CanSecWest DOJOs

secwest.net DOJOs

Although no DOJOs are available for registration at this time, we’ve listed the ones we offered at the most recent secwest.net conference below to demonstrate the type of training and/or courses that we offer.

Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation
May
13
to May 14

Black Belt Pentesting / Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation

Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique hands-on training!

I will discuss security bugs found in a number of bug bounty programs (including Google, Yahoo, Mozilla, Twitter and others). You will learn how bug hunters think and how to hunt for security bugs effectively.

To be successful in bug hunting, you need to go beyond automated scanners. If you are not afraid of going into detail and diving into full-stack exploitation, then this training is for you.

Watch 3 exclusive videos to feel the taste of this training:

View Event →
Full-Stack Pentesting Laboratory: 100% Hands-On + Lifetime LAB Access.  (3 DAY Version)
May
6
to May 8

Full-Stack Pentesting Laboratory: 100% Hands-On + Lifetime LAB Access. (3 DAY Version)

  • New York, New York United States (map)
  • Google Calendar ICS

Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.

For each attack, vulnerability and technique presented in this training there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.

I found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training I’ll share my experience with you. The content of this training has been carefully selected to cover the topics most frequently requested by professional penetration testers.

View Event →
Windows Kernel Exploitation: Advanced
Apr
20
to Apr 23

Windows Kernel Exploitation: Advanced

We will look into how we can bypass kASLR, kLFH, and do hands-on exploitation using data-only attack, which effectively bypasses SMEP and other exploit mitigations.

Upon completion of this training, participants will be able to learn:

  • Exploit development process in kernel mode

  • Mitigation bypasses

  • Pool internals & Feng-Shui

  • Arbitrary Read/Write primitive

View Event →
Windows Kernel Exploitation: Foundation
Apr
13
to Apr 16

Windows Kernel Exploitation: Foundation

In this course, we will use Windows 11 x64 for all the labs and has a CTF that runs throughout the training. This course starts with the basics of Windows & driver internals, different memory corruption classes, and fuzzing of kernel mode drivers.

Upon completion of this training, participants will be able to learn:

  • Basics of Windows and driver internals

  • Different memory corruption classes

  • Fuzz kernel mode drivers to find vulnerabilities

  • Exploit development process in kernel mode

  • Kernel debugging

View Event →
Media Effects used in Influence Operations
Mar
19

Media Effects used in Influence Operations

In this workshop, the author delivers a fusion of theoretical knowledge and practical examples intertwined in an active discussion. The workshop is designed for a technical audience who work in social media and the information operations space. The knowledge section covers the basics of communications theory, aiming to make the concepts accessible to non-practitioners in the field.

The presenter will cover the two-step flow of information, gatekeeping, agenda-setting, priming, framing, the spiral of silence, echo chambers, cultivation, and other important media effects. Furthermore, the workshop will also cover some not well understood classes of operations, such as Discoverable and Reflexive Operations. Last but not least, it covers topics from NLP, Cognitive science, and, specifically, how our brains process information and how this is exploited by some of the above-mentioned media effects and techniques.

View Event →
Advanced Offensive GraphQL Security Training
Mar
19

Advanced Offensive GraphQL Security Training

Master GraphQL hacking from the authors who wrote Black Hat GraphQL. This (part 2) advanced hacking course builds on top of the foundational knowledge you gained about GraphQL internals in part 1. Leveraging a custom hacking lab, you’ll delve into the details of how to execute numerous GraphQL attacks such as:

  • Reconnaissance Techniques

  • Information Disclosure

  • Denial of Service Attacks

  • Authentication & Authorization Bypasses

  • Injection Exploits

  • Request Forgery & Hijacking

    • Cross-site request forgery

    • Server-side request forgery

View Event →
Teaching Burp to Speak GraphQL:  Automated Security Scanning of Your GraphQL API with Burp
Mar
19

Teaching Burp to Speak GraphQL: Automated Security Scanning of Your GraphQL API with Burp

Rest APIs have been the backbone of webapps for over a decade now, and it’s treated us well. Inevitably, a challenger has approached and is gradually becoming the new industry standard. That is GraphQL, a query a language for your API. But shifts in tech trends also bring another inevitability, new and interesting ways to hack stuff. GraphQL is a growing target, and the pentesting tools have yet to keep up, leaving the criminals with more time and opportunity to probe and exploit vulnerabilities in your web apps.

