RomHack Training

RomHack Training 2024

RomHack Trainings will take place from Tue, 24 to Fri, 27 September 2024 at Polo Didattico, a facility located within a historic palace in the picturesque Roman neighborhood  Garbatella. Students will be welcome into spacious, well-equipped classrooms to ensure the best educational experience. Lunch and coffee breaks will be provided within the training facilities where students will have the opportunity to relax on the rooftop terrace during breaks.

Steven Seeley

Full Stack Web Attack

This is an advanced training designed to push you beyond what you thought was possible and set you on the path to develop your own workflow for offensive zero-day web research. Each of the vulnerabilities presented have either been mirrored from real zero-day or are n-day vulnerabilities that have been discovered by the author with a focus on not just exploitation, but also on the discovery. It teaches how to exploit web technologies without client interaction for maximum impact, i.e. remote code execution.

[ The training is CONFIRMED ]

24-27 Sep. 2024

9:00 - 18:00

research & exploit
web vulnerabilities

developers
bug hunters / pentesters

slides/workbook
laboratories (VM)

About the author
Trainer Picture

Steven Seeley is a world-renowned security researcher who has over a decade of experience in application security. He has been credited with finding over 1500 high impact security vulnerabilities affecting vendors such as Microsoft, VMWare, Apple, Adobe, Cisco and many others. In 2020, Steven teamed up with Chris Anastasio competing in Pwn2Own Miami – winning the Master of Pwn title. In 2021, Steven reached 12th position on the MSRC top 100 Vulnerability Researchers list.

€ 4.000,00

Richard Johnson

Advanced Fuzzing and Crash Analysis

This class is designed to introduce students to the best tools and technology available for automating vulnerability discovery and crash triage with a focus on delivering a practical approach to applying this technology in real deployments. Through an applied understanding of introductory program analysis and binary translation, techniques for finding various bug classes and methods for improved crash debugging will be discussed. We will take a deep dive into fuzzing, covering all aspects of this practical approach to finding bugs.

24-27 sep. 2024

9:00 - 18:00

fuzzing & exploit
binaries

developers
bug hunters / pentesters

slides/workbook
laboratories (VM)

About the author
Trainer Picture

Richard Johnson is a computer security specialist with a focus on software vulnerability analysis. Currently Principal Security Researcher at FUZZING IO, a research and development company offering professional training and consulting services, Richard offers over 18 years of professional expertise and leadership in the information security industry including past positions as Director of Security Research at Oracle Cloud Infrastructure and Research Lead roles at Cisco Talos and Microsoft. Published research papers focus on the development of advanced fuzzing and crash analysis technologies facilitating the automation of the vulnerability triage and discovery process. Richard has delivered training and presented annually at top-tier industry conferences worldwide for over 15 years and is an invited speaker and trainer at several leading events. Richard was also co-founder of the Uninformed Journal and was on program committees for the USENIX Workshop on Offensive Technologies, Recon, and Toorcon.

€ 4.000,00

Silvio La Porta & Antonio Villani

EDR: The Great Escape

The training provides a comprehensive understanding of the architecture of modern EDRs and their underlying Antivirus (AV) systems. It equips security professionals with a deep understanding of modern EDRs and their AV systems, enabling them to better simulate advanced threat scenarios, improve their evasion detection skills, and contribute to the overall enhancement of security within enterprise networks. The training is designed from an attacker’s point of view, teaching red-teams how to make their implants stealthier, but it will also teach defenders how to deal with the anti-reversing and the OPSEC techniques demonstrated in class.

[ The training is CONFIRMED ]

24-27 Sep. 2024

9:00 - 18:00

antivirus/EDR
bypass

red/blue teamers
bug hunters / pentesters

slides/workbook
laboratories (VM)

About the author
Trainer Picture

Dr. Silvio La Porta is CEO and Co-Founder at RETooling defining and developing Threat Actor emulation platform enabling red team to recreate a realistic attack scenario. Previously he was a Senior Cyber Security Architect designing security products and researching advanced detection technology for complex malware/APT. Silvio previously was a lead research scientist with EMC Research Europe based in the Centre of Excellence in Cork, Ireland. His primary research focus areas were real-time network monitoring and data analysis in smart grids to detect malware activity in SCADA systems and corporate networks. He was also leading Security Service Level Agreement (Sec-SLA) and end user security/privacy protected data store projects for hybrid Cloud environments. He is a frequent speaker in professional and industry conferences. Before joining EMC, Silvio worked as a Malware Reverse Engineer in Symantec’s Security Response team in Dublin, Ireland. Silvio holds a PhD in Computer Network Security from the University of Pisa, Italy.

