Smart-phones, tablets and portable gadgets have become a must-have for everyone for personal as well as official use. As people have started utilizing these devices to frequently access the Internet, read important documents, carry out financial transactions and so on and so forth, the bad guys have realized the shift and have started to focus on exploiting these platforms for their gains. There has been a lot of advancement in mobile malware and exploitation research.

These devices are computers running various operating systems on ARM processors with hardware for telephony, wifi etc.

ARM Android Xploitation Primer takes up one of the finest operating system used for these devices I.e. Android as the ARM based platform for the training and takes a deep dive into ARM assembly, Android Native development components, buffer overflows and shellcoding. The training introduces the attendees to the ARM Android platform including the intrinsic technical details and security issues using a balanced proportion of theory and extensive hands-on and exercises. It provides a base for the attendees to develop security research expertise on the ARM based platforms beyond the conventional Android application security testing skills.

• Introduction to Android
• What is Android?
• The architecture
• Getting the Android source
• Setting up the environment

• Android Native Dev primer
• ADB
• NDK
• Compiling C code
• Assembly code
• Execution
• Debugging

• Android ARM Assembly primer
• ARM overview
• Processor Modes
• Registers
• Instruction set
• Stack implementation
• System call convention
• Procedure call convention
• Exercises

• ARM Shellcoding Primer
• Introduction
• System interaction
• Relative addressing
• Four byte Hell!
• Null byte Hell!
• ARM THUMB and the finger
• Exercises

• Indroid - Code Injection
• Introduction
• Borrowing from Windows
• Linux Ptrace
• Library Injection
• Indroid
• Memory Allocation and Execution
• Threadification
• Payload
• The API
• Putting it all together i.e. DIY injection

• ARM buffer overflow primer
• Buffer overflow 101
• The ARM/Linux stack
• Stack overflow
• Controlling the flow of execution
• Ret2Libc
• Exercises

Aseem Jakhar

is the Director, research at Payatu Technologies Pvt Ltd http://payatu.com a boutique security testing company. He has extensive experience in system programming, security research, consulting and managing security software development projects. He has worked on various security software including IBM ISS Proventia UTM appliance, Mirapoint messaging/security appliance, anti-spam engine, anti-virus software, multicast packet reflector, Transparent HTTPS proxy with captive portal, bayesian spam filter to name a few. He is an active speaker at security and open source conferences; some of the conferences he has spoken at include AusCERT, Defcon, Hack.lu, Blackhat, Xcon, Cyber security summit, Cocon, OSI Days, Clubhack, Gnunify. His research includes Linux remote thread injection, automated web application detection and dynamic web filter. He is the author of open source Linux thread injection kit - Jugaad and Indroid which demonstrate a stealthy malware infection technique. He is well known in the hacking and security community as the founder of null - The open security community, registered not-for-profit organization http://null.co.in , the largest security community in India and the founder of nullcon security conference http://nullcon.net.

1 day (8 hrs)

• Bring your own laptop
• 15+ GB free hard disk space
• 2+ GB RAM
• VirtualBox installed on the system

Pre-requisite

Who should attend?

What to Expect

What not to Expect

The knowledge of computer and network forensics has become essential in securing today's network-centric computing environment. This workshop is developed to provide an introduction to the exciting and growing field of digital investigations and network forensics.

Upon completing this course, the participants are expected to:

• Gain a set of investigative techniques focused on the use of vendor-neutral, open source tools, Develop the skills to capture suspicious data,
• Discern unusual patterns hidden within seemingly normal network traffic
• Understand the basics of computer and network forensics
• Get well-trained as next-generation computer crime investigators and
• Get prepared for active research at the forefront of these areas.

Throughout the course, real-world examples in conjunction with numerous hands-on exercises will provide practical forensics analysis skills.

• Introduction to Network Forensic
• Setting up The Environment/Testing Lab
• Basic Protocol Analysis
• Forensic Analysis of Network Attacks
• Forensic Analysis of Web Attacks
• Forensic Analysis of Malwares
• Data extraction from packets
• Network Forensic Using Xplico
• BASIC PACKET ANALYSIS CHELLENGES – 1, 2, 3

Tamaghna Basu, OSCP, GCIH, RHCE, CEH, ECSA

is a security researcher at heart and has been his main areas of research include Web app security and network pen-testing, exploit development, incident handling and cyber forensic. Being a software developer earlier, he worked in java, .net, ruby etc. and various domains like finance, insurance, gaming etc. He was the winner of NULLCON 2010's hacking challenge.

He is a SANS certified trainer/mentor for the course – “Sec 504: Hacker Techniques, Exploits and Incident Handling”. He also presented in other security conferences like NULLCON, C0C0N, OWASP, ISACA etc. Being a core member of NULL security community, he facilitates Chennai/Bangalore NULL Chapter, a frequent speaker of NULL and OWASP meets, conducted multiple hacking workshops in NULL HUMLA, Bangalore. He is an active member of security communities like in-honeynet, NAISG, DSCI, Clubhack etc. He also contributed to security magazines like Clubhack and ISACA journal. He has achieved various other certifications like Cyber Crime Investigation, Diploma in Cyber Law etc.

