Trainings 2024

Get Your Training Tickets Here!

Training Location: Rochester Institute of Technology 1 Lomb Memorial Drive, Rochester, NY, 14623, United States

Specific classroom details will be sent to ticket holders.

The following workshops will be offered on Friday, the day before the main conference:

Date: Friday, March 22nd 2024

Empire Operations: Tactics (APT28)

Length: 8:00 a.m. - 5:00 p.m

Instructors:

  • Jake "Hubble" Krasnov
  • Dominic "Cryillic" Cunningham

Tactics (APT28) is an intermediate-level course that focuses on executing Advanced Persistent Threat (APT) Tactics, Techniques, and Procedures (TTPs) using Empire. In this hands-on course, students will evaluate the 2021-2022 exploitation campaign from Fancy Bear (APT 28) using MSHTML RCE (CVE-2021-40444) in macro-enabled docs, OneDrive C2 communications, and C# payloads. Next, attendees will learn the individual components of Empire and how to apply them to execute a red team operation. Key topics that will be taught are building C2 infrastructure, deploying customized payloads in C# and PowerShell, and creating tailored scripts for engagements. Finally, the Empire TTPs learned throughout the course will be tested on a comprehensive range using an emulation plan provided on APT 28. Hardware/Software Requirements - Laptop with 8GB of RAM and Modern Web Browser (Chrome, Firefox, etc).

Price: $100
Price (Student): Pay-what-you-can, minimum $25 (requires valid .edu address)

Social Engineering Crash Course

Length: 8am - Noon

Instructors:

  • Joe Gray

This intensive 4-hour crash course delves into the dynamic world of social engineering, offering a practical and insightful exploration of influence, manipulation, and human psychology. Based on the principles outlined in “Practical Social Engineering,” this course empowers participants with the knowledge and skills to recognize, understand, and ethically counter social engineering attacks. Attendees will learn through a blend of theoretical insights and real-world examples, equipping them with the tools to enhance personal and organizational security in today’s interconnected world. Laptop encouraged, but not required.

Price: $75

OSINT for Social Engineering

Length: 1pm to 5pm

Instructors:

  • Joe Gray

This course, inspired by “Practical Social Engineering,” offers a deep dive into the utilization of Open Source Intelligence (OSINT) for social engineering purposes. Over four hours, participants will explore how to ethically gather and analyze publicly available information to enhance social engineering strategies. The course will cover the fundamentals of OSINT, practical techniques for information gathering, and the application of this intelligence in planning and executing social engineering operations. Participants will gain an understanding of the ethical boundaries, legal considerations, and the role of OSINT in enhancing security and awareness. Laptop encouraged, but not required.

Price: $75

--- --- --- ---