Security Masters Dojo
Instructors/Sensei
Dave Aitel
Dave Aitel is CEO and founder of Immunity Inc., and his past includes stints at @Stake, and the National Security Agency. As a long-time security researcher Dave has a long and visionary history of warning the industry about major security vulnerabilities. Dave is recognized world authority on attack techniques, and is the author of many famous tools including SPIKE, Spike proxy, and sharefuzz. He is co-author of two books ("The Hacker's Handbook" from Aurbach Press and "The Shellcoder's Handbook" from John Wiley and Sons) and is a frequent presenter of technical papers at conferences.
Philippe Biondi
Mastering the network with Scapy
Philippe Biondi is a research engineer and security expert working at the IT security lab of EADS Corporate Research Center. He is a member of the French Honeynet Project. He was co-author of LIDS. He is the author of Scapy and Shellforge and a lot of other tools. His Scapy tutorial at CanSecWest/core05 was rated one of the best talks of the conference by attendees.
Cédric Blancher
Practical 802.11 WiFi (In)Security
Cédric has spent the last 5 years working in network security field, performing audits and penetration tests. In 2004, he joined EADS Corporate Research Center in France to work on R&D within the network security field, including a focus on wireless links. He is an active member of Rstack team and French Honeynet Project with studies on honeynet containment, honeypot farms and network traffic analysis. He also has delivered technical presentations (Eurosec, SSTIC, Cansecwest, Recon, Syscan, etc.) and written research papers and magazine articles (MISC, SSTIC, etc.) about network security. Cédric's website : http://sid.rstack.org/
Yen-ming Chen
Ultimate Web Hacking
Yen-Ming is a Director of Consulting at Foundstone for the Northwest region. He leads consultants to provide security consulting services to enterprise clients. He specializes in security assessment for software and service systems. Yen-Ming established first Foundstone oversea branch in Singapore and brought Foundstone's product, professional service and education to Asia Pacific market. He also opened new markets in Southeast Asia, Saudi Arabia and China. Yen-Ming has published articles in magazines in the U.S. and Asia. He is a frequent speaker for security conferences in Asia Pacific, Japan, U.S. and Europe. He is also a contributing author for Hacking Exposed, 3rd ed., Hacking Exposed for Web Application, Windows XP Professional Security and HackNotes: Web Application Security.
Prior to joining Foundstone, Yen-Ming worked as a researcher in the CyberSecurity Center at Carnegie Mellon University. He also participated in 'Snort', a lightweight network intrusion detection system by writing several Perl and PHP scripts for intrusion data analysis, and he has also created the first Snort sensor on a single floppy image of PicoBSD. His master thesis researched the survivability of banking and finance information infrastructures under the Survivability program in CERT.
Yen-Ming holds a B.S. of Mathematics from National Central University in Taiwan, and an M.S. of Information Networking from Carnegie Mellon University. He passed CISSP and MCSE in 2001.
Renaud Deraison
Network Vulnerability Scanning: Turning Nessus into Metasploit
Renaud is the Chief Research Officer at Tenable Network Security. Founder and the primary author of the open-source Nessus vulnerability scanner project. He has worked for SolSoft, and founded his own computing security consulting company, 'Nessus Consulting S.A.R.L.' Nessus detects network vulnerabilities and is in use at more than 50,000 worldwide organizations. Under Renaud's leadership, the Nessus project has won numerous awards, including the 2002 Network Computing 'Well Connected' award and PC Magazine's 2003 'Open Source Product of the Year' award. Mr. Deraison also is an editorial board member of the Common Vulnerabilities and Exposures Organization, has presented at a variety of security conferences and has had his work published in several magazines and books.
