PRE CONFERENCE WORKSHOPS - 19-Aug-2015
WS 1
WS 2
WS 3
WS 4
WS 5
WS 6
WS 7
Raspberry Pi Hacking
OBJECTIVE
The Raspberry Pi is an excellent multiuse piece of hardware, with no exploitation limits. With only some imagination you can achieve great results. In this course we will show you how to extract the best out of it, creating a powerful hacking tool out of it. Plus, the course includes your own Raspberry Pi Kit, you put together your own, tweak it up, and then take it with you!!
COURSE CONTENT
- Raspberry Pi architecture
- Distribution installation on a Raspberry
- Basic and advanced configuration
- Tansforming your Raspberry Pi in:
- Vpn Server
- Hosting Server
- Raspberry Pirate Radio
- Access control system with Fingerprint and NFC devices, and electronic locks
- Multimedia center / Smart TV
- Hacking Raspberry Pi
- FruityWifi
- PwnPi
- Pentesting with Raspberry Pi
- Raspberry Pwn / Pwnie Express
- Metasploit in your Raspberry
PRE-REQUISITE
Linux intermediate knowledge
PARTICIPANTS REQUIREMENTS
- Requirements for each student
- 1 Raspberry Pi B+
- 1 Power source
- 1 SD card
- 2 Antennas Wifi USB
- Requirements for the conference:
- HDMI monitors (1 every 3 students)
- Wireless mouse and keyboard (1 every 3 students)
- Connectivity (A switch with 1 port per student, a WiFi access point, plus internet access)
DURATION
1 day
WHO SHOULD ATTEND?
- Security enthusiasts and professionals
- Anybody who is interested in creating great tools with a low budget/li>
WHAT TO EXPECT
- Have fun developing a powerful box for many cool purposes
- Interactive hands-on training/li>
WHAT NOT TO EXPECT
- A pentesting course
- Programming a moon-landing capable device
- A serious and boring trainer :)
SPEAKER DETAILS
Matias Katz is a Penetration Tester who specializes in Web security analysis. He loves to build simple tools to perform discovery and exploitation on any software or network. He has spoken at BlackHat, H2HC, Ekoparty, TEDx, Campus party, OWASP and many important conferences. He is the founder and CEO of Mkit Argentina (www.mkit.com.ar), a company that specializes in computer, physical and human security solutions. He is also the founder of Andsec conference (www.andsec.org). And he is Super Mario World master!!
Penetration Testing Cryptography & PKI Implementations
WORKSHOP ABSTRACT
Right from the boot loaders of a standalone machines, Password/Credential stores, Internet Banking to GSM communications, all use Modern Cryptography & Public Key Infrastructure for securing sensitive information. This is a common practice. Also, whats common is repeating the flaws while implementing cryptography & PKI systems.
Lets find & attack some of the common mistakes in Cryptography & PKI implementations in the enterprise networks.
We will also see how we can get the things right & enlist the lessons we learn. After this session Penetration testers, Developers, Test engineers will tune themselves better for verifying such implementations.
COURSE CONTENT
- Understanding The Basic Building Blocks of Cryptography & PKI
- Using Trustable Crypto Source & Libraries
- Verifying various Trust Stores
- Browser Trust Store
- OS Trust Stores
- Secure Boot Trust Store
- Polluting Trust Stores using certificate pinning.
- Testing Secure Communications
- Understanding SSL/TLS communication & Flaws
- Attacks on SSL/TLS protocols
- Undocumented Attacks & Bypasses for SSL/TLS
- Perfect Forward Secrecy
- Storing and Retrieval/Archiving of the Sensitive Data
- Basic Cryptographic algorithms
- Understanding the Limitations & attacks on cryptographic algorithms
- Malware precaution & protection
- Storing & Securing sensitive Data in Cloud
- Processing Sensitive Data
- In memory processing of sensitive data
- Securing data precessing in Cloud
- Browser Hacks on sensitive data caching
- Recent & Popular attacks
- Heart Bleed to SSL Sniff/Strip
- Back-dooring the (P)RNG & other crypto algorithms
- Hashes & Collisions
- Post Quantum Scenerio
- Post Quantum & Contemporaneity Cryptography
- Quantum Key Generation & Distribution
- Post Quantum Crypto Systems
- Misc..
