The trainings will be held in parallel and applications will only be accepted for a single training class. For multiple applicants, the last application will be taken into consideration.
Registration will open on Apr 10th, 2024. Please use register.hacktrickconf.com to sign up.
Explanation:
The Active Directory Red Teaming course offers practical training on the latest techniques, tactics, and procedures (TTPs) used by APT groups and ransomware operators within Active Directory, the main Identity and Access Management system in corporate settings. The course will explain the theory behind these techniques and their root causes. It will also introduce essential defensive strategies and detection methods to protect against attacks.
Titles:
- Active Directory Basics
- Logical Units and Object Types
- Privileged & Admin Objects
- Access Control Entry and Access Control List Structures
- Types of Hashes
- Authentication Protocols
- Kerberos
- Kerberos Fundamentals
- Double Hop Problem
- Unconstrained Delegation
- Constrained Delegation
- Constrained Delegation – Protocol Transition
- Resource Based Constrained Delegation
- NTLM
- NTLM Fundamentals
- Kerberos
- Trust Structures
- Reconnaissance
- Powershell Reconnaissance
- WinNT Reconnaissance
- GPO Reconnaissance
- LDAP Reconnaissance
- ADExplorer
- BloodHound
- Lateral Movement / Privilege Escalation
- TTP 0x0 – Rogue Machine Account
- TTP 0x1 – LLMNR & NBT-NS Poisoning
- TTP 0x2 – Coerced Authentication
- TTP 0x3 – NTLM Relay
- TTP 0x4 – Internal Monologue
- TTP 0x5 – AS-REPRoasting
- TTP 0x6 – Kerberoasting
- TTP 0x7 – GPP/GPO Exploitation
- TTP 0x8 – ACL Exploitation
- TTP 0x9 – S4U2Self Exploitation
- TTP 0x10 – PasstheHash
- TTP 0x11 – OverPasstheHash
- TTP 0x12 – PasstheTicket
- Peristence
- TTP 0x13 – DCSync
- TTP 0x14 – DCShadow
- TTP 0x15 – ACL Backdoor
- TTP 0x16 – AdminSDHolderBackdoor
- TTP 0x17 – SkeletonKey
- Inter-Domain/Forest Lateral Movement
- TTP 0x18 – Golden Ticket w/ SIDHistory
- TTP 0x19 – Forged Trust Tickets
- TTP 0x20 – Unconstrained Delegation w/ Spoolsvc
Education Requirements:
- Computer
Furkan Özer
Explanation:
In this training, we will cover important vulnerabilities deep in application security with both black box and white box approaches. We will do a lot of source code analysis to detect vulnerabilities with a white box approach. We will not only identify the vulnerabilities but also discuss the solution suggestions in detail and find the most accurate solutions. We will not be limited to theoretical training but will also create lab solutions together.
Titles:
- Null Safety
- GraphQL Attacks
- XPath Injection
- LDAP Injection
- PDF Generation Vulnerabilities
- NoSQL Injection
- OAuth Attacks
- Web Cache Poisoning
- Session Puzzling
- Deserialization Attacks
- Prototype Pollution
- Race Condition
- SSRF via DNS Rebinding Attacks
- WebSocket Attacks
Education Requirements:
- Mastering basic cyber security issues.
- Mastering basic application security issues.
- To have software knowledge at a level that can analyze source code.
- Being familiar with whitebox and blackbox security testing approaches.
- You must bring a laptop for lab solutions.
- Burp Suite or a similar proxy tool must be installed on your computer to use in practical lab training.
- Having created a user in Port Swigger Academy as you may need it for practical lab training.
- Installing Visual Studio Code or a similar editor on your computer to perform source code analysis.
Berkay Aksaray
Talha Karakumru
Explanation:
This course provides a technical introduction to Blockchain and EVM architecture, covers smart contract development in Solidity and then focuses on the practice of security auditing with analysis of EVM vulnerabilities. Its main objective is to integrate theoretical knowledge with practical auditing skills.
Titles:
- Blockchain Fundamentals
Understanding - Ethereum and EVM
Introduction to Smart Contracts and Solidity - Smart Contract Security Models
- Common Smart Contract Vulnerabilities
- Vulnerability Analysis and Testing Tools
- Advanced Security Mechanisms
- Smart Contract Audit Processes
- Practical Work with Real Audit Examples
Education Requirements:
- Computer
Nihat Alpcan Onaran
Explanation:
In this training program, participants will embark on a journey into the world of cyber threat hunting, a proactive approach to cybersecurity aimed at identifying and mitigating potential threats before they escalate. Through a combination of theoretical learning and practical exercises, participants will gain a deep understanding of various threat hunting techniques, methodologies, and tools. From analyzing data sources to detecting advanced threats and leveraging platforms like Splunk, participants will be equipped with the skills and knowledge needed to effectively combat cyber threats in today’s dynamic digital landscape. Whether you’re a seasoned cybersecurity professional or just starting your journey, this training program will provide valuable insights and hands-on experience to enhance your threat hunting capabilities.
