Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique hands-on training!

I will discuss security bugs found in a number of bug bounty programs (including Google, Yahoo, Mozilla, Twitter and others). You will learn how bug hunters think and how to hunt for security bugs effectively.

To be successful in bug hunting, you need to go beyond automated scanners. If you are not afraid of going into detail and diving into full-stack exploitation, then this training is for you.

Watch 3 exclusive videos to feel the taste of this training:

Exploiting Race Conditions: https://www.youtube.com/watch?v=lLd9Y1r2dhM

Token Hijacking via PDF File: https://www.youtube.com/watch?v=AWplef1CyQs

Bypassing Content Security Policy: https://www.youtube.com/watch?v=tTK4SZXB734

Learn how to attack and defend Kubernetes, Linux and containers from Jay Beale, the creator of Bastille Linux, the Center for Internet Security’s first Linux security benchmark, and two Kubernetes tools: the Peirates attack tool and the Bust-a-Kube CTF cluster. In this fully hands-on course, you’ll get access to our cloud training environment, where you’ll have a Kali Linux system filled with capture-the-flag (CTF) virtual machines and a Kubernetes cluster, which you will attack and defend.

This training focuses on giving you practical attack skills from real penetration tests, coupled with solid defenses to break attacks. Every single topic in the class has a long attack exercise, where you use Kali Linux to attack Kubernetes and containerized programs, and a matching short defense exercise, where you will use new skills to break that attack, confident that it will break other attacks. In this well-reviewed class, we attack the container orchestration system, Kubernetes, along with the Linux operating system and containers that make it up!

We will look into how we can bypass kASLR, kLFH, and do hands-on exploitation using data-only attack, which effectively bypasses SMEP and other exploit mitigations.

Upon completion of this training, participants will be able to learn:

• Exploit development process in kernel mode

• Mitigation bypasses

• Pool internals & Feng-Shui

• Arbitrary Read/Write primitive

In this course, we will use Windows 10 RS6 x64 for all the labs and has a CTF that runs throughout the training. This course starts with the basics of Windows & driver internals, different memory corruption classes, and fuzzing of kernel mode drivers.

Upon completion of this training, participants will be able to learn:

• Basics of Windows and driver internals

• Different memory corruption classes

• Fuzz kernel mode drivers to find vulnerabilities

• Exploit development process in kernel mode

• Kernel debugging

This class teaches you about the fundamental hardware mechanisms which all operating systems, virtualization systems, and firmware *must* interact with in order to run successfully on x86 hardware. For instance it teaches you what an OS, virtualization, or firmware must do to separate user code (ring 3) from kernel code (ring 0). Or how they can enforce non-executable memory to make vulnerability exploitation more difficult. This is taught in a *mostly* OS-agnostic way focusing on Intel-isms rather than OS-isms (albeit with using Windows as reinforcement, thanks to its excellent kernel-level debugging support.) This class also teaches you to be comfortable with Reading The Fun Manual (RTFM!) to give you self-sufficiency when seeking out the most accurate details of how things work.

This class teaches you how to disassemble binaries, read x86-64 assembly language, and debug black-box binaries in WinDbg and GDB. This knowledge of assembly is the fundamental skill which is required to learn reverse engineering and vulnerability exploitation. Reverse engineering is in turn a fundamental skill which is required for malware analysis and vulnerability hunting.

This class is designed to give you all the background you need to understand how x86-64 firmware (aka UEFI BIOS) works, and what the most common security misconfigurations are. It will prepare you to be able to read and understand the existing attack and defense research in the space, taking an explicit walk through of the attack and defense moves and counter-moves threat tree. And as always, this classes teaches you to be comfortable with Reading The Fun Manual (RTFM!) to go seek out the most accurate details of how things work, and to see out new problems in new areas that no one's read yet with a security mindset.

Dual-purpose class: This class teaches developers how to avoid writing implementation flaws, or detect ones that are already in their code...but it also teaches vulnerability-hunters how to find the flaws as well! So it's an epic battle between contentious developers and devious vulnerability hunters! Who will win?! Whoever most takes the lessons of this class to heart!

Over three-dozen CVE writeups!

This class serves as a prerequisite for a future class that will add examples on uninitialized data access, race conditions, use-after-free, type confusion, and information disclosure vulnerabilities.

This is the combination class that lets you take any of the material(!) from the x86-64 Assembly, x86-64 OS Internals, x86-64 Intel Firmware Attack & Defense, C/C++ Implementation Vulnerabilities Part 1 and C/C++ Implementation Vulnerabilities Part 2 classes at your own pace, but with full instructor support.

Dual-purpose class: This class teaches developers how to avoid writing implementation flaws, or detect ones that are already in their code...but it also teaches vulnerability-hunters how to find the flaws as well! So it's an epic battle between contentious developers and devious vulnerability hunters! Who will win?! Whoever most takes the lessons of this class to heart!

Over three-dozen CVE writeups!

This class treats the material from C/C++ Implementation Vulnerabilities Part 1 as a prerequisite.

Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.

For each attack, vulnerability and technique presented in this training there is a lab exercise to help you master full-stack pentesting step by step. What’s more, when the training is over, you can take the complete lab environment home to hack again at your own pace.

I found security bugs in many companies including Google, Yahoo, Mozilla, Twitter and in this training I’ll share my experience with you. The content of this training has been carefully selected to cover the topics most frequently requested by professional penetration testers.