CyberWar 2014: Advanced Pentesting Live Online (Beta)

I’ve been developing the new CyberWar 2014 course for a while and I’ve decided to run a beta version of the class. This should give you guys a sneak peak at next year’s material and give me some debugging opportunities.

 

Course Description:

This course picks up where the wildly successful courses “Advanced Penetration Tester: Pentesting High Security Environments”, and “CyberWar: Emulating Advanced Persistent Threat” left off. The focus of this class is “Taking Intrusion Detection System (IDS) evasion, and Anti-virus bypass to the next level.”

Key Points:

  • Per student request there will be absolutely NO Windows 2000, no Windows XP, Vista, or Server 2003 in the entire course. Only Windows 7, Windows 8, Server 2008, Server 2012 and new flavors of Linux.
  • Students attack a network of fully patched, and hardened hosts. Each target computer will be running a Host-Based Intrusion Detection System (HIDS), updated Anti-Virus, and a logging agent that reports to a Security Information and Event Management (SIEM) solution.
  • There will also be a Network Intrusion Detection System (NIDS), a web content filtering proxy, and a stateful inspection firewall as well.
  • The students will have access to the consoles of all of the security appliances. Students will be able to see in real time the events triggered by the HIDS, NIDS, Proxy, and the logs so the students can learn exactly what attacks and defenses really work in today’s high security environment.

Students that are Network/System Administrators with three or more years experience working in environments such as financial institutions, DoD networks, or similar high security environments will benefit greatly from this course.
It is however primarily designed for Network/Web Application Penetration testers that are looking for the little tips and tricks that will help them better attack high security environments.

 

CyberWar 2014 Outline

 

Day 1: Attacking From the Outside

 

  • Attacking Hardened Web Applications
    • Advanced Methods of identifying SQLI/XSS

 

  • Bypassing Common Web Application Security Mechanisms
    • Client-Side Filtering
    • Alphanumeric Filtering
    • Magic Quotes
    • ASP.NET Request Validate

 

  • Bypassing Common Security Products
    • IDS Signature Evasion
    • Dealing with Web Application Firewalls

 

Day 1’s Mission:

Attack a mock company’s heavily protected external web applications from the outside

 

 

 

Day 2: Bypassing Anti-Virus & HIPS

  • Bypassing Popular Anti-Virus
    • AVG
    • McAfee
    • Symantec
    • Windows Defender

 

  • Bypassing Popular HIPS
    • McAfee HIPS
    • Symantec EndPoint Protection
    • Forefront

 

Day 2’s Mission:

Bypass the most common host-based security products

 

 

Day 3: DLL/Process Injection, SRP/Applocker Bypass

 

  • DLL Injection
  • Process Injection
  • Bypassing SRP and AppLocker

 

Day 3’s Mission:

Bypass Group Policy Objects, Software Restriction Policy, and HIPS

 

Day 4: Advanced Host & Network Enumeration

 

  • Attacking Windows 7 and 8
    • Advanced Post-Exploitation
    • Data-Mining

 

  • Attacking 2008/2012 Active Directory
    • Advanced Network Enumeration
    • Data-Mining 2008/2012 Active Directory with security settings enabled

 

Day 4’s Mission:

Students will be tasked with gaining access to a highly protected network, finding and stealing critical data and exfiltrating that data without being detected.

 

Pressure will added to the training environment by constantly changing the environment and its defensive mechanisms at irregular intervals.

 

Day 5: The Mother Of All CTFs

 

Get your sleep the night before, eat your Wheaties the morning of because you are about to participate in what will be the toughest CTF around.

 

Course Schedule

This is an online course that will run from August 12th – 16th (Live Online) 10am – 2pm

 

Course Costs (Note: This is a beta class so the cost will go up next time we run it)

The course cost is $1,000USD – click here to register for $1,000USD

 

First 10 applicants can signup for $300 USD – click here to see if you can be one of the first 10 signups.

 

 

 

 

Exploit Dev Weekend Bootcamp

All day Saturday/Sunday June 22nd-23rd.  1 full day of Stack/SEH Overwrites (22nd), and 1 full day of Heap Spray/DEP Bypass (23rd). We’ll go from 10am-3pm each day. You’ll get your courseware and virtual machines on the 21st of June.

The sessions will be recorded each day so students can review the materials at their leisure. Get ready – this workshop is gonna be a ton of material

Day 1:

  • Stack Overflows
  • SEH Overwrites
  • Shellcoding tricks

Day 2:

  • Heap Spray
  • DEP Bypass
  • ASLR

Exploit Development Weekend Bootcamp Cost is $150 – click here to purchase for $150

Or

You can have it for $100 if you:

  1. Post about it on Twitter
  2. Like this page on Facebook
  3. +1 this page on Google+

Send me an email with proof that you’ve done this and I’ll reply with the $100 payment link

Pentester Weekend Bootcamp

Ok everyone – LET’S DO THIS!!!!!!!!!!!

