Early bird registration rate ends on the 30th of April
This is a unique training that covers red team tactics for pentesting modern day application stack. Attendees will learn to identify, exploit and exfiltrate data from Database Servers, Software Collaboration tools, CI tools, Distributed Configuration & Resource management tools, Containers, Big Data Environments, Search Technologies and Message Brokers. The 3 days workshop is a fast paced and completely hands on program that aims to impart the technical know-how methodology and tools of trade for testing these systems. Real world corporate stacks are emulated in the form of containerised challenges to prepare students for real world scenarios.
Continuous Build & Deployment tools, Message brokers, Configuration Management systems, Resource Management systems and Distributed file systems are some of the most common systems deployed in modern cloud infrastructures thanks to the increase in the distributed nature of software. Modern day pentesting is no more limited to remote command execution from an exposed web application. In present day scenario, all these applications open up multiple doors into a company’s infrastructure. One must be able to effectively find and compromise these systems for a better foothold on the infrastructure which is evident through the recent attacks on the application stack through platforms like Shodan paving way for a full compromise on corporate infrastructures.
In this 3 day workshop we start by looking at the application stack consisting of Databases,CI tools, Distributed Configuration & Resource management tools, Containers, Big Data Environments, Search technologies and Message Brokers.
Along with the training knowledge, the workshop also aims to impart the technical know-how methodology of testing these systems. This workshop is meant for anyone who would like to know, attack or secure the modern day stack. The students are bound to have some real fun and entirely new experience through this unique workshop, as we go through multiple challenging scenarios one might not have come across.
Security Engineers, Penetration testers, Bug bounty hunters, System Administrators, SOC analysts, Security enthusiasts, Security Engineers in DevOPS and anyone interested in the modern application stack.
During the entire duration of the workshop, the students are expected to learn the following
Knowledge of basic pentesting, web application working and linux command line basics,some ssh commands,the ability to use a web proxy like Burp Suite, ZAP, and the ability to write basic scripts in any interpreted language is an added advantage.
Students require a laptop with administrative and USB access and minimum configuration of 8GB RAM and 100GB hard-disk space. Full visualization support, Virtual Box and Docker should be installed. Linux / Unix installations preferred.
Module 0: Modern Application Stack
Module 1: Pentesting Databases:
Module 2: Public Cloud Environments
Module 3: CI Tools
TeamCity and Go.
Module 4: Software Collaboration Tools
Module 5: Message Brokers
Module 6: Containers
Module 7: Distributed Configuration Management Systems (DCMS)
Module 8: Distributed File System
Module 9: Kubernetes,Mesos and Marathon (Distributed Deployment & Resource Management)
Module 10: Search Technologies
Module 11: Deployment Management Tools