Training


List of training sessions for Recon 2014:


2-Day training

Reversing telecom platforms for security: applied hacking on legacy monolithic MSC and HLR to modular ATCA's reversing

Learn about contemporary telecom and mobile system reverse engineering within the context of Telecom and Mobile Network operators and how core telecom infrastructure operate, down to the usage of these service by operators mobile apps and handset manufacturer's platforms.

We will see from the mobile handset (Android, apps, platform) to the enterprise applications (iPBX) up to the Core Network how are all these technologies meshed together and how to make sense of their protocols and applications.

click here for more details

Introduction to USB Emulation with the Facedancer by Travis Goodspeed and Sergey Bratus

The Facedancer is a tool for emulating USB devices and hosts. First introduced at Recon 2012, the board can now emulate a number of device protocols, including HID, FTDI, Mass Storage and Device Firmware Update protocols.


The new Facedancer version featured in this workshop also supports Host Mode, so you can emulate and target _either_ the device or the host.


Students will learn how to sniff and reverse engineer USB traffic to write their emulators, as well as how to work from driver source code to produce their own emulators. A section on Active Disk Antiforensics teaches how to fingerprint a host in order to evade disk imaging, and a section on easy targets show some good targets for exploitation that are likely hiding undiscovered vulnerabilities.

click here for more details


Exploit Laboratory: Red Team

The Exploit Laboratory returns to REcon for the fourth year in 2014. This year, we have two classes back-to-back, featuring advanced topics in exploit development, specially crafted for REcon.


The Exploit Laboratory: Red Team is an intense 2 day course carefully crafted to provide students a practical hands-on approach to exploiting modern day operating systems. The focus of the class is to bring participants up to speed on the complexities of exploit writing required for defeating modern exploit mitigation techniques.

click here for more details


Exploit Laboratory: Master

The Exploit Laboratory returns to REcon for the fourth year in 2014. This year, we have two classes back-to-back, featuring advanced topics in exploit development, specially crafted for REcon.


The Exploit Laboratory: Master features advanced topics in exploit development. This 2 day class is designed for participants already familiar with exploit development and need to take their skills to the next level. The Master edition course is an ideal extension of the Exploit Laboratory: Red Team class. The class is primarily driven by lab examples and exercises, with very little theoretical teaching.

click here for more details


4-Day training

iOS 7 Kernel Exploitation Training by Stefan Esser

With the release of iOS 6 in 2012 Apple has started to drastically improve the security of the iOS kernel. The exploitation of kernel vulnerabilities has become far more complex and difficult than it has been in the good old days of iOS 5. And not only that, with the recent release of iOS 7 Apple has once again changed the game. On the one hand core data structures and algorithms have been changed, like the heap zone allocator, which will break exploits designed for previous versions of iOS and on the other hand additional mitigations have been added to the iOS kernel to make attacks even harder.


Throughout this course students will get to know all these changes, how they have been circumvented in previous iOS kernel exploits and will learn strategies required for future kernel exploitation. And they will do this hands-on on actual devices running iOS 7.

click here for more details


Reverse Engineering Malware by Nicolas Brulez

Learn how to unpack and Reverse-Engineer malware in this 4-day class. Covered Topics: Unpacking, Static and Dynamic Analysis, IDA Python and Targeted Attacks.

click here for more details


Keep It Synple Stupid: Utilizing Programmable Logic for Hardware Reverse-Engineering

Performing analysis of embedded hardware often requires the correct hardware tools for the job. In this course we focus on how to efficiently offload common hardware reverse-engineering tasks to custom logic implementations. This course covers the theory and practical aspects of working with FPGAs and embedded ARM microcontrollers. Participants will get acquainted with professional workflows for ARM and FPGA/ASIC development. The course is built around the "Datenkrake" ARM/FPGA Board and each participant will receive a board alongside other course materials.

click here for more details


Windows Internals for Reverse Engineers by Alex Ionescu

Learn the internals of the Windows NT kernel architecture, including Windows 8.1 and Server 2012, in order to learn how rootkits, PLA implants, NSA backdoors, and other kernel-mode malware exploit the various system functionalities, mechanisms and data structures to do their dirty work. Also learn how drivers operate and how they can be subject to attack from user-mode callers to elevate their privileges. Finally, learn how CPU architecture deeply ties into OS design, and how Intel and AMD's mistakes can lead to more pwnage.


click here for more details

Botnet Takeover Attacks for Reverse Engineers by Brett Stone-Gross and Tillmann Werner

Learn how to apply reverse-engineering to botnet takeover attacks. This 4-day training will teach the fundamentals of botnet command-and-control protocol reversing, identifying and breaking cryptography, as well as reconstructing botnet topologies and identifying weaknesses in their infrastructure. Students will learn to use this knowledge to design botnet takeover attacks and practice their skills in various hands-on exercises.

click here for more details