Advanced technical training for security researchers, incident response handlers and exploit developers. Our hands-on workshops give your staff the skills to understand how modern attacks are developed and performed.
Our trainings are scheduled once enough people have indicated their interest in taking one. Fill out the form below if you are interested in taking a training offered by Trail of Bits.
| Available Trainings | Course Length | Register |
|---|---|---|
| Advanced C/C++ Source Code Analysis | 2 days | Waiting List |
| Assured Exploitation | 2 or 3 days | Waiting List |
| Hardware Hacking | 2 days | Waiting List |
| Offensive Techniques | 3 days | Waiting List |
| Practical ARM Exploitation | 4 days | Waiting List |
| Rapid Reverse Engineering | 2 days | Waiting List |
| Ruby Security | 1 or 2 days | Waiting List |
| Wireless Embedded Systems | 3 days | Waiting List |
I’m interested in a training with Trail of Bits!
If you would like to schedule a private training for your company or have any questions about the courses, please contact training@trailofbits.com. Receive announcements about our upcoming trainings by subscribing to our announcement list. If you would like to request help from your company to attend a training, we can help you get started.
Advanced C/C++ Source Code Analysis
Advanced C/C++ Source Code Analysis is designed for organizations that want to educate their staff on how to find exploitable vulnerabilities by manually auditing the source of large and complex programs. This course does not cover introductory buffer overflows on example code; instead students will focus on real world web browser and common library vulnerabilities. The course covers topics such as use-after-free, type confusion and more. The introductory material covers how to identify bad patterns and conceptualize what the process would look like at runtime. This course is unique in that it will not only teach you techniques to find new vulnerabilities but also analyze code for exploitation primitives that can be leveraged for target specific arbitrary code execution.
Advanced C/C++ Source Code Analysis is delivered by Chris Rohlf of LeafSR.
Hardware Hacking
Hardware Hacking focuses on hardware hacking and reverse engineering techniques commonly used against hardware products. It is a combination of lecture and hands-on exercises, culminating with students attempting to defeat the security of a custom-designed circuit board. During the course, students will:
- Understand the mindset of hardware hackers and why they do what they do
- Learn skills needed to successfully reverse engineer and analyze electronic products
- Apply real world techniques to defeat the security mechanisms of a custom circuit board
Hardware Hacking is delivered by Joe Grand of Grand Idea Studio.
Offensive Techniques
Offensive Techniques is designed to teach students how to plan and execute a successful attack against a target using the same techniques and mindsets that real attackers use. Attack Research will bring a unique approach to penetration testing, using deep system knowledge and lesser-known techniques that will arm the student with true offensive capabilities. This class is designed to help students think past the need for known exploits. Alternating between hands-on exercises and lectures the students will walk away with having been given the chance to utilize the new skills that they will learn. A virtual target network will be provided, along with all of the software needed to participate in the labs.
Offensive Techniques is delivered by Russ Gideon and David Kerb of Attack Research.
Practical ARM Exploitation
This four-day course introduces students with basic exploitation experience to “real world” exploitation scenarios on the ARM processor architecture. The reality is that exploitation these days is harder and more nuanced than it was in the past, before the advent of protection mechanisms like XN, ASLR, stack cookies, etc. As such, this course is called “practical” because it aims to teach exploitation on ARM under the real-world circumstances in which the exploit developer will encounter and have to circumvent these protection mechanisms. The course materials focus on advanced exploitation topics using Linux as the platform as a basis to learn the ARM architecture but with the obvious applications being platforms running on mobile phones, tablets and other embedded devices.
Practical ARM Exploitation is offered by Stephen Ridley and Stephen Lawler of Don’t Stuff Beans Up Your Nose.
Rapid Reverse Engineering
This course combines deep understanding of reverse engineering with rapid triage techniques to provide students with a broad capability to analyze malicious artifacts uncovered during incident response. Students exercises include examples of real attacks and triage techniques. Students will learn how to quickly assess files and extract indicators of compromise(IOCs) using both static and dynamic techniques. By tailoring our instruction to rapid assessment of binaries, we equip students with the skills required to keep up with modern malware and rapidly extract the most valuable and pertinent data to their investigations. The techniques taught will leverage a number of tools such as Volatility, IDA Pro, various open source projects, and custom code. Rapid RE is designed for those who work in or are interested in Incident Response and/or Computer Forensics. Rapid RE includes considerable lab time utilizing replicated enterprise networks and attacks as observed in the wild.
Rapid Reverse Engineering is delivered by Russ Gideon of Attack Research.
Ruby Security
In the last year, many new vulnerabilities and vulnerability classes have been discovered in Ruby applications. These vulnerabilities make use of features specific to the Ruby language and common idioms present in large Ruby projects, such as serialization and deserialization of data in the YAML format. As these vulnerability classes were initially discovered in popular and well-studied open source software, it’s extremely likely that they occur in applications throughout the Ruby ecosystem. These applications frequently represent lucrative targets for attackers, and with the appearance of new and easily exploitable bug classes, the potential for targeted and mass exploitation of Ruby programs has been demonstrated to the world. In this training, we aim to bridge a knowledge and skills gap by bringing information about these new vulnerability classes to software developers.
This training will cover the recent Ruby on Rails vulnerabilities classes, their root causes, and include demonstrations and exercises where students develop exploits for real-world vulnerabilities. Students will learn the patterns behind the vulnerabilities and develop software engineering strategies to avoid introducing vulnerabilities of this type into their projects.
Ruby Security is delivered by Hal Brodigan of Trail of Bits.
Wireless Embedded Systems
Reversing and Exploiting 8 and 16-bit Wireless Embedded Systems is intended to teach hardware reverse engineering and exploitation to students who are already familiar with those topics on larger computers. You will learn how to extract code and keys from locked chips, how to locate and sniff the internal buses of a board, and how to inject foreign machine code into a microcontroller with a memory corruption exploit. Students will be given a GoodFET to keep. A diverse set of targets will be examined, both open source and commercial. Targets have roughly the same components as a smart meter.
This course is delivered by Travis Goodspeed (@travisgoodspeed).
If you’re a small company with a great training course and you want to see it listed here, get in touch with training@trailofbits.com for more information about what we can do for you.