Burp Suite has been the defacto tool for Application Security professionals running DAST scans and penetration tests against web apps, and its amazing Active Scan feature badly needed to be able to parse GraphQL. Our new plugin for Burp Suite allows the Active Scanner to competently point its library of payloads at a GraphQL API, giving the defenders a chance to detect vulnerabilities before the criminals do.

View Event →
Artificial Intelligence for Cybersecurity Professionals
Mar
18
to Mar 19

Artificial Intelligence for Cybersecurity Professionals

In an era where cyber threats are increasingly sophisticated, the need for advanced defense mechanisms is paramount. This 2-day intensive course is designed for working professionals in the cybersecurity field, aiming to equip them with the knowledge and skills to leverage artificial intelligence (AI) in combating cyber threats. The course provides a comprehensive overview of AI technologies, focusing on their application in cybersecurity. Participants will gain insights into the latest AI tools and techniques used for threat detection, risk management, and response automation. Through a blend of theoretical knowledge and practical exercises, the course prepares professionals to effectively integrate AI into their cybersecurity strategies.

View Event →
OPSEC for Investigators and Researchers
Mar
18

OPSEC for Investigators and Researchers

Whether performing an in-depth investigation or merely quick research, the investigator (or researcher) and the investigation itself are exposed to certain risks.

This workshop focuses on security and safety issues pertaining to online research and investigations. It covers different areas of the investigative process and how tools and particular techniques can leak information detrimental to the case or the investigator.

The workshop focuses on both the technical and soft - intelligence and counterintelligence aspects of OPSEC, thus it is useful to both technical investigators as well as non-technical folks, like mainstream journalists and lawyers.

View Event →
Beginner C2 with Sliver
Mar
18
to Mar 19

Beginner C2 with Sliver

Learn the ins and outs of using a command-and-controls (C2) for red team operations and learn how threat actors use C2s to gain access to computers and internal networks. During this course, we will create implants with Sliver, learn how to manage a C2 with multiple operators, persist in the target’s environment, pivot to other hosts, and steal valuable credentials. Course material will be accompanied by hands-on labs and a test network to familiarize yourself with the tools and practice the techniques.

View Event →
Attacking and Defending Linux, Kubernetes and Docker
Mar
18
to Mar 19

Attacking and Defending Linux, Kubernetes and Docker

Learn how to attack and defend Kubernetes, Linux and containers from Jay Beale, the creator of Bastille Linux, the Center for Internet Security’s first Linux security benchmark, and two Kubernetes tools: the Peirates attack tool and the Bust-a-Kube CTF cluster. In this fully hands-on course, you’ll get access to our cloud training environment, where you’ll have a Kali Linux system filled with capture-the-flag (CTF) virtual machines and a Kubernetes cluster, which you will attack and defend.

This training focuses on giving you practical attack skills from real penetration tests, coupled with solid defenses to break attacks. Every single topic in the class has a long attack exercise, where you use Kali Linux to attack Kubernetes and containerized programs, and a matching short defense exercise, where you will use new skills to break that attack, confident that it will break other attacks. In this well-reviewed class, we attack the container orchestration system, Kubernetes, along with the Linux operating system and containers that make it up!

We begin with a technical introduction to Kubernetes and containers. We learn how to work with container runtimes, hands-on, and then learn the beginnings of container breakout. We then take a deep dive into Kubernetes security measures, starting with authorization, before our next lab: a multi-step Kubernetes cluster compromise. The class continues in this fashion: concepts, then attack, then defense. In all, there are 14 lab exercises, including MitM attacks, node compromises, and cluster-to-cloud-to-cluster compromise.

Our defense work will include: authorization settings, role-based access control, network policies, pod security standards, and the Kyverno admission controller. These will enable and enforce the powerful technologies we’ve learned: AppArmor, SecComp, and root capability dropping. We’ll see how both on-prem and cloud-based clusters can be attacked, attack our own clusters, and then harden those Kubernetes clusters to break our attacks.

View Event →
Foundational GraphQL API Attack Surface Training
Mar
18

Foundational GraphQL API Attack Surface Training

Learn about GraphQL hacking from the authors who wrote Black Hat GraphQL. This crash course into GraphQL will give you a hands-on approach to learning about how this rapidly adopted API technology works and how its internals can be used as attack vectors.

