Most of these courses are not available elsewhere - You can't miss them!
These trainings take place on the days prior to the conference and have limited seats. Some are dictated in other international conferences at higher prices, and some are Ekoparty exclusive. Don't miss your chance!
ONLINE September 20-23
Trainings of 2, 3 & 4 days Certificate of attendance
OFFENSIVE MOBILE REVERSING AND EXPLOITATION
Ever wondered how different attacking a Mobile application would be, from a traditional web application? Gone are the days when knowledge of just SQL Injection or XSS could help you land a lucrative high-paying infoSec job. This course is designed to introduce beginners as well as advanced security enthusiasts to the world of mobile security using a fast-paced learning approach through intensive hands-on labs.
THE DEVSECOPS MASTERCLASS
Managing comprehensive security for continuous delivery of applications across organizations continues to remain a serious bottleneck in the DevOps movement. The methodology involved in implementing effective security practices within delivery pipelines can be challenging.
This training is designed to give a practical approach of implementing Security across Continuous Delivery Pipelines by leveraging the plethora of cloud offerings and is backed by a ton of hands-on labs, original research and real-world implementations of DevSecOps that work.
ATTACKING AND DEFENDING CONTAINERS, KUBERNETES AND SERVERLESS
With Organizations rapidly moving towards micro-service style architecture for their applications, container and serverless technology seem to be taking over at a rapid rate. Leading container technologies like Docker have risen in popularity and have been widely used because they have helped package and deploy consistent-state applications. Serverless and Orchestration technologies like Kubernetes help scale such deployments to a massive scale which can potentially increase the overall attack-surface to a massive extent, if security is not given the attention required
SECURE PROGRAMMING 101
This is an intermediate hands-on course in which attendees will understand and experience the use of the OWASP Application Security Verification Standard. In this way, they will learn to develop strategies and understand the elements for secure programming, allowing to mitigate risks in personal or work-related projects.
FROM ZERO TO HERO: PENTESTING AND SECURING DOCKER, SWARM & KUBERNETES ENVIRONMENTS
Containerization and orchestration have changed the way in which technologies are deployed and managed today. Attack techniques and securitization processes need to be reinvented, we are forced to learn new ways to audit and protect this kind of environment. This training is designed for RedTeam and BlueTeam professionals who are looking for practical applied security knowledge on containerization and orchestration from an offensive and defensive point of view. Black Box, Grey Box and White Box analysis are covered on Docker, Docker Swarm and Kubernetes.
ADVANCED ICS HACKING
Industrial control systems (ICS) are often a sitting target for cybercriminals. The majority of these systems monitor complex industrial processes and critical infrastructures that deliver power, water, transport, manufacturing and other essential services. There are many vulnerabilities in ICS systems that could expose an installation to attacks. Downtime or infiltration of an ICS network could result in massive outages, hundreds of thousands of impacted users and even national disaster. Penetration testing on ICS systems is very specific and requires in-depth knowledge and hardware availability.
REVERSE ENGINEERING APPLIED TO
This is an introductory course on reverse engineering and malware analysis. It is designed so that people with little or no experience on these topics can attain the tools to quickly understand how a threat works, by focusing on the more practical aspects of analysis.
* MAIN TRAINING*
PRACTICAL ANDROID EXPLOITATION LITE
The Practical Android Exploitation course from Xipiter is a comprehensive course aimed to teach all about Android security. Students get hands on experience with the Android SDK/NDK and related toolchains and use that knowledge to write and analyze exploits and malware on Android. In this course participants will exploit userland and kernel Android vulnerabilities as well as discuss jailbreaks and the various attack surface of Android applications. This class is aimed to an indispensable training for mobile developers, forensics investigators, software security professionals, pen-testers, and others.
ADVANCED INVESTIGATIONS, PRIVACY & OPEN SOURCE INTELLIGENCE TECHNIQUES
This course not only covers the technical aspect, but goes beyond to analyze the human component, to provide greater knowledge when performing tasks in this area. Students will learn how to obtain information about users and assets of a company, using physical and logical techniques. For this, conventional and unconventional sites will be analyzed, which will allow for a more extensive and thorough investigation.
HACKING & HARDENING HUMAN OS
The goal of this training is to teach attendees the different techniques and tools used for Social Engineering, so they can be included in pentests. With this knowledge, attendees will be able to craft awareness campaigns to help detect these types of scams, thus elevating security at organizations.
STEALING THE CROWN - RED TEAMING ACTIVE DIRECTORY ENVIRONMENTS
In this training we will explain current Techniques, Tactics and Procedures for infiltrating networks, maintaining persistence and scaling until reaching the targets in Active Directory infrastructures.
For those who work on pentesting and want to get closer to network teaming, it will give a better understanding of the tactical techniques and procedures (TTPs) used by real attackers.
For those who work on defense, it will help understand how attacks work to devise and strengthen the defense of their infrastructure.
INTRODUCTION TO ANDROID APP EXPLOTATION
This training will allow students to learn application penetration testing techniques and methods of exploiting vulnerabilities in Android.
The focus is on practicing the techniques explained during the course, so that the student not only incorporates
the theory, but also the experience in exploiting vulnerabilities. The course dynamic will be the theoretical presentation of each of the modules and a set of applications or situations in which that knowledge must be applied.
HOW TO MAKE MONEY BY HACKING BIG COMPANIES WITH BUG BOUNTY PROGRAMS
This 2-day training seeks to shorten your learning curve if you are interested in earning money by reporting security flaws in Bug Bounty programs. Not only will we cover the necessary concepts, tools, methodologies and security problems that are most frequently reported in this type of program, but we will tell you what nobody tells you when you decide to immerse yourself in Bug Bounty, along with some recommendations.
More trainings on the way!