[ :: mainpage :: register :: conference :: training :: venue map :: agenda :: press/media ]
[ :: capture the flag (CTF) :: zone-h hacking challenge :: open-hack :: forum :: sponsors ]
[ :: contact :: past conferences :: open source security project showcase ]

Conference presentation materials have been released.
You can download them from Packet Storm

Hands-On Technical Training

Filed under: Training — Administrator @ 6:11 pm

April 25, 2005

View all Trainings

TECH TRAINING 1: Web Application – Attacks and Defense
Trainer: Shreeraj Shah Founder/Director, Net-Square Consulting

TECH TRAINING 2: Exploiting & Defending Networks
Trainer: Nish BhallaVP Consulting Solutions, Security Compass

TECH TRAINING 3: War Driving Kuala Lumpur
Trainers: Anthony Zboralski (Gaius),Founder Hackers Emergency Response Team (HERT) & Jim Geovedi, Information Security Consultant PT Bellua Asia Pacific.

TECH TRAINING 4: Packet Mastering The Monkey Way
Trainers: Dr. Jose NazarioSenior Software Engineer, Arbor Networks and Marius Eriksen Software Engineer, Google.com

TECH TRAINING 5: Digital Investigations: Practical Digital Forensic Analysis
Trainer: The Grugq

TECH TRAINING 6: Hacking By Numbers: Guerilla Edition
Trainer: Christoff Breytenbach

Trainers: Saumil Udayan Shah (Founder, Net-Square) & SK Chong (Security Consultant, SCAN Associates).


Filed under: Training — Administrator @ 8:32 pm

April 21, 2005

Title: Web Application – Attacks and Defense
Trainer: Shreeraj Shah Director Net-Square Consulting
Capacity: 30 pax
Seats left: CLASS IS FULL
Duration : 2 days
Cost: (per pax) RM1800 (early bird) / RM2200 (non early-bird)



Beginning with an introduction to Web applications and Web Services, the participants will be offered an insight into web hacks and their resulting effects, followed by thorough assessment methodologies and defense strategies for varying environments.

Introduction to web applications

1. Components of a web application
2. Basics of web technologies and protocol information
3. Evolution of technologies and impact on security
4. Understanding other basic web security-related concepts
5. Learning tools like netcat, achilles etc. to understand its usage and
6. Application. (Hands on for the group)

Web Hacking – Areas of attack

Various attacks will be covered in detail with demonstration followed by hands on exercises. Following is a brief list of attacks.

1. Cross-site scripting attacks
2. SQL Query Injection
3. Session Hijacking
4. Buffer Overflows
5. Java Decompilation
6. HTTP brute forcing
7. Trojan Horses and Malware products
8. Form Manipulation, Query Poisoning
9. Input Validation,Parameter Tampering
10. Authentication
11. Information leakage
12. File operations
13. Client-side manipulations
14. Cryptography
15. Error/Exception handling

Attack and Defense strategies

1. Impact of attacks
2. Risk analysis
3. Countermeasures
4. Defense strategies and methods

Assessment Methodology and Defending Applications

1. Footprinting and Discovery
2. Reconnaissance – Profiling a web application
3. Black-box and White-box testing
4. Exploiting vulnerabilities
5. Defending applications
6. Secure coding strategies

Web Services Assessment

1. Footprinting
2. Discovery
3. Technology Identification
4. Attack vector for web services
5. Defense methods
6. Toolkit – wsChess (http://www.net-square.com/wschess) play around and learn more from Author of the toolkit.

Hands-on : The training programme will end with an “assessment challenge” – a live Web Application. Working with time constraints, participants are expected to analyze the application, identify and exploit loopholes and apply all defense strategies learnt, to secure the application.

About Shreeraj:

Shreeraj Shah is founder and director of Net-Square. He has five years of experience in the field of security with a strong academic background. He has experience in system security architecture, system administration, network architecture, web application development, security consulting and has performed network penetration testing and application evaluation exercises for many significant companies in the IT arena. Shreeraj graduated from Marist College with a Masters in Computer Science, and has a strong research background in computer networking, application development, and object-oriented programming. He received his Bachelor’s degree in Engineering, Instrumentation and Control from Gujarat University, and an MBA from Nirma Institute of Management, India.