  • Basics of GraphQL communications, language and type system

  • Build your own GraphQL hacking lab with a vulnerable target server and popular GraphQL hacking utilities

  • Understand the basics of GraphQL vulnerabilities

View Event →
x86-64 Assembly
Mar
16
to Mar 19

x86-64 Assembly

This class teaches you how to disassemble binaries, read x86-64 assembly language, and debug black-box binaries in WinDbg and GDB. This knowledge of assembly is the fundamental skill which is required to learn reverse engineering and vulnerability exploitation. Reverse engineering is in turn a fundamental skill which is required for malware analysis and vulnerability hunting.

View Event →
C/C++ Implementation Vulnerabilities Part 1
Mar
16
to Mar 19

C/C++ Implementation Vulnerabilities Part 1

Dual-purpose class: This class teaches developers how to avoid writing implementation flaws, or detect ones that are already in their code...but it also teaches vulnerability-hunters how to find the flaws as well! So it's an epic battle between contentious developers and devious vulnerability hunters! Who will win?! Whoever most takes the lessons of this class to heart!

Over three-dozen CVE writeups!

This class serves as a prerequisite for a future class that will add examples on uninitialized data access, race conditions, use-after-free, type confusion, and information disclosure vulnerabilities.

View Event →
Hunting the Adversary: Applying Cyber Threat Intelligence
Mar
16
to Mar 17

Hunting the Adversary: Applying Cyber Threat Intelligence

Traditional security defence tools are increasingly unable to protect against emerging and current attacks. The modern attacker has adopted advanced tools and techniques that are unable to be stopped with traditional firewalls, intrusion detection and anti-virus. Meanwhile, dedicated attackers are attempting intrusions over months and years while going undetected to steal valuable information, trade secrets and financial information. Defence techniques that leverage information about attackers and their techniques, however, provide the ability to greatly enhance the security of an organization.

Modern defences can integrate intelligence and counterintelligence information which greatly increases the ability to keep attackers out and to detect their presence quickly. This course will teach students about the tools they can use to gain insight into attackers and to integrate them into their organization. This course will be a mix of lecture and hands-on training so students will be equipped on day one to go back to their work and start using threat intelligence to protect their networks.

View Event →
Full-Stack Pentesting Laboratory: 100% Hands-On + Lifetime LAB Access
Mar
16
to Mar 19

Full-Stack Pentesting Laboratory: 100% Hands-On + Lifetime LAB Access

Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.

For each attack, vulnerability and technique presented in this training there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.

I found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training I’ll share my experience with you. The content of this training has been carefully selected to cover the topics most frequently requested by professional penetration testers.

View Event →
Attacking Hybrid Multi-Cloud Environment
Mar
16
to Mar 18

Attacking Hybrid Multi-Cloud Environment

Enterprises across the globe are moving to the Hybrid Multi-Cloud Technology. The technical understanding and enormous cost of rewriting infrastructure-applied applications to re-platform and work with the new cloud concept is a difficult task. The irregularities caused due to mis-understanding / deficit knowledge of New Cloud Concepts offered by leading Cloud Service Providers like AWS, Microsoft Azure and GCP etc have introduced multiple loopholes easily identified and exploited by Threat Actors to abuse and exploit the organization infrastructure.

CyberWarFare Labs training on "Attacking Hybrid Multi-Cloud Environment" aims to provide the trainees with the insights of the offensive techniques used by the Red Teamers and Blue Teamers in an Enterprise Cloud Infrastructure.

View Event →
x86-64 Intel Firmware Attack and Defense
Mar
16
to Mar 19

x86-64 Intel Firmware Attack and Defense

This class is designed to give you all the background you need to understand how x86-64 firmware (aka UEFI BIOS) works, and what the most common security misconfigurations are. It will prepare you to be able to read and understand the existing attack and defense research in the space, taking an explicit walk through of the attack and defense moves and counter-moves threat tree. And as always, this classes teaches you to be comfortable with Reading The Fun Manual (RTFM!) to go seek out the most accurate details of how things work, and to see out new problems in new areas that no one's read yet with a security mindset.

