Trainings

Silvia Nerea Anguita (@silvianerea_) is a Cybersecurity Auditor at Siemens. On a day to day she works identifying security vulnerabilities in Siemens infrastructure, products and services. Prior to that she worked as a penetration tester for 2 years mainly focusing on web and mobile applications. Studied a bachelors in Computer Science and a masters degree in Cybersecurity.

This training will introduce you to the basic of traffic analysis. We will see how messages and files are transmitted over the network depending on the protocol being used and see which of them send the data encrypted and which not. The training will explain what are the things you need to focus on when analyzing a traffic dump and what kind of data and information you can get from it. You want to know how to get confidential information sent over the network? Or how an attack looks like from the packets perspective? We will finish the training by analyzing a couple of example so you can get your hand dirty!

Maddie Stone (@maddiestone) is a Security Researcher on Google Project Zero where she focuses on 0-days used in-the-wild. Previously, she was a reverse engineer and team lead on the Android Security team, focusing predominantly on pre-installed and off-Google Play malware. Maddie also spent many years deep in the circuitry and firmware of embedded devices. Maddie really loves reverse engineering and hopes you will too!

Have you ever wondered what reverse engineering is? And how people do it? Have you been confused or intimidated by assembly? Then this workshop is for you! In this 2 hour workshop, you're going to learn about and how to do binary reverse engineering. In this workshop, no knowledge of assembly is needed. Only a basic comfort in understanding pseudo code is required. We'll cover the different types of reverse engineering, how you do it, and (hopefully!) why it's so much fun. You'll finish the workshop having reversed your own little program!

Thaís Moreira Hamasaki is an Offensive Security Researcher @ Intel - STORM. Previous to that, she worked as a Malware Researcher @ F-Secure, with a focus on static analysis, reverse engineering, and logical programming.

Thaís started her career within the anti-virus industry working on data and malware analysis, where she developed her knowledge of threat protection systems. She won the "best rookie speaker" award from BSides London for her very first talk about "Using SMT solvers to deobfuscate malware binaries". Recent research topics include platform security, SMM, and GFX. She is a member of the Düsseldorf Hackerspace aka Chaosdorf, where she also leads the groups for Reverse Engineering and x86 Assembly. In her free time, you can find Thaís writing bad code, cooking, or climbing somewhere offline.

Symbolic execution is a powerful tool for code verification, bug hunting and reverse engineering. In this class, we will dive into the concepts of constraint programming and SMT solvers and how binary analysis tools, such as angr, integrate these concepts into their frameworks.

It is going to be a very practical class, where we are going to solve various CTF challenges with the goal of visiting different features of angr.

Most of CTF players use z3 and angr to save time when solving reverse engineering challenge and that is also the path we are going to take.

If time is available, we will also check manticore and miasm, two other tools with symbolic execution engines with different features!

• Be comfortable understanding and writing Python3 code
• Familiarity with x86/x64 assembly

• VMware Workstation or Player (at least version 12) (no VirtualBox)
• At least 8GB of RAM
• At least 40GB of free disk space
• A laptop with administrative privileges

Gal Zaban is a Reverse Engineer with a particular interest in C++ code, currently working as a Vulnerability Researcher in the Automotive Industry. As part of her journey in understanding the catacombs of C++, she developed various RE tools for C++ including 'Virtuailor'. In her spare time when she's not dwelling into low-level research, she designs and sews her own clothes and plays the Clarinet.

This training is the shortened version of my original "Reversing and Auditing C++ Binaries", this course will be a class for security researchers who want to expand their horizons and skills in reversing C++ binaries.

C++ Binaries are full of mysteries, they have objects, inheritance, templates, vtables and many more and reverse engineering them is a task on its own. In order to correctly and clearly map a C++ compiled binary it requires a vast knowledge of C++ Internals.

The training will explain C++ reverse engineering topics including techniques and tools for dealing with C++ Binaries research. We will start with the identification of basic structures in C++ and continue with C++ Objects and Inheritance in a binary and how to represent them in IDA.

Afterward, we will also study work methods and design patterns in C++. Finally, we will practice, fight and untangle deep and modern C++ programs using static and dynamic analysis.

Zoey Garvey has decades of experience coding and building web applications, and more recently has pivoted to breaking and securing them, as well as contributing web challenges to various training platforms and CTFs.

This training will introduce you to web application penetration testing on a single page application and get you familiar with some of the OWASP Top 10. We'll start by learning some basics about single page applications and how they're setup, and some of the tools, resources and options for enumerating and attacking web applications. We'll then move on to learning the basics of SQL injection, XSS, and Broken Access Control, and put those skills into practice attacking the OWASP Juice Shop. We can explore other topics as time permits. You'll also be able to use the VM for self-guided study after the session is over.

• A VM will be provided that includes everything necessary for the training. You'll need virtualbox or VMWare.
• Basic familiarity with HTTP, HTML, JavaScript(or another language), SQL and how web servers work will be helpful, but is not required. We can gauge the class's experience levels at the beginning and go from there.

Caroline is a reverse engineer, security enthousiast and feminist. She has been contributing to miasm (https://github.com/cea-sec/miasm).

Have you ever wanted to know why Firefox warns you about concretely when the big "THIS PAGE IS UNSECURE" appears ?

Well, in this workshop we will be doing what Firefox tries to protect you from: Eavesdropping someone's network.

• have performed a WITM attack with Scapy
• know how to manually generate TLS certificates
• have a better idea of what Burp or ZAP proxy do when they "intercept TLS traffic"
• better understand your browser's security messages
• have an overview of what TLS is for and what is concretly protects us from

As a Product and Solution Security Professional at Siemens I am currently into Secure Software Development (R&D) and Cyber Security Analyst roles. Also have experience working in sensitive projects for Indian govt. defence organisations(DRDO - R&D). Have 4+ years of experience in different domain of Cyber Security. Pursued Masters in Cyber Security Systems & Networks with a bachelors in Computer Science Engineering.

We read, write and understand Code :)

There is a popular misconception that those who code can develop software. Yes, they can, but not always secured, reliable and efficient ones. And who would buy it? If someone does, for how long would it serve!

This training would focus on enlightening about good and bad coding, which is the backbone of Secure Software Development. Take you through the overall software development architecture, an in-depth understanding of each stage and a quick peek into adversary entry points. Finally to the world of secure coding, a vast domain which is least explored and splendid opportunity for the skilled ones.

If you believe that you deliver good code, you might rethink after the session. If you don’t code, life would be much easier learning the right things the right way than re-learning later.