Shreeraj is the co-author of “Web Hacking: Attacks and Defense” published by Addison Wesley. He has published several advisories, tools, and white papers as researcher, and has presented at conferences including HackInTheBox, RSA, Blackhat, Bellua, CII, NASSCOM etc. You can find his blog at http://shreeraj.blogspot.com/.


Filed under: Training — Administrator @ 8:31 pm

Title: Exploiting & Defending Networks
Trainer: Nish Bhalla VP Consulting Solutions, Security Compass
Capacity: 30 pax
Seats left: 15
Duration : 2 days
Cost: (per pax) RM1800 (early bird) / RM2200 (non early-bird)



The purpose of this course is to provide tech leads, testers, administrators, network administrators, help desk support and all other participants detailed security techniques and knowledge as applied to UNIX, Windows and Network security. It goes from the very basic concepts of understanding of Operating Systems (UNIX & Windows), learning the concepts of attacking and protecting Operating Systems, Networks & Network Devices. Participants would also learn how to take advantages of vulnerabilities that might exists in an environment. The training will not only show the latest techniques for exploiting the environment, but also how to defend the organization infrastructure against those weaknesses. Hands-on lab exercises reinforce the course material in a real world environment.

Understanding TCP/IP, Windows, and Unix
o Understanding the 3-way handshake
o Understanding UDP
o Understanding ICMP

• Windows
o Understanding Domains and Workgroups
o Domain Trust relationships
o Enumeration
o Understanding SIDs and RIDs
o Registry and sam files
o Common Services (Netbios, Web servers, IIS)
o DIG / nslookup
o Users and Groups (Understanding Unix file Permissions, User, Group)
o Common services (FTP, Telnet, SSH, TFTP, RPC, NFS)

Introduction Attack & Penetration

• A&P Methodology
o Foot-printing
o Scanning
o Enumeration
o Exploiting Vulnerabilities
o Installing Rootkits and Backdoors
o Cleaning up

• Foot-printing
o whois
o Search engines
o Google hacking
o News-groups
o Corporate Websites

• Scanning
o Finding Live Hosts
o Port scanning (Connect, SYN, FIN)
o Passive network monitoring

• Enumeration
o OS Fingerprinting
o Detailing network service information (Banner Grabbing, DNS information)
o Obtaining list of valid users and resources
o Passive network monitoring
o OS Specific Enumeration

o Unix
• User enumeration via Apache
• User enumeration via Finger
• User enumeration via r-services
• Obtaining user info using NIS

o Windows
• Enumerating windows users and shares (net, nete, enum, local, global, nltest, dumpsec, getmac, epdump, ldp)

• Source sifting web portals
o Mirroring web sites (wget, Black Widow, Offline explorer)

• Brute forcing authentication
o Brutus
o Hydra
o Extending Hydra to Brute Force Custom Protocols
o MS-SQL Brute forcing (sqldict, shell script)
o Mysql / Oracle
o TS-Grind

• Mis-configurations
o NFS (nfsshell)
o X Vulnerabilities (xscan)

• Buffer Overflows (metasploit)

• Obtaining and Cracking password files
o Windows (sam, pwdump3, LSA Secrets)
o Unix ( /etc/shadow, NIS (ypcat))
o Cracking passwords ( l0phtcrack, john)

Exploiting Network Specific Vulnerabilities
• Sniffing (Promiscous mode)
• ARP Spoofing
• Hijacking TCP connections
• 802.11
o Quick Overview
o Kismet
o Aircrack

• Owning Network Devices
o Cisco router password cracking
o Attacking services (Telnet, SNMP, HTTP, Obtaining config files)

• Firewalls
o Fingerprinting Firewalls.