View Event →
C/C++ Implementation Vulnerabilities Part 2
Mar
16
to Mar 19

C/C++ Implementation Vulnerabilities Part 2

Dual-purpose class: This class teaches developers how to avoid writing implementation flaws, or detect ones that are already in their code...but it also teaches vulnerability-hunters how to find the flaws as well! So it's an epic battle between contentious developers and devious vulnerability hunters! Who will win?! Whoever most takes the lessons of this class to heart!

Over three-dozen CVE writeups!

This class treats the material from C/C++ Implementation Vulnerabilities Part 1 as a prerequisite.

View Event →
Xeno's All You Can Learn Buffet!
Mar
16
to Mar 19

Xeno's All You Can Learn Buffet!

This is the combination class that lets you take any of the material(!) from the x86-64 Assembly, x86-64 OS Internals, x86-64 Intel Firmware Attack & Defense, C/C++ Implementation Vulnerabilities Part 1 and C/C++ Implementation Vulnerabilities Part 2 classes at your own pace, but with full instructor support.

View Event →
RISC-V Assembly
Mar
16
to Mar 19

RISC-V Assembly

RISC-V is the new hotness! It's going to take over the world! (Or is it? It is!) But what is RISC-V, and why should you care?

RISC-V is an open source Instruction Set Architecture (ISA). Or, in reality, a small, tight-nit family of ISAs and ISA extensions. The multiple ISAs allow it to be modular and be cut down to work for a 32-bit embedded system, or scaled up for a 64-bit desktop system.

But it's the open-source aspect of RISC-V which is what will make it take over. In a world where many embedded device makers use ARM ISAs, but have to pay ARM a licensing fee, what company wouldn't want to investigate making their chips without paying licensing fees to ARM, or Tensilica, or others? E.g. in 2022 Espresiff indicated they'll be using RISC-V exclusively for all future chips. So in the same way that Linux found some clearly beneficial early niches, and kept expanding from there, RISC-V has begun to find its niches, and natural market forces will cause it to continue expand.

This class teaches you how to disassemble binaries, read RISC-V assembly language, and debug black-box binaries in GDB. This knowledge of assembly is the fundamental skill which is required to learn reverse engineering and vulnerability exploitation. Reverse engineering is in turn a fundamental skill which is required for malware analysis and vulnerability hunting.

View Event →
Rust for Security Engineers
Mar
16
to Mar 19

Rust for Security Engineers

This two day workshop will provide a practical survey of use cases for the Rust language within the field of information security. The material will be hands-on and accessible.

View Event →
StealthOps: Red Team Tradecraft Targeting Enterprise Security Controls
Mar
16
to Mar 18

StealthOps: Red Team Tradecraft Targeting Enterprise Security Controls

Introducing a cutting-edge training program crafted to empower penetration testers, red team members, and blue team defenders with the advanced skills needed to combat and outmaneuver apex threat actors. In the rapidly evolving landscape of cybersecurity, where attackers employ sophisticated methods such as in-memory implants, custom coding to bypass antivirus and EDR systems, and bespoke tools for lateral movement, the need for robust defensive strategies has never been more critical.

This course is meticulously designed to bridge the gap between conventional security measures and the advanced tactics utilized by adversaries, offering an in-depth exploration of the techniques and methodologies employed by these threat actors to evade host and network-level security solutions. Through a comprehensive curriculum that emphasizes hands-on experience and real-world scenarios, participants will gain unparalleled insights into enhancing enterprise-grade security postures, ensuring readiness to detect, respond to, and neutralize advanced cyber threats with precision and stealth.

View Event →
x86-64 OS Internals
Mar
16
to Mar 19

x86-64 OS Internals

This class teaches you about the fundamental hardware mechanisms which all operating systems, virtualization systems, and firmware *must* interact with in order to run successfully on x86 hardware. For instance it teaches you what an OS, virtualization, or firmware must do to separate user code (ring 3) from kernel code (ring 0). Or how they can enforce non-executable memory to make vulnerability exploitation more difficult. This is taught in a *mostly* OS-agnostic way focusing on Intel-isms rather than OS-isms (albeit with using Windows as reinforcement, thanks to its excellent kernel-level debugging support.) This class also teaches you to be comfortable with Reading The Fun Manual (RTFM!) to give you self-sufficiency when seeking out the most accurate details of how things work.

View Event →

Discover more about the DOJO philosophy.