Maximillian Dornseif
Maximillian Dornseif has studied laws and computer science at the University of Bonn, Germany where he wrote his PhD Thesis about the "Phenomenology of Cybercrime". He has been doing IT security consulting since the mid nineties and today focuses mostly on penetration-testing. In early 2004 he joined the Laboratory for Dependable Distributed Systems at RWTH Aachen University where he bootstrapped the computer forensics education program and the German honeynet project and the now famous "Summerschool Applied IT-Security". Since Fall 2005 he works as a post-doc researcher at the University of Mannheim. Dornseif is a sought after speaker at international security conferences and has published in the legal and computer science fields on a wide range of topics.
Sinan "noir" Eren
Sinan Eren is a reverse engineer and a casual exploit developer. At Immunity Inc, he performs code/binary audits and exploit development for the CANVAS platform. Architectures and platforms of interest include x86/Win32, Unix on any cpu flavor and popular 3rd party applications (MTAs, HIPS, AV, VPN, Remote Desktop etc.). He recently gave auditing courses for the RPC layer of the Windows OS to several audiences around the USA.
Nico Fischbach
Voice over IP (VoIP) Security
Nico is a Senior Manager, in charge of the European Network Security Engineering team at COLT Telecom, a leading pan-European provider of end-to-end business communications services.
He holds an Engineer degree in Networking and Distributed Computing and is a recognized authority on Service Provider infrastructure security and denial-of-service attacks mitigation.
Nicolas is co-founder of Sécurité.Org a French speaking portal on computer and network security, of eXperts and mystique, an informal security research group and think tank, and of the French chapter of the Honeynet project.
He has presented at numerous technical and security conferences, teaches networking and security courses at various universities and engineering schools, and is a regular contributor to the french security magazine MISC. More details and contact information on his homepage.
Halvar Flake
Reverse Engineering: Rapid Bug Discovery and Input Crafting
Originating in the fields of copy protection and digital rights management, he gravitated more and more towards network security over time as he realized that constructive copy protection is more or le ss fighting windmills. After writing his first few exploits he was hooked and realized that reverse engineering experience is a very handy asset when dealing with COTS software. With extensive experience in reverse engineering, network security, penetration testing, and exploit development, Halvar consults on reverse engineering and is a graduate student of mathematics in Germany.
Fyodor
Network Reconnaissance with Nmap 4
Fyodor authored the popular Nmap Security Scanner, which was named security tool of the year by Linux Journal, Info World, and the Codetalker Digest. It was also featured in the hit movie "Matrix Reloaded" as well as by the BBC, CNet, Wired, Slashdot, Securityfocus, and more. He also maintains the Insecure.Org and Seclists.Or g security resource sites and has authored seminal papers detailing techniques for stealth port scanning, remote operating system detection via TCP/IP stack fingerprinting, version detection, and the IPID Idle Scan. He is a member of the Honeynet project and a co-author of the books "Know Your Enemy: Honeynets" and "Stealing the Network: How to Own a Continent".
Martin Herfurt
Bluetooth Auditing and Technology
Martin Herfurt is the founder of the trifinite.group. He completed his Telecommunications Engineering Degree at the Salzburg University of Applied Sciences and Technologies in 2001. Alongside his study Martin was involved in numerous industry projects, providing him with commercial programming practice. In 2000 Martin followed up his formal study with a four-month internship at the telecommunications institute of TELCOT institute in San Ramon, California, USA. Since the second half of 2000 Martin has been working as a full time researcher at an Austrian Research facility. His project responsibilities there were ranging from the co-ordination of a European IST project with a total budget of over 5 million Euro to software agents development. Together with a colleague, Martin began giving a class on mobile data services at the Salzburg University of Applied Sciences and Technologies in the summer of 2003. In February 2004, Martin discovered a major security loophole in several popular cellphones which is referred to as BlueBug in the media. As part of his fascination with the rapid development in computer programming Martin has become a regular participant in the Chaos Communication Congress which is a yearly meeting of the German hacker association CCC.
