Christchurch Hacker Con Training Day 2024

Choose your tickets

1. Thu 21st Nov ICS / OT Cyber Security Crash Course 8am-5pm Training Only ticket

   Ticket for Training only! Learn the foundational and basics of Operational Technology (OT) / Industrial Control System (ICS) Cyber Security. Understand the differences between an Infosec / Information Technology and OT / ICS, why some of the traditional security controls and countermeasures can increase organisational risk rather than decrease it. This training will also explain some alternative approaches to mitigate risks associated with critical infrastructure, if you work in an environment that has OT or ICS, or are curious to know more about securing these environments this is a great first step. This crash course covers foundational and basic information on what is ICS and OT, how to understand their functions and why they require a unique approach to security controls and countermeasures. Aside from the theory required, there will be some exercises on Ladder Logic, Purdue Model, and effective countermeasures. Finally, at the end of the day, there will be a demonstration using SCADA and PLC software.

   Ticket for Training only! Learn the foundational and basics of Operational Technology (OT) / Industrial Control System (ICS) Cyber Security. Understand the differences between an Infosec / Information Technology and OT / ICS, why some of the traditional security controls and countermeasures can increase organisational risk rather than decrease it. This training will also explain some alternative approaches to mitigate risks associated with critical infrastructure, if you work in an environment that has OT or ICS, or are curious to know more about securing these environments this is a great first step. This crash course covers foundational and basic information on what is ICS and OT, how to understand their functions and why they require a unique approach to security controls and countermeasures. Aside from the theory required, there will be some exercises on Ladder Logic, Purdue Model, and effective countermeasures. Finally, at the end of the day, there will be a demonstration using SCADA and PLC software.

   $149.99 + $9.19 fee

   Sold out

2. Thu 21st Nov Incident Response 101 8am-12pm Training Only ticket

   Training only ticket! With Cybersecurity incidents becoming more prevalent across the globe, it is now a matter of when not if something will occur. Our training will help you understand the phases that are normally part of an incident and what role you would likely need to play according to your organisation's response plan (you know where yours is and test it regularly right?). Equip yourself with the knowledge you need to help reduce the impact of a cyberattack. The training session covers a simulated fictitious incident where teams need to work together to resolve the incident as quickly as possible. This provides participants the opportunity to gain first-hand experience of key concepts in an incident, with multiple repetitions through it to help to solidify core concepts. The training prepares teams with the foundational knowledge of how people may respond under pressure, setting the groundwork for a common language and understanding before moving to more advanced exercises (e.g. tabletop exercises, purple teaming). It also covers each phase of the NIST Incident Response Lifecycle.

   Training only ticket! With Cybersecurity incidents becoming more prevalent across the globe, it is now a matter of when not if something will occur. Our training will help you understand the phases that are normally part of an incident and what role you would likely need to play according to your organisation's response plan (you know where yours is and test it regularly right?). Equip yourself with the knowledge you need to help reduce the impact of a cyberattack. The training session covers a simulated fictitious incident where teams need to work together to resolve the incident as quickly as possible. This provides participants the opportunity to gain first-hand experience of key concepts in an incident, with multiple repetitions through it to help to solidify core concepts. The training prepares teams with the foundational knowledge of how people may respond under pressure, setting the groundwork for a common language and understanding before moving to more advanced exercises (e.g. tabletop exercises, purple teaming). It also covers each phase of the NIST Incident Response Lifecycle.

