Context offer a variety of technical training courses ready-made, as well as bespoke training courses tailored to specific needs. Each course is available at various levels of difficulty.
A summary of each course is below; for full course details download our Training brochure.
Web Application Hacking
Almost every organisation now relies on an Internet presence to either present the public face of the company, to provide the core of the business itself or through offering internet services for utilisation by others. As these windows are opened to the outside world, they also serve as a potential risk, broadening the threat landscape of the organisation and presenting would-be attackers with an avenue for compromising the organisation’s sensitive data and services.
Our experience in teaching this course has taught us that, in order to properly guard against the ever increasing pool of weaknesses, the defenders must learn to think like their opponents. The course is therefore structured around practical knowledge regarding web application security vulnerabilities, following a step-by-step model; finding the vulnerability, exploiting the vulnerability, understanding the underlying cause and creating a remedy.
The course is suitable for penetration testers, web app developers and development leads.
Mobile Hacking & Security Testing
With organisations expanding their presence onto mobile devices, enabling their employees and customers to access business information wherever they are, the threat landscape has never been wider.
Mobile systems offer a whole new set of challenges for security professionals, incident responders and developers to take into account. This includes sensitive data on lost devices, applications leaking access to user accounts, and data exfiltration from corporate devices to name but a few.
This training course is designed to provide attendees with hands-on knowledge on how attackers penetrate the security around mobile applications and security policies. To achieve this it uses custom mobile applications created by Context, crafted to emulate real-world applications and provide a realistic and up-to-date look at the attack surface and vectors available to skilled attackers.
The course is suitable for mobile developers, development managers and penetration testers.
Red Team / Simulated Targeted Attack
Building on Context’s experience in running large-scale red team and CBEST engagements, this training course aims to teach the methods and approaches taken by real-world attackers when compromising an entire organisation. From initial recognition and phishing, to post-exploitation and acquiring access to every system in an organisation, this course is as close to a real-world hacking attack as it gets. The knowledge gained can permit network architects, incident response managers and senior security personnel to take their defensive strategies to the next level by understanding the methodologies and mindset of the attackers.
There are three levels of Red Team courses available at varying levels of difficulty; they are suitable for senior security personnel, senior penetration testers, CISOs and Security Incident Responders with varying levels of experience.
Hacking Network Infrastructure
For most organisations, the internal and externally facing Linux and Windows servers form the backbone of their ability to operate. Running everything from domains and databases, to legacy applications and source-code repositories, network requirements are getting evermore complex. This course details the steps attackers take in compromising a server; from discovery to full control, the reconnaissance, access and escalation techniques used in real-world attacks are demonstrated and analysed throughout.
The course is suitable for domain administrators, network architects, penetration testers and server / network administrators.