Past Trainings

Silvia Nerea Anguita (@silvianerea_) is a Cybersecurity Auditor at Siemens. On a day to day she works identifying security vulnerabilities in Siemens infrastructure, products and services. Prior to that she worked as a penetration tester for 2 years mainly focusing on web and mobile applications. Studied a bachelors in Computer Science and a masters degree in Cybersecurity.

This training will introduce you to the basic of traffic analysis. We will see how messages and files are transmitted over the network depending on the protocol being used and see which of them send the data encrypted and which not. The training will explain what are the things you need to focus on when analyzing a traffic dump and what kind of data and information you can get from it. You want to know how to get confidential information sent over the network? Or how an attack looks like from the packets perspective? We will finish the training by analyzing a couple of example so you can get your hand dirty!

Maddie Stone (@maddiestone) is a Security Researcher on Google Project Zero where she focuses on 0-days used in-the-wild. Previously, she was a reverse engineer and team lead on the Android Security team, focusing predominantly on pre-installed and off-Google Play malware. Maddie also spent many years deep in the circuitry and firmware of embedded devices. Maddie really loves reverse engineering and hopes you will too!

Have you ever wondered what reverse engineering is? And how people do it? Have you been confused or intimidated by assembly? Then this workshop is for you! In this 2 hour workshop, you're going to learn about and how to do binary reverse engineering. In this workshop, no knowledge of assembly is needed. Only a basic comfort in understanding pseudo code is required. We'll cover the different types of reverse engineering, how you do it, and (hopefully!) why it's so much fun. You'll finish the workshop having reversed your own little program!

Thaís Moreira Hamasaki is an Offensive Security Researcher @ Intel - STORM. Previous to that, she worked as a Malware Researcher @ F-Secure, with a focus on static analysis, reverse engineering, and logical programming.

Thaís started her career within the anti-virus industry working on data and malware analysis, where she developed her knowledge of threat protection systems. She won the "best rookie speaker" award from BSides London for her very first talk about "Using SMT solvers to deobfuscate malware binaries". Recent research topics include platform security, SMM, and GFX. She is a member of the Düsseldorf Hackerspace aka Chaosdorf, where she also leads the groups for Reverse Engineering and x86 Assembly. In her free time, you can find Thaís writing bad code, cooking, or climbing somewhere offline.

Symbolic execution is a powerful tool for code verification, bug hunting and reverse engineering. In this class, we will dive into the concepts of constraint programming and SMT solvers and how binary analysis tools, such as angr, integrate these concepts into their frameworks.

It is going to be a very practical class, where we are going to solve various CTF challenges with the goal of visiting different features of angr.

Most of CTF players use z3 and angr to save time when solving reverse engineering challenge and that is also the path we are going to take.

If time is available, we will also check manticore and miasm, two other tools with symbolic execution engines with different features!

• Be comfortable understanding and writing Python3 code
• Familiarity with x86/x64 assembly

• VMware Workstation or Player (at least version 12) (no VirtualBox)
• At least 8GB of RAM
• At least 40GB of free disk space
• A laptop with administrative privileges

Caroline is a reverse engineer, security enthousiast and feminist. She has been contributing to miasm (https://github.com/cea-sec/miasm).

Have you ever wanted to know why Firefox warns you about concretely when the big "THIS PAGE IS UNSECURE" appears ?

Well, in this workshop we will be doing what Firefox tries to protect you from: Eavesdropping someone's network.

• have performed a WITM attack with Scapy
• know how to manually generate TLS certificates
• have a better idea of what Burp or ZAP proxy do when they "intercept TLS traffic"
• better understand your browser's security messages
• have an overview of what TLS is for and what is concretly protects us from

Gal Zaban is a Reverse Engineer with a particular interest in C++ code, currently working as a Vulnerability Researcher in the Automotive Industry. As part of her journey in understanding the catacombs of C++, she developed various RE tools for C++ including 'Virtuailor'. In her spare time when she's not dwelling into low-level research, she designs and sews her own clothes and plays the Clarinet.

