- Proactive Web Defence
- Proactive Network Defence
- Proactive Mobile Defence: Android
- Proactive DevSecOps Defence
Proactive Web Defence
A three-day training course in web application security and secure coding practices, helping to ensure that your software is resilient to attacks from even the most advanced threats
PWD is an exercise-driven training course that will guide you through exploiting vulnerabilities in a realistic website. Step-by-step tutorials will ensure that you gain a thorough understanding of a modern attacker’s mind-set and capabilities. Equipped with this understanding, we will move our attention back to secure coding best practice and defensive programming techniques that can be used to make our applications robust and resilient to attacks.
Who should attend?
The course is aimed primarily at web developers although it is also suitable for technical project managers. The content caters for beginners with limited or no security knowledge and gradually progresses to advanced topics. Prior to attending Proactive Web Defence, it is recommended that you:
Course highlights
Benefits to your organisation
Topics / Syllabus
Foundation
- Hackers – Culture and Motives
- A History of Hacking
- Firewalls Pitfalls
- The CIA Triad
- HTTP Protocol Refresher
Authentication & Authorisation
- Authentication Issues
- Username Enumeration
- Brute Force Attacks
- Account Lockout
- Multi-Factor Authentication
- Forgotten Password Functionality
- Session Hijacking
- Session Fixation
- Authorisation Issues
Injection Attacks
- SQL Injection for Authentication Bypass and Data Extraction
- XML Injection
- LDAP Injection
- XPath Injection
- CRLF Injection
- SMTP Injection
- OS Command Injection
- XML eXternal Entity Processing (XXE)
- XML Denial of Service
Client-Side Attacks
- Cross-Site Scripting (XSS)
- Advanced XSS Attacks
- Output Encoding
- Cross-Site Request Forgery (CSRF)
- JSON Hijacking
- Cross-Site Redirects
- Clickjacking Attacks
Infrastructure Level Attacks
- Directory Traversal
- Insecure File Upload
- LFI and RFI
- Web Server Hardening
- Buffer Overflows
- Dangerous HTTP Methods
- Database Server Hardening
- Attacking the Database Server
Encryption & Data Storage
- Fundamentals of Encryption
- Common Encryption Flaws
- Secure Socket Layer (SSL)
- Stored Data
- Cracking Password Hashes
- Data Leakage
HTML 5
- XSS Filter Considerations
- Cross-Origin Resource Sharing
- Cross-Window Messaging
- Web Local Storage
Integrating Security
- Current State of the Industry
- Secure Software Development Lifecycle
- Security Requirements
- Security Coding Standards
- Conducting a Design Review
- Conducting a Code Review
- Vulnerability Scanning Tools
- Penetration Testing
- Logs and Alerts
- Vulnerability Management
How is this course different?
The course is delivered by experienced security professionals, who perform web application security assessments on a daily basis.
We focus on teaching offensive security techniques, so that you can fully understand the capabilities of modern attackers and therefore how to defend against them.
This is a practical, exercise driven course. We’ve developed a realistic web application with common flaws which allows us to show you how attackers would exploit these vulnerabilities in the real world.
We teach you how to introduce security in your development lifecycle in a practical manner, by combining secure coding principles, design and source code reviews
Proactive Network Defence
A three-day training course in network security, teaching you to defend against attacks of all levels of sophistication, up to and including APTs
PND is an exercise-driven training course that will guide you through attacking a real network step by step, so that you can gain a thorough understanding of a modern attacker’s mindset and capabilities. We then teach you techniques that will help you to defend your network against attacks of all levels of sophistication, up to and including Advanced Persistent Threats.
Who should attend?
This is a technical course aimed mainly at those who are responsible for deploying and managing network infrastructure, but if you’re interested in understanding hacking and security, this is also for you. You won’t need any prior security knowledge, as we cover the basics on the way to advanced topics. You will need to know Unix and Windows basics (setting an IP address, installing software, copying, moving, deleting and reading files) and network fundamentals such as the difference between TCP and UDP, the format of an IP address, subnetting / CIDR notation, and to be familiar with the more common protocols such as ICMP, HTTP, DNS and SNMP.
