WORKSHOP - Security PWNing Conference 2019


Have you ever wondered how nation-state actors gain access to target networks? Do you recall ShadowBrokers leak containing logs from a successful compromise of one of the Swift network providers in the Middle East? Or many other cases of telecoms’ compromises?

A lot of training courses available today provide only few basic tips and techniques on how to perform simple network attacks (ie. ARP spoofing). This means you as a penetration tester or a red teamer miss a lot of vulnerable space to exploit and control. Imagine yourself gaining administrative access to every router and switch on the network, taking control over any traffic stream flowing through the organization. You could potentially sniff, blackhole, redirect or even modify the bits and bytes of your interest. This is a very powerful stance only few are able to achieve.

We, as former network engineers, have combined decades of experience in managing various network infrastructures. We’ve  noticed that there’s a lack of advanced network offensive course and we want to fill this gap. The training is especially aimed at red teamers, pentesters, network administrators. It’s advanced, in-depth, hands on and it is not suitable for beginners, unless you have strong understanding of networking concepts.


- TCP/IP networking basics (
– Understanding of routing and switching
– Scripting/programming skills (Python/bash preferable)
– Linux/Windows basics
– Prior experience with packets’ captures (tools like tcpdump, tshark, wireshark or similar)
– Modern laptop with administrative access to host OS
– 8 GB of RAM
– 40 GB of free disk space
– RJ45 Ethernet port in a laptop
– VirtualBox installed
– Strong will to learn and have fun

Scientific Program

Day 1: Gaining Foothold
Networking basics:
ISO/OSI model, L2/L3 attacks, Traffic analysis, network reverse engineering (looking glass, IP RR, whois, etc.)
protocol, attacks
theory, setup, abuse
Routing refresher:
switching vs routing, distance vector vs link-state, interior vs exterior
Day 2: Folks-in-the-Middle
protocol, modus operandi, exploitation
protocol, modus operandi, exploitation
protocol, vulnerability, exploitation
modus operandi, AAA, attack


Dorota Kulas
She has 8 years of experience as red teamer in large, world-wide corporation. Before that, she worked briefly as IT systems admin (mostly Li... more
IT security professional. MSc graduated from Gdansk University of Technology, IT Department. His professional career in IT started over 20 y... more

Place and date

NOVEMBER 12-13, Warszawa
Golden Floor Plaza
Warszawa, Aleje Jerozolimskie 123a