44CONnect June 2019

44CONnect is an invite-only event taking place on the 6th of June, somewhere in London. The purpose of the day is to bring together people attending 44CON training, so they can connect with trainers and people on different courses. It’s our way of giving people who’ve attended our courses the chance to get a taste of upcoming training, and the opportunity to get some extra credit to take back to the office.

This time, 44CONnect will be an evening event, with talks, food and drinks. Training attendees will have food provided and we’ll have a small bar tab. Continue reading “44CONnect June 2019” →

September 2019 Training: What To Expect

Tickets for September training courses are now on sale in the shop. There are 9 courses to choose from so we thought we’d give you a quick run down in one place. Don’t forget we still have seats available for our June 6th/7th courses.

We’ll run a 44CONnect event on the evening of the 10th of September, to which all training attendees are invited. Training delegates also receive a substantial discount on conference tickets. Continue reading “September 2019 Training: What To Expect” →

Win CRESTCon 2019 Tickets!

We’ve teamed up with CREST to give everyone the opportunity to win one of 5 (count ’em) CRESTCon 2019 tickets, worth £175 each. If you’ve never been, now’s your chance. If you’ve been before but don’t have a ticket, now’s your chance too! Continue reading “Win CRESTCon 2019 Tickets!” →

44CONnect – A 1-day invite-only event in March 2019

44CONnect is a 1-day invite-only event taking place on the 13th of March, somewhere in London. The purpose of the day is to bring together people doing 44CON training, so they can connect with trainers and people on different courses. It’s our way of giving people who’ve attended our courses the chance to get a taste of upcoming training, and the opportunity to get some extra credit to take back to the office.

To qualify for an invite, you need to have done one of the following:

Booked a seat on Rory McCune’s Mastering Container Security course
Booked a seat on Joxean Koret’s Malware Reverse Engineering course
Booked an early-bird 44CON 2019 ticket once they’re on sale, and be randomly* selected

There are 20 tickets available, so make sure you qualify!

Our trainers from the last two days of training will deliver talks, as well as some of those delivering courses later this year. All of our training course delegates are invited, for whom lunch will be included. Early bird ticket holders invited to the event will have to buy their own lunch, as we can’t book it for them in advance.

There’ll be a special round of lightning talks for training delegates to deliver a short talk about something they learned on their course. Those speaking will get a small certificate of thanks that they can take back to the office.

Drinks have been organised for the evening, but we need to be in bed early for CRESTCon the next day.

*Early-bird ticket holders will be chosen at random throughout February, although unsubstantiated rumours abound that asking for an invite on your ticket order may drastically improve your chances…

44CON Training Goes Quarterly

We’ve offered training courses around 44CON for a long time. We provide a mix of high-end focused course on everything from exploiting Windows Kernel bugs to broader, more generalist courses on web application security and security monitoring. From this year onwards, we’re expanding this to a quarterly schedule.

That’s right, you no longer have to wait a year to sit a high quality training course!

Our 12 month schedule is available here, and you can check out our first courses scheduled for the 11th and 12th of March 2019:

Mastering Container Security – Rory McCune, NCC Group
Malware Reverse Engineering – Joxean Koret

Both courses are two-days long and cost £1300 inc. VAT. When you book online remember to keep the 13th of March free for access to an exclusive, invite-only event.

If you’d like to offer a high-end course in London, get in touch.

Network Forensics: A blog post by Erik Hjelmvik

I have learned a lot about how to track malware and attackers in network traffic while developing and improving the network forensics tool NetworkMiner throughout the past 10 years. The primary purpose of NetworkMiner has always been to help incident responders and forensic investigators to do their job more efficiently. Even though NetworkMiner is my favourite tool for analysing PCAP files I’m still a regular user of other tools such as Wireshark, tshark, tcpdump, Argus, ngrep, tcpflow and of course CapLoader. However, incident response and forensic work is much more than just knowing what tools to use. It is more about knowing what data to analyze and why.

I will teach several of my favourite techniques for analysing intrusions, tracking criminals and doing threat hunting at the Network Forensics Training at 44CON. The participants will learn how to investigate intrusions and find forensic artefacts in a dataset of several gigabytes of captured network traffic. The training primarily focuses on practical analysis techniques for finding and tracing malicious actors, which involves a great deal of hands-on practice with finding evil in PCAP data.

The first day of training focuses on analysis using only open source tools. The second day primarily covers training on the commercial software from Netresec, i.e. NetworkMiner Professional and CapLoader. All students enrolling in the class will get a full 6 month license for both these commercial tools. This training is not only a unique opportunity to learn how to use NetworkMiner and CapLoader directly from the guy who develops them, it is also a great excuse to spend two full days playing around with PCAP files.

You can find more details about the training here.

Part 1 – Proof of Concept