All day Saturday/Sunday June 8th and 9th.  1 full day of Network Pentesting (8th), and 1 full day of Web App Pentesting (9th). We’ll go from 10am-3pm each day. You’ll get your courseware and network access on the 7th of June and maintain access to the lab network until the 30th of June.

The webinars will be recorded each day, and the network will be fluid (targets changing each day in some cases several times a day). Get ready – this workshop is gonna be full on pentesting covering both Network and Web App Pentesting all in one shot!

Day 1:

  • External Network Scanning
  • Internal Network Scanning
  • Exploitation (Service and Client-Side)
  • Post-Exploitation
  • Getting REALLY comfortable with Metasploit (lots of tips and tricks)

 

Day 2:

  • SQL Injection
  • Cross Site Scripting
  • File Handling Vulnerabilities
  • Getting REALLY comfortable with Burp Suite (lots of tips and tricks)

Pentester Weekend Bootcamp Cost is $150 – click here to purchase for $150

Or

You can have it for $100 if you:

  1. Post about it on Twitter
  2. Like this page on Facebook
  3. +1 this page on Google+

Send me an email with proof that you’ve done this and I’ll reply with the $100 payment link

Hope to see you in class.

Powershell For Pentesters

Everyone knows my love for Python, but I’ve got to be honest and let you know that Powershell is a close second to my beloved Python.

Here’s the low down. If you are hacking modern versions of Windows (Windows 7, Windows 8, Server 2008, Server 2012) – you need Powershell.

The class cost is $100 – click here to purchase

What will we be doing you ask – check this out:

Fundamenatls:
- Cmdlets
- Variables
- WMI Objects
- Interacting With Active Directory

Hacking with Powershell:
- Traditional Hacking
- Ping Sweeping
- Port Scanning
- Enumerating Hosts/Networks
- Download & Execute
- Parsing Nmap
- Parsing Nessus
- Powersploit
- Nishang

…..and of course integrating with Metasploit

This class will run for the entire month of June on Tues/Thurs from 7pm – 9pm EST
The classes will be recorded so students can still view the lessons if they miss an individual class.

Or, you can bundle with the Python class that is already running right now for $150

Click here to purchase the Python and Powershell bundle for $150

If you’ve already purchased the Python For Security Professionals class – send me an email and I’ll give you the Powershell for the additional $50.

If you’ve already purchased the Python For Security Professionals & Python For Tool Security Development package – send me an email and I’ll give you the Powershell for FREE.

Hacking in Paradise Giveaway 2013

Strategic Security is giving away four free seats (1 seat per month from April – July) to Hacking In Paradise – The Bahamas 2013.

This is a full package deal offer – so you’ll get airfare, lodging, and the training if you win.

To enter and be considered for one of the seats you’ll have to perform several activities.
You can do as many activities as you want everyday – good luck.

After you complete your tasks, send an email to joe(at)strategicsec(dot)com with publicly viewable links to the completed activities.

Here are the entry activities:

- Tweet about this giveaway (3 points)
- Follow @j0emccray on twitter (1 point)
- Follow @strategicsec on twitter (1 point)
- Friend j0emccray on facebook [facebook.com/j0emccray] (1 point)
- Add gplus.to/j0emccray to one of your circles on Google+ (1 point)
- Like this page on facebook (1 point)
- +1 Hacking in Paradise page on Google+ (1 point)
- Blog about this class (3 points)
- Google+ post about this class (3 points)
- Follow @ITSecPros on twitter (5 points)
- +1 IT Security Professionals page on Google+ (1 point)

a Rafflecopter giveaway

So You Wanna Be A Pentester – Free Webinar To Show You How

I’ll be hosting a FREE webinar on the subject of becoming a penetration tester.

Title:    So You Wanna Be A Pentester
Date:    Thursday, May 23, 2013
Time:    2:00 PM – 3:00 PM EDT

 

I’ll be covering things like:

  • Some of the various types of penetration testing jobs
  • Education/Certification/Experience/Skill requirements
    • Should I have a degree – if so what type?
    • Should I have certifications – if so which ones?
    • Should I have work experience – if so what type?
    • What skills should I have prior to applying?
    • Do I need to be a good programmer?
    • Where can I get these skills if I’m not currently working in the field?
    • Security clearance requirements
    • What are good key words to use when searching IT job sites for pentesting jobs?
    • What to expect during the interview process
    • I’m not in the US, where can I find pentester work abroad?
    • How much money can I expect to make as a pentester?
    • The good the bad and the ugly…what the work is actually like day-in and day-out

I’m hoping that newbies that want to get into the field will find this webinar helpful.

