Friday, August 15, 2008

Crash Course In Penetration Testing Workshop at Toorcon

Joe and I will be conducting our Crash Course In Penetration Testing Workshop at Toorcon in September.

http://sandiego.toorcon.org/content/section/4/8/

Description

Instructors: Joseph McCray & Chris Gates
Includes: 250GB 2.5" USB Harddrive preloaded with lab VMWare images

This course will cover some of the newer aspects of pen-testing covering; Open Source Intelligence Gathering with Maltego and other Open Source tools, Scanning, Enumeration, Exploitation (Both remote and client-side) and Post-Exploitation relying heavily on the features included in the Metasploit Framework. We'll discuss our activities from both the Whitebox and Blackbox approach keeping stealth in mind for our Blackbox activities.

Web Application penetration testing will be covered as well with focus on practical exploitation of cross-site scripting (XSS), cross-site request forgery (CSRF), local/remote file includes, and SQL Injection.

The course will come with a complementary USB Harddrive loaded with the lab Virtual Machine images for you to play with so you can continue to hone your skills and learn new techniques even after the course is finished. Attendees will walk away with a current knowledge of how to pen-test both a network and a web application, all of the basic tools needed, and a set of practice exercises that they can use to improve their skills.

1 comment:

Changlinn said...

Very cool looking course. There are so many IT security/Hacking cons in the USA, makes me want to move. Australia doesn't even have one.