Blackhat 2019

NotSoSecure team will return to Black Hat USA and this year (2019), we will be running the following classes:

Basic Tracks:: Basic Infrastructure Hacking and Basic Web Hacking.
Advanced Tracks: Advanced Infrastructure Hacking and Web Hacking - Progressive Edition.

Basic/Intermediate Classes

At Black Hat USA 2019, we are running two basic level classes (Basic Infrastructure Hacking and Basic Web Hacking). These classes are designed as an introductory level class to help those who wish to build their Infrastructure and Web hacking skills.

Basic Web Hacking

This class familiarizes the attendees with a wealth of tools and techniques needed to breach the security of web applications. The class starts from the very basic and gradually build up to the level where attendees can not only use the tools and techniques to hack various components involved in web application hacking, but also walk away with a solid understanding of the concepts on which these tools work. The class also covers the industry standards such as OWASP Top 10, PCI DSS and contain numerous real life examples to help the attendees understand the true impact of these vulnerabilities. This class is constantly updated on a regular basis to ensure that the latest exploits and vulnerabilities are available within the hacklab and taught in this course.

Link for Registration:
Weekend Class (3-4 August 2019) : https://www.blackhat.com/us-19/training/schedule/index.html#basic-web-hacking-14048

Basic Infrastructure Hacking

This class familiarizes the attendees with a wealth of hacking tools and techniques. The class starts from the very basic and gradually build up to the level where attendees can not only use the tools and techniques to hack various components involved in infrastructure hacking, but also walk away with a solid understanding of the concepts on which these tools work.

Link for Registration:
Weekend Class (3-4 August 2019): https://www.blackhat.com/us-19/training/schedule/index.html#basic-infrastructure-hacking-14049
Weekday Class (5-6 August 2019): https://www.blackhat.com/us-19/training/schedule/index.html#basic-infrastructure-hacking-140491547069424

Attendees are encouraged to combine Basic Infrastructure Hacking in succession with our Basic Web Hacking class, in a 4 day format for a wider coverage of issues spanning both network and applications.

A short course preview video can be seen here:

Advanced Classes

This year, we have two of our advanced classes available at Black Hat USA: Advanced Infrastructure Hacking and Web Hacking - Progressive Edition. These classes allow you to take your learning to the next level and gain much needed confidence in exploiting networks and web applications.

Advanced Infrastructure Hacking

The advanced class teaches the audience a wealth of hacking techniques to compromise various operating systems, networking devices and everything in between. This 2019 edition of Advanced Infrastructure Hacking course is a complete revamp of our class and covers a wide variety of neat, new and ridiculous techniques to compromise modern Operating Systems and networking devices that include OSINT, hacking with PowerShell, Shell breakouts, NoSQL DB, Docker Breakouts, Applocker Breakouts and many more.

Like past years we will be running a regular pace and a fast pace class as listed below:

Link for Registration:

4 day regular pace class (3-6 August 2019) https://www.blackhat.com/us-19/training/schedule/index.html#advanced-infrastructure-hacking----edition--day-14046

2 day Fast pace class
Weekend (3-4 August 2019)
(https://www.blackhat.com/us-19/training/schedule/#advanced-infrastructure-hacking----edition--day-14047 and

Weekday (5-6 August 2019) https://www.blackhat.com/us-19/training/schedule/index.html#advanced-infrastructure-hacking----edition--day-140471547498406

Learn advanced techniques to compromise the following:

  • Operating systems (Windows, Linux)
  • OSINT for launching attacks
  • DVCS and CI-CD Server hacks
  • Multiple Databases, Web and App servers
  • Switch
  • Routers
  • VLAN
  • VoIP
  • VPN
  • Docker
  • Kubernetes
  • AWS/Azure/GCP specific attacks

Advanced Infrastructure Hacking Promo Video

Web Hacking - Progressive Edition

Much like the Advanced Infrastructure Hacking class, this class talks about a wealth of hacking techniques to compromise web applications, APIs and associated end-points. This class focus on specific areas of app-sec and on advanced vulnerability identification and exploitation techniques. The class allows attendees to practice some niche and advanced hacks which affected real life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known.

We will be running a regular pace and a fast pace class as listed below

Link for Registration:

4 day regular pace Class (3-6 August 2019): https://www.blackhat.com/us-19/training/schedule/index.html#web-hacking---progressive-edition---day-14050

2 day fast pace class
Weekday
(5-6 August 2019): https://www.blackhat.com/us-19/training/schedule/index.html#web-hacking---progressive-edition---day-14051

Learn advanced techniques to compromise the following:

  • Authentication Bypass
  • Logical Bypass / Boundary Conditions
  • SAML / OAuth 2.0 / JWT Attacks
  • Password Reset Attacks
  • Breaking Crypto
  • Business Logic Flaws / Authorization flaws
  • Advanced SQL Injection
  • Remote Code Execution (RCE) IN JAVA/Node/PHP/Rails/Ruby and more
  • Server Side Request Forgery (SSRF)
  • Unrestricted File Upload
  • HTTP Parameter Pollution (HPP)
  • A Collection of weird and wonderful XSS and CSRF attacks.
  • Attack Chaining

Advanced Web Hacking Promo Video


30 days FREE Lab Access

Both Advanced and Basic classes comes with 30 days FREE lab access.
This allows attendees extra time to practice the concepts taught in the class.

Note: If you can't make it to Black Hat, we also offer our courses as private onsite classes. Please use the contact us form to connect with us and we would be happy to help.

Fields Marked with * are Mandatory!!

By Submitting this form you give NotSoSecure permission to contact you in the future. As tickets are limited not all applicants will be successful.