Space is limited.
Reserve your Webinar seat now at:
https://www4.gotomeeting.com/register/422400863

After registering you will receive a confirmation email containing information about joining the Webinar.

System Requirements

PC-based attendees
Required: Windows® 7, Vista, XP or 2003 Server

Mac®-based attendees
Required: Mac OS® X 10.6 or newer

Mobile attendees
Required: iPhone®, iPad®, Android™ phone or Android tablet

 

Python For IT Security Workshops Online Training Package

You can take your choice of the 2 workshops:

Python For Security Professionals (Online) – Level 1  for $100

Or

Python For Security Tool Development (Online) – Level 2 for $100

Or

Both workshops for $150

 

Short Descriptions:

 

Python For Security Professionals (Online) – Level 1

This is a beginner’s functional programming course focused on programming concepts that can be used to accomplish common security tasks such as log parsing, password cracking, port scanning, vulnerability testing, web application security testing, malware analysis, and exploit development. There won’t be a bunch of math, no CD collection databases, and no useless programming mumbo jumbo.

Each Week the students will learn a few basic programming concepts, and then use some sample code (skeleton scripts) to perform security tasks. The students will keep the skeleton scripts so that when they get back to work they’ll have something that they can use a crib sheet to  build scripts that can do other security tasks.

This class will run for the entire month of May on Mon/Wed from 7pm – 9pm EST.

Click Here To Signup

 

Python For Security Tool Development (Online) – Level 2

This class takes what you learned in Python For Security Professionals to the next level. It’s designed for people that want to modify existing security tools, and/or create their own. We will focus exclusively solving problems IT Security Professionals often face. We’ll analyze several popular security tools, and modify them to work in situations they weren’t designed for.

Finally you’ll be required to develop a sophisticated analysis tool, and a sophisticated attack tool as part of the class. You’ll get to choose what the primary functions of your tools are, and you’ll be encouraged to release your tool as an open source project or modify your tool so that it becomes an integral component a class project that will be released as an open source project on github.

This class will run for the entire month of June on Mon/Wed from 7pm – 9pm EST.

Click Here To Signup

 

Want to take both for $150 – Click Here

 

Course Syllabus:

Python For Security Professionals (Online) – Level 1

This class will run for the entire month of May on Mon/Wed from 7pm – 9pm EST.

This class is for security professionals that have VERY LITTLE PROGRAMMING EXPERIENCE.

Week 1:     Programming Concepts, Parsing Files, Logs, and PCAPs

  •     Python Basics
  •     Text File Parsing
  •     Log Parsing
  •     PCAP Parsing

Week 2:    Password Cracking, Netcat, Port-Scanning, and simple fuzzing

  •     Password Cracking
  •     Netcat-like Functionality
  •     Port-Scanning
  •     Fuzzing

 

Week 3:    Web Application Vulnerability Testing

  •     Vulnerable Service Identification
  •     SQL Injection
  •     XSS
  •     RFI/LFI

Week 4:    Writing Your Own Security Tools

Click Here To Signup

 

 

 

Python For Security Tool Development (Online) – Level 2

The depth of the material will be heavily dependent upon the skill-level of the attendees. I’ll do my best to make sure that I help everyone and sufficiently challenge each student based on their ability/knowledge.

The primary goal of this class will be for the students to really get in there and work on something really useful for the IT Security community.

 

Click Here To Signup

 

Want to take both for $150 – Click Here

 

Hacking in Paradise 2013 Giveaway

Strategic Security is giving away four free seats (1 seat per month from April – July) to Hacking In Paradise – The Bahamas 2013. This is a full package deal offer – so you’ll get airfare, lodging, and the training if you win.

To enter and be considered for one of the seats you’ll have to perform several activities.
You can do as many activities as you want everyday – good luck.

After you complete your tasks, send an email to joe(at)strategicsec(dot)com with
publicly viewable links to the completed activities.

Here are the entry activities:

- Tweet about this giveaway (3 points)
- Follow @j0emccray on twitter (1 point)
- Follow @strategicsec on twitter (1 point)
- Friend j0emccray on facebook [facebook.com/j0emccray] (1 point)
- Add gplus.to/j0emccray to one of your circles on Google+ (1 point)
- Like this page on facebook (1 point)
- +1 Hacking in Paradise page on Google+ (1 point)
- Blog about this class (3 points)
- Google+ post about this class (3 points)
- Follow @ITSecPros on twitter (5 points)
- +1 IT Security Professionals page on Google+ (1 point)

 
Hacking In Paradise Giveaway

New Site: IT Security Professionals

For the past few months the rookies and I have been working on the new website IT Security Professionals.

 

What’s this place all about?

