Training 2013

Language and price for each workshop are indicated below. Early‐bird prices are available for the first 4 registrants. There is also a maximum of 4 student spots available on a first come first served basis. The remaining participants will have to pay the regular price.

Stephen Ridley & Stephen Lawler

Stephen Lawler is the Founder and President of a small computer software and security consulting firm. Mr. Lawler has been actively working in information security for over 7 years, primarily in reverse engineering, malware analysis, and exploit development. While working at Mandiant he was a principal malware analyst for high‐profile computer intrusions affecting several Fortune 100 companies. Prior to this, as a founding member of the Security and Mission Assurance (SMA) division of a major U.S. Defense contractor where he discovered numerous 0‐day vulnerabilities in “Commercial‐Off‐The‐Shelf” (or COTS) software and pioneered several exploitation techniques that have only been recently discovered and published publicly. Prior to his work at a the major defense contractor, Stephen Lawler was the lead developer for the AWESIM sonar simulator as part of the US Navy SMMTT program.

Stephen A. Ridley is a security researcher with more than 10 years of experience in software development, software security, and reverse engineering. Before becoming an independent researcher, Mr. Ridley served as the Chief Information Security Officer of a financial services firm and prior to that was a Senior Researcher at Matasano. He also was Senior Security Architect at McAfee, and a founding member of the Security and Mission Assurance (SMA) group at a major U.S defense contractor where he did vulnerability research and reverse engineering in support of the U.S. intelligence community. He has spoken about reverse engineering and software security at BlackHat, ReCon, CanSecWest, EuSecWest, Syscan and other prominent information security conferences. Mr. Ridley currently lives in Manhattan and frequently guest lectures at New York‐area universities such as NYU and Rensselaer Polytechnic Institute.

Practical ARM Exploitation

The purpose of the course is to introduce students with prior basic exploitation experience (on other architectures) to “real world” exploitation scenarios on the ARM processor architecture. The reality is that exploitation these days is harder and a bit more nuanced than it was in the past with the advent of protection mechanisms like XN, ASLR, stack cookies, etc. As such, this course is called “practical” because it aims to teach exploitation on ARM under the real‐world circumstances (with all these protection mechanisms) that the exploit developer will encounter and have to circumvent. The course materials focus on advanced exploitation topics using Linux as the target platform running on the ARM architecture. The goal here is to use Linux as a platform for circumventing “advanced protections” while also teaching about the ARM architecture itself, although there is obvious application for these techniques against platforms running on mobile phones, tablets, net‐books, embedded devices, etc.

Students taking this course should have a intermediate
software exploitation background on another architecture (such as x86). They should have
hands‐on familiarity with the following concepts:

- exploitation of stack overflows

- exploitation of heap overflows

- basic experience with IDA

- basic experience with a debugger

- cursory knowledge of Python or some equivalent high‐level scripting language (Java, Ruby,
etc)

- C++ and C coding experience.

Participants in the course should bring the following:

- A laptop (running their favorite OS) capable of connecting to wired and wireless networks.

- An installed valid VMWare

- An installed copy of at least IDA Standard.

- An SSH/Telnet client to access the hosted QEMU images

- A brain.

  • Regular Price : 750 CHF
  • Early‐bird Price : 690 CHF
  • Student Price : N/A
  • Language : EN

Paul Rascagneres

Paul Rascagneres est consultant et chercheur en sécurité. Il travaille pour des institutions financières et européennes au Luxembourg. Il est le créateur du projet malware.lu, spécialisé dans le partage et l’analyse de malware, ainsi que le responsable du premier CSIRT privé luxembourgeois: Malware.lu CERT. Il est également développeur d’exploit et contributeur du projet metasploit.

Le framework d’exploitation opensource : Metasploit

Metasploit permet de réaliser des tests d’intrusion, mais également de développer ses propres exploits. Ce workshop portera sur l’installation du produit, l’utilisation sur différentes machines virtuelles vulnérables (Windows et Linux), mais également sur