Formations 2023
Formation lors des 9-10-11-12 octobre 2023!
▼ Aller aux formations en anglais ▼
Sécurité 101-102-103
Formation unique créé par la communauté du Hackfest! Nos formations d’introduction à divers éléments essentiels de sécurité informatique.
Sécurité Physique 101 (Blue Team), 201 (Red Team), 202 (Rétro-ingénierie) - Français
Formation unique pour vos besoins de sécurité physique en entreprise.
PowerShell pour l’équipe bleue - Français
3e édition de cette formation unique et exclusive au Hackfest! Cette formation vise à ajouter une corde à l’arc aux personnes désirant sécuriser des organisations, et ce, à l’aide de PowerShell.
Crise et resilience - Français
Cette formation de 2 jours permettra au participant d’acquérir les compétences de bases requises pour mettre en place une gestion de cybercrise aussi bien opérationnelle que décisionnelle.
- Inscriptions sous peu!
Corelan BOOTCAMP - Anglais
The Corelan “BOOTCAMP” is a truly unique opportunity to learn both basic & advanced techniques from an experienced exploit developer. During this 4 days course, students will be able to learn all ins and outs about writing reliable stack based exploits for the Windows platform. The trainer will share his “notes from the field” and various tips & tricks to become more effective at writing exploits.
Full-Stack Pentesting Laboratory: 100% Hands-On + Lifetime LAB Access - Anglais
Modern IT systems are complex and it’s all about full-stack nowadays. To become a pentesting expert, you need to dive into full-stack exploitation and gain a lot of practical skills. That’s why I created the Full-Stack Pentesting Laboratory.
Scada/ICS - Anglais
In this course the students will learn about the following topics:
- The basic terminologies and best security practices for common SCADA/ICS infrastructures
- How to securely architect a SCADA network based on the Purdue Model
- EMSs
- How to securely map and perform reconnaissance of a SCADA/ICS network
- Identify and assess web applications controlling embedded devices
- Sniff and analyze packets from various protocols
-
How to interact with Modbus and write to coils
- Inscriptions sous peu!
Heap Exploitation Training - Anglais
As exploit mitigation’s, such as Nx and stack canaries, have made traditional binary exploitation more difficult, modern exploits have moved to the heap. But heap exploitation is a major increase in difficulty compared to traditional methods, making it a difficult wall on the binary exploitation journey. In this training, we will conquer the complexity and difficultly of heap exploitation by breaking it down directly.
To conquer the complexity, we’ll learn all about the GLibC’s malloc allocator by diving into the weeds of the allocator directly, explaining the how, what, and why. We’ll use hands-on exercises to demonstrate techniques that are largely applicable, and cover the contexts which allow certain techniques to be used. Additionally, we will demonstrate how the victim program can add even more primitives that can be exploited and how to find these objects, allowing the information learned in the course to be widely applicable.
This training is specifically targeted at GLibC malloc, which is the default allocator on most Linux distributions. We will start by learning how the allocator functions and about heap specific vulnerability classes. From there, you will learn how to pwn with techniques in the allocator itself and how to find your own gadgets within victim programs to live off the land. Finally, we will attack a custom HTTP server stack by finding the vulnerabilities and exploiting them. This will require complicated heap feng shui and exploit techniques learned from the workshop in order to pull off. To make the content easy to grasp, the training includes many hands-on exercises for practicing the material, a large collection of visuals and an amazing virtual machine for pwnable challenges. After taking this course, you will be highly capable at finding heap related vulnerabilities and exploiting these bugs in a variety of ways.
- Inscriptions sous peu!