• Windows cleanup
o disabling audit logs (Evenviewer)
o Web Server Logs

• UNIX Cleanup
o Xinet revisited & /etc/syslog.conf
o utmp and wtmp
o xferlog
o maillog
o lastlog
o shell histories

Installing Backdoors and Rootkits
• Port redirection techniques

• Windows backdoors and rootkits
o Fake Gina
o Winvnc
o Hiding files in windows
o Keyloggers

• Back-dooring Unix
o Installing a Remote Shell Service using xinted
o Setting SETUID and SETGID on executable files
o .rhosts
o Loki2
o Trojanized commonly used commands

• Linux Rootkits
o LKM based
• Covert Channels
o Reverse shell
o Msn-shell
o XML-shell

About Nish:

Nishchal Bhalla is a specialist in product testing, code reviews, web application testing, host and network reviews and IDS architecture design and deployments. He is the VP of Consulting Services at Security Compass providing consulting services for major software companies & Fortune 500 companies. He is writing the section on writing exploits for an upcoming title “Buffer Overflow Attacks: Detect, Exploit & Prevent” and is a contributing author for “Windows XP Professional Security” and “HackNotes: Network Security”, he was also the tech editor for “Exploiting Software: How to Break Code”.

Nish has also been involved in the open source projects such as OWASP and YASSP. He has also written for security focus.

Prior to joining Security Compass, Nish was a Principal Consultant at Foundstone, where he not only helped develop the “Secure Coding” class but also taught the Ulimate Hacking, Ultimate Web Hacking and Ultimate Hacking Expert classes. Apart from working for Foundstone, some of the other companies Nish has worked for include TD Waterhouse, The Axa Group and Lucent. Nish holds his Masters in Parallel Processing from Sheffield University, is a post graduate in Finance from Strathclyde University and a Bachelor in Commerce from Bangalore University.


Filed under: Training — Administrator @ 8:31 pm

Title: War Driving Kuala Lumpur
Trainer: Anthony Zboralski (Gaius) & Jim Geovedi
Capacity: 22 pax
Seats left: 11
Duration : 2 days
Cost: (per pax) RM2000 (early bird) / RM2400 (non early-bird)


Note: Participants are required to bring their own laptops. Wireless enabled laptops aren’t required as students will connect to the Kismet Server using a network hub in the training room as well as in the bus.


This class will involve a war drive around Kuala Lumpur on the first day and as such is limited to 8 participants only. This two day hands-on workshop will cover wireless/mobile environments intrusion detection, secure wireless protocols, denial of service, privacy and anonymity, prevention of traffic analysis, wireless networking, monitoring and surveillance…

Wireless Technology is ubiquitous: hand phones, cordless phones, Wi-Fi LANs Bluetooth are everywhere. While wireless technology may be desirable to corporations because of the mobility and cost-saving it offers, wireless security has been elusive.

By default, most wireless networks are insecure and present a number of threats:

• Loss of Confidentiality (atm transactions, emails, confidential documents, etc.)
• Denial of Service, business interruption
• Theft of Service
• Internal networks may be exposed to outsiders and hackers may propagate via wireless to your network, partners and clients
• Corporate network could be used to launch stealth attacks against other targets or to transit spam

The 2-day course will cover:

• Introduction to Bluetooth and WiFi Security
• War Driving in Kuala Lumpur
• Analysing and mapping wireless networks.
• Attacking Wireless Networks and Bluetooth Devices
• Defending Wireless Networks
• Intrusion Detection and Monitoring

About Anthony:

Anthony Zboralski leads Bellua Asia Pacific, an Information Security consulting company based In Jakarta, Indonesia. He has more than 9 years of experience performing penetration tests, assessments, forensics and related services for some of the largest banks in Asia and a dozen Fortune 500 companies including Aerospatiale, Air France, Allianz, AXA, Electricite de France, Lagardere-Matra…

He is also known as Gaius, one of HERT cofounders and wrote some articles for phrack and hert.org (tunnelx, ciscogdb, procx, etc.). Anthony has been involved into hacking and security community since 1989 (started on x25 with otosync and bayernpower [Matthias]). He is 29 now, living in Indonesia with wife and two kids.