Titles:
- Introduction and Basic Concepts
- Basic concepts and definitions
- The importance and benefits of threat hunting as a proactive security approach
- Threat Hunting Techniques and Methodologies
- Passive and active threat hunting approaches
- Popular methodologies used in threat hunting (e.g., MITRE ATT&CK)
- Tools and techniques utilized in the threat hunting process
- Data Sources and Resources for Threat Hunting
- Data sources used in threat hunting such as security events, logs, network traffic data
- Utilization of data obtained from threat intelligence platforms in the threat hunting process
- Best practices for integrating and analyzing data sources
- Next-Generation Threats and Threat Hunting
- Identification of advanced persistent threats (APTs), zero-day attacks, and other next-generation threats
- Defense strategies and tactics against emerging threats
- Rapid and effective response strategies to new threats
- Overview of Splunk
- Fundamental features and advantages of Splunk
- How Splunk operates and benefits users
- Simple installation and configuration of Splunk
- General Query Structure in Splunk
- SPL (Splunk Search Processing Language) structure and features of the basic query language
- Basic querying fundamentals: indexing, query language, filtering, etc.
- Identification and integration of data sources
- Practical Threat Hunting with Sample Data on Splunk
- Real-time threat detection and analysis processes
- Identification and analysis of attack scenarios
- Practical usage and tips for threat hunting with Splunk
Education Requirements:
- You need to bring an Ubuntu virtual machine installation laptop for lab solutions.
- Experienced in general cyber security concepts
- Optionally experienced in offensive security (hacking 101 etc.)
Rıdvan Kaplan
Explanation:
In this training; we will learn how games, cheats, and anti-cheat systems work in a hands-on way, starting from the basics and advancing to more complex concepts. We will explore methodologies that can be applied to develop cheats from scratch for any game. Additionally, we will investigate the anti-cheat systems that have been developed to prevent these cheats and how we can find blind spots in these protected systems.
Titles:
- Basics of Games, Cheats and Anti-Cheats
- Game Networking / Packet Analysis
- Reversing Game Executables
- Memory Manipulation
- Internal/External Hacking
- DLL Injection
- Exploring Windows API and Function Hooking
- Kernel Mode Cheats/Anti-Cheats
- Anti-Cheat Detection Vectors
- Anti-Cheat Bypass Methods
- Example Cheat/Anti-Cheat Development
Education Requirements:
- Computer
Ömer Barış Eren
Eyüp Sabri Kayacan
Explanation:
Cyber Incident Response Training aims to provide participants with a wide range of cyber incident response skills. The training content covers strategies and best practices for dealing with current threats. Participants will gain in-depth knowledge and skills in identifying, analyzing and responding effectively to cyber attacks. They will also gain competence in developing and implementing proactive strategies. This course aims to reinforce the learning experience of participants by providing practical experience through real-world scenarios and simulations. Through this training, participants will stand out with their ability to act confidently in the face of cyber threats and better protect their organization’s digital assets.
Titles:
- Cyber Incident Response processes
- Threat Hunting & Threat Intelligence processes
- Cyber Kill Chain structure
- Incident response processes with Kape
- Incident response processes with Thor
- Obtaining incident response data with Sysinternals tools
- Creation of intrusion detection rules
- Mitre ATT&CK Framework
- Windows event log analysis
- Analysis of web access logs
- Realization of incident response simulations with Caldera
- Analysis of the NTFS File System
- Windows Artifact Analysis
- Analysis of Inserted USB Logs
- PowerShell Analysis
- User Recent Activities and MRU Analysis
- Autorun Analysis
- Shadow Copy Analysis
- Amcache and Shimcache Analysis
- Detection and Analysis of RDP Connections
- Prefetch Analysis
- Recent File Analysis
- Email Analysis
- Analysis of Internet Browsers
- Ransomware simulation and detection
- Hands-on Cobalt Strike Attack and Detection
- Creation Yara & Sigma Rules
- Timeline creation techniques
Education Requirements:
- Computer with Windows operating system.
İbrahim Baloğlu
Fatma Betül Baloğlu
Explanation:
The purpose of this training is to define the components used in Industrial Control Systems and the current threats, vulnerabilities and risks on these systems. It also defines recommendations on how to ensure the security of these systems.
