BlackStorm Security offers extensive and detailed training about the most relevant topics in the Security area, including within each course vast expertise in solving real cases and critical problems.
All courses are Instructor Leading Training (ILTs) and their table of contents may suffer changes anytime, with the insertion of new concepts and analysis.
I really checked out and recommend you to attend. The list of next available courses are the following:
Malicious Document Analysis
Course (16 hours)
- Introduction
- First Steps
- Analyzing Malicious PDF Documents
- Analyzing DOC/DOCX, XLS/XLSX, PPT/PPTX, EML, MSI, CHM, and other formats
Malware I
Course (64 hours)
- Introduction
- Basic Dynamic Analysis
- Sandboxes
- PE Details
- Introduction to Static Analysis
- Packet Analysis
- Malicious Scripts
- Assembly Review, Windows API and DLL Concepts
- Injection and Hooking
- IDA Pro, Radare2 and Decompilers
- Debuggers and Basic Unpacking
- Pro Tips and Unpacking
- x64 Malware and Complete Examples
Malware II
Course (64 hours)
- Unpacking and Modern Tool
- Java Malware and COM
- x64dbg Plugins and WinDbg
- Introduction to Malicious Kernel Modules
- IDA Pro: Advanced Concepts, IDC, IDA Python, and Third-Party Plugins
- Intrumentation, Introspection, and Emulation
- Anti-VM, Anti-Debug, Anti-Disassembly, and Obfuscation
- C++ and .NET Malware
Malware III
Course (64 hours)
- Introduction
- Making a Lab and Understanding the ELF Format
- Static, Dynamic and Memory Analysis
- Instrumentation and Advanced Techniques
- Reversing Malware Samples
ROOTKITS
Course (64 hours)
- Processor concepts
- System concepts
- WinDbg
- Code Injection
- Hooking
- Code Modification
- Kernel Manipulation
- Device Drivers Concepts
- Windows Protections
- Ring 0 Malwares
- Anti-Forensics
Hunting Malware using Memory Analysis I
Course (48 hours)
- Introduction
- Memory Concepts
- Making a Lab
- Windows 10 Forensics Challenges and Volatility 3
- Memory Acquisition and Image Management
- Windows Objects and Kernel Pool
- Volshell
- Processes
- Environment Variables, DLLs and Registry
- Code Injection and Hooking
- Network Investigation
- Event Logs
- Services
- Kernel Modules
- Real Cases
- Gui Threads
- Disks and Timelines
Hunting Malwares using Memory Analysis II
Course (48 hours)
- How to acquire Linux Memory
- Forensic Linux Details
- Memory and Processes
- Network Artifacts
- Files Systems
- Kernel threats
- Rootkits
- Real Cases
Windows Exploit Development I – part A
Course (24 hours) – Currently, parts A and B are delivered together
- Lab Creation and Setup
- Windows Protections
- Simple Buffer Overflow
- SEH and SafeSeH
- ASLR
Windows Exploit Development I – part B
Course (24 hours) – Currently, parts A and B are delivered together
- DEP and EggHunter
- Shellcodes
- Exploit using Unicode
- ROP, ROP fixing and multiple limitations
- Migrating exploits to Metasploit
Windows Exploit Development II
Course (48hours)
- Review on Stack Exploitation and Heap Spraying
- Memory Management, Practical WinDbg, and Memory Leaks
- Heap Spraying Exploitation and Protections
- Heap Overflow, Exploits and Protections
- Sophisticated Exploits
Live and Post-Mortem Analysis using WinDbg
Course (48 hours)
- Introduction
- Setup Environment
- Memory Dump Acquisition
- Basics on WinDbg
- Advanced Techniques
- Stack and Heap Analysis
- Multiple Scenarios
- Native Crash Dump Analysis
- .NET Crash Dump Analysis
- Miscellaneous
Malware Analysis 4
Course (48 hours)
- Introduction, Making a Lab and .NET Concepts
- .NET Internals, Runtime, Memory Management, and MSIL
- .NET Static and Dynamic Analysis
- .NET Malware Examples
CISSP Preparatory Course
Course (40 hours)
- Introduction, CISSP Career, and Tips
- Security Engineering and Architecture
- Communication, Network Security and Identity Management
- Security Tests and Evaluation
- Security Operations and Software Development
Digital Forensics I
Course (48 hours)
- The preparation and volatile information
- Acquiring Information from memory and disk
- Seeing the past with VSC
- Artifacts from the Internet
- Registry
- Windows File System
- Linux File System
- Detailing the File System analysis
- Malware’s and Anti-Forensics
- Timeline
- Mobile Forensics
Inside the Windows I
Course (48 hours)
- Basic Concepts, Lab Creation and WinDbg Review
- Architecture Foundation
- Processes, Jobs, Trustlets, and Threads
- Memory
- I/O and Device Drivers
- Security
- Miscellaneous
Inside the Windows II
Course (48 hours)
- Dispatching
- Working Threads
- Object Manager
- Synchronization
- LPC
- Debugging
- Image Loader
- Kernel Protection
- Registry
- Storage Topics
- File Systems (NTFS/FAT32)
- Cache
- Networking
- Starting and Stopping the Windows
Android/MacOS+iOS Reversing 1
Course (64 hours)
- Android/MacOS+iOS Introduction and Architecture
- ARM Assembly Review
- Rooting, Jailbreak and Mobile Frameworks
- Android Basic Static / Dynamic Analysis and Runtime Analysis
- Pinning and Network Analysis
- iOS Static / Dynamic Analysis and Runtime Analysis
- Android Advanced Static Analysis in Malware Analysis
Android/MacOS+iOS Reversing 2
Course (64 hours)
- Android Security and Instrumentation
- Android Malware Analysis in Real Cases
- MacOS/iOS Security Mechanisms and Kernel Concepts
- MacOS/iOS Debugging
- MacOS/iOS Reversing
- MacOS/iOS Malware Cases
Information Security Awareness
Course (16 hours)
- Introduction
- Malware: types and goals
- How to check potential malicious files?
- Ransomware
- Infection consequences
- Introduction to malicious Office and PDF documents
- How to protect our home systems?
- And other 13 very interesting topics
Incident Response and Threat Hunting
Course (48 hours)
- Introduction and IR concepts
- Gathering Live Information and Evidence Acquisition
- Packet Analysis and Registry Investigation
- Common Application Forensics and Other Artifacts
- Investigating Linux Systems
- Malware Profiling and YARA
- Windows Logging and Sysmon
- Threat Hunting Concepts, MITRE, Frameworks, and Emulation
- Scenarios
Mobile Forensics
Course (48 hours)
- Introduction and Concepts
- Introduction to Android and iOS Architecture
- Forensic Procedures
- Making a Lab, Rooting and Jailbreak
- Android and iOS Data Acquisition
- Mobile Database Forensics
- Android Investigation
- iOS Investigation
- Miscellaneous
Secure Code
Course (48 hours)
- Introduction
- Secure Code Life Cycle
- Cryptography: concepts and code
- Secure Code Problems: pointers, leaks, race condition and others
- Web Application: main vulnerabilities and code mistakes
- Memory Management: native and managed code
- Window/Linux Protections, Buffer Overflow, Fuzzing and Platform Protections
- Static/Dynamic Analysis using Frameworks, Anti-reversing and Obfuscation Techniques
- Synchronization and Parallelism: techniques, issues, and mitigations
For more information, visit: http://www.blackstormsecurity.com/bs/en/en_training.html