   $75.00 + $4.88 fee

   Sold out

3. Thu 21st Nov An introduction to web application security through Python 1pm-5pm Training Only ticket

   Training only ticket! As an introduction to web application security through Python, this training session aims to give attendees the tools to understand the most common security vulnerabilities faced by web applications as well as how to fix them. This training aims to introduce attendees to common web application vulnerabilities through a hands on format. This workshop will use a vulnerable Flask website to demonstrate various vulnerabilities from the OWASP top 10 and other common vulnerabilities I've found through my career. For each vulnerability covered, it will be laid out in roughly the following format: - An introduction to the issue at a high level. This will cover things such as what the issue is, potential impact to applications and how to test for it in your own applications. - Hands on hacking where each attendee will attempt to exploit the issue in the vulnerable Flask application, experienced helpers will be on hand to help walk you through exploiting each issue. Time permitting, we will also aim to complete the following steps for each issue: - After exploiting the issue, we will discuss mitigating steps and ways to fix this in your applications. - Attendees can then fix the issue on a local version of the vulnerable site and verify their fix, with experienced helpers on hand to assist with this step. This workshop will also introduce attendees to various tooling for both exploiting vulnerabilities as well as Python tooling to help prevent the vulnerabilities in the first place. Participants will require the following: - The ability to provide a laptop to use throughout the workshop. - The ability to run BurpSuite Community Edition. This is free and we will teach the users the required knowledge for how it will be used in the workshop on the day. - An internet connection to receive the lab files. A requirements file and source code will be provided on the day.

   Training only ticket! As an introduction to web application security through Python, this training session aims to give attendees the tools to understand the most common security vulnerabilities faced by web applications as well as how to fix them. This training aims to introduce attendees to common web application vulnerabilities through a hands on format. This workshop will use a vulnerable Flask website to demonstrate various vulnerabilities from the OWASP top 10 and other common vulnerabilities I've found through my career. For each vulnerability covered, it will be laid out in roughly the following format: - An introduction to the issue at a high level. This will cover things such as what the issue is, potential impact to applications and how to test for it in your own applications. - Hands on hacking where each attendee will attempt to exploit the issue in the vulnerable Flask application, experienced helpers will be on hand to help walk you through exploiting each issue. Time permitting, we will also aim to complete the following steps for each issue: - After exploiting the issue, we will discuss mitigating steps and ways to fix this in your applications. - Attendees can then fix the issue on a local version of the vulnerable site and verify their fix, with experienced helpers on hand to assist with this step. This workshop will also introduce attendees to various tooling for both exploiting vulnerabilities as well as Python tooling to help prevent the vulnerabilities in the first place. Participants will require the following: - The ability to provide a laptop to use throughout the workshop. - The ability to run BurpSuite Community Edition. This is free and we will teach the users the required knowledge for how it will be used in the workshop on the day. - An internet connection to receive the lab files. A requirements file and source code will be provided on the day.

   $75.00 + $4.88 fee

   Sold out

4. Thu 21st Nov WiFi - Novice to Professional 8am-12pm Training Only ticket

   Training ticket only! Embark on a journey into the heart of WiFi technology with our dynamic training program. Delve into the core principles while keeping pace with the latest advancements in the field. This immersive experience isn't just about theory; it's about hands-on learning. Navigate through virtual wireless arenas, applying newfound skills in real-world exercises. From tackling personal networks to infiltrating enterprise setups, this training equips you to handle diverse challenges. Explore both fortified and vulnerable configurations, honing your expertise in thwarting attacks. And with a focus on the cutting-edge WPA3 standard, you'll be prepared for the newest frontiers of WiFi security.

   Training ticket only! Embark on a journey into the heart of WiFi technology with our dynamic training program. Delve into the core principles while keeping pace with the latest advancements in the field. This immersive experience isn't just about theory; it's about hands-on learning. Navigate through virtual wireless arenas, applying newfound skills in real-world exercises. From tackling personal networks to infiltrating enterprise setups, this training equips you to handle diverse challenges. Explore both fortified and vulnerable configurations, honing your expertise in thwarting attacks. And with a focus on the cutting-edge WPA3 standard, you'll be prepared for the newest frontiers of WiFi security.

   $75.00 + $4.88 fee

   Sold out

5. Thu 21st Nov REV.ENG.E₂ 1pm-5pm Training Only ticket

   Training only ticket! Reverse Engineering for Education/Entertainment provides an introduction to analysing code, bytecode, and application binaries. This session will cover: * The use and abuse of common developer tools * Live debugging techniques * Fantastic tools and where to find them

   Training only ticket! Reverse Engineering for Education/Entertainment provides an introduction to analysing code, bytecode, and application binaries. This session will cover: * The use and abuse of common developer tools * Live debugging techniques * Fantastic tools and where to find them

