Request More Info >

 The best place in Latin America to learn about IT security. Our trainings take place on the days previous to the conference and are dictated by the most well-known infosec leaders at a national and international level.

Most of these courses are not available elsewhere - You can't miss them!

#Eko2020 Trainings

These trainings take place on the days prior to the conference and have limited seats. Some are dictated in other international conferences at higher prices, and some are Ekoparty exclusive. Don't miss your chance! 

Reserve Your Spot


ONLINE     September 20-23 



INCLUDES 

   Trainings of 2, 3 & 4 days     Certificate of attendance      

MAIN TRAINING

PRACTICAL ANDROID EXPLOITATION LITE    


The Practical Android Exploitation course from Xipiter is a comprehensive course aimed to teach all about Android security. Students get hands on experience with the Android SDK/NDK and related toolchains and use that knowledge to write and analyze exploits and malware on Android. In this course participants will exploit userland and kernel Android vulnerabilities as well as discuss jailbreaks and the various attack surface of Android applications. This class is aimed to an indispensable training for mobile developers, forensics investigators, software security professionals, pen-testers, and others.

Read More
2 days

 OFFENSIVE MOBILE REVERSING AND EXPLOITATION

Ever wondered how different attacking a Mobile application would be, from a traditional web  application? Gone are the days when knowledge of just SQL Injection or XSS could help you  land a lucrative high-paying infoSec job.  This course is designed to introduce beginners as well as advanced security enthusiasts to the  world of mobile security using a fast-paced learning approach through intensive hands-on labs.                           

Read More
2 days


THE DEVSECOPS MASTERCLASS 

Managing comprehensive security for continuous delivery of applications across organizations continues to remain a serious bottleneck in the DevOps movement. The methodology involved in implementing effective security practices within delivery pipelines can be challenging. 

This training is designed to give a practical approach of implementing Security across Continuous Delivery Pipelines by leveraging the plethora of cloud offerings and is backed by a ton of hands-on labs, original research and real-world implementations of DevSecOps that work.

Read More
4 days


ATTACKING AND DEFENDING CONTAINERS, KUBERNETES AND SERVERLESS

With Organizations rapidly moving towards micro-service style architecture for their applications, container and serverless technology seem to be taking over at a rapid rate. Leading container technologies like Docker have risen in popularity and have been widely used because they have helped package and deploy consistent-state applications. Serverless and Orchestration technologies like Kubernetes help scale such deployments to a massive scale which can potentially increase the overall attack-surface to a massive extent, if security is not given the attention required

Read More
3 days


SECURE PROGRAMMING 101 

This is an intermediate hands-on course in which attendees will understand and experience the use of the OWASP Application Security Verification Standard. In this way, they will learn to develop strategies and understand the elements for secure programming, allowing to mitigate risks in personal or work-related projects.

Read More
 2 días

FROM ZERO TO HERO: PENTESTING AND SECURING DOCKER, SWARM & KUBERNETES ENVIRONMENTS

  El uso de contenedores y orquestadores cambió la forma en que las tecnologías  son utilizadas. Las técnicas de ataque y defensa necesitan ser reinventadas,  tenemos la obligación de aprender nuevas formas de auditar y proteger  ambientes que implementan este tipo de tecnologías. 

Nuestro training está diseñado para profesionales que sean parte de RedTeams o BlueTeams, que estén  buscando aprender sobre seguridad en containers y orquestadores desde una  perspectiva ofensiva y defensiva. Análisis con metodologías Black Box, Grey  Box y White Box en Docker, Docker Swarm y Kubernetes serán explicados.

Read More
 3 días

ADVANCED ICS HACKING

Los sistemas de control industrial (ICS) suelen ser un blanco atractivo para los ciberdelincuentes. La mayoría de estos sistemas supervisan procesos industriales complejos e infraestructuras críticas  que suministran energía, agua, transporte, manufactura y otros servicios esenciales.  Existen muchas vulnerabilidades en estos sistemas que podrían exponer una instalación a ataques.  Un ataque en una red de ICS podría dar lugar a interrupciones masivas, cientos de miles de  usuarios afectados e incluso a un desastre nacional. El pentesting en los sistemas de control  industrial es un campo muy específico que requiere un vasto conocimiento y disponibilidad de  hardware.

