Infiltrate Security Conference


CONFERENCE
APRIL 7-8, 2016

FONTAINEBLEAU HOTEL
Miami Beach


Exclusive Offense

Training Overview

We have made some exciting changes to the training classes at INFILTRATE 2016. Based on student feedback we have extend the Web Hacking course by one day (now a 4-day course) to allot more time to cover the course material and work on the practical exercises. The Web hacking Language Review will be taught remotely a few weeks prior to the conference. Also, the Wide Open To Interpretation course has been divided into two sessions. The first session is a 2-day course that covers PHP. The second session is a 2-day course that covers JAVA. If anyone wishes to learn both languages, the option to sign up for both sessions (a 4-day course) is available.

Probably the most exciting change is that all INFILTRATE training courses now offer CPE credits for CISSP, CSSLP and SSCP certifications. Just let us know that you are interested in earning credits when you register.

Which class is right for you?

Prerequisite evaluation tests are available for all training classes. These tests will help determine your skill level. Please email infiltrate@immunityinc.com for a copy of the test(s).

Web Hacking Language Review

(7 CPE credits)

Web hacking language review (WHLR) functions as an optional bolt on to the web hacking class, or it could be taken as a stand-alone course. The one day class is taught remotely via WebEx and is only offered prior to the INFILTRATE Web Hacking course.

View Class Syllabus

Infiltrate Class Syllabus*

Web Hacking Language Review

  • HTTP Protocol
  • Linux command line fundamentals
  • Python 2.X programming
  • JavaScript
  • MySQL queries.
*class syllabus is subject to change

Web Hacking

(28 CPE credits)

Immunity's Web Hacking class has a heavy emphasis with hands-on-learning, going in-depth on XSS, SQLi, XXE and Web Crypto. The token system has been improved from previous years, which allows us to track how each individual student is performing in class and indicates if a student could use extra help with a particular subject. The token system also allows for students to compete for the top score (often for fabulous prizes). Come to Web Hacking and receive instruction from members of Immunity's senior consulting team!

View Class Syllabus

Infiltrate Class Syllabus*

Web Hacking

Course Length: 4 Days
  • Day 1
  • Introduction to XSS
  • Reflected XSS
  • Stealing cookies
  • Stealing the DOM
  • Persistent XSS
  • DOM based XSS
  • CSRF
  • Filter evasion External XML Entities
  • Single includes
  • Out of band exfiltration techniques
  • Day 2
  • Command Injection
  • Linux
  • Windows
  • Blind command injection Post Exploitation
  • Getting the most recon value out of compromised Linux hosts
  • Privilege escalation
  • Day 3
  • SQL Injection
  • Sighted SQLi
  • Blind SQLi
  • Error vs. timing
  • Authoring SQLi scripts
  • Day 4
  • Web Crypto
  • ECB
  • CBC
  • Padding Oracles
*class syllabus is subject to change

Wide Open To Interpretation

(14 CPE credits for each session)

This class will cover auditing and exploiting vulnerabilities in both PHP and Java applications. The class is split into two sessions. The first two days will cover PHP and the second two days will cover JAVA. Students are welcome to take one or both sessions.

View Class Syllabus

Infiltrate Class Syllabus*

Wide Open To Interpretation

Course Length: 2 Days (for each session)
PHP SESSION
  • Day 1
  • Identifying and tracing PHP data input paths
  • Understanding PHP variable parsing (simple, complex)
  • Understanding and exploiting faulty Laxism comparisons/type confusion
  • Understanding and (ab)using PHP wrappers
  • Advanced PHP file inclusion attacks (remote, local)
  • Understanding and exploiting file uploads
  • Day 2
  • (Ab)using SQL Injection for remote code execution
  • Regular expression remote code execution
  • Anonymous (lambda) function remote code execution
  • Understanding and exploiting arbitrary file reads
  • Understanding and exploiting object injection
JAVA SESSION
  • Day 1
  • Java Classes 101
    • Class member access
    • Classes hierarchy & interfaces
    • Nested & Inner Classes
  • Introduction to Java Security & Sandbx
    • Bytecode Verifier
    • Security Manager & Access Controller
    • Security Manager in Application Servers
    • Serialization
    • Java Reflection
  • Secure Coding Guidelines
  • Environment Setup
  • Java Web Applications Introduction
  • Information Disclosure
  • Input Validation
  • Cross Site Scripting
    • SQL Injection
    • Command Injection
  • Logical Bugs
    • Path Traversal
    • File Disclosure
    • File Overwrite
    • Privilege Escalation
  • Request Forgery
    • Client Side Request Forgery
    • Server Side Request Forgery
  • Day 2
  • Dangerous Parsing
    • XML
    • XSLT
  • El Injection
  • Frameworks & Services
    • WebServices
    • REST APIs
    • Vulnerabilities in Popular Frameworks
  • Crypto
    • Padding Oracle
    • PRNGs
  • Exploitation
*class syllabus is subject to change

Click Here For Ring0

(28 CPE credits)

Immunity's Click Here for Ring0 class teaches both Windows clientside exploitation as well as Windows kernel exploitation. These two combined courses complement each other perfectly through hands-on exploitation that takes the student from gaining remote access to elevating privileges on modern Windows systems. This is an intermediate class that requires a solid grasp of userland and kernel debugging on Windows platforms.

View Class Syllabus

Infiltrate Class Syllabus*

Click Here For Ring0

Course Length: 4 Days
  • Day 1
  • Memory layout analysis
  • Client side vectors of explotation
  • Memory corruption vulnerabilities
  • Use After Free vulnerabilities in practice
  • Exploiting browser plugins
  • Day 2
  • Modern day browser protections
  • Information disclosures
  • Improving exploit reliability
  • Hunting for client-side bugs
  • From client to kernel
  • Day 3
  • Debugging environment setup
  • Kernel debugging principles
  • Windows kernel architecture
  • Kernel-land vs user-land
  • Kernel shell coding
  • Kernel structures
  • Token stealing
  • Day 4
  • Past vulnerabilities & how to find them
  • Protocols
  • IOCTL & FSCTL
  • Window management
  • Arbitrary overwrite exploitation
  • Recent techniques
  • Hands-on Exploitation
  • Custom vulnerable driver
  • Real vulnerabilities
*class syllabus is subject to change

Master Class

(28 CPE credits)

The Immunity Master Class focuses on modern exploit development and vulnerability discovery techniques. Intermediate to advanced exploit development skills are recommended for students wishing to take the Master class.

View Class Syllabus

Infiltrate Class Syllabus*

Master Class

Course Length: 4 Days
  • Day 1
  • Academia vs Real World
  • How to Audit Cryptosystems
  • Introduction to Logic & Algebra
  • Symmetric Cryptography and related primitives
  • Statistical Cryptanalysis (differential, linear, etc)
  • Algebraic Cryptanalysis (SAT, F4)
  • Day 2
  • Introduction to Algebraic Number Theory
  • Introduction to Elliptic Curves
  • Asymmetric Cryptography (RSA, ECDH, etc.)
  • Birthday Paradox based algorithms
  • Index Calculus
  • Side Channel Attacks(timing, cache)
  • Whitebox Cryptography
  • Day 3
  • User Land vs Kernel Land
  • Introduction to the Kernel Land
  • Kernel Debugging Environment
  • Kernel Internals
  • Memory Models and the Address Space
  • Kernel Shellcodes
  • Taxonomy of Kernel Vulnerabilities
  • Arbitrary Kernel Read/Write
  • Day 4
  • Kernel Heap Allocators (SLAB/SLUB)
  • Kernel Pool Overflows and Use-After-Free
  • Race Conditions
  • Logical and HW-related Bugs
  • Kernel and Hardware Protections
  • Bypassing Protections
  • The Future of Kernel Vulnerabilities
*class syllabus is subject to change