Course highlights
Benefits to your organisation
Topics / Syllabus
Foundation
- Hackers – Culture and Motives
- A History of Hacking
- The Rise of Cyber Warfare
- Advanced Persistent Threats (APTs)
- CNE and CNA
- War Stories
- The CIA Triad
Perimeter Security
- The Traditional Attack Methodology
- Reconnaissance – Information Gathering, Google Hacking
- Target Identification – Network Mapping, Port Scanning, Banner Grabbing
- Vulnerability Discovery (Manual & Automated)
- Vulnerability Scanner Limitations
- Common Vulnerabilities
- Configuration, Patching and Passwords
- Hacking JBoss
- Hacking SMTP Servers
- Hacking Web Apps
- SQL Injection, Code Execution
- Network Perimeter Hardening
Windows Security
- The Modern Attack Methodology
- APT Mind-Set and Capabilities
- Spear-Phishing, Drive -By Download and Watering-Hole Attacks
- Botnets
- Exploiting Java, Adobe Flash and Other Browser Plugins
- Exploiting Microsoft Word and Adobe Reader
- Bypassing Antivirus
- Maintaining Persistence and Rootkits
- Windows Privilege Escalation
- Key Logging and Screen Capture
- Hacking Windows Domains (Server 2012)
- Cracking Windows Password Hashes
- Abusing Windows Access Tokens
- Buffer Overflows
- Data Exfiltration (CNE)
- Windows Network Hardening
Network Security
- DNS Cache Poisoning, Spoofing and DoS
- Sniffing / Intercepting Network Traffic
- Man-in-the-Middle (MitM) Attacks and ARP Cache Poisoning
- Transport Encryption Flaws
- SSL/TLS, etc.
- Hacking Vulnerable Cisco Kit
- VLAN Hopping
- Bypassing Router Access Controls
- Network Device Hardening
Unix Security
- Unix File Permissions
- Hacking Traditional Unix Services
- XServer and R* Services, etc.
- Hacking Common Unix Services
- SSH, NFC, etc.
- Hacking Popular Unix Platforms
- RedHat, Solaris, etc.
- Unix Privilege Escalation
- Cracking Unix Password Hashes
- Denial of Service
- Network Sabotage (CNA)
Integrating Security
- The Death of the Perimeter
- Defending Against Client-Side Attacks
- Workstation Hardening
- Compliance Auditing
- Preventing Lateral Movement
- Windows Domain Hardening
- Server Hardening
- Secure Network Design Techniques
- Jumping Air Gaps
- An Introduction to Intrusion Detection
- Signature vs Anomaly Based Detection
How is this course different?
The course is delivered by experienced security professionals, who perform
penetration tests and APT
attack simulations on a daily
basis.
We focus on teaching offensive security techniques, so that you can fully understand the capabilities of modern attackers and therefore how to defend against them.
This is a practical, exercise driven course. We’ve simulated a real network for you to attack, which allows us to teach you the core principles that you could usually gain only through real world experience.
We teach you how to implement robust security that really works, not just security 101 like configuring firewalls and setting strong passwords
The philosophy
By teaching you how to understand the attacker mindset, you’ll be better equipped to make informed decisions about the security of your own network.
Our previous generation of courses guided delegates through isolated lab exercises to demonstrate tools and techniques that could be used to exploit security weaknesses. However, hacking is not just about learning to drive the tools; it’s about identifying and collecting information and vulnerabilities across the target organisation and leveraging them in the context of that organisation.
That’s why we’ve revamped our courses and remodeled our labs with a complete corporate infrastructure to get you as close as possible to the experience of attacking and defending a real organisation.
Proactive Mobile Defence: Android
A two-day training course in Android application security and secure coding practices
PMD is an exercise-driven training course that uses detailed tutorials to guide you through all the steps necessary to exploit a real Android application, and in the process provide you with an understanding of the modern attacker’s mindset and capabilities. This course will cover Android hacking, from the basics of vulnerability hunting on the platform to advanced exploitation techniques. At its conclusion, we will have imparted the information necessary to develop secure and robust applications.
Who should attend?
This is a technical course aimed at Android developers; however, it is also suitable for those familiar with the platform and interested in mobile application security. PMD does not require any prior security knowledge in order to benefit fully from the course as the content covers all of the basics necessary to understand advanced concepts. A working knowledge of Android is a prerequisite and it is recommended that you are familiar with the syntax and structure of an Android application, basic internal and external communications as well as accessing resources from an application.
