Trainings

Workshops & training sessions organized aimed at scouting, nurturing & empowering women talents in the field of cybersecurity.

Network Traffic Analysis

Silvia Nerea Anguita

Cybersecurity Auditor, Siemens
Friday, 19th February - 20:30 - 22:00 IST
Silvia Nerea Anguita
About Silvia Nerea Anguita

Silvia Nerea Anguita (@silvianerea_) is a Cybersecurity Auditor at Siemens. On a day to day she works identifying security vulnerabilities in Siemens infrastructure, products and services. Prior to that she worked as a penetration tester for 2 years mainly focusing on web and mobile applications. Studied a bachelors in Computer Science and a masters degree in Cybersecurity.

Training Overview

This training will introduce you to the basic of traffic analysis. We will see how messages and files are transmitted over the network depending on the protocol being used and see which of them send the data encrypted and which not. The training will explain what are the things you need to focus on when analyzing a traffic dump and what kind of data and information you can get from it. You want to know how to get confidential information sent over the network? Or how an attack looks like from the packets perspective? We will finish the training by analyzing a couple of example so you can get your hand dirty!

From n00b to l33t

Maddie Stone

Security Researcher, Google Project Zero
Friday, 26th February - 21:30 - 23:30 IST
Maddie Stone
About Maddie Stone

Maddie Stone (@maddiestone) is a Security Researcher on Google Project Zero where she focuses on 0-days used in-the-wild. Previously, she was a reverse engineer and team lead on the Android Security team, focusing predominantly on pre-installed and off-Google Play malware. Maddie also spent many years deep in the circuitry and firmware of embedded devices. Maddie really loves reverse engineering and hopes you will too!

Training Overview

Have you ever wondered what reverse engineering is? And how people do it? Have you been confused or intimidated by assembly? Then this workshop is for you! In this 2 hour workshop, you're going to learn about and how to do binary reverse engineering. In this workshop, no knowledge of assembly is needed. Only a basic comfort in understanding pseudo code is required. We'll cover the different types of reverse engineering, how you do it, and (hopefully!) why it's so much fun. You'll finish the workshop having reversed your own little program!

Symbolic execution / angr for CTF

Thaís Moreira Hamasaki

Offensive Security Researcher, Intel
Register Now
Friday, 12th March - 20:30 - 22:30 IST
Thaís Moreira Hamasaki
About Thaís Moreira Hamasaki

Thaís Moreira Hamasaki is an Offensive Security Researcher @ Intel - STORM. Previous to that, she worked as a Malware Researcher @ F-Secure, with a focus on static analysis, reverse engineering, and logical programming.

Thaís started her career within the anti-virus industry working on data and malware analysis, where she developed her knowledge of threat protection systems. She won the "best rookie speaker" award from BSides London for her very first talk about "Using SMT solvers to deobfuscate malware binaries". Recent research topics include platform security, SMM, and GFX. She is a member of the Düsseldorf Hackerspace aka Chaosdorf, where she also leads the groups for Reverse Engineering and x86 Assembly. In her free time, you can find Thaís writing bad code, cooking, or climbing somewhere offline.

Training Overview

Symbolic execution is a powerful tool for code verification, bug hunting and reverse engineering. In this class, we will dive into the concepts of constraint programming and SMT solvers and how binary analysis tools, such as angr, integrate these concepts into their frameworks.

It is going to be a very practical class, where we are going to solve various CTF challenges with the goal of visiting different features of angr.

Most of CTF players use z3 and angr to save time when solving reverse engineering challenge and that is also the path we are going to take.

If time is available, we will also check manticore and miasm, two other tools with symbolic execution engines with different features!