- Few Practical tips on Privacy and security
DURATION
1 day
WHO SHOULD ATTEND?
Security Professionals responsible for Testing, Developing, Designing, Auditing critical systems with Cryptographic implementations
WHAT TO EXPECT
Walk away with the pratical knowledge of- Working use and abuse of PKI systems using Openssl Toolkit
- Know how to test and exploit secure protocols, encrypted networks, few crypt analysis techniques
- Where to look for flaws in systems secured by cryptography
- What are the latest attacks in the Cryptographic world and how do they work
- Know end to end use and abuse of Browser to Web server secure channels
- Know few advanced standards and theoretical attacks.
WHAT NOT TO EXPECT
- Mathematics Behind the Cryptographic standards
- Breaking Google, FB, Banks secure communication by successful cryptanalysis
- This course tries to gives you basic but essential knowledge of cryptography to be an effective Pen-testers to become a Cryptographer Lets join a PHD course :)
SPEAKER DETAILS
Ajit Hatti is a Co-founder of “null -Open security community”, His work is focused on Infrastructure Security, providing Trusted Computing On Hostile Platforms & most of his papers are in social interest. Invented the widely exploited “Applanting” attack.
Currently working on securing systems using Cryptography at Symantec Corporation, he has worked as and Engineer and Researcher with many security companies like IBM-ISS, Bulelane, Zscaler in past.
He has previously presented his security research at BlackHat, NullCon, Ground Zero Summit, c0c0n, ClubHack.
Ajit Hatti, Co-founder of “null -Open security community”
Breaking IOT Devices
COURSE ABSTRACT
This training will be focused on finding ways to exploit IOT and other hardware devices to do the attackers bidding. The attendees will be taught the basic components of modern IOT devices, how to break into them and making sure you have access to the devices later. Topics covered will include the hardware security vulnerabilities as well as firmware vulnerabilities. Both software and hardware tools will be demonstrated to the attendees.
COURSE CONTENT
- Introduction
- What is IoT
- Existing IoT devices
- Threat of unsecured IoT devices
- Hacking the Hardware
- The components of an IoT device
- Embedded communication protocols
- Finding interface/debug ports
- Attacking memory
- Radio signal analysis and attack
- Hacking bluetooth 4.0
- Hands-on Session: Identifying debug ports
- Hacking the Software
- Firmware extraction and analysis
- Firmware reverse engineering
- Vulnerability analysis
- Analysing network communication and authentication protocols
- Attacking the data at rest/encryption
DURATION
1 day
WHO SHOULD ATTEND?
- Security enthusiasts
- Developers working in IoT
WHAT TO EXPECT
- Practical demonstrations of how to break into embedded devices
- Understanding inherent vulnerabilities in various IoT devices
- Introduction to the hardware hacking tools and techniques
WHAT NOT TO EXPECT
- Demonstration of hardware side channel attacks
- ASIC reverse engineering the page
SPEAKER DETAILS
Yashin Mehaboobe is an embedded security researcher. He's been invited to speak at multiple conferences such as HITB Amsterdam, Nullcon, c0c0n, Kaspersky NextGeneration, Ground Zero Summit and Toorcon San Diego. His areas of interest span hardware security, malware analysis and reverse engineering. Yashin is also the author of various open source tools such as PyTriage and Arcanum.
Anto Joseph is a Security Engineer for Citrix. He is a strong supporter of Free & Open Information Security Education. His area of interest includes mobile /web app & stand-alone app security.He has talked in various security conferences and has good expertise in Practical Security
Hunting Malwares Using Memory Forensics
OBJECTIVE
Memory forensics is an investigative technique used in malware analysis, reverse engineering, digital forensics and incident response. With adversaries becoming more sophisticated and carrying out advanced attacks targeting critical infrastructures, Data Centers, private and public organizations, detecting, responding to, and investigating such intrusions are critical for information security professionals. Memory Forensics has become a must-have skill for fighting advanced malware, targeted attacks and security breaches. This training touches on the topic of malware, Windows internals, and techniques to perform malware and Rootkit investigations of real world memory samples using open source advanced memory forensics framework (Volatility). The training also teaches how to incorporate memory forensics into malware analysis and sandbox technology.