   $75.00 + $4.88 fee

   Sold out

6. Thu 21st Nov ICS / OT Cyber Security Crash Course 8am-5pm Training and Conference Nov 22-23 Combo ticket

   Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. Learn the foundational and basics of Operational Technology (OT) / Industrial Control System (ICS) Cyber Security. Understand the differences between an Infosec / Information Technology and OT / ICS, why some of the traditional security controls and countermeasures can increase organisational risk rather than decrease it. This training will also explain some alternative approaches to mitigate risks associated with critical infrastructure, if you work in an environment that has OT or ICS, or are curious to know more about securing these environments this is a great first step. This crash course covers foundational and basic information on what is ICS and OT, how to understand their functions and why they require a unique approach to security controls and countermeasures. Aside from the theory required, there will be some exercises on Ladder Logic, Purdue Model, and effective countermeasures. Finally, at the end of the day, there will be a demonstration using SCADA and PLC software.

   Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. Learn the foundational and basics of Operational Technology (OT) / Industrial Control System (ICS) Cyber Security. Understand the differences between an Infosec / Information Technology and OT / ICS, why some of the traditional security controls and countermeasures can increase organisational risk rather than decrease it. This training will also explain some alternative approaches to mitigate risks associated with critical infrastructure, if you work in an environment that has OT or ICS, or are curious to know more about securing these environments this is a great first step. This crash course covers foundational and basic information on what is ICS and OT, how to understand their functions and why they require a unique approach to security controls and countermeasures. Aside from the theory required, there will be some exercises on Ladder Logic, Purdue Model, and effective countermeasures. Finally, at the end of the day, there will be a demonstration using SCADA and PLC software.

   $264.99 + $15.80 fee

   Sold out

7. Thu 21st Nov Incident Response 101 8am-12pm Training and Conference Nov 22-23 Combo ticket

   Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. With Cybersecurity incidents becoming more prevalent across the globe, it is now a matter of when not if something will occur. Our training will help you understand the phases that are normally part of an incident and what role you would likely need to play according to your organisation's response plan (you know where yours is and test it regularly right?). Equip yourself with the knowledge you need to help reduce the impact of a cyberattack. The training session covers a simulated fictitious incident where teams need to work together to resolve the incident as quickly as possible. This provides participants the opportunity to gain first-hand experience of key concepts in an incident, with multiple repetitions through it to help to solidify core concepts. The training prepares teams with the foundational knowledge of how people may respond under pressure, setting the groundwork for a common language and understanding before moving to more advanced exercises (e.g. tabletop exercises, purple teaming). It also covers each phase of the NIST Incident Response Lifecycle.

   Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. With Cybersecurity incidents becoming more prevalent across the globe, it is now a matter of when not if something will occur. Our training will help you understand the phases that are normally part of an incident and what role you would likely need to play according to your organisation's response plan (you know where yours is and test it regularly right?). Equip yourself with the knowledge you need to help reduce the impact of a cyberattack. The training session covers a simulated fictitious incident where teams need to work together to resolve the incident as quickly as possible. This provides participants the opportunity to gain first-hand experience of key concepts in an incident, with multiple repetitions through it to help to solidify core concepts. The training prepares teams with the foundational knowledge of how people may respond under pressure, setting the groundwork for a common language and understanding before moving to more advanced exercises (e.g. tabletop exercises, purple teaming). It also covers each phase of the NIST Incident Response Lifecycle.

   $190.00 + $11.49 fee

   Sold out

8. Thu 21st Nov An introduction to web application security through Python 1pm-5pm Training and Conference Nov 22-23 Combo ticket

   Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. As an introduction to web application security through Python, this training session aims to give attendees the tools to understand the most common security vulnerabilities faced by web applications as well as how to fix them. This training aims to introduce attendees to common web application vulnerabilities through a hands on format. This workshop will use a vulnerable Flask website to demonstrate various vulnerabilities from the OWASP top 10 and other common vulnerabilities I've found through my career. For each vulnerability covered, it will be laid out in roughly the following format: - An introduction to the issue at a high level. This will cover things such as what the issue is, potential impact to applications and how to test for it in your own applications. - Hands on hacking where each attendee will attempt to exploit the issue in the vulnerable Flask application, experienced helpers will be on hand to help walk you through exploiting each issue. Time permitting, we will also aim to complete the following steps for each issue: - After exploiting the issue, we will discuss mitigating steps and ways to fix this in your applications. - Attendees can then fix the issue on a local version of the vulnerable site and verify their fix, with experienced helpers on hand to assist with this step. This workshop will also introduce attendees to various tooling for both exploiting vulnerabilities as well as Python tooling to help prevent the vulnerabilities in the first place. Participants will require the following: - The ability to provide a laptop to use throughout the workshop. - The ability to run BurpSuite Community Edition. This is free and we will teach the users the required knowledge for how it will be used in the workshop on the day. - An internet connection to receive the lab files. A requirements file and source code will be provided on the day.

   Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. As an introduction to web application security through Python, this training session aims to give attendees the tools to understand the most common security vulnerabilities faced by web applications as well as how to fix them. This training aims to introduce attendees to common web application vulnerabilities through a hands on format. This workshop will use a vulnerable Flask website to demonstrate various vulnerabilities from the OWASP top 10 and other common vulnerabilities I've found through my career. For each vulnerability covered, it will be laid out in roughly the following format: - An introduction to the issue at a high level. This will cover things such as what the issue is, potential impact to applications and how to test for it in your own applications. - Hands on hacking where each attendee will attempt to exploit the issue in the vulnerable Flask application, experienced helpers will be on hand to help walk you through exploiting each issue. Time permitting, we will also aim to complete the following steps for each issue: - After exploiting the issue, we will discuss mitigating steps and ways to fix this in your applications. - Attendees can then fix the issue on a local version of the vulnerable site and verify their fix, with experienced helpers on hand to assist with this step. This workshop will also introduce attendees to various tooling for both exploiting vulnerabilities as well as Python tooling to help prevent the vulnerabilities in the first place. Participants will require the following: - The ability to provide a laptop to use throughout the workshop. - The ability to run BurpSuite Community Edition. This is free and we will teach the users the required knowledge for how it will be used in the workshop on the day. - An internet connection to receive the lab files. A requirements file and source code will be provided on the day.

   $190.00 + $11.49 fee

   Sold out

9. Thu 21st Nov WiFi - Novice to Professional 8am-12pm Training and Conference Nov 22-23 Combo ticket

   Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. Embark on a journey into the heart of WiFi technology with our dynamic training program. Delve into the core principles while keeping pace with the latest advancements in the field. This immersive experience isn't just about theory; it's about hands-on learning. Navigate through virtual wireless arenas, applying newfound skills in real-world exercises. From tackling personal networks to infiltrating enterprise setups, this training equips you to handle diverse challenges. Explore both fortified and vulnerable configurations, honing your expertise in thwarting attacks. And with a focus on the cutting-edge WPA3 standard, you'll be prepared for the newest frontiers of WiFi security.

   Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. Embark on a journey into the heart of WiFi technology with our dynamic training program. Delve into the core principles while keeping pace with the latest advancements in the field. This immersive experience isn't just about theory; it's about hands-on learning. Navigate through virtual wireless arenas, applying newfound skills in real-world exercises. From tackling personal networks to infiltrating enterprise setups, this training equips you to handle diverse challenges. Explore both fortified and vulnerable configurations, honing your expertise in thwarting attacks. And with a focus on the cutting-edge WPA3 standard, you'll be prepared for the newest frontiers of WiFi security.

   $190.00 + $11.49 fee

   Sold out

10. Thu 21st Nov REV.ENG.E₂ 1pm-5pm Training and Conference Nov 22-23 Combo ticket

    Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. Reverse Engineering for Education/Entertainment provides an introduction to analysing code, bytecode, and application binaries. This session will cover: * The use and abuse of common developer tools * Live debugging techniques * Fantastic tools and where to find them

    Training and Conference ticket! An access code for your conference ticket will be sent to your email and you will be able to use that once tickets are on sale. Reverse Engineering for Education/Entertainment provides an introduction to analysing code, bytecode, and application binaries. This session will cover: * The use and abuse of common developer tools * Live debugging techniques * Fantastic tools and where to find them

    $190.00 + $11.49 fee

    Sold out