About Jim:

Jim Geovedi is HERT’s new evil thinker. While most of his time goes towards providing information security advisory and training services to private enterprises and government in Indonesia through Bellua Asia Pacific, in his spare time Jim amuses himself by working on open-source security software and
operating system development projects.


Filed under: Training — Administrator @ 8:30 pm

Title: Packet Mastering The Monkey Way
Trainers: Dr. Jose Nazario (Arbor Networks) & Marius Eriksen (Google.com)
Capacity: 22 pax
Seats left: 21
Duration : 2 days
Cost: (per pax) RM1800 (early bird) / RM2200 (non early-bird)



In this course you will learn how to code in C using libpcap, libdnet, libnids, and drive it all with libevent. The main language will be C, but we will also cover python bindings to these techniques.

Day 1

a) TCP/IP and ethernet networking overview
b) Packet capture with libpcap
c) Packet construction with libdnet
d) Libnids and stream reconstruction techniques

Day 2

a) Recap and questions from day 1
b) Event driven programming (signals, read, write, timers), libevent
c) Common tool classes: scanners, snifers, and tracers
d) Bringing it all together:
e) A simple stream sniffer (illustrating the use of libnids and libevent)
f) A simple port scanner (illustrating libpcap, libevent, libdnet)
g) Questions and other things you can do.

About Jose:

Dr. Jose Nazario is a worm researcher and senior software engineer at Arbor Networks. Dr. Nazario’s research interests include large-scale Internet trends such as reachability and topology measurement, Internet events such as DDoS attacks and worms, source code analysis methods and datamining. He routinely writes and speaks on Internet security in forums that include NANOG, USENIX Security, BlackHat Briefings, CanSecWest and SANS. Dr. Nazario holds a Ph.D. in biochemistry from Case Western Reserve University.

Dr. Nazario is also the author of the ground-breaking book entitled “Defense and Detection Strategies against Internet Worms” which offers insight into worm trends and behavior, while providing practical protection techniques. Dr. Nazario was also co-author on the book “Secure Architectures with OpenBSD”.

About Marius

Marius Eriksen is a software engineer at Google, Inc. and is an OpenBSD developer. He has developed and maintained many open source projects and has failed to release many more. Marius has mostly been involved with systems security, distributed filesystems, networking middleware and security and general operating systems kernel development. Marius’ recent open source work include work on transparent end-to-end networking portability and contextual user interfaces.


Filed under: Training — Administrator @ 7:43 pm

April 20, 2005

Title: Digital Investigations: Practical Digital Forensic Analysis
Trainer: The Grugq (Anti-Forensics Specialist)
Capacity: 30 pax
Seats left: 9
Duration : 2 days
Cost: (per pax) RM1800 (early bird) / RM2200 (non early-bird)



As the number of IT security incidents increases month upon month, the need for effective digital investigation techniques grows. This course teaches students how to conduct a successful digital forensic investigation, and builds a solid base of knowledge for further learning. Using a task-oriented approach, students will learn digital forensic analysis techniques and methodologies which can be applied immediately. During the course, strong emphasis is placed on technical understanding and skills.

The core curriculum of the course revolves around multiple File System Intensive sessions, focusing on file systems used on both Windows and UNIX/Linux platforms such as NTFS and Ext2FS. These File System Intensives use a combination of lectures and task-oriented hands-on lab exercises to instruct and reinforce the deep, low-level, file system knowledge crucial for effective digital forensic analysis and investigations. The lab exercises will teach core skills, such as how to:

* seize and preserve digital media
* recover deleted files (both manually and with tools)
* uncover evidence of tampering
* build a time-line

Each File System Intensive concludes with a sample investigation, reinforcing the skills developed within the course and building an understanding of how to successfully conduct a real investigation.

During the File System Intensive sessions, students will learn about the forensic analysis process, as well as the techniques and methodologies necessary for successful digital forensic investigations.