Prerequisite
  • Be comfortable understanding and writing Python3 code
  • Familiarity with x86/x64 assembly
Requirements
  • VMware Workstation or Player (at least version 12) (no VirtualBox)
  • At least 8GB of RAM
  • At least 40GB of free disk space
  • A laptop with administrative privileges

Understanding TLS and MITM Attacks

Caroline Leman

Security Engineer, ANSSI
Register Now
Saturday, 13th March - 12:30 - 15:30 IST
Sunday, 14th March - 12:30 - 15:30 IST
Caroline Leman
About Caroline Leman

Caroline is a reverse engineer, security enthousiast and feminist. She has been contributing to miasm (https://github.com/cea-sec/miasm).

Training Overview

Have you ever wanted to know why Firefox warns you about concretely when the big "THIS PAGE IS UNSECURE" appears ?

Well, in this workshop we will be doing what Firefox tries to protect you from: Eavesdropping someone's network.

We'll go from theory to practice:
How do you get packets supposed to go from a computer to another to come to your machine ?
That's called the Women-In-The-Middle attack, and we'll use Scapy (pre-installed in kali linux) to do that using a technique called ARP-Spoofiing.
And even if this look fun, you might know that nowadays traffic is encrypted so what can we do with these encrypted packets ?
Firstly we'll go through the basics of TLS, seeing how does your connection gets encrypted and how the trust between client and server is built : that's the part where certificates signature and verification arrives.
With these basics, we'll see what could go wrong, what happens if you say to firefox "No, I understand the risks and continue" from the attacker's perspective.
I have prepared pair of VMs for each of you and you will be able to really eavesdrop on this small environment - it's really a hands on intro to WITM attacks and network interception.
After this training, you will:
  • have performed a WITM attack with Scapy
  • know how to manually generate TLS certificates
  • have a better idea of what Burp or ZAP proxy do when they "intercept TLS traffic"
  • better understand your browser's security messages
  • have an overview of what TLS is for and what is concretly protects us from

Reverse Engineering C++ binaries

Gal Zaban

Security Researcher, Cymotive
Register Now
Saturday, 20th March - 18:30 - 22:30 IST
Sunday, 28th March - 18:30 - 22:30 IST
Gal Zaban
About Gal Zaban

Gal Zaban is a Reverse Engineer with a particular interest in C++ code, currently working as a Vulnerability Researcher in the Automotive Industry. As part of her journey in understanding the catacombs of C++, she developed various RE tools for C++ including 'Virtuailor'. In her spare time when she's not dwelling into low-level research, she designs and sews her own clothes and plays the Clarinet.

Training Overview

This training is the shortened version of my original "Reversing and Auditing C++ Binaries", this course will be a class for security researchers who want to expand their horizons and skills in reversing C++ binaries.

C++ Binaries are full of mysteries, they have objects, inheritance, templates, vtables and many more and reverse engineering them is a task on its own. In order to correctly and clearly map a C++ compiled binary it requires a vast knowledge of C++ Internals.

The training will explain C++ reverse engineering topics including techniques and tools for dealing with C++ Binaries research. We will start with the identification of basic structures in C++ and continue with C++ Objects and Inheritance in a binary and how to represent them in IDA.

Afterward, we will also study work methods and design patterns in C++. Finally, we will practice, fight and untangle deep and modern C++ programs using static and dynamic analysis.

Prerequisite
  • Familiarity with x86/x64 assembly.
  • Basic Knowledge of C++ programming.

OWASP Juice Shop - Web Application Penetration Testing Basics

Zoey Garvey

Consultant Software Engineer, Federal Reserve Bank of San Francisco
Register Now
Sunday, 21st March - 08:00 - 10:00 IST
Zoey Garvey
About Zoey Garvey

Zoey Garvey has decades of experience coding and building web applications, and more recently has pivoted to breaking and securing them, as well as contributing web challenges to various training platforms and CTFs.

Training Overview

This training will introduce you to web application penetration testing on a single page application and get you familiar with some of the OWASP Top 10. We'll start by learning some basics about single page applications and how they're setup, and some of the tools, resources and options for enumerating and attacking web applications. We'll then move on to learning the basics of SQL injection, XSS, and Broken Access Control, and put those skills into practice attacking the OWASP Juice Shop. We can explore other topics as time permits. You'll also be able to use the VM for self-guided study after the session is over.

