WORKSHOP - Security PWNing Conference 2019

NETWARS MASTERCLASS

Have you ever wondered how nation-state actors gain access to target networks? Do you recall ShadowBrokers leak containing logs from a successful compromise of one of the Swift network providers in the Middle East? Or many other cases of telecoms’ compromises?

A lot of training courses available today provide only few basic tips and techniques on how to perform simple network attacks (ie. ARP spoofing). This means you as a penetration tester or a red teamer miss a lot of vulnerable space to exploit and control. Imagine yourself gaining administrative access to every router and switch on the network, taking control over any traffic stream flowing through the organization. You could potentially sniff, blackhole, redirect or even modify the bits and bytes of your interest. This is a very powerful stance only few are able to achieve.

We, as former network engineers, have combined decades of experience in managing various network infrastructures. We’ve  noticed that there’s a lack of advanced network offensive course and we want to fill this gap. The training is especially aimed at red teamers, pentesters, network administrators. It’s advanced, in-depth, hands on and it is not suitable for beginners, unless you have strong understanding of networking concepts.

Prerequisites

- TCP/IP networking basics (https://www.youtube.com/watch?v=vrh0epPAC5w)
– Understanding of routing and switching
– Scripting/programming skills (Python/bash preferable)
– Linux/Windows basics
– Prior experience with packets’ captures (tools like tcpdump, tshark, wireshark or similar)
– Modern laptop with administrative access to host OS
– 8 GB of RAM
– 40 GB of free disk space
– RJ45 Ethernet port in a laptop
– VirtualBox installed
– Strong will to learn and have fun

Scientific Program

Day 1: Gaining Foothold
10:00
Networking basics:
ISO/OSI model, L2/L3 attacks, Traffic analysis, network reverse engineering (looking glass, IP RR, whois, etc.)
SNMP:
protocol, attacks
VPNs:
theory, setup, abuse
-18:00
Routing refresher:
switching vs routing, distance vector vs link-state, interior vs exterior
Day 2: Folks-in-the-Middle
10:00
EIGRP:
protocol, modus operandi, exploitation
OSPF:
protocol, modus operandi, exploitation
Lady-in-the-Middle:
protocol, vulnerability, exploitation
Tacacs+:
modus operandi, AAA, attack
-18:00
HOT TIPS:
suggestions/tips/cheatsheets

Speakers

Dorota Kulas
She has 8 years of experience as red teamer in large, world-wide corporation. Before that, she worked briefly as IT systems admin (mostly Li... more
Reenz0h
IT security professional. MSc graduated from Gdansk University of Technology, IT Department. His professional career in IT started over 20 y... more

Place and date

NOVEMBER 12-13, Warszawa
Golden Floor Plaza
Warszawa, Aleje Jerozolimskie 123a

Registration form

Conditions for the participation

The pro forma invoice will be used for payment, which will be sent in PDF format to the email address you filled in the application.

When you don’t pay for the  pro forma invoice it doesn’t mean you give up your participation in the conference.

When you cancell your reservation later than 14 calendar days before the date of the event the organizer reserves the right to charge  full cost of participation in the  conference.

——————————————————————–

Participants includes:

  • admission to the workshop (2 days)
  • coffee breaks (2 days)
  • lunch (2 days)

Please complete the form below and accept the terms and conditions.

Date

NOVEMBER 12-13 2019, Warszawa

Price

pre-sale to 31 October 2019
3999 PLN
netto + Vat 23%
(to pay: 4918.77 PLN)

{{sectionTitle}}

VAT invoices data

Company/Institution
Individual

Terms of VAT exemption

Yes - I declare that participation in the conference is financed by public
No - participation in the conference is not financed by public resources

Payment type

Transfer after receiving the invoice
Pay-U