Marcel Holtman
Bluetooth Auditing and Technology
Marcel Holtmann is the maintainer and the core developer of the official Linux Bluetooth stack which is called BlueZ. He started working with the Bluetooth technology back in 2001. His work includes new hardware drivers, upper layer protocol implementations and the integration of Bluetooth into other subsystems of the Linux kernel. In January 2004 he overtook the maintainer role from the original developer Max Krasnyansky. Together with Jean Tourrilhes he maintains the OpenOBEX project. He is also responsible for the IrDA and Bluetooth integrations of the Gnokii project.
Thorsten Holz
Advanced Honeypot Tactics
Thorsten Holz is a Ph.D. student at the Laboratory for Dependable Distributed Systems. He is one of the founders of the German Honeynet Project and has extensive background in the area of honeypots and bots/botnets. His research interests include the practical aspects of secure systems, but he is also interested in more theoretical considerations of dependable systems. In addition, he is the editor-in-chief of the German IT-security magazine MISC.
Doug Hoyte
Network Reconnaissance with Nmap 4
Doug is a prolific Nmap developer who authored the asynchronys DNS subsystem and greatly improved the version detection system for Nmap 4.00. He wrote the open source Anti-Web httpd server as well as other projects that he hosts at hcsw.org.
Adam Laurie
Bluetooth Auditing and Technology
Adam Laurie is Chief Security Officer and a Director of The Bunker Secure Hosting Ltd. He started in the computer industry in the late Seventies, working as a computer programmer on PDP-8 and other mini computers, and then on various Unix, Dos and CP/M based micro computers as they emerged in the Eighties. He quickly became interested in the underlying network and data protocols, and moved his attention to those areas and away from programming, starting a data conversion company which rapidly grew to become Europe's largest specialist in that field (A.L. downloading Services). During this period, he successfully disproved the industry lie that music CDs could not be read by computers, and, with help from his brother Ben, wrote the world's first CD ripper, 'CDGRAB'. At this point, he and Ben became interested in the newly emerging concept of 'The Internet', and were involved in various early open source projects, the most well known of which is probably their own'Apache-SSL'which went on to become the de-facto standard secure web server. Since the late Nineties they have focused their attention on security, and have been the authors of various papers exposing flaws in Internet services and/or software, as well as pioneering the concept of re-using military data centres (housed in underground nuclear bunkers - http://www.thebunker.net) as secure hosting facilities. Adam has been a senior member of staff at DEFCON since 1997, and also acted as a member of staff during the early years of the Black Hat Briefings.
Nick Murison
Ultimate Web Hacking
Nick Murison serves as a Senior Security Consultant at Foundstone. He focuses on assessment services, and providing strategic advice on how to resolve inherent security issues. Mainly concentrating on web application security assessments, Nick also provides expertise for other technology and policy assessments. Nick is also a lead instructor for several of Foundstone's public and customized classes. Prior to joining Foundstone, Nick was a researcher for HP's Trusted Systems Lab.
Nick holds a MSc in Information Security from the Information Security Group at Royal Holloway, University of London.
Laurent Oudot
Laurent is a security expert at the Commissariat a l'Energie Atomique in France, which is the equivalent of the US Dept Of Energy. He is an instructor about network and system security in french schools, and has managed numerous security projects for about ten years. He's been doing research on defensive technologies highly closed to blackhats activities like honeypots, IPS/IDS, firewalls, sandboxes, etc. He co-founded the French Honeynet along with Nicolas Fischbach, and is a member of the Steering Committee ot the Honeynet Research Alliance. Laurent is also a frequent contributor to several research papers like Security Focus and MISC magazine, as well as a presenter at computer security and academic conferences like Cansecwest, Pacsec, Black Hat USA-Asia-Europe, Defcon, Hope.
In his spare time, he is a member of a team called RstAck composed of security addicts and geeks. Homepage: http://rstack.org/oudot/
Christopher Owen
The Exploit Laboratory - Advanced Edition
Christopher is an independent consultant hailing from Vancouver, BC, Canada and operating globally. He specializes in security, unix, and networks, yet has a balanced education being classically trained in business at the University of British Columbia.
