ＨｉｄｅＺｅｒｏＯｎｅ

The course introduces students to exploit development in MIPS processor architecture. Exploit development on MIPS processor hasn’t seen the attention that other architectures such as x86 and ARM got. With the growing IoT devices, we have been seeing many embedded devices with MIPS architecture alongside ARM. Exploit development is getting harder and harder with exploit mitigation techniques in place. But, the good news is that it is not impossible to write working exploits as exploit mitigation techniques do not fix the underlying problem in the vulnerable source code. This practical training starts with the basics of MIPS Architecture and slowly moves towards writing own shell code and creating working exploits using Return Oriented Programming for a given target binary. To give a sense of real exploitation, real world examples will be discussed with proof of concept exploits. By the end of this training, students will be able to write Memory corruption exploits for MIPS architecture, understand how Return Oriented Programming can be used in MIPS for modern day exploit development and bypass some of the most common exploit mitigation techniques such as ASLR.

Stay frosty within AWS, Azure, & GCP environments with this fast-paced and hands-on course which teaches each participant the Tactics, Techniques, and Procedures (TTPs) needed to infiltrate and expand access within cloud platforms. In this course you will: Exploit serverless (e.g. Lambda, Azure Functions) applications for initial access into targets. Pivot between data and control planes to expand access (e.g. secrets, snapshots) Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain undetected. Breach and backdoor boundaries (e.g. VPCs) to access hard to reach systems. Expanding access within Kubernetes (K8s) envs (e.g. GCP bypass of metadata protections) Compete throughout the course in our hands-on Capture the Flag (CTF) tournament!

Acunetix is a web application security scanner that helps you find and fix vulnerabilities in your web applications, web services, and APIs. It can scan any website or web application that uses HTTP or HTTPS protocol and supports various frameworks, languages, and technologies. Acunetix can detect over 7,000 types of vulnerabilities, including OWASP Top 10, SQL injection, XSS, misconfigurations, exposed databases, and more. It also provides vulnerability assessment and management features, such as severity ratings, remediation guidance, false positive reduction, and integration with development tools. Acunetix is available as an on-premise or cloud solution and can be used by businesses of all sizes to automate web application security testing and ensure long-term protection.

Tenable Nessus is a powerful vulnerability scanner that helps you identify and fix security issues in your network, web applications, cloud infrastructure, and more. With Nessus, you can