for 10 days after completing your course registration<\/strong> ! Registrations that were not completed on time, will be removed.[\/vc_toggle][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>[vc_row][vc_column][\/vc_column][\/vc_row][vc_row disable_element=&#8221;yes&#8221;][vc_column width=&#8221;1\/2&#8243;][vc_btn title=&#8221;Conference training&#8221; color=&#8221;danger&#8221; size=&#8221;lg&#8221; align=&#8221;center&#8221; i_icon_fontawesome=&#8221;fa fa-university&#8221; button_block=&#8221;true&#8221; add_icon=&#8221;true&#8221; link=&#8221;url:%23conference-training|||&#8221;][\/vc_column][vc_column width=&#8221;1\/2&#8243;][vc_btn title=&#8221;Spring Training&#8221; color=&#8221;inverse&#8221; size=&#8221;lg&#8221; align=&#8221;center&#8221; i_icon_fontawesome=&#8221;fa fa-graduation-cap&#8221; button_block=&#8221;true&#8221; add_icon=&#8221;true&#8221; link=&#8221;url:%23spring-training|||&#8221;][\/vc_column][\/vc_row][vc_row css=&#8221;.vc_custom_1545209374682{padding-top: 50px !important;}&#8221;][vc_column][vc_column_text]Immerse yourself into the world of security by attending the BruCON Training !\u00a0BruCON offers world-class, deep-technical training given by the most recognised experts with huge industry experience in their domain. We want to offer courses for anybody interesting in security, ranging from novice to advanced and for red and&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-75","page","type-page","status-publish"],"_links":{"self":[{"href":"https:\/\/archive.brucon.org\/2020\/wp-json\/wp\/v2\/pages\/75","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.brucon.org\/2020\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/archive.brucon.org\/2020\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2020\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2020\/wp-json\/wp\/v2\/comments?post=75"}],"version-history":[{"count":88,"href":"https:\/\/archive.brucon.org\/2020\/wp-json\/wp\/v2\/pages\/75\/revisions"}],"predecessor-version":[{"id":2494,"href":"https:\/\/archive.brucon.org\/2020\/wp-json\/wp\/v2\/pages\/75\/revisions\/2494"}],"wp:attachment":[{"href":"https:\/\/archive.brucon.org\/2020\/wp-json\/wp\/v2\/media?parent=75"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}