Trainings
List of training sessions for Recon 2018:
Click here to register.
- Mobile and Telecom Applied Hacking and Reverse Engineering by P1Sec (2 days)
- IC Reverse Engineering 101 by Olivier Thomas (2 days)
- Defending From Platform Firmware Threats by Yuriy Bulygin and Oleksandr Bazhaniuk (3 days)
- Reverse Engineering Malware by Nicolas Brulez (4 days) - ( 2 seats left )
- Windows Internals for Reverse Engineers by Alex Ionescu (4 days) - ( SOLD OUT )
- 18 to 21 June - Windows Internals for Reverse Engineers by Alex Ionescu (4 days) - ( 1 seat left)
- Hardware Hacking by Dmitry Nedospasov (4 days)
- The ARM IoT Exploit Laboratory by Saumil Shah (4 days) - ( SOLD OUT )
- Windows Kernel Rootkits Techniques and Analysis by Bruce Dang (4 days) - ( SOLD OUT )
- MacOS High Sierra and iOS 11 Kernel Internals for Security Researchers by Stefan Esser (4 days) - ( SOLD OUT )
- Botnet Takeover Attacks For Reverse Engineers by Brett Stone-Gross and Tillmann Werner (4 days)
- Binary Literacy: Systematic Static Reverse Engineering by Rolf Rolles (4 days) - ( SOLD OUT )
- 18 to 21 June - Binary Literacy: Systematic Static Reverse Engineering by Rolf Rolles (4 days) - ( SOLD OUT )
- Vulnerability Discovery and Triage Automation by Richard Johnson (4 days) - ( SOLD OUT )
2-Day trainings
Mobile and Telecom Applied Hacking and Reverse Engineering
Learn about contemporary telecom and mobile system reverse engineering within the context of Telecom and Mobile Network operators and how to attack core telecom infrastructure (Core Network, Services, Mobile Apps, Handset platforms, IoT platforms). We will see from the mobile handset (Android, apps, platform) to the operator Core Network how these technologies meshed together and how to make sense of their protocols and applications.
Click here for more details
- Instructor: P1Sec
- Dates: 13-14 June 2018
- Capacity: 15 Seats
- Price: 2300$ CAD before May 1, 2700$ CAD after.
IC Reverse Engineering 101
Hardware low level attacks are the basis for counterfeits creation but also for extracting legitimate devices in order to get confidential data or to change their behavior. They also can be used to access restricted software which makes their analysis possible for creating remote attacks as recently seen with IoT based DDoS attacks. Security implemented in hardware is no longer immune to analysis and ICs may be the most vulnerable component of a security system.
For several decades, hardware security relied on obfuscation and the entry barrier for Integrated Circuit (IC) hacking being money and time made it possible for chip designers to rely on this strategy. Two phenomenons changed this postulate as the money investment dropped severely and the attack timing also significantly decreased.
Analyzing hardware requires various knowledge about circuits, how they are designed, manufactured and tested. However, the skills required for performing vulnerability and/or risk analysis are accessible to those who are already familiar with software and network security.
Click here for more details
- Instructor: Olivier Thomas
- Dates: 13-14 June 2018
- Capacity: 24 Seats
- Price: 2300$ CAD before May 1, 2700$ CAD after.
3-Day trainings
Defending From Platform Firmware Threats
A variety of attacks targeting system firmware have been discussed publicly, drawing attention to the pre-boot and firmware components of the platform such as BIOS and SMM, OS loaders and secure booting. This training will detail and organize objectives, attack vectors, vulnerabilities and exploits against various types of system firmware such as legacy BIOS, SMI handlers and UEFI based firmware, mitigations as well as tools and methods available to analyze security of such firmware components. It will also detail protections available in hardware and in firmware such as Secure Boot implemented by modern operating systems against bootkits.
Click here for more details
- Instructor: Yuriy Bulygin and Oleksandr Bazhaniuk
- Dates: 12-14 June 2018
- Capacity: 25 Seats
- Price: 3450$ CAD before May 1, 4050$ CAD after.
