From BruCON 2012

[edit] Cyberwar: using the techniques and tactics of APT's in Penetration Tests by Joe McCray

Google, Sony, Lockheed Martin, several large financial institutions, several large oil companies, the stock market, and countless other large organizations have all targeted and systematically compromised by hackers commonly referred to as Advanced Persistent Threat (APT). These hackers, use an attack methodology focused on stealth, data collection, and persistence.

This course picks up where the wildly successful "Advanced Penetration Tester: Pentesting High Security Environments" left off. Taking Intrusion Detection System (IDS) evasion, and Anti-virus bypass to the next level.

There are a few things to note that will be different from the "Advanced Penetration Tester: Pentesting High Security Environments" and from any other hacking course for that matter:

1. Per student request there will be NO Windows XP, or Vista in the course. Only Windows 7, and Server 2008 RC2, and new Linux distributions as the targets for students to go after.

2. Students attack a network of fully patched, and hardened Windows 7, Server 2008 RC2 hosts. Each target computer will be running a Host-Based Intrusion Detection System (HIDS), updated Anti-Virus, and a logging agent that reports to a Security Information and Event Management (SIEM) solution.

3. There will also be a Network Intrusion Detection System (NIDS), a web content filtering proxy, and a stateful inspection firewall as well.

4. The classroom will have 4 projectors running to show in real time the events triggered by the HIDS, NIDS, Proxy, and the logs so the student can learn exactly what attacks and defenses really work in today's high security environment.

Students that are Network/System Administrators with three or more years experience working in environments such as financial institutions, DoD networks, or similar high security environments will benefit greatly from this course.

It is however primarily designed for Network/Web Application Penetration testers that are looking for the little tips and tricks that will help them better attack high security environments.

[edit] Trainer Biography

Joe McCray is an Air Force Veteran and has been in security for over 10 years. Joe has been involved in over 150 very high level pentesting assessments and has some major hacking accomplishments that he can share with his classes. His extensive experience and deep knowledge, mixed with his comedic style has lead Joe to be one of the most highly sought after speaking experts in the industry. Joe makes speaking appearances and gives seminars at major events in the security community such as Black Hat, DefCon, BruCon, Hacker Halted and more. Joe is the recipient of the 2009 EC-Council Instructor Circle of Excellence Award and the 2010 EC-Council Instructor of the Year Award. Joe is the founder and CEO of Strategic Security, Inc. an IT Security consulting firm that provides in-depth technical security assessments of your network, web application, and regulatory compliance gap analysis.

@j0emccray

http://strategicsec.com

24 & 25 September (09:00 - 17:00)

Back to Training Overview