Skip to main content
    CONTACT

    This site is protected by hCaptcha and the hCaptcha Privacy Policy and Terms of Service apply.
    0xCD: Wireless Attack Techniques - SensePost Training - DCTLV2026
    0xCD: Wireless Attack Techniques - SensePost Training - DCTLV2026

    0xCD: Wireless Attack Techniques - SensePost Training - DCTLV2026

    Las Vegas 2026

    Name of Training: 0xCD: Wireless Attack Techniques 
    Trainer(s): SensePost Training
    Dates: August 10-11, 2026
    Time: 8:00 am to 5:00 pm 
    Venue: Las Vegas Convention Center
    Cost: $2,750 (USD)

    Short Summary:

    Designed, developed and delivered by the team behind some of the most commonly used Wi-Fi hacking tools such as hostapd-mana, berate_ap and wpa_sycophant. This intermediate course aims to expose students to more modern Wi-Fi hacking methodologies used by active red teamers on their day-to-day journey with clients and assessments.

    Forgoing the more basic Wi-Fi concepts, this course aims to expose students to offensive techniques where corporate Wi-Fi networks (EAP-PEAP/EAP-TLS) and more modern network configurations (i.e., 6GHz/7GHz, WPA3 and OWE) can be targeted.

    Course Description:

    Many online sources nowadays cover Wi-Fi fundamentals and traditional WPA2-based wireless attacks. If your interest is to hone your skills on corporate Wi-Fi configurations (EAP-PEAP/EAP-TLS) and more modern technologies (e.g., 6GHz/7GHz, WPA3 and OWE), this is the course for you.

    Key Points:

    • How to approach different modern Wi-Fi network configurations and exploit them
    • New approaches and tooling in the Wi-Fi hacking field
    • Practical exploration and testing done against simulated Wi-Fi configurations.

    If you want to really understand what is going on and master the attacks against corporate or more modern Wi-Fi configuration in such a way that you can vary them when you encounter real world complexities, this course will teach you what you need to know.

    Details:

    • 2-day course
    • 60% practical and 40% theoretical
    • Practical-led learning, mimicking true to life Wi-Fi configurations in a virtual environment
    • Delivered by active red teamers
    • Complementary extended lab access

    Topics covered:

    • Wi-Fi fundamentals and concepts
      • Hardware, antenna selection and chipsets
      • Monitor mode
    •  Different Wi-Fi configurations
      • WPA2 PSK and PMKID - Refresher
      • EAP Foundations
      • EAP-PEAP / EAP-TLS
      • Tunnelled EAP Relays (WPA Sycophant)
      • WPA3 PSK
      • OWE
    •  Different frequency bands and Wi-Fi specifications
      • 2.4 / 5 / 6GHz
      • Wi-Fi 5 / 6 / 7

    This course is highly practical, with concepts taught through theory delivered while your hands are on the keyboard, and semi-self-directed practicals at the end of each section to reinforce the learning. The course is hosted in a “Wi-Fi in the cloud” environment we invented several years ago, which means no more fiddling with faulty hardware or turning the classroom into a microwave. While mimicking real-world configurations, it allows an isolated environment where mistakes can be made and learnings become rampant. Designed, developed and delivered by the team behind some of the most commonly used Wi-Fi hacking tools such as hostapd-mana, berate_ap and wpa_sycophant.This course aims to expose you to the Wi-Fi hacking methodologies used by active red teamers when targeting current corporate and more modern Wi-Fi configurations.

    By the end of the course, you will have a thorough understanding modern corporate Wi-Fi network, the various Wi-Fi configurations (including some relevant and real-world war stories), how red teamers approach and attack them and how to replicate these yourself. In particular, you will be using and become familiar with the exact tools that real-world attackers use.

    Enjoy complementary extended access to our lab environment after completion of the course to revisit and practice the skills you acquired during training.

    Join us and hack hard!