4-Day trainings
Reverse Engineering Malware
Learn how to unpack and Reverse-Engineer malware in this 4-day class.
Covered Topics: Unpacking, Static and Dynamic Analysis, IDA Python and Targeted Attacks.
Click here for more details
- Instructor: Nicolas Brulez
- Dates: 11-14 June 2018
- Capacity: 20 Seats
- Price: 4600$ CAD before May 1, 5400$ CAD after.
Windows Internals for Reverse Engineers
Learn the internals of the Windows NT kernel architecture, including Windows 10 “Threshold 2” and “Redstone 1”, as well as Server 2016, in order to learn how rootkits, PLA implants, NSA backdoors, and other kernel-mode malware exploit the various system functionalities, mechanisms and data structures to do their dirty work. Also learn how kernel-mode code operates and how it can be subject to attack from user-mode callers to elevate their privileges. Finally, learn how CPU architecture deeply ties into OS design, and how Intel, ARM and AMD’s mistakes can lead to more pwnage.
Click here for more details
- Instructor: Alex Ionescu
- Dates: 11-14 June 2018
- Capacity: 18 Seats ( SOLD OUT )
- Price: 5400$ CAD.
18 to 21 June - Windows Internals for Reverse Engineers
Learn the internals of the Windows NT kernel architecture, including Windows 10 “Threshold 2” and “Redstone 1”, as well as Server 2016, in order to learn how rootkits, PLA implants, NSA backdoors, and other kernel-mode malware exploit the various system functionalities, mechanisms and data structures to do their dirty work. Also learn how kernel-mode code operates and how it can be subject to attack from user-mode callers to elevate their privileges. Finally, learn how CPU architecture deeply ties into OS design, and how Intel, ARM and AMD’s mistakes can lead to more pwnage.
Click here for more details
- Instructor: Alex Ionescu
- Dates: 18-21 June 2018
- Capacity: 18 Seats
- Price: 5400$ CAD.
Hardware Hacking
The analysis of hardware targets can often be hampered by the fact that a compatible peripheral is not available. However, through a combination of hardware and software it is possible to rapidly prototype and design such peripherals. This training is specifically designed for security researchers who wish to improve their familiarity with hardware security as well as the underlying implementations. The training is built as a set of Capture the Flag (CTF) style assignments, each designed to familiarize students with a common flaw in hardware implementations. Students will learn an efficient workflow for designing such peripherals. This workflow utilizes a combination of programmable logic (CPLDs, FPGAs) and corresponding python code to solve each assignment. Students that complete the course will thoroughly understand the advantages of building tools based on programmable logic. Additionally, students will understand how hardware implementations are realized and exploit several common hardware security flaws. Most importantly, students will learn the necessary skills for real-time analysis of complex undocumented proprietary protocols.
Click here for more details
- Instructor: Dmitry Nedospasov
- Dates: 11-14 June 2018
- Capacity: 24 Seats
- Price: 4600$ CAD before May 1, 5400$ CAD after.
The ARM IoT Exploit Laboratory
ARM has emerged as the leading architecture in the Internet of Things (IoT) world. The all new ARM IoT Exploit Laboratory is a 4-day intermediate level class intended for students who want to take their exploit writing skills to the ARM platform. The class covers everything from an introduction to ARM assembly all the way to Return Oriented Programming (ROP) on ARM architectures. Our lab environment features hardware and virtual platforms for exploring exploit writing on ARM based Linux systems and IoT devices.
The class concludes with an end-to-end “Firmware-To-Shell” hack, where we extract the firmware from a popular SoHo router, build a virtual environment to emulate and debug it, and then use the exploit to gain a shell on the actual hardware device. The 4-day format features lots of hands-on exercises allowing students to internalise concepts taught in class.
Click here for more details
- Instructor: Saumil Shah
- Dates: 11-14 June 2018
- Capacity: 25 Seats
- Price: 4600$ CAD before May 1, 5400$ CAD after.