The training provides practical guidance and attendees should walk away with the following skills:
- Understanding how malware and Windows internals work
- Ability to acquire a memory image from suspect/infected systems
- Use memory forensics to improve digital investigations
- Perform investigative steps for detecting stealth and advanced malware
- Use memory forensics in malware analysis and sandbox technology
- Use open source advanced memory forensics framework (Volatility)
COURSE CONTENT
- Introduction to Memory Forensics
- Volatility Overview
- Process, Handles and Registry
- Networking
- Process Memory
- Sandboxing
- Kernel modules and Rootkit Analysis
- Hunting Ghost using Memory Forensics
PRE-REQUISITE
- Basic understanding of malwares
Memory Forensics Preparation Guide
PARTICIPANTS REQUIREMENTS
Laptop and the pre-requisties document will be sent to the attendees before the training
DURATION
1 day (8 hours)
WHAT TO EXPECT
- Practical real world malware investigation scenarios
- Lab exercises of real malware infected memory images
WHAT NOT TO EXPECT
- World Peace
- To solve your financial problems
- Boring training :-)
WHO SHOULD ATTEND
- Security professionals interested in malware analysis, memory forensics, reverse engineering and incident response/ Investigations
- Security Enthusiasts
SPEAKER DETAILS
Monnappa K.A is based out of Bangalore, India. He works with Cisco Systems as Information Security Investigator focusing on threat intelligence and investigation of advanced cyber attacks. He is core member of security research community "SecurityXploded".His fields of interest include malware analysis,reverse engineering, memory forensics and threat intelligence.He is an active speaker in the Bangalore security community and Null meetings and has presented on various topics which include "Memory Forensics", "Advanced Malware Analysis", "Rootkit Analysis", and "Sandbox Analysis". He has authored various articles related to "Malware Analysis" and "Memory Forensics" in the Hakin9 and eForensics magazines.
Information Security Investigator
Cisco Systems
Secure Node.js Development Best Practices
OBJECTIVE
To provide strong understanding of Node.js web application architectures and secure coding practices.
PRE-REQUISITE
Basics of Node.js
PARTICIPANTS REQUIREMENTS
- Own laptop with 25GB free space and 4GB RAM.
DURATION
1 day
WHAT TO EXPECT
- Learn how to incorporate defensive coding practices from the very start as you build your app.
- Interactive hands-on training.
WHAT NOT TO EXPECT
- Not a node.js pentesting course.
WHO SHOULD ATTEND
- Node.js Developers.
- Anyone who is interested in learning secure node.js development.
COURSE CONTENT
- Module 1: Why Node.js?
- Module 2: Common node.js security vulnerabilities.
- Global Namespace Pollution
- HTTP Parameter Pollution (HPP)
- Remote Code Execution with eval()
- Remote OS Command Execution
- Attacks due to Untrusted user input
- Regex DoS
- Module 3: Learn how to fix node.js vulnerabilities, and learn how to incorporate defensive coding practices from the very start as you build your app.
- Environment configuration
- Using secure versions of software dependencies.
- Input validation
- Error handling
- Try/catch and domain.
- Single threaded architecture disadvantages.
- Prevent Dos.
- OWASP Top 10
- Data encryption
- Secure token authentication and authorization.
- Implementing SSL/TLS protocol.
- Password salting and encryption.
- Environment configuration
- Module 4: Investigate a vulnerable node.js API based web app, and learn how to tell if an application is vulnerable.
- Module 5: Making a checklist of things to do before you go live.
SPEAKER DETAILS
AMol_NAikis a web application pentester working with Mercedes-Benz Research & Development India. He has more than 8 years of experience in Application Security, Ethical Hacking and Network security. He is listed in Google Security Hall of Fame, Facebook WhiteHat and Twitter Security page for reporting various vulnerabilities in their web applications. He won ClubHack preCON CTF 2011. His web hacking technique "Exploitation of Self-Only XSS in Google Code" qualified for “Top 10 web hacking techniques in 2011” contest run by Jeremiah Grossman.