Personable, approachable, and friendly, Christopher will liven the mood of the classroom while students benefit from his deep understanding of the topics and passion for teaching.
Gerardo 'gera' Richarte
Assembly for Exploit Writing
Gera is widely regarded as one of the world's most brilliant "shellcode ninjas" and responsible for countless innovations in technique. A short look at his famous "Insecure Programming by Example" page at the Insecure Programming site should convince you that he is about 31337 as you get. Gera is one of the technical wizards at Core Security Technologies.
Martin Roesch
Marty is a respected authority on intrusion detection technology and forensics, and today works at Sourcefire where he is the founder and CTO. Martin, who has 17 years industry experience in network security and embedded systems engineering, is also the author and lead developer of the Snort Intrusion Detection System.
Over the past eight years, Martin has developed various network security tools and technologies, including intrusion detection systems, honeypots, network scanners, and policy enforcement systems for organizations such as GTE Internetworking, Stanford Telecommunications, Inc., and the Department of Defense. He has applied his knowledge of network security to penetration testing and network forensics for numerous government and large corporate customers. Martin has been interviewed as an industry expert in multiple technology publications, as well as print and online news services such as MSNBC, Wall Street Journal, CNET, ZDNet, and numerous books. Snort has been featured in Scientific American, on A&E's Secret Places: Inside the FBI, and in several books, such as Network Intrusion Detection: An Analysts Handbook, Intrusion Signatures and Analysis, Maximum Security, Hacking Exposed, and others.
Martin holds a B.S. in Electrical and Computer Engineering from Clarkson University.
Saumil Shah
The Exploit Laboratory - Advanced Edition
Founder and CEO, Net-Square Solutions Pvt. Ltd. saumil@net-square.com Saumil continues to lead the efforts in e-commerce security research at Net-Square. He holds a designation of Certified Information Systems Security Professional. Saumil has had more than ten year s experience with system administration, network architecture, integrating heterogenous platforms, and information security and has perfomed numerous ethical hacking exercises for many significant companies in the IT area. Previously, Saumil held the position of Director of Indian operations at Foundstone Inc. and a senior consultant with Ernst & Young. Saumil has also worked at the Indian Institute of Management, A hmedabad, as a research assistant. Saumil graduated from Purdue University with a master's degree in computer science and a strong research background in operating systems, networking, infomation security, and cryptography. He got his undergraduate degree in computer engineering from Gujarat University, India. Saumil is a co-author of "Web Hacking: Attacks and Defense" (Addison Wesley, 2002) and is the author of "The Anti-Virus Book" (Tata McGraw-Hill, 1996)
Nicolas Waisman
Nicolas Waisman is a Senior Security Researcher at Immunity, Inc. Nico is one of the driving forces behind the CANVAS exploit framework. The majority of his recent work has focused on win32 vulndev, specifically reliable heap exploitation. He also likes to sneak in the odd reverse engineering project from time to time. His most current passion is implementing MOSDEF for the PPC architecture.
Matthew Watchinski
Mr. Watchinski is presently the Director of Vulnerability Research at Sourcefire. In 1998 Mr. Watchinski started his career in security at a up and coming company called Hiverworld (later named nCircle). There he was responsible for network penetration tests, physical security audits, and security related professional services. Additionally Mr. Watchinski was responsible for exploit development, IDS signature development, and code audits. In 2000 Mr. Watchinski moved on to became the Manager of Professional Services for farm9, Inc. Where he was responsible for all ongoing security professional services engagements. This included security audits, code reviews, exploit development, and custom IDS signature development. In 2003 Mr. Watchinski came on board at Sourcefire to eventually become the Director of Vulnerability Research. His responsibilities at Sourcefire include; managing the development of snort rules, code audits, and additional security related research. Mr. Watchinski's entire career has been heavily focused on security research, exploit development, and the development of effective security measures that work in large enterprise environments.