Windows Kernel Rootkits Techniques and Analysis
This course is tailored for malware analysts, system developers, forensic analysts, incident responders, or enthusiasts who want to analyze Windows kernel rootkits or develop software for similar tasks. It introduces the Windows architecture and how various kernel components work together at the lowest level. It discusses how rootkits leverage these kernel components to facilitate nefarious activities such as hiding processes, files, network connections, and other common objects. As part of the analytical process, we will delve into the kernel programming environment; we will implement some kernel-mode utilities to aid our understanding.
Click here for more details
- Instructor: Bruce Dang
- Dates: 11-14 June 2018
- Capacity: 20 Seats ( SOLD OUT )
- Price: 4600$ CAD before May 1, 5400$ CAD after.
MacOS High Sierra and iOS 11 Kernel Internals for Security Researchers
This course introduces you to the low level internals of the iOS and OS X kernels from the perspective of a security researcher interested in vulnerability analysis, kernel rootkit/malware analysis/detection or kernel exploit development. While this course is concentrating on MacOS High Sierra on the x64 cpu architecture the latest security enhancements of iOS 9/10 will also be discussed. The course material was updated to the latest security features of MacOS High Sierra and iOS 11. Apple incorporated lots of changes into iOS MacOS High Sierra and iOS 11. Therefore there are many changes to the material from previous course.
Click here for more details
- Instructor: Stefan Esser
- Dates: 11-14 June 2018
- Capacity: 18 Seats
- Price: 4600$ CAD before May 1, 5400$ CAD after.
Botnet Takeover Attacks For Reverse Engineers
Learn how to apply reverse-engineering to botnet takeover attacks. This 4-day training will teach the fundamentals of botnet command-and-control protocol reversing, identifying and breaking cryptography, as well as reconstructing botnet topologies and identifying weaknesses in their infrastructure. Students will learn to use this knowledge to design botnet takeover attacks and practice their skills in various hands-on exercises.
Click here for more details
- Instructor: Brett Stone-Gross and Tillmann Werner
- Dates: 11-14 June 2018
- Capacity: 24 Seats
- Price: 4600$ CAD before May 1, 5400$ CAD after.
Binary Literacy: Systematic Static Reverse Engineering
This four-day course contains a thorough introduction to static reverse engineering, the act of deriving meaning from assembly language code simply by reading it. The target audience is those who primarily employ dynamic reverse engineering, and/or for those who are more comfortable with Hex-Rays than an ordinary disassembly listing. The course has been heavily classroom-tested, having been taught over two dozen times. The material has been rewritten and modernized for the last edition of Recon.
Click here for more details
- Instructor: Rolf Rolles
- Dates: 11-14 June 2018
- Capacity: 16 Seats ( SOLD OUT )
- Price: 4600$ CAD before May 1, 5400$ CAD after.
18 to 21 June - Binary Literacy: Systematic Static Reverse Engineering
This four-day course contains a thorough introduction to static reverse engineering, the act of deriving meaning from assembly language code simply by reading it. The target audience is those who primarily employ dynamic reverse engineering, and/or for those who are more comfortable with Hex-Rays than an ordinary disassembly listing. The course has been heavily classroom-tested, having been taught over two dozen times. The material has been rewritten and modernized for the last edition of Recon.
Click here for more details
- Instructor: Rolf Rolles
- Dates: 18-21 June 2018
- Capacity: 16 Seats
- Price: 4600$ CAD before May 1, 5400$ CAD after.
Vulnerability Discovery and Triage Automation
This class is designed to introduce students to the best tools and technology available for automating vulnerability discovery and crash triage with a focus on delivering a practical approach to applying this technology in real deployments at any scale.
Click here for more details
- Instructor: Richard Johnson
- Dates: 11-14 June 2018
- Capacity: 20 Seats ( SOLD OUT )
- Price: 4600$ CAD before May 1, 5400$ CAD after.