Amol Naik,
Web Application Pentester,
Mercedes-Benz Research & Development, India
Deep Dive Android 2015 Edition
OBJECTIVE
Android is the leading Operating system. It is used not just in Smartphones / Tablet but also is used as base for interactive Television, gaming console and lot more systems. The obvious resultant is that there is a large focus towards developing applications for this platform and to maintain its security. This workshop aims to equip information security professionals with knowledge about Android Operating system and how to ensure that the application are followin best security practices.
Students of this course will learn how to operate and make the best of the Android Tamer Virtual machine environment specifically designed for android penetration testing, from its creator. After taking this course you will be in a position to comfortably assess Android mobile application. You will be able to identify potential security issues as well as suggest possible remediations for issues such as Insecure Data Storage, Insufficient Transport Layer Protection, Unintended Data Leakage, Poor Authorization and Authentication, Broken Cryptography, Client Side Injection, Security Decisions Via Untrusted Inputs, Improper Session Handling, Lack of Binary Protections and more.
COURSE CONTENT
- Understand Android
- Operating System Overview
- File system Overview
- Security Model
- Understand Android Application
- Application Components
- Application Structure
- The SDK and Android Tools
- Developing a basic application
- Penentration Testing Setup and methodology
- Introduction to Android Tamer
- Setting up the environment
- Penetation testing approach
- Reverse Engineering basics
- Rooting basics
- Manual Pentesting
- Automated Pentesting via Drozer
- Dynamic Instrumentation via Xposed Framework
- Being secure
- Writing Secure Code
- Writing Python Scripts for automating android pentests
- Checklist for android applications
PRE-REQUISITE
- Basic familiarity of Linux usage
- Python scripting knowledge is a plus, but not extremely required
PARTICIPANTS REQUIREMENTS/WHAT TO BRING
- Windows 7/8 , Ubuntu 12.x +, Macbook (2011 or above model)
- Administrative access on your laptop with external USB allowed
- Laptop Processor should support Virtualization
- Atleast 20+ GB free hard disk space
- 4 GB or more RAM
- Genymotion installed (Downloadable from http://goo.gl/uGvWFM)
DURATION
1 day
WHAT TO EXPECT
- Getting started with Android Security
- Reversing and Auditing of Android applications
- Finding vulnerabilities and exploiting them
- Hands-on with different Android components from security perspective
WHAT NOT TO EXPECT
To be an Android Hacking Expert/Ninja in a matter of 1 Day. Even though this training would take you to a considerably high level in Android Security/Exploitation, and impart you with all the necessary skills needed, you need to work on your own and use the skills learnt in the training class to continue your Android Security explorations.
WHO SHOULD ATTEND
- Security Professionals
- Web Application Pentesters
- Application Developers
- People interested to start into Android security
SPEAKER DETAILS
Anant Shrivastava is an experienced information security professional with 7 yrs of corporate experience with expertise in Mobile, Web application and Linux Security.
He has developed his expertise in mobile security over years and has successfully executed multiple mobile application security assessment projects. He has trained 100+ delegates on Android Security at various conferences (Nullcon - 2012, g0s - 2013, c0c0n - 2013). He has created Android Tamer (http://www.androidtamer.com)a Linux environment specially designed for Android Testing. He has also delivered talks at various security conferences on Android Operating System and Web application technologies. He holds various industry recognized certifications such as SANS GWAPT (GIAC Certified Web Application Testing), CEH (Certified Ethical Hacker) and RHCE (RedHat certified Engineer).
He is one of the co-author for OWASP Testing Guide v4. His whitepaper on "Web Application Fingerprinting" is referred as authority reference in OWASP Testing Guide. He has written multiple tools for web application and android testing, which are listed in his Github profile (https://github.com/anantshri/). He has credited with multiple responsible public disclosures (refer http://www.osvdb.org/creditees/10234-anant-shrivastava). His tool named SVN Extractor (https://github.com/anantshri/svn-extractor) is warmly received by penetration testing community. He has built a security solutions repository for WordPressCMS which contains open source code snippets to provide protection against known attack patterns (https://github.com/anantshri/wp-security). He is also a lead for project named as Code Vigilant (http://www.codevigilant.com), which aims to identify security, issues in open source software's and currently holds 150+ vulnerability disclosures.