    Course Outline:

    This course is made up of 7 Modules and 20 Sub-modules, with a total of 17 hands-on practical scenarios

    Learning Objectives

    • A refresher of existing Wi-Fi knowledge, including hardware complexity, requirements and chipsets used.
    • Exploring and gaining an understanding of the frequencies wherein Wi-Fi networks operate – including 2.4 / 5 / 6Ghz and common WPA2 based attacks.
    • Grokking EAP & EAP-based vulnerabilities relating to certificate validation, tunnelled mode key derivation and how to practically attack them with downgrades, relays and manipulating state.
    • Attacking WPA3, OWE and other modern configurations – including Wi-Fi 5 / 6 / 7.

    Module 1 – Introduction (Setting the Stage)

    Module 2 - WPA/2 PSK and OWE (Refresher)

    Module 3 - EAP

    Module 4 - EAP-TLS

    Module 5 - Tunnelled EAP Relays

    Module 6 – Modern Wi-Fi Configurations

    Practicals are dispersed throughout the course.

    The lab environment holds several other Wi-Fi configurations, which students may also explore at their own leisure while the course is on-going. Beneficial for the super elite among us!

    Difficulty Level:

    Intermediate to Advanced

    Intermediate Definition - The student has education and some experience in the field and familiarity with the topic being presented. The student has foundational knowledge that the course will leverage to provide practical skills on the topic.

    Advanced Definition - The student is expected to have significant practical experience with the tools and technologies that the training will focus on.

    Suggested Prerequisites:

    You should have a good foundational understanding/familiarity with the Linux command line. Prior Wi-Fi hacking experience is vital, as the course does not aim to teach basics but transition beyond them. The practicals are designed so that more experienced students can progress further and students new to more advanced topics can complete the base requirements.

    You only need your laptop with a general browser. We do Wi-Fi hacking in the cloud!

    What Students Should Bring:

    To fully engage in our courses, students need a computer with a web browser they are comfortable using. All practical exercises are hosted in the cloud, and our class portal delivers course content. This minimal requirement ensures a seamless and effective learning experience.

    What the Trainer Will Provide:

    Participants in our training courses will get access to a comprehensive set of resources through our user-friendly web class portal, offering educational materials like slides, practical exercises, walkthroughs, tools, and detailed course notes. The portal remains accessible beyond training sessions, allowing learners to revisit content at their own pace. Additionally, each student receives an individualized lab environment, designed for hands-on practical exercises, enhancing their practical skills and proficiency in the subject matter during the training course.

    Trainer(s) Bio:

    SensePost, an elite ethical hacking team of Orange Cyberdefense have been training at BlackHat since 2002. We pride ourselves on ensuring our content, our training environment and trainers are all epic in every way possible. The trainers you will meet are working penetration testers, responsible for numerous tools, talks and 0day releases. This provides you with real experiences from the field along with actual practitioners who will be able to support you in a wide range of real-world security discussions. We have years of experience building environments and labs tailored for learning, after all education is at the core of SensePost and Orange Cyberdefense.

      Registration Terms and Conditions: 

      Trainings are refundable before July 11, 2026, minus a non-refundable processing fee of $250.

      Between July 11, 2026 and August 5, 2026 partial refunds will be granted, equal to 50% of the course fee minus a processing fee of $250.

      All trainings are non-refundable after August 5, 2026.

      Training tickets may be transferred to another student. Please email us at training@defcon.org for specifics.

      If a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).

      Failure to attend the training without prior written notification will be considered a no-show. No refund will be given.

      DEF CON Training may share student contact information, including names and emails, with the course instructor(s) to facilitate sharing of pre-work and course instructions. Instructors are required to safeguard this information and provide appropriate protection so that it is kept private. Instructors may not use student information outside the delivery of this course without the permission of the student.

      By purchasing this ticket you agree to abide by the DEF CON Training Code of Conduct and the registration terms and conditions listed above.

      Several breaks will be included throughout the day. Please note that food is not included.

      All courses come with a certificate of completion, contingent upon attendance at all course sessions. Some courses offer an option to upgrade to a certificate of proficiency, which requires an additional purchase and sufficient performance on an end-of-course evaluation.

      $2,550.00
      $2,750.00