Course highlights
Benefits to your organisation
Topics / Syllabus
Foundation
- Relevance of mobile applications in the modern world
- Mobile attackers’ goals
Android Security Model
- User separation
- File permissions
- Package structure
Analysing Android Applications
- Structure of an APK
- Application permissions
- Protection levels
- Decompiling and modifying an application
- Code signing
- Obfuscation
Android Application Components
- Activities
- Services
- Broadcast receivers
- Content providers
- Intents
- Native code
Storage and Logging
- Android file system
- Persistent storage
- Data leakage
- Backup Manager
- File encryption
- Logcat
Securing Communications
- Clear text communications
- Secure Socket Layer (SSL)
- Certificate pinning
- WebViews & JavaScript interfaces
- Alternative communication mechanisms
Security in Depth
- Root detection
- Debug detection
- Runtime manipulation
Integrating Security
- Current state of the industry
- Secure software development life cycle
- Security requirements
- Conducting a design review
- Conducting a code review
- Vulnerability scanning with drozer
- Penetration testing
- Vulnerability management
How is this course different?
The course is delivered by experienced security professionals who frequently perform mobile security assessments and are involved in mobile security research, the development of assessment tools and exploiting Android devices in competitions such as Mobile Pwn2Own.
We focus on teaching offensive security techniques so that you can fully understand the capabilities of modern attackers and therefore how to defend against them.
This is a practical, exercise driven course. We’ve developed a realistic, web-based mobile application with common flaws that allow us to show you how attackers would exploit these vulnerabilities in the real world.
We teach you how to practically introduce security in your development lifecycle by combining secure coding principles, design & source code reviews and vulnerability assessment tools, providing a maintainable and scalable approach to secure application development.
Proactive DevSecOps Defence
A three-day training course on common attack vectors affecting the entire Software Development Life Cycle.
PDD is an exercise-driven training course that will guide you through common attack vectors affecting the entire chain of a development pipeline, from code development through to deployment. The purpose being to provide a practical understanding of attacks against these environments, and most importantly the defensive controls required to mitigate them. Through the exercises and discussions held throughout the course, candidates will develop a holistic view of the security model needed to ensure the integrity of all code changes that get deployed. Participants will thus be equipped to create and maintain secure and robust development pipelines.
Who should attend?
The course is orientated around critical phases or activities within the broader Software Development Lifecycle (SDLC); where a lack of security controls could result in opportunities for attackers to affect the integrity of the software project and the dependent business as a whole. It is also aimed at developers and operations teams alike as they are typically involved in the the development, maintenance and deployment of any software project, and the risks posed to the project as a whole span the responsibilities of these teams. The course covers a holistic view of the greater development pipeline, from code changes to release; so anyone involved in the execution, planning and maintenance of such a pipeline would benefit.
DevOps engineers would benefit the most from the course as the entire course content would be directly applicable to their role. Content presented is at an intermediate level and would require the candidates to have basic knowledge of Unix systems, and typical development practices. General familiarity is necessary for the concepts of source code management, managing dependency repositories, and configuring build and deployment pipelines.
Course highlights
Benefits to your organisation
Topics / Syllabus
Foundation
- Software Development Lifecycle and Models
- Evolution of software development
- Real world compromise examples
Defending the pipeline
- Shifting security left
- Size, scale and complexity of security requirements
- Attack surface and security principles
Development
- The code repository
- Workstation compromise
- Code repository security controls
Dependency Management
- Internal dependencies
- External dependencies
Building and Deployment
- Build technology
- Automatic build triggers
- Secret management
- Shared build infrastructure
- Deployment
Case Study: Pipeline Comparison
- Gitlab pipeline exploitation
- Pipeline Comparison: comparing weak controls, to the ideal environment
How is this course different?
This is a practical, exercise driven course, consisting of a number of common configurations of development pipelines for you to attack. The course is delivered by experienced security professionals, who have experience performing many of the attacks incorporated into the exercises.
The course focuses on key security controls that span across the entire Software Development lifecycle: from code change to deployment. Focus is placed on teaching offensive security techniques by providing participants with practical exercises that allow them to exploit weaknesses to achieve a particular goal.
By orientating the course around the attacker mindset, participants are able to see these environments through the lens of an attacker. This approach allows us to tangibly teach you the risks, so that it becomes evident “why“ and “how” to protect the pipeline against these threats. With an understanding of the requirements needed to perform an attack, the context needed to enforce effective security controls will allow participants to proactively secure their environments.