Xtreme Web Hacking Express
WORKSHOP ABSTRACT
Xtreme Web Hacking Express is one day intensive web hacking workshop. The workshop will be conducted in the style of Capture The Flag (CTF) challenges, where the participants will need to accomplish certain objectives in a limited amount of time. This gives participants an opportunity to practice for real world penetration tests by accomplishing pre-defined objectives in a time bound scenario.
While there is clear merit in covering the underlying concepts, sometimes we just need to see the hack succeed. So this training will cover only what is required to get to our objectives.
COURSE CONTENT
- Compromise a web application, get credentials of the admin user.
- Brute force a password protected file to get usernames and passwords.
- Do a code review of an app to find any backdoors.
- Gain user shell.
- Pivot into internal application using a custom written tool.
- Attack internally hosted applications just as they were exposed to the Internet
SKILL AND KNOWLEDGE REQUIRED
- You should be a web application penetration tester as this not a beginner level course at all
- Ability and familiarity of command line on Windows and Linux
- Knowledge of JavaScript and at least 1 scripting language like Python, PHP or Ruby
DURATION
1 day
WHAT TO EXPECT
- Hands on practice on web application hacking techniques and tools.
- Learn using a combination of scenarios from the real world, simulated attacks while being guided by the trainers.
- Write simple scripts to automate your attacks against application.
WHAT NOT TO EXPECT
- A lot of hand holding about basic concepts already mentioned in the things you should be familiar with.
- A lot of theory. This is meant to be a completely hands-on training!
- To become an accomplished hacker in a day.
SPEAKER DETAILS
Riyaz Walikar
Web Application Pentester, Security evangelist and a Certified Ethical Hacker (CEH), he has been active in the security community for the better part of the last 8 years. He has been actively involved with the Bangalore OWASP and null chapter for the last 4 years and is one of the OWASP Bangalore chapter leads.
He is actively involved with Vulnerability Research in popular Web Applications and Network aware services and has disclosed several security issues in popular software like Apache Archiva, Openfire, Joomla!, EJabberd, .NET Script Injection Bypass and has had luck with finding vulnerabilities with popular web applications like Facebook, Twitter, Google, Cisco, Symantec, Mozilla, PayPal, Ebay, Apigee, Yahoo, Adobe, Tumblr, Pinterest etc. for which he is on the Hall of Fame for most of these services. He has also been a speaker and trainer at several security conferences including OWASP AppsecUSA 2012, BlackHat Abu Dhabi 2012, nullcon Delhi 2012, 2013, 2014, 2015 and c0c0n 2011.
His technical interests lie with programming, bug bounty, malware analysis, breaking web applications, playing CTFs, researching devices that fall under the Internet of Things category and penetration testing networks exposed to the Internet. When he is not writing/breaking code, you can find him dabbling in photography, stargazing, playing football, reading or fishing.
Akash Mahajan
Akash has more than 10 years of experience in Application and Network Security. Before starting his own company he was a technical lead for one of the leading American commercial security software companies specialising in end point security. He started in security working on web infrastructure for the government of India.
Akash is the founder and community Manager at null - The Open Security Community where he has made major contributions in making the community a national phenomenon.
He is currently one of the Chapter Leaders of Open Web Application Security Project Bangalore (OWASP Bangalore).
He founded and runs The AppSec Lab a company focussed on Application Security where he works with small and medium companies in securing their web server security, web security, mobile security and guiding them to stay secure while being competitive. Current areas of research for him include devops, secops, security in SDLC, Cloud Security, Security awareness through community building. He does a lot of trainings as well including the extremely popular Xtreme Web Hacking.
- Publications
- Burp Suite Essentials – Published by PacktPub November 2014 ISBN 978-1783550111
- Is your website insecure? – Published in Healthy Code April 2014 issue
- How to develop secure web applications – Published in Healthy Code August 2014 Issue
- Security Response Headers in HTTP – Online InfoSec Institute
C0C0N 2014 Photos
