Black Hat USA Training 2006
Caesars Palace Las Vegas • July 29-30

Hacking By Numbers 'Field Engineering' Edition is a new concept by SensePost. Based on our recent contribution to the 'Penetration Testers Open Source Toolkit'—a Syngress publication—Field Engineering is a course that explores the challenge of writing and using tools for assessments and penetration testing.

Overview:
Field Engineering focuses solely on the writing and using of tools for assessments and penetration testing. The course will teach the basic programming techniques used to derive world-class assessment tools like Wikto and BiDiBLAH, touching on different programming languages on different platforms. The course will also explore the expert use and optimization of various existing tools that are considered best of breed in this space.

HBN Field Engineering is aimed at experienced penetration testers who are interested in honing their skills and mastering the tools that they use.

Prerequisites
SensePost will provide fully configured laptop computers as well as CDs with all the tools and materials used in the course. Students need to ensure they have the necessary level of skill. This course touches on various different programming languages on different platforms and, as such, requires attendees to have some basic programming experience. However, it is thinking-oriented, not really coding-oriented, and would thus be accessible to even the most novice programmer. A solid practical grasp of fundamental penetration testing tools and techniques is also expected. Students without the requisite technical skills are encouraged to consider ‘Cadet Edition’ or ‘Bootcamp Edition’ first.

Context
This course can be done independently of all the other SensePost courses provided that the skills prerequisites are all met. For students wishing to follow the complete series of courses it is suggested that this course be taken after Bootcamp and before Combat Edition.

Who should attend
Field Engineering Edition is a course for technical security professionals. It is expected that people attending this course are most likely to be involved in some form of technical penetration testing for at least some part of their professional time.

Roelof Temmingh is the technical director of SensePost where his primary function is that of external penetration specialist. Roelof is internationally recognized for his skills in the assessment of web servers. He has written various pieces of PERL code as proof of concept for known vulnerabilities, and coded the world-first anti-IDS web proxy "Pudding". He has spoken at many International Conferences and in the past year alone has been a keynote speaker at SummerCon (Holland) and a speaker at the Black Hat Briefings (New Orleans). Roelof drinks tea and smokes Camels.

Haroon Meer is currently SensePost's director of Development (and coffee drinking). He specializes in the research and development of new tools and techniques for network penetration and has released several tools, utilities and white-papers to the security community. He has been a guest speaker at many Security forums including the Black Hat Briefings. Haroon doesn't drink tea or smoke camels.

Charl van der Walt is a founding member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish.