Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
The Exploit Laboratory series has two advanced offerings to consider. Exploit Laboratory: Black Belt will cover advanced browser exploitation techniques, including DEP and ASLR bypass, ROP chaining and Use-After-Free bugs; it's the next step up for folks who ace the intermediate class. Then there's Exploit Laboratory: Master, making its Black Hat debut. Topics will include advanced ROP chains, infoleak bugs, one-byte memory overwrites, server-side heap spraying, and much more. Advanced attendees take note: You can take both classes back to back, if you wish.
Continuing on this track is Hands-On Exploit Development, which will guide students through finding vulnerabilities, writing exploits from scratch, and drawing on public code when necessary. While Win32 will be the main focus, expect basic exercises in Win x64, x86 Linux, and Arm as well. Beyond in-depth exploit knowledge, the Training will also explore advanced anti-exploitation measures like stack cookies, ASLR, and DEP. Hands-on labs throughout will help gauge progress and reinforce the material.
Finally, who needs 0-days when you're a highly effective hacker? The Shellcode Lab seeks to increase your exploitation success rate. Not yet elite? This Training will guide students through creating custom payloads for Windows, Linux, and OS X, integrating them into Metasploit and other public exploits. A virtual shellcode development environment will facilitate shellcode creation across the multiple platforms, and the material will grow in complexity as early wins accumulate. Come and see why past students call The Shellcode Lab "the best class I have attended in my 17 year professional career." And other nice things, too.
Black Hat USA 2015 will occur at the Mandalay Bay resort in Las Vegas. It goes down August 1-6, so be sure to register to lock in your attendance.
Everything You Need to Know About DNS AttacksIt's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask.
Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted.
Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Tweet This
1 Comments