Prerequisite
  • A VM will be provided that includes everything necessary for the training. You'll need virtualbox or VMWare.
  • Basic familiarity with HTTP, HTML, JavaScript(or another language), SQL and how web servers work will be helpful, but is not required. We can gauge the class's experience levels at the beginning and go from there.

Introduction to Android Reverse Engineering

Arya M Sankar

Security Researcher, Siemens
Register Now
Saturday, 27th March - 20:30 - 21:30 IST
Arya M Sankar
About Arya M Sankar

As a Security Researcher at Siemens she is currently into Secure Software Development (R&D) and Cybersecurity Analyst roles. She is focusing on Application security with keen interest in Secure Software Development and Secure Coding. She has prior experience in Penetration Testing, Malware Analysis and Vulnerability Assessments. Pursued Masters in Cybersecurity Systems & Networks with Bachelors in Computer Science Engineering.

Training Overview

Moving from old black and white phones to Smartphones were super exciting. We were amused by the features and services whereas least interested in how it works. We did install a lot of apps in ease of touch without a second thought. Now let’s look from a security perspective. The permissions we granted, unofficial app stores we used, recalling data privacy was that a good decision? This training would give you a clarity on how apps work below the surface and things to be concerned off.

This training would introduce you to reversing and analyzing Android apps. As this is an introductory training we would cover fundamentals and basics of Android Security. Some reliable tools and techniques for reversing and analyzing would be discussed. We would then head to dissection of an Android app and inspect for malicious behavior by Static and Dynamic analysis. By the end of the session, one would learn to, 1. Reverse an Android App 2. Perform Static & Dynamic Analysis 3. Detect suspicious and malicious apps

Prerequisite
  • This is a beginner level course which only needs curiosity to learn. Knowing Java would be helpful, but not mandatory.

Windows kernel debugging and forensics

Yarden Shafir

Software Engineer, Crowdstrike
Register Now
Thursday, 1st April - 18:30 - 22:00 IST
Yarden Shafir
About Yarden Shafir

Yarden is a Software Engineer at Crowdstrike, working on EDR features, and a consultant for Winsider Seminars & Solutions Inc., co-teaching security trainings. Previously, she worked at SentinelOne as a security researcher and QA engineer. Outside of her primary work duties, Yarden writes articles and tools and gives talks about various topics such as CET internals, extension host hooking and kernel exploit mitigations. Outside of infosec, Yarden is a circus artist, teaching and performing aerial arts.

Training Overview

Modern Windows systems, and a little bit extra. We will learn how to attach a kernel debugger to a machine, locally and remotely, and how that can help us in both our development process and in our security research. We'll learn how to examine internal mechanisms in Windows through a debugger and new tricks and techniques that make debugging a lot easier. This workshop will focus on kernel debugging but will touch user-mode debugging as well, showing how to find and recognize indicators of suspicious activity in the system

Prerequisite
  • A computer with Windows installed (Windows 10 if possible) on it and a Windows 10 VM. If Windows host is not possible, then 2 Windows 10 VMs that can reach each other on the network. SDK needs to be installed on the host (or one of the VMs, using 2 VMs) - here.

Beginner Level Training

Beginner level cybersecurity training sessions for young women aspirants, conducted by members of team Shakti from 15th of January.

Namitha S

Namitha S

Introduction to CTF

15 January 2021
60 mins
Meenakshi S L

Meenakshi S L

Introduction to Cryptography

22 January 2021
60 mins
Simran Kathpalia

Simran Kathpalia

Introduction to Reverse Engineering

29 January 2021
60 mins
Namitha S

Namitha S

Introduction to Reverse Engineering

29 January 2021
60 mins
Sandra Bino

Sandra Bino

Introduction to Binary Exploitation

06 February 2021
60 mins
Gopika Subramanium

Gopika Subramanium

Introduction to Web Expoitation

13 February 2021
60 mins
mail@shakticon.com
© Team Shakti 2020 - 2021. All Rights Reserved.