The major cause of API and web application insecurity is insecure software development practices. This highly intensive and interactive 4-hour seminar will provide essential application security training for web application and API developers and architects.

The class is a combination of lecture, security testing demonstration and code review. Students will learn the most common threats against applications. More importantly, students will learn how to code secure web solutions via defense-based code samples.

Our focus will be web application security basics.

• OWASP Top Ten 2017
• OWASP Top Ten Proactive Controls v3
• OWASP ASVS 4.0

This workshop will take student’s Wireshark skills to the next level with a heavy emphasis on incident response, threat hunting, and malicious network traffic analysis. We will begin with a brief introduction to Wireshark and other Network Security Monitoring (NSM) tools/concepts. Placement, techniques, and collection of network traffic will be discussed in detail. Throughout the workshop, we’ll examine what different attacks and malware look like in Wireshark. Students will then have hands-on time in the lab to search for Indicators of Compromise (IOCs) and a potential breach to the network. There will be plenty of take home labs for additional practice.

Introduction to Linux Memory Corruption is an introductory workshop aimed at teaching students the basics of reverse engineering and exploiting stack based overflows on modern systems (AMD64). This workshop is aimed at students with no prior reverse engineering or exploitation experience and takes them through writing their first memory corrupting exploit.

Requirements

• Experience writing and reading code (C/C++/assembler preferred)
• Linux computer or Linux virtual machine
• Understanding of common numbering systems including base 2, 10, and 16
• All required software installed (list to be sent out before class)

Recommended

• Experience using a debugger and/or disassembler
• Experience reading and/or writing assembly for at least one architecture
• Understanding of common calling conventions
• Understanding of memory segments and allocation

Please come to the workshop with the following already set up and ready to go. There will not be time during the workshop to complete these setup tasks.

• x86_64 Linux VM or system (preferably kali) NOTE: THIS MUST BE A 64BIT DISTRO AND COMPUTER
• Linux man pages (man 2 and 3)
• Make sure the following software is installed: nasm, gdb, objdump, readelf
• Install gef with gdb and verify that it works https://gef.readthedocs.io/en/master/
• IDA Pro 7.0 freeware or licensed copy https://www.hex-rays.com/products/ida/support/download_freeware.shtml NOTE: THIS MUST BE THE 7.0 FREEWARE OR A LICENSED COPY OF PRO. THE DEMO VERSION OR LICENSED STANDARD WILL NOT WORK

Many cryptographic exploits require little to no understanding of math, but cryptography’s reputation as an impenetrable Gordian knot of arcane symbols and proofs (thanks, academics) keeps many capable application security professionals from even TRYING to understand cryptography.

Consider the replay attack: capture an encrypted message and send it again, with catastrophic results, if, for instance, the message means “transfer $100 from my bank account to yours.” If you understood that, congratulations, you’ve just learned one way to attack modern cryptosystems. Come learn about more attacks that don’t take math chops to understand, and learn to use attack tools for the attacks that do!

Wireless devices are becoming exceedingly prevalent in our homes and offices. Many companies are making a switch to wire-free workplaces for the sake of convenience and cost. But how safe are these devices and connections, and how do hackers go about breaking into wireless systems? This course will explore some basic concepts of radio frequencies and associated wireless security topics through a lightning series of content presentation, demos, and hands-on labs. If you bought that Alfa card but haven’t got around to learning how to use it yet, this is the class for you. We will cover exploits for Wi-Fi, Bluetooth, RFID, and 2.4 GHz wireless mice, along with exploring software defined radio and topics for further individual research.

Course Requirements:

• Laptop (recommend running Windows bare-metal, with VMware and enough disk space / memory for a virtual instance of Kali)
• iOS or Android mobile device with the free nRF Connect application installed

Someone without any special equipment should still gain a deep perspective on the topics to be covered however the following equipment will be useful:

• Wi-Fi: Wireless adapter capable of packet injection and monitor mode (recommend Alfa awus036ach)
• BLE: Nordic NRF52840-DONGLE, Optional Ubertooth One
• 2.4 HID: Nordic NRF52840-DONGLE (recommend having a second dongle since the reflashing process may limit device functionality)
• Optional: CrazyRadio PA dongle

Defenders, this training will show you common Group Policy Security misconfigurations and how to mitigate them. Red Teamers, if you’re looking for a new way to get Domain Admin, this is for you as well. Hands-on demos are included to give you a chance to practice what you’ve learned.

Students must have a laptop with virtualization software (VirtualBox, VMware Workstation, etc.) and at least 40GB of drive space free. A basic understanding of Active Directory, PowerShell, Group Policies, and authentication concepts is helpful but not required.

Hands-on exercise setting up a lab for stimulus-response based alert writing using the free version of Splunk as a SIEM. Includes installation of Splunk log forwarder, Splunk Enterprise GUI console, log forwarding configuration, log normalization, stimulus-response activities, log review, and alert writing. Methodology good for Blue Teams looking to build alerts based on actual attack output; good for Red Teams looking to understand the output from their activities.

Requirements:

VirtualBox VMs will be provided with networking pre-configured. Hands-on familiarity with basic *nix command line strongly encouraged. Enough CPU/RAM to support at least 1 VM, either *nix or Windows, whichever is least similar to the host OS.

This is Studly McBeefy’s and Beefy McStudly’s PowerShell workshop. The aim of this workshop is to get you competent in PowerShell quickly. There are no quirky gimmicks or “master class” shenaniganry here. Our approach is simple; we’ll walk through a bunch of things you should know and see what happens. If you’re the curious type you’ll dig deeper in each area on your own. If not, you should still be able to fumble though quite a bit. At the end of it all you should be able to read a lot of the PowerShell out there, and be able to churn out simple code to accomplish a wide range of tasks.