This training is the shortened version of my original "Reversing and Auditing C++ Binaries", this course will be a class for security researchers who want to expand their horizons and skills in reversing C++ binaries.

C++ Binaries are full of mysteries, they have objects, inheritance, templates, vtables and many more and reverse engineering them is a task on its own. In order to correctly and clearly map a C++ compiled binary it requires a vast knowledge of C++ Internals.

The training will explain C++ reverse engineering topics including techniques and tools for dealing with C++ Binaries research. We will start with the identification of basic structures in C++ and continue with C++ Objects and Inheritance in a binary and how to represent them in IDA.

Afterward, we will also study work methods and design patterns in C++. Finally, we will practice, fight and untangle deep and modern C++ programs using static and dynamic analysis.

• Familiarity with x86/x64 assembly.
• Basic Knowledge of C++ programming.

Zoey Garvey has decades of experience coding and building web applications, and more recently has pivoted to breaking and securing them, as well as contributing web challenges to various training platforms and CTFs.

This training will introduce you to web application penetration testing on a single page application and get you familiar with some of the OWASP Top 10. We'll start by learning some basics about single page applications and how they're setup, and some of the tools, resources and options for enumerating and attacking web applications. We'll then move on to learning the basics of SQL injection, XSS, and Broken Access Control, and put those skills into practice attacking the OWASP Juice Shop. We can explore other topics as time permits. You'll also be able to use the VM for self-guided study after the session is over.

• A VM will be provided that includes everything necessary for the training. You'll need virtualbox or VMWare.
• Basic familiarity with HTTP, HTML, JavaScript(or another language), SQL and how web servers work will be helpful, but is not required. We can gauge the class's experience levels at the beginning and go from there.

As a Security Researcher at Siemens she is currently into Secure Software Development (R&D) and Cybersecurity Analyst roles. She is focusing on Application security with keen interest in Secure Software Development and Secure Coding. She has prior experience in Penetration Testing, Malware Analysis and Vulnerability Assessments. Pursued Masters in Cybersecurity Systems & Networks with Bachelors in Computer Science Engineering.

Moving from old black and white phones to Smartphones were super exciting. We were amused by the features and services whereas least interested in how it works. We did install a lot of apps in ease of touch without a second thought. Now let’s look from a security perspective. The permissions we granted, unofficial app stores we used, recalling data privacy was that a good decision? This training would give you a clarity on how apps work below the surface and things to be concerned off.

This training would introduce you to reversing and analyzing Android apps. As this is an introductory training we would cover fundamentals and basics of Android Security. Some reliable tools and techniques for reversing and analyzing would be discussed. We would then head to dissection of an Android app and inspect for malicious behavior by Static and Dynamic analysis. By the end of the session, one would learn to, 1. Reverse an Android App 2. Perform Static & Dynamic Analysis 3. Detect suspicious and malicious apps

• This is a beginner level course which only needs curiosity to learn. Knowing Java would be helpful, but not mandatory.

Yarden is a Software Engineer at Crowdstrike, working on EDR features, and a consultant for Winsider Seminars & Solutions Inc., co-teaching security trainings. Previously, she worked at SentinelOne as a security researcher and QA engineer. Outside of her primary work duties, Yarden writes articles and tools and gives talks about various topics such as CET internals, extension host hooking and kernel exploit mitigations. Outside of infosec, Yarden is a circus artist, teaching and performing aerial arts.

Modern Windows systems, and a little bit extra. We will learn how to attach a kernel debugger to a machine, locally and remotely, and how that can help us in both our development process and in our security research. We'll learn how to examine internal mechanisms in Windows through a debugger and new tricks and techniques that make debugging a lot easier. This workshop will focus on kernel debugging but will touch user-mode debugging as well, showing how to find and recognize indicators of suspicious activity in the system

• A computer with Windows installed (Windows 10 if possible) on it and a Windows 10 VM. If Windows host is not possible, then 2 Windows 10 VMs that can reach each other on the network. SDK needs to be installed on the host (or one of the VMs, using 2 VMs) - here.