Titles:
- Basic Protocols
- SCADA Penetration Test Methodology
- SCADA Security Testing Tools
- ICS Attacks
- Current ICS Vulnerabilities and Threats
Education Requirements:
- Computer
İsmail Erkek
Explanation:
This course will provide participants with an overview of the cyber threat landscape, followed by a detailed examination of cyber attack vectors and threat categories. They will learn about the identities, motivations and capabilities of threat actors and will be taught the processes of threat intelligence collection and analysis. In addition, use cases will be presented on how threat intelligence can be used in defense strategies, security plans and decision-making processes. Finally, the effective reporting and communication of collected intelligence will be emphasized so that participants can present this information to their recipients in an understandable and usable manner.
Titles:
- Examination of Cyber Threat Landscape (Overview)
- Cyber Threat Attack Vectors
- Cyber Threat Categories
- Threat Actors & Profiling Adversary
- Hunting for Threat Intelligence
- Analyzing of Threat Intelligence
- Threat Intelligence Use-Cases
- Reporting Threat Intelligence Findings
Education Requirements:
- Computer
Muhammed Ali Yılmaz
Explanation:
The main purpose of the training is to give participants information about how Metasploit and exploit modules can be developed using Ruby and Metasploit framework, and how the developed modules can be added to the Metasploit main repository using basic Git knowledge. During the training, there will be vulnerable applications in the lab environment and participants will be expected to exploit these applications and develop their exploit codes with Metasploit Framework.
Titles:
- Overview
- Overview of Metasploit Framework.
- Using Msfconsole.
- Basic knowledge in Ruby programming language.
- Basic information about Metasploit file architecture.
- Uploading ready modules to the local Metasploit database.
- Basic Auxiliary Module Development
- Overview of Auxiliary modules.
- Basic template of the Auxiliary module.
- Categorization of Auxiliary modules.
- Examination of basic Mixin libraries.
- HttpClient library.
- Installation of a simple Auxiliary module in msfconsole.
- Detecting the Authentication Bypass vulnerability by examining the vulnerable Web application in the lab environment.
- Planning the Auxiliary module required to exploit the vulnerability in the lab environment.
- Development of the Auxiliary module that will trigger the vulnerability.
- Adding the developed module to the git repository on the local network.
- Basic Exploit Module Development
- Overview of exploit modules.
- Introduction to basic explotitation techniques.
- Basic template of the Exploit module.
- Examination of Rex, CmdStager, FileDropper libraries.
- Detecting Remote Code Execution vulnerability by examining the vulnerable Web application in the lab environment.
- Planning the Exploit technique and module required to exploit the relevant vulnerability.
- Development of exploit check method.
- Development of the exploit method.
- Use of Payload Space and Badchars.
- Development of payloads compatible with the target.
- Encoding the developed payloads.
- Complete development of the Exploit module that will trigger the vulnerability.
- Adding the developed Exploit module to the git repository on the local network
Education Requirements:
- Computer
- Basic Metasploit knowledge
- Basic programming knowledge in any programming language
- Familiar with the Git version distribution system
- Basic knowledge of Web Security
Emir Samet Polat
Explanation:
Brief Introduction: Within the scope of Mobile Application Security training, we will discuss security architectures, best practice uses, attack surfaces, vulnerability types and detection methods, vulnerability detection and solution suggestions through source code, and cross platform development environments.
Titles:
- Introduction and Basic Concepts
- Mobile Application Security Overview
- Mobile Attack Surfaces
- iOS and Android Operating Systems and Development Environments
- Crossplatform Development Environments: Flutter, React Native, Xamarin
- Security Architectures and Best Practices
- iOS Security Architecture and Best Practices
- Secure Boot Chain
- Secure Enclave
- App Sandbox
- Code Signing and Encryption
- Privacy Controls
- Data Storage and Protection
- App Transport Security (ATS)
- Local Authentication Mechanisms
- Cryptography and Key Management
- Security Frameworks and Libraries
- Deeplink & WebView security
- Android Security Architecture and Best Practices
- Permissions Model
- App SandboxTrusted Execution Environment
- strongbox
- Data Storage and Protection
- Cryptography and Key Management
- Network Security Configuration
- App Signing and Integrity
- Google Play Protect
- Jetpack Security
- Local Authentication Mechanisms
- SafetyNet APIs
- IPC Security
- Exported Component Security
- Deeplink & WebView Security
- iOS Security Architecture and Best Practices
- Manual Security Tests and Vulnerability Detection
- Mobile Application Security Vulnerability Types
- Methods for Detecting Mobile Application Security Vulnerabilities (Static & Dynamic)
- Tools Used in Mobile Application Security Tests and Preparation of the Environment
- Vulnerable Code Examples
- Examining Vulnerable Applications
- API Security Overview and Common Vulnerability Types
- Vulnerability Analysis in Libraries Used in Mobile Applications
- Automated Vulnerability Analysis and Inclusion in Mobile Development Processes
Education Requirements:
- Computer
- Comfortable reading and writing in at least one coding language.