Simple – it’s a social networking and resource website for IT Security Professionals. Think – LinkedIn, Facebook, Monster.com, and Wikipedia all wrapped up in one website just for IT Security People.

 

What separates this website from anywhere else on the web?

The key differentiators for this website are:

  1. Spam-Free
  2. Vendor-Free
  3. Content and Discussion driven

 

There were several goals that this site needed to accomplish, and I’m really hoping that we are moving in the right direction so we can achieve them. Here is the rundown:

R00kie group goals:

  • Provide us with a project management solution so we could task r00kies with projects and track the status of those projects.
  • Provide us with the ability for r00kies to collaborate on documents
  • Provide us with a mechanism to allow r00kies to show what their contributions to the r00kie program have been

 

IT Security Community Goals

  • Provide us with a mechanism to give back to the IT Security Community
  • Provide the IT Security Community with a vehicle to learn and keep up with the industry

 

Check out the site, and let us know what you think

I really hope that you check out the website and let us know what you think. I know it will take some time, but I really think that we’re going to provide something of value to the community with this project.

 

http://it-security-professionals.com/

 

Joe

 

Web App Pentester Night School (Tues/Thurs) April 2013

Hands-on Web Application Security

So what exactly do I mean by “Hands-on” – this video is a good example of the kinds of things you’ll be learning.

 

Course Outline

Week 1: Simple ASP/ MSSQL Web App (2 and 4 April)

Week 2: PHP/MySQL Web App (9 and 11 April)

Week 3: JSP/Oracle Web App (16 and 18 April)

Week 4: Tricky Stuff (23 and 25 April)

 

Specifics I’ll Be Covering

  •          SQL Injection
  •          Cross-Site Scripting
  •          Web Shells
  •          Filter Evasion
  •          SQL Injection to a command-shell
  •          XSS to a command-shell
  •          WAF Bypass

 

Class Schedule

Tuesday and Thursday evenings from 7pm EST to 9:00pm EST via webinar.

 

Network Access

Students will have 24/7 network access from 1 March 2013 to 31 March 2013.

 

Class Cost

This class has a cost $100 USD. Click HERE to signup.

Exploit Dev On The Weekends – April 2013

This workshop is for newbies to the world of exploit development. It takes participants from “n00b” to “31337″ – ok just kidding not quite “31337”, but it will help you get comfortable with the subject because you are given the time to actually absorb the material.

Each Saturday in the month of April (6th, 13th, 20thand 27th) from noon to 4pm EST Joe McCray will host a webinar.

Here are some of the topics to look forward to:

Course Outline:

  • April 6th– Stack Overflows
  • April 13th – Abusing Structured Exception Handlers on Windows
  • April 20th – Heap Spray
  • April 27th – ROP Exploits

Each week Joe will host the 4 hour webinar where he will walk through the previous week’s homework exercises, cover the material for the current week, take questions from the students, and provide homework for the upcoming week. The homework that is handed out each week is designed so students can work on and reinforce each week’s lesson.

The cost for this workshop is $100USD – click HERE to register.

Pentester Night School (Mon/Wed) April 2013

The primary focus of the class is ‘goal oriented pentesting’, or emulating Advanced Persistent Threat so there will be a lot of focus on Bypassing Anti-Virus, and POST EXPLOITATION (with and without Metasploit).

The network environment is going to be highly fluid, really volatile. Each day the network topology will be changing slightly.

 

Class Outline

Week 1:  Scanning & Exploitation                                                   (1-7 April)

  • Dealing with Load Balancers, IPS, and WAF
  • Web Attacks
  • Client-Side Exploitation

Week 2:  BypassingAV                                                                   (8-14 April)

  • File Splitting
  • Packing
  • Encoding
  • Shellcode Injection

Week 3: Post Exploitation                                                            (15-21 April)

  • Getting Files On/Off System
  • Download and Execute
  • Creating Listeners/Backdoor Services
  • Different Kinds of Reverse Shells
  • Automating Tasks
  • Privilege Escalation
  • Lateral Movement
  • Pass The Hash
  • Host Enumeration
  • Host Data Mining
  • Active Directory Enumeration

Week 4: Your Pentest                                                                    (22-31 April)

 

Class Schedule

Monday and Wednesday evenings from 7pm EST to 9:00pm EST via webinar.

 

Network Access

Students will have 24/7 network access from 1 April 2013 to 31 April 2013.

 

Class Cost

This class has a cost $100 USD. Click HERE to signup.

Pentesting Without Metasploit

Pentesting WITHOUT Metasploit

I really think you are going to like this one!

I really think this is the kind of class that pentesters, and security professionals are REALLY going to enjoy.