Linkedin: http://www.linkedin.com/in/tamaghnabasu
Blog: http://tamahawk-techguru.blogspot.com
          http://basubhaimca.blogspot.com
Tweet: http://twitter.com/titanlambda

1 day (8 hrs)

You are required to bring your own laptop

PRE-REQUISITE

Familiarity with TCP/IP networking and basic network infrastructure devices such as switches, routers, etc.

OR Basic Cyber Security Course

Who should attend

This course is designed for law enforcement, corporate, government and Military.

This workshop is essential to information security, risk management, loss prevention, corporate security and law enforcement personnel who encounter digital evidence "on the wire" while conducting an investigation e.g. Network engineers, network security professionals, who possess basic- to intermediate-level general security and networking knowledge.

Personnel who have working knowledge of host-based forensics analysis and want to gain expertise in the end-to-end digital forensics process can attend this training.

What you will learn

Follow on course

Advance Network Forensic

Takeaways

• Training material with numerous reference Wireshark trace files
• DVD of networking and forensics tools
• Library of network forensics analysis reference documents
• Investigation Cheat sheets

How to build, operate, monitor and improve a fully compliant ISO/IEC 27001 security program in pretty much any type of organization. The training will focus on real-life experiences, simple tools, tricks, shortcuts and do and don'ts.

Is expected that by the end of this training, you will have the required knowledge in order to develop a ISO/IEC 27001 compliant program at your own organization (or at least have a very clear view on what is required to get the job done).

The workshop takes many basic components from the official ISO/IEC Lead Auditor / Implementer Training provided by organizations such as BSI, Veritas, Etc.

• ISO Introduction, Why it matters.
• Certification Process & Dealing with Auditors
• Scope, Program Definition
• Asset & Risk Management
• Statement Of Applicability
• BCM
• Program Monitoring & Improvements
• Internal Audits
• ISO/IEC 27002 - Security Controls

Esteban Ribicic

Argentine born, Esteban Ribicic, has been working on Security for over a decade. With a strong technical background and a clear specialization on Security Governance Esteban has helped many organizations in building and improving their Security Programs. He has a strong focus on getting the job done, keeping it as simple as possible without compromising effectiveness and efficiency. Esteban has an engineering background and holds several Security and Service Management certifications.
Esteban leads eramba.org, an open-source IT Governance, Risk and Compliance tool.

1 day (8 hrs)

• Patience
• Good listening skills!

Pre-requisite

Who should attend?

Android needs no introduction; it’s one of the fastest growing Smartphone / Tablet OS. Future plans to just include telecommunication equipment but also entertainment equipment like TV, Music Players and other house hold items. When the World is moving towards Android subsequently there is a rise in threat's and potential risk's in the same. This Workshop is geared towards Security professionals who want to remain on the edge of the fast paced technology and possess in-depth understanding of Android. This workshop will not only focus on Application Pen Testing but will also be looking at the overall OS as a platform and potential pitfalls around it. Besides just dissecting Android to analyse it we will also be looking at leveraging android platform and its mobility to perform conventional penetration testing tasks. The workshop will be conducted with live applications / targets (test authorized) as well as self-developed Demo in order to quickly understand the targets.

• Android Architecture
• Operating System Overview
• File system Overview
• Security Model

• Developer Overview
• Application Components
• Application Structure
• The SDK and Android Tools
• Developing a basic application

• Intro to Pen Testing
• Introduction to Android Tamer
• Setting up the environment
• Black Box PT
• Reverse Engineering
• Rooting basics
• Understanding Pentesting Frameworks
• Mercury
• Smartphone Pentest Framework
• Android Framework for Exploitation.

• Using android for Pentest
• Setting up the environment
• Various tool usage
• Writing custom tool in android

ANKUR BHARGAVA

Ankur works for a MNC and has a area of interest realted to Web Application Security and Mobile Security. He has been speaker at various conferences like Nullcon, C0C0N for different years where he has presented on topics like PDF exploits, Android Security. Ankur is an active member on Null/OWASP Bangalore Chapter.

ANANT SHRIVASTAVA

Anant Shrivastava works as a Consultant Analyst with 7Safe a part of PA consulting Group. He holds a GWAPT, CEH, CSTP and RHCE. He has been speaker at various conferences like Nullcon, c0c0n, Clubhack, his talks are focused on android. He is the creator of Android Tamer – VM for android security professionals. Active member of Null, Garage4Hackers. His expertise remains in Linux, Web Applications (Dev and security testing) and Mobile devices (OS and Application) Security.

1 day (8 hrs)

Bring in your own Laptop and if an android device is available. (otherwise simulator will also work)

Pre-requisite

Anyone Interested to Learn and Deep dive in Android.

Who should attend?

Mobile Security Enthusiast, Web Application Penetration Tester, Android Enthusiast, IT professionals, developers, testing, quality professionals and anyone who wants to get their hands dirty in Android.