Dr. Antonio Villani is Co-Founder at RETooling and spent the past years analyzing high level implants for top tier customers, providing detailed implementation information to support cyber-defense and cyber threat intelligence teams. Now, he uses his experience in the reverse-engineering of multi-stage implants re-implementing it to improve RETooling attack emulation products. As a researcher he published in top tier conferences and journals and he participated in European research projects in the field of cyber resilience and data security. During its PhD he also worked in the field of malware research and digital forensic.

€ 4.000,00

Pedro Ribeiro & Radek Domanski

Hunting Zero-Days In Embedded Devices

Hands-on training course that teaches students how to find and exploit vulnerabilities in embedded devices such as routers, cameras, industrial devices, televisions, microcontrollers, automotive, etc. The course will go in depth into several classes of vulnerabilities, with practical exercises on real and emulated devices of different CPU architectures. Each vulnerability class will be described, studied and then exploited in a variety of different ways. This course aims to bridge the gap between hardware hacking and exploitation, giving students the necessary knowledge they need to become product security experts.

[ The training is CONFIRMED ]

24-27 Sep. 2024

9:00 - 18:00

hacking
hardware devices

developers
bug hunters / pentesters

slides/workbook
laboratories (VM)

About the author
Trainer Picture

Pedro Ribeiro is a vulnerability researcher and reverse engineer with over 10 years of commercial experience. Pedro has found and exploited hundreds of vulnerabilities in software and hardware products. He has over 150 CVE ID’s attributed to his name (most of which related to remote code execution vulnerabilities) and has authored over 60 Metasploit modules that have been released publicly. Besides his vulnerability research activities, he is the founder and director of a penetration testing and reverse engineering consultancy based in London (Agile Information Security), with a variety of clients worldwide. More information about Pedro’s publicly disclosed vulnerabilities can be found at https://github.com/pedrib/PoC

Radek Domanski started his professional career 12 years ago securing large networks and systems and transitioned afterwards into offensive security. He worked on high profile projects within the largest Internet Service Provider in Europe and in the research center of one of the world’s largest telecommunications equipment companies. Radek found a number of critical vulnerabilities in real products and systems that are used by millions of users worldwide. Throughout the years of working on offensive product security Radek developed a unique methodology and honed his skills of vulnerability hunting. At the moment Radek is focusing on hardware, automotive hacking, exploitation and reverse engineering of embedded systems.

€ 4.000,00

Andrey Konovalov

Exploiting the Linux Kernel

This training guides researchers through the field of Linux kernel exploitation. In a series of practical labs, the training explores the process of exploiting kernel bugs in a modern Linux distribution on the x86-64 architecture. The training starts with beginner topics but proceeds into advanced areas as well. The beginner chapters include learning how to escalate privileges and bypass foundational mitigations in x86-64 kernels. The advanced chapters are primarily dedicated to the modern slab (heap) exploitation techniques and include an in-depth analysis of the kernel allocators’ internals.

[ The training is CONFIRMED ]

24-27 sep. 2024

9:00 - 18:00

exploiting
linux kernel

developers
bug hunters / pentesters

slides/workbook
laboratories (VM)

About the author
Trainer Picture

Andrey Konovalov is a security researcher focusing on the Linux kernel.

Andrey found multiple zero-day bugs in the Linux kernel and published proof-of-concept exploits for these bugs to demonstrate the impact. Andrey contributed to several security-related Linux kernel subsystems and tools: KASAN — a fast dynamic bug detector; syzkaller — a production-grade kernel fuzzer; and Arm Memory Tagging Extension (MTE) — an exploit mitigation.

Andrey spoke at security conferences such as OffensiveCon, Android Security Symposium, Linux Security Summit, LinuxCon, and PHDays. Andrey also maintains a collection of Linux kernel security–related materials and a channel on Linux kernel security.

See xairy.io for all of Andrey’s articles, talks, and projects.

€ 4.000,00
See the photos and feedback received from RomHack Training 2023 students (42 in total for 3 trainings).