There are a lot of situations that can arise on a pentest where Metasploit just won’t work and you’ll have to perform the task by hand – this is often the case in high security environments because many of the defensive tools look specifically for Metasploit. -

 

- Hands-on -

So what exactly do I mean by “Hands-on” – this video is a good example of the kinds of things you’ll be learning.

 

https://www.youtube.com/watch?v=wZ-b8qe7M8I

 

 

Course Outline

 

  • Week 1: Scanning (5 and 7 March)

 

  • Week 2: Exploitation (12 and 14 March)

 

  • Week 3: Post-Exploitation (19 and 21 March)

 

  • Week 4: Tricky Stuff (26 and 28 March)

 

Specifics I’ll Be Covering

  •          Scripting
    •    Bash
    •    Batch
    •    VBScript
    •    Powershell
    •    Python
  •          Using public exploit code
    •    Compiling Code on Windows and *nix
    •    Fixing broken exploit code
    •    Changing shellcode in exploits
  •          Bypassing Anti-Virus
  •          Post-Exploitation

 

Class Schedule

Tuesday and Thursday evenings from 7pm EST to 9:00pm EST via webinar.

 

Network Access

Students will have 24/7 network access from 1 March 2013 to 31 March 2013.

Class Cost

This class has a cost $200 USD. Click HERE to signup.

paypal
Joe

Web App Pententester Night School

New Web App Workshop and Other Things

Alright, it’s been a whirlwind week teaching a classroom-based class in Maryland, 2 online classes, and of course the other recent drama. I’m working on a few new things right now that I think you might be interested in.

 

Hands-on Web Application Security

So what exactly do I mean by “Hands-on” – this video is a good example of the kinds of things you’ll be learning.

 

Course Outline

Week 1: Simple ASP/ MSSQL Web App (4 and 6 March)

Week 2: PHP/MySQL Web App (11 and 13 March)

Week 3: JSP/Oracle Web App (18 and 20 March)

Week 4: Tricky Stuff (25 and 27 March)

 

Specifics I’ll Be Covering

  •          SQL Injection
  •          Cross-Site Scripting
  •          Web Shells
  •          Filter Evasion
  •          SQL Injection to a command-shell
  •          XSS to a command-shell
  •          WAF Bypass

 

Class Schedule

Monday and Wednesday evenings from 7pm EST to 9:00pm EST via webinar.

 

Network Access

Students will have 24/7 network access from 1 March 2013 to 31 March 2013.

 

Class Cost

This class has a cost $100 USD. Click HERE to signup.

paypal

New Stuff…I’m working on another course so later today I’ll be releasing the info on that as well!

 

Joe

The Final Statement On This Issue

I didn’t want to do this, I tried not to let it get to this point, but I’m done – and as much as I care about keeping my personal issues to myself this is the straw that broke the camel’s back for me.

I’m putting this dirty laundry out 1 time, and one time only. I absolutely will not speak on this subject ever again after this post. In my last blog post I responded to this Plagarism accusation from Saumil Shah. I emailed every single student in the class, made them aware of the situation – apologized, and offered refunds to anyone that felt slighted in any way. For the nearly 180 students that are taking courses with me this month I’ve given 12 refunds and I’ll happily give a refund to any other student that requests it.

After that I tried to go on about my business, but this is getting to the point of sheer stupidity.

Saumil, for 2 years even though very mention of your name made my skin crawl I still praised you publicly, recommended you publicly (YES, EVEN IN THE COURSEWARE YOU SAY I STOLE FROM YOU  – said that I learned this from you and I’d recommend that people take your classes).

Let’s get down to brass tacks here…

The truth is that Saumil and I have a financial dispute over a class that he taught with my company and a partner training company that I often work with nearly two years ago. The class wasn’t selling well so I lowered the price (literally cut the price in half) to get some sales. The company that hosted the training paid Saumil $9,000 when the class only grossed a little over 20K. Saumil wanted me to pay him 17,000. In total I paid him 15K when my cut was only 6K. So basically I lost 11K on the class and Saumil still wants the remaining 2K. And no there was no contract between us – it was a gentlemen’s agreement done without even a handshake.

When I was in the class I was so appreciative of him helping me learn the subject that I offered to rewrite my notes from his class, update the attack scripts and port them to python for him which was something he said he wanted to do in the future, and fully document lab manuals with step-by-step walkthroughs for each lab.  I told him that he could have ALL of this for free and I would be happy to do it as it would help me learn the material better. I honestly had planned to work on future classes with him where he would teach the exploit development and I would teach the network/web attacks. I was excited about the potential and he was too.

When it came time to settle up I paid him more money than I took in for the class (more than double what I took in – $6,000 was all I made and he wanted $17,000 – nearly triple what I made).  I was already in financial peril at the time because 3 customers had not paid for their penetration tests, and 1 customer had not paid me for a class so I was owed nearly $100,000 dollars. I was drowning financially so I paid him late, but even with paying him late I was still giving him money when I didn’t have it to give.

