He let me get a preview of his new Advanced Penetration Testing (APT): Pentesting High Security Environments course.
The syllabus is available here:
I got to look at a good chunk of the labs and its top notch training, plus you get it live from Joe who is by far one of the best instructors out there.
Of particular interest to me is the attacking from the web section:
Attacking From the Web
1. XSS to command-shell
2. SQL Injection to command-shell
3. File Handling to command-shell
File Upload to command-shell
RFI to command-shell
LFI to command-shell
Course dates are 17th - 21st May 2010 Greenbelt Maryland
2 Day version at Brucon 22-23 September 2010