- General understanding of Mobile Application attack vectors, theory and practice.
- General understanding of API Security
Enes Bulut
Explanation:
The two-day training program aims to provide participants with a comprehensive overview of penetration testing. The course is designed to provide theoretical knowledge as well as hands-on skills in real-world scenarios. On the first day, participants will be equipped with basic concepts and theoretical knowledge, and on the second day, they will have the opportunity to apply their knowledge on realistic simulations.
Titles:
- Introduction and Basic Concepts: What is penetration testing, its importance, basic principles of being an ethical hacker.
- Penetration Testing Stages: Information gathering, vulnerability analysis, exploitation and reporting.
- Tools and Techniques: Use of basic tools such as Kali Linux, Burp, Metasploit, Nmap.
- Pentest from the Consultant’s Perspective: The stages of pentest processes and management on the consultant side.
- Pentest from the Client’s Perspective: Stages of pentest processes and management on the client side.
Education Requirements:
- Personal computers must have virtual machine software (e.g. VMware or VirtualBox) with Kali Linux operating system and OpenVPN application installed.
- Membership must be created on Hackthebox and Tryhackme platform.
Mertcan Kondur
Explanation:
The course will cover why S-SDLC and DevSecOps approaches are necessary and how to design a DevSecOps process from scratch. SAST, SCA, CS etc. We will integrate security tools in categories such as SAST, SCA, CS, etc. into CI/CD processes, produce 0-CVE container structures that applications can run on, and verify that our applications are deployed to Kubernetes environments with reliable configurations.
Education Requirements:
- Computer
- Comfortable reading and writing in at least one coding language.
- Github profile.
- Basic knowledge of CI/CD processes. Familiar with basic security concepts and web application security testing.
Doğukan Ertunga Kurnaz
Esra Ercan
Fatih Çelik
Explanation:
Brief Introduction: In this training, participants will explore the critical issues in web application security and the most common attack vectors in the codebase by examining the source code and improve their skills in examining web applications within the scope of source code security. At the end of the training, the manual processes will be practiced in writing rules for the SemGrep SAST tool, which is an open source, static source code scanning tool.
Titles:
- Cross Site Scripting (XSS)
- SQL Injection
- command injection
- Server Side Request Forgery (SSRF)
- Server Side Template Injection (SSTI)
- Business Logic Vulnerabilities
- No Rate Limit Vulnerability
- File Include
- File Upload
- code injection
- Authorization Vulnerabilities
- External XML Entity (XXE)
- Mass Assignment
- Authentication Vulnerabilities
- Captcha Bypass
- SemGrep Rule Creation
Education Requirements:
- Computer
- Comfortable reading and writing skills in at least one coding language.
- Experience with web proxies.
- General understanding of web application attack vectors, theory and practice.
Yunus Aydın
Nuri Yavuz
Explanation:
Wireless networks have become an essential communication tool for business and personal use. However, wireless networks face security vulnerabilities and attack risks. This course aims to provide participants with basic knowledge and practical skills on wireless network security. Participants will gain practical experience in identifying vulnerabilities in wireless networks, preventing attacks and developing defense strategies.
Titles:
- Fundamentals of Wireless Networks:
- Wireless communication technologies and standards
- WLAN architecture and components
- Basic wireless network concepts and terminology
- Wireless Network Security Protocols:
- Wireless security protocols such as WEP, WPA, WPA2, WPA3
- Wireless network encryption methods and vulnerabilities
- Wireless network authentication mechanisms
- Wireless Network Security Vulnerabilities and Attack Methods:
- WEP and WPA/WPA2 cracking methods
- Brute force and dictionary attacks to break complex encryptions
- Complex password attacks and offline attacks
- Wireless Network Security Tools and Inspection Methods:
- Network scanning and discovery tools (e.g., Wireshark, Kismet)
- Wireless network cracking and analysis tools (e.g., Aircrack-ng, Reaver)
- Techniques for monitoring and analyzing network traffic
- Defense Strategies in Wireless Networks:
- Security measures and best practices for wireless networks
- Configuration guidelines for securing wireless networks
- Strategies to close wireless network security gaps and protect against attacks
- Wireless Network Security Applications and Scenarios:
- Wireless network security tests simulating real-world scenarios
- Wireless network vulnerability reporting procedures and responsibilities
- Advanced wireless network security applications and case studies
Education Requirements:
- Computer
Yavuz Gökhan Özdemir