I got evicted from my home and even then I was still trying to pay Saumil for a class that I lost money on, a few months later I taught a class in Norway at HackCON  and had my point of contact for the event give Saumil all of the money from the event when I had no home to live in.

At this point I was in deep financial peril at the time and felt like Saumil was being an asshole to me. What kind of human I kept thinking to myself would be this way to me when I was homeless.

At this point I now fully hated his guts – nothing would satisfy me more than punching him in the mouth in front of god and country. I only had a few thousand dollars left to pay at this point, and the only reason that I was going to pay it was because I didn’t want him to go to security conferences and tell people in the IT Security community that I didn’t pay my bills. I figured it would destroy my ability to speak at conferences, run classes, and basically ruin me.

At that point Saumil’s business partner Hiren Shah began calling our mutual acquaintances, and my contractors asking each of that what my financial situation was. How much money I had made on recent penetration tests, courses, had they been paid from me recently, and more.

This put me through the roof!!!!!!!!!

Here I am taking money out my family’s mouth, still don’t have a place to live, and struggling to pay Saumil just so I can keep my private life out of the security industry and now here we go. Too late for that.

At this point I didn’t care anymore, I was so angry with him for being such a cowardly bitch that I couldn’t stand it. I swore that the next time I see him there was gonna be some furniture moving. Yes ChrisJohnRiley THIS IS THE NEW BLACK I was 2 seconds away from whooping  Saumil’s ass. I was ready to put my foot so far up his ass that his breath would smell like shoe polish!

I told him explicitly (yes that means I dropped a lot of F-Bombs) how I felt, and that I’m not paying him the remaining money because he and Hiren are both some bitches.  After that – all of these notes I rewrote, scripts I ported from perl to python, lab manuals that I wrote – for him as a gift to show my appreciation that he mentions in his blog post, and yes his precious virtual machines – I used them in classes, webinars, and workshops I taught. I did it to spite him. I was pissed at him – immature I realize – but at least it’s the truth. I might as well try to make my money back after all of this mess.

Saumil and anybody else for that matter – you can write whatever you want about me. You can put me on what ever page you want, talk about me on twitter, but at the end of the day Saumil can have a hot steamy cup of FUCK YOU! At this point I flat out don’t care how many people you tell, how many people talk about this on twitter. I hope that every single human being on this earth learns how much of a whining wimpy little bitch you are, and knows that I can’t stand you and I would rather eat hot shit before I’d even acknowledge that you are a fucking human being let alone speak to you.

No I’m not paying you, and I sincerely feel bad for every single incident of a people loosing respect for me with regard to this issue, I know that I will never do it again because there is no HUMAN being that would ever be the way that he was to me, but I refuse to continue to talk to people like you are a good person when I know you are not.

So Saumil, and Hiren – I just want you to know what I think of you personally, and professionally.

From the bottom of my heart…

FUCK YOU!

Joe

Addressing An Issue

Hello everyone, I want to address an issue. Saumil Shah, of Exploit Labs has made a post on his blog that I feel I need to address:

http://blog.exploitlab.net/2013/02/defending-our-work.html

 

Summary:

I used the virtual machines from the class that I was in 2 years ago. I did it out of convenience. The virtual machines are built with software that is freely available on the Internet. There is no intellectual property of his that was stolen.

Saumil and I have had disagreements in the past and quite frankly the differences between us have still not been resolved. We are civil, but that is about the end of it. I emailed Saumil yesterday and let him know the following:

Even though we are not on good terms I apologize for using his virtual machines and will create new ones for my upcoming classes.

  1. Even though we have personal issues I recommended him in my webinars and in this very course as a good person to learn from.
  2. The screenshot of debugger commands that he references in his blog post was never given out to students. And honestly – it’s just commands not intellectual property. It’s the same as handing out a GDB cheatsheet for reference.

To both Saumil and the entire IT Security community

I apologize for misrepresenting the courseware. I looked at it as all of the software on the virtual machines that he gives away is freely available on the internet and it was helping me get the courseware done quickly by providing a working set of attack target virtual machines. It was never intended to be considered giving away his courseware. I will correct this immediately and I will have new virtual machines for my future classes.

 

I sent a formal apology for Peter Van Eeckhoutte (https://twitter.com/corelanc0d3r), someone I truly respect for his technical ability and his friendship because someone contacted asking if this blog post was  about him. I can assure you that Peter has the utmost of integrity, honor, and professionalism. He has absolutely nothing to do with all of this.

If any student of mine in this course or anything other course I’m currently teaching would like a refund – feel free to ask. My integrity is important to me, and any student or client of mine that feels that my integrity is not at the proper level I will gladly refund their money.