Read More
2 days


    REVERSE ENGINEERING APPLIED TO
MALWARE ANALYSIS

This is an introductory course on reverse engineering and malware analysis. It is designed so that people with little or no experience on these topics can attain the tools to quickly understand how a threat works, by focusing on the more practical aspects of analysis.

Read More
2 days


  ADVANCED INVESTIGATIONS, PRIVACY & OPEN SOURCE INTELLIGENCE TECHNIQUES 

 

Este curso no solo abarca lo informático, sino que va más allá analizando lo humano, para generar un conocimiento más amplio al momento de realizar tareas en este ámbito.  La capacitación tiene como fin impartir los conocimientos necesarios en la obtención de información de usuarios y activos de una empresa, utilizando técnicas físicas y lógicas. Para ello se analizarán sitios convencionales y no convencionales, lo cual permitirá realizar una investigación más amplia y exhaustiva. 

Read More
2 días


  HACKING & HARDENING HUMAN OS

(SOCIAL ENGINEERING)   

El objetivo de este training es el de capacitar a los asistentes en las  distintas técnicas y herramientas utilizadas dentro de la Ingeniería Social, con el fin de poder incluirlas dentro de sus Pentest como así también, habilitarlos a realizar distintas campañas de concientización que ayuden a  detectar este tipo de engaños y elevar así la seguridad de sus organizaciones
 . 

Read More
2 días


  STEALING THE CROWN - RED TEAMING ACTIVE DIRECTORY ENVIRONMENTS 

 

In this training we will explain current Techniques, Tactics and Procedures for infiltrating networks, maintaining persistence and scaling until reaching the targets in Active Directory infrastructures.

For those who work on pentesting and want to get closer to network teaming, it will give a better understanding of the tactical techniques and procedures (TTPs) used by real attackers.

For those who work on defense, it will help understand how attacks work to devise and strengthen the defense of their infrastructure.

Read More
4 días


  INTRODUCCIÓN A LA EXPLOTACIÓN DE APLICACIONES EN ANDROID  

 

This training will allow students to learn application penetration testing techniques and methods of exploiting vulnerabilities in Android.

The focus is on practicing the techniques explained during the course, so that the student not only incorporates 
the theory, but also the experience in exploiting vulnerabilities. The course dynamic will be the theoretical presentation of each of the modules and a set of applications or situations in which that knowledge must be applied.

Read More
3 días


  CÓMO GANAR DINERO HACKEANDO GRANDES EMPRESAS CON PROGRAMAS 

DE BUGBOUNTY

 

This 2-day training seeks to shorten your learning curve if you are interested in earning money by reporting security flaws in Bug Bounty programs. Not only will we cover the necessary concepts, tools, methodologies and security problems that are most frequently reported in this type of program, but we will tell you what nobody tells you when you decide to immerse yourself in Bug Bounty, along with some recommendations.

Read More
2 días


  SAP Security in Depth: Attack & Secure SAP Systems - 2020 edition

 

¿Interesado en pentest sobre sistemas SAP? ¿Querés saber cómo se hacen? Y… ¿Cómo proteger estos sistemas si tu empresa los utiliza? 

¿Alguna vez pensaste en qué tan críticos son estos sistemas para tu organización? ¿Te diste cuenta que los parches de seguridad son aplicados generalmente tarde (si es que se aplican)? El 77% de los ingresos del mundo pasan por un sistema SAP. Sin embargo, la mayoría de veces, estos sistemas están fuera del alcance de un pentest tradicional.

Read More
4 días


Burp Suite Workshop

If you have ever wondered how security professionals hack into your web applications, then this workshop is ideal for you. The techniques covered in this workshop can be immediately implemented to increase the security of your organisation.  


Read More
2 días