Black Hat 2018

NotSoSecure team will return to Black Hat USA and this year we will be running the following classes:

Basic/Intermediate Tracks: Basic Infrastructure Hacking and Basic Web Hacking.
Advanced Tracks: Advanced Infrastructure Hacking and Web Hacking - Black Belt Edition.

Basic/Intermediate Classes

At Black Hat 2018, we are running two basic/intermediate level classes (Basic Infrastructure Hacking and Basic Web Hacking). These classes are designed as an introductory/intermediate level class to help those who wish to build their Infrastructure and web hacking skills.

Basic Web Hacking

This class familiarizes the attendees with a wealth of tools and techniques needed to breach the security of web applications. The class starts from the very basic and gradually build up to the level where attendees can not only use the tools and techniques to hack various components involved in web application hacking, but also walk away with a solid understanding of the concepts on which these tools work. The class also covers the industry standards such as OWASP Top 10, PCI DSS and contain numerous real life examples to help the attendees understand the true impact of these vulnerabilities. This class is constantly updated on a regular basis to ensure that the latest exploits and vulnerabilities are available within the hacklab and taught in this course.

Link for Registration:
Weekend Class (4-5 August 2018) : https://www.blackhat.com/us-18/training/schedule/#basic-web-hacking-9583
Weekday Class (6-7 August 2018) : https://www.blackhat.com/us-18/training/schedule/#basic-web-hacking-95831515525988

Basic Infrastructure Hacking

This class familiarizes the attendees with a wealth of hacking tools and techniques. The class starts from the very basic and gradually build up to the level where attendees can not only use the tools and techniques to hack various components involved in infrastructure hacking, but also walk away with a solid understanding of the concepts on which these tools work.

Link for Registration:
Weekend Class (4-5 August 2018): https://www.blackhat.com/us-18/training/schedule/index.html#basic-infrastructure-hacking-9582
Weekday Class (6-7 August 2018): https://www.blackhat.com/us-18/training/schedule/#basic-infrastructure-hacking-95821515450034

Attendees are encouraged to combine Basic Infrastructure Hacking in succession with our Basic Web Hacking class, in a 4 day format for a wider coverage of issues spanning both network and applications.

A short course preview video can be seen here:

Advanced Classes

Along with our best selling Advanced Infrastructure Hacking class we are also introducing Web Hacking Black Belt Edition. These classes allow you to take your learning to next level and gain the much needed confidence in exploring networks or web application.

Advanced Infrastructure Hacking

We return to Las Vegas with our best selling AIH Classes. Like past years we will be running a regular pace and a fast pace class as listed below:

Link for Registration:
4 day regular pace class (4-7 August 2018) https://www.blackhat.com/us-18/training/schedule/#advanced-infrastructure-hacking---2018-edition-4-day-9581
2 day Fast pace class Weekend (4-5 August 2018) (https://www.blackhat.com/us-18/training/schedule/#advanced-infrastructure-hacking---2018-edition-2-day-9580 and
Weekday (6-7 August 2018) https://www.blackhat.com/us-18/training/schedule/#advanced-infrastructure-hacking---2018-edition-2-day-95801515449063

The advanced class teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. This 2018 edition of Advanced Infrastructure Hacking course is a complete revamp of our class and covers a wide variety of neat, new and ridiculous techniques to compromise modern Operating Systems and networking devices that include OSINT, hacking with PowerShell, Shell breakouts, NoSQL DB, Docker Breakouts, Applocker Breakouts and many more.

Learn advanced techniques to compromise the following:

  • Operating systems (Windows, Linux)
  • Multiple Databases, Web and App servers
  • Switch
  • Routers
  • VLAN
  • VoIP
  • VPN

Advanced Infrastructure Hacking Promo Video

Web Hacking Black Belt Edition

NotSoSecure is pleased to launch their much awaited advanced Web Hacking class. Much like the Advanced Infrastructure Hacking class, this class talks about a wealth of hacking techniques to compromise web applications, APIs and associated end-points. This class focus on specific areas of app-sec and on advanced vulnerability identification and exploitation techniques (especially server side flaws). The class allows attendees to practice some neat, new and ridiculous hacks which affected real life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known.

Weekend Class (4-5 August 2018): https://www.blackhat.com/us-18/training/schedule/#web-hacking---black-belt-edition-9617
Weekday class (6-7 August 2018): https://www.blackhat.com/us-18/training/schedule/#web-hacking---black-belt-edition-96171515540910

Learn advanced techniques to compromise the following:

  • Authentication Bypass
  • Logical Bypass / Boundary Conditions
  • SAML / OAuth 2.0 / Auth-0 / JWT Attacks
  • Password Reset Attacks
  • Breaking Crypto
  • Business Logic Flaws / Authorization flaws
  • Advanced SQL and NoSQL Injection
  • Remote Code Execution (RCE) IN JAVA/Node/PHP/Rails/Ruby and more
  • Server Side Request Forgery (SSRF)
  • Unrestricted File Upload
  • Web shells for modern platforms
  • HTTP Parameter Pollution (HPP)
  • A Collection of weird and wonderful XSS and CSRF attacks.
  • Attack Chaining


30 days FREE Lab Access

Both Advanced and Basic classes comes with 30 days FREE lab access.
This allows attendees extra time to practice the concepts taught in the class.