Joe

Pentester Night School

Ok, this time I’m doing a night class for a client, and this client has allowed me to make the class public. The primary focus of the class is ‘goal oriented pentesting’, or emulating Advanced Persistent Threat so there will be a lot of focus on Bypassing Anti-Virus, and POST EXPLOITATION (with and without Metasploit).

The network environment is going to be highly fluid, really volatile. Each day the network topology will be changing slightly.

 

Class Outline

Week 1:  Scanning & Exploitation                                                   (1-9 Feb)

  • Dealing with Load Balancers, IPS, and WAF
  • Web Attacks
  • Client-Side Exploitation

Week 2:  BypassingAV                                                                   (10-16 Feb)

  • File Splitting
  • Packing
  • Encoding
  • Shellcode Injection

Week 3: Post Exploitation                                                            (17-23 Feb)

  • Getting Files On/Off System
  • Download and Execute
  • Creating Listeners/Backdoor Services
  • Different Kinds of Reverse Shells
  • Automating Tasks
  • Privilege Escalation
  • Lateral Movement
  • Pass The Hash
  • Host Enumeration
  • Host Data Mining
  • Active Directory Enumeration

Week 4: Your Pentest                                                                    (24-28 Feb)

 

Class Schedule

Monday and Wednesday evenings from 7pm EST to 9:30pm EST via webinar.

 

Network Access

Students will have 24/7 network access from 1 Feb 2013 to 28 Feb 2013.

 

Class Cost

This class has a cost $100 USD. Click HERE to signup.

Exploit Development Workshop

This workshop is for newbies to the world of exploit development. It takes participants from “n00b” to “31337″ – ok just kidding not quite “31337”, but it will help you get comfortable with the subject because you are given the time to actually absorb the material.

Each Saturday in the month of February (2nd, 9th, 16th, and 23rd) from noon to 4pm EST Joe McCray will host a webinar.

Here are some of the topics to look forward to:

Course Outline:

  • Feb 2nd – Stack Overflows (in both Linux and Windows)
  • Feb 9th – Abusing Structured Exception Handlers on Windows
  • Feb 16th – Heap Spray
  • Feb 23rd – ROP Exploits

Each week Joe will host the 4 hour webinar where he will walk through the previous week’s homework exercises, cover the material for the current week, take questions from the students, and provide homework for the upcoming week. The homework that is handed out each week is designed so students can work on and reinforce each week’s lesson.

The cost for this workshop is $100USD – click HERE to register.

Your First CTF

I’ve been getting a lot of people asking me about CTFs lately. I usually point people toward a few resources and tell them that CTFs are fun, but a lot of work. I used to run RootWars.Org, so I hosted a lot of hacking competitions back in the day. I was asked to host a CTF a few times and I kept going back and forth about it because they are just so much frigging work I would shy away from it.

The best thing about CTFs is also the worst thing about them – and that is that they can be all over the place. There are so many ways you can run one ranging from simple wargame servers, to network based exploitation games, to exploit development and reverse engineering challenges. After having several conversations about CTFs over the last month or so I found myself admitting over and over again that participating in CTFs was a HUGE factor in my skill development. It was how I learned Linux, it was how I learned packet analysis and intrusion detection – and to be honest – it was fun! I loved participating in CTFs, and I loved running them back then too because I learned so much. I can be honest and use the quote that rookie Frank Hackett says “The truth is…I just got a case of the lazies’ so I was reluctant to do it.

I have a lot of newbies I work with now – I call them the Security Rookies. A lot of them are interested in being involved in a CTF.

Sigh…Man what the hell….who needs sleep? Let’z do da damn thang!

I decided to setup a CTF for newbies – I’m calling it ‘Your First CTF’, it’s a CTF that starts with a month of training you up for the CTF and then finally participating in it. There will be tons of challenges ranging from simple Windows/Linux security tasks, to host-based exploitation (both with and without Metasploit), some malware analysis, some reverse engineering tasks, and some exploit development.

From October 22nd – November 11th I’ll provide you with access to the Strategic Sec lab network that will be full of challenges with explanations and step-by-step walkthroughs for each challenge. On the 22nd of October and each Saturday between October 22nd – November 11th I will release a video walk-through with me detailing how to solve each challenge and how it or something like it can be a ‘gotcha‘ in a CTF.

The actual CTF will be hosted from November 19th – 25th. It’ll be a team based CTF, and I’ll use the month that the training is being held to break people up into teams. We’ll allow participants to pick their own teams, and unpicked participants will be grouped into individual teams.

The cost of the event is $50 for the training, $50 to participate in the CTF, or $75 to do both.

You can click here to purchase the $50 training for the CTF.

You can click here to purchase your participant slot in the CTF for $50.

You  can click here to purchase the training and the CTF participant slot for $75.

