ＨｉｄｅＺｅｒｏＯｎｅ

ARM processors now power billions of mobile and IoT devices today! Understanding the basics of ARM assembly provides the foundation for diving deep into ARM exploitation and reverse engineering. This course focuses on teaching you the basics of ARM assembly!

Reconnaissance the first and probably most important step of pentesting and red-blue teaming exercises. A well done recon can help prioritize which systems to go behind first and to dedicate more time and resources. In recent times, there has been a lot of technological progress in fields in web development, cloud tech, machine learning etc. which has led to a fundamental change in how networks are created and run. There has also been an introduction of a ton of new network and application components because of this. The focus of this course to help attendees understand these new technologies and components better.

Today, all enterprises, large and small depend on VoIP to provide voice communication both internally and externally to the company. Most organizations even have dedicated Voice VLANs and/or physical ports to carry VoIP traffic. Hence, it is important to understand VoIP traffic, security concerns and its encryption/decryption for network forensics and Red-Blue teaming purposes. This course does exactly that!

Most of us have used Wireshark either academically or professionally for traffic analysis. Its a great tool for microscopic analysis of what is happening in the network. However, its greatest strength is also its greatest weakness i.e. it is extremely difficult to do macroscopic analysis, create custom reports, extract only certain fields from packets for offline analysis etc. This is where Tshark comes in! Tshark is a command line tool created by the Wireshark team and shares the same powerful parsing engine as Wireshark. It is capable of doing most things we’ve come to love Wireshark for, but with the “from command line” advantage. This makes it ideal for batch analysis, offline processing and routine automation of traffic analysis tasks. In this course, we will explore many of these capabilities. It is assumed you have a basic working knowledge of Wireshark and traffic analysis.

This course will familiarize students with all aspects of reverse engineering (reversing) Linux 32-bit applications for the purposes of locating flaws and developing exploits. By the end of this course students will be able to understand, locate, and exploit all of the common flows in 32-bit Linux software. These flaws include, but are not limited to, buffer overflow, heap overflows, format string flaws, section overflows, and kernel flaws. Along the way students will gain a better understanding of how Linux 32-bit applications work and will be exposed to a number of common reversing tools such as specialized debuggers (IDA Pro) and fuzzers.  As always, you will also learn how to leverage Python and other scripting tools in order to automate the discovery and exploitation of software flaws.