Students should be comfortable using Linux as an operating environment. Students will be assigned machines (desktops) in pairs. Each machine will include a Linux installation, including X windows. Development tools (e.g. gcc, make, etc.) will be installed, however no development experience is required. All tools will be provided on CD-ROM.

About The Grugq

The Grugq has been at the forefront of forensic research for the last six years, during which he has been pioneering in the realm of anti-forensic research and development. During this time, he has also worked with a leading IT security consultancy and been employed at a major financial institution. Most recently he has been involved with an innovative security software development start-up company. Currently the Grugq is a freelance forensic and IT security consultant. While not on engagements, the Grugq continues his research on security, forensics and beer.


Filed under: Training — Administrator @ 7:39 pm

Title: Hacking By Numbers - Guerilla Edition
Trainer: Christoff Breytenbach, Sensepost
Capacity: 22 pax
Seats left: 20
Duration : 2 days
Cost: (per pax) RM2000 (early bird) / RM2400 (non early-bird)



Reality, Theory and Practice! This course is the “How did they do that?” of modern hacking attacks. From start to finish we will lead you through the full compromise of a company’s IT systems, explaining the tools and technologies, but especially the thinking, strategies and the methodologies for every step along the way. “Hacking By Numbers - Guerilla Edition” will give you a complete and practical window into the methods and thinking of hackers.

‘Guerilla’ is SensePost’s ‘community-oriented’ course, designed to address the needs the the community - students, hobbyists & researchers. Like all our courses, it is strongly method based and emphasizes structure, approach and thinking over tools and tricks. The course is popular with beginners, who gain their first view into the world of hacking, and experts, who appreciate the sound, structured


Information security officers, system and network administrators, security consultants, government agencies and other nice people will all benefit from the valuable insights provided by this class. Remember that this course is practical and of an extremely technical nature, so a basic understanding of networking, security, Unixâ„¢ and NTâ„¢ is a course prerequisite.

About Christoff

Christoff Breytenbach studied B.Com Informatics at the University of Pretoria, South Africa. During 1999, while still studying, he was employed part time at the University’s Bureau of Institutional Research and Planning as a Natural/Adabas programmer. He started fulltime employment at the end of 1999 doing Visual Basic development work on company secretarial systems. His career moved towards information security in 2000 when he joined NetXactics (formerly eSafe Technologies) where one of his areas of expertise was application integration and technical support of cryptographic tokens.

Christoff joined AST Security Management in 2001 as an information security architect, specialising in network security consulting, architecture design and implementations. Just one of the various projects he was involved in, included Microsoft Certificate Services architecture design as a partner consultant to Microsoft Consulting Services South Africa. In August of 2002, Christoff joined SensePost as a senior IT security consultant involved in the various assessment services SensePost provides, including internal-, external-, architecture-, web application- / services- and database security assessments. Christoff has presented various talks (Internet Solutions’ Internetix conference, MSUG, ISSA, TechEd, etc.), papers (editorial for ITP Asia etc.), and presented various Black Hat- and SensePost training sessions, both locally and internationally. Christoff holds various certifications, including CISSP and MCSE in Security.

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Supported & Endorsed By

Malaysian Communications and Multimedia Commission (MCMC)

Malaysian Administrative Modernisation & Management Planning Unit

Main Sponsor

Microsoft Corporation

Official Airline Partner

Malaysia Airlines

Open-Hack Sponsor

VIA Technologies Inc.

CTF Sponsor

Scan Associates

CTF Prize Sponsor


Media Partners:

The Virus Bulletin Conference takes place at The Burlington, Dublin, Ireland, 5 to 7 October 2005. Register here.

Phrack Magazine

Our Speakers Are Supported By:

Bellua Asia Pacific

F-Secure Corporation

Supporting Organizations


Chaos Computer Club (Germany)

X-Focus China

Zone-H Defacement Mirror

Xatrix Security


Special Interest Group in Security & Information InteGrity Singapore