Other relevant info:

  • You should receive a confirmation of your purchase within 1 business day of purchase. Be sure to check your spam folder for this confirmation email. If you do not receive the email by the 2nd day please email me at joe<at>strategicsec.com with your Paypal confirmation number.
  • On the 22nd of October you will receive your network login information via email. Be sure to check your spam folder for this email as well, and if you don’t receive it please email me at joe<at>strategicsec.com with your Paypal confirmation number.
  • Each member of the winning team will be given a FREE Strategic Security class of their choice.
  • I’ll be providing more info to participants as they register….right now – it’s time to get to work building the CTF network.

 

If you are interested in running your own CTF – these are some good documents that cover what CTFs are all about:

https://www.calpolyswift.org/wp-content/uploads/2011/11/ctf_presen.pdf

http://6dev.net/talk/pses-2012/pses_ctf_debriefings_en.pdf

http://cisr.nps.edu/events/downloads/WECS6/wecs6_ch04.pdf

http://openctf.com/dox/oCTF6_whitepaper.pdf

 

This was the first CTF I ever participated in (this is a really good write-up):

http://www.nxnw.org/~steve/papers/discex3_autonomix_defcon.pdf

 

This is a really good write-up detailing how to run a CTF, network topology, vulnerable services/apps, and more importantly and setup a scoring system for it:

http://theccgroup.org/carolinacon/ctf/presentation/HowTo0wnCaptureTheFlag.pdf

 

 

Exploit Development For Mere Mortals

I’m going to be hosting a FREE online workshop on exploit development called “Exploit Development For Mere Mortals” on September 13th, 2012 from 1-3pm EST.  The workshop is designed for people that have an interest in exploit development and need to be pointed in the right direction to get started. No this is not some exploit development ninja workshop – you won’t be selling 0-days after attending.

However, you will learn everything you need to get up and running. I’ll be answering a lot of common beginner questions and showing how basic exploitation works.

Common Questions I’ll be addressing:

  • What programming languages you need to know?
  • What are the best ways to learn these languages?
  • What tools do you need?
  • Which tools should you start with first?
  • What references you use to get started and more importantly what to avoid?

 

Exploit Techniques I’ll be covering:

  • Exploiting Stack Overflows
  • Exploiting Structured Exception Handlers
  • Heap Sprays
  • ROP Exploits and Stack Pivots

Space is limited.
Reserve your Webinar seat now at:
https://www3.gotomeeting.com/register/576658462

Malware Analysis Workshop

I’m doing a Malware Analysis workshop on Aug 25th from noon to 4pm EST for a customer and the customer has given me permission to make the workshop public.

 

I’ll be covering:

  • Analyzing network traffic pcaps
  • Memory analysis
  • Analyzing malicious PDFs
  • Dealing with packers
  • Dealing with javascript obfuscation

Like the every workshop I do this one is also designed to be a lab style of class.

Students will be given a VMware image with the malware all of the analysis tools preloaded to download and use for the workshop.

Along with the VMware image students will be given a lab manual that walks them through the various analysis steps.

The workshop will be LIVE via GotoWebinar again, and I will be walking the students through the various labs, and answering student questions.

Basic Info:

  • The workshop will be held on Saturday the 25th of August, 2012 from 12 noon EST to 4 pm EST at a cost of $50 USD
  • The VM and lab manual will be made available for download on the 20th of August at noon EST
  • The VM will also contain several samples of live malware so students can practice on other malware samples.
  • You should receive a confirmation email within 4 hours of registering for the workshop (be sure to check your spam folder)
  • Workshop attendees will get a 10% discount on the Advanced Malware Analysis course taught by Joe McCray

Click HERE to register for this workshop.

Hacking In Paradise Giveaway

Strategic Security is giving away three (3) free seats to Hacking In Paradise – The Bahamas 2012.
If you complete all of the activities, you will receive 2 additional bonus points on
top of what you already accumulated (you can do as many activities as you want everyday – good luck).

After you complete your tasks, send an email to joe(at)strategicsec(dot)com with
publicly viewable links to the completed activities.

Here are the entry activities:

- Tweet about this giveaway (3 points)
- Follow @j0emccray on twitter (1 point)
- Follow @strategicsec on twitter (1 point)
- Friend j0emccray on facebook [facebook.com/j0emccray] (1 point)
- Add gplus.to/j0emccray to one of your circles on Google+ (1 point)
- Like this page on facebook (1 point)
- +1 this Hacking in Paradise page on Google+ (1 point)
- Blog about this class (3 points)
- Google+ post about this class (3 points)
-
a Rafflecopter giveaway

HOME menu separator Strategic Security Difference menu separator Services menu separator Videos menu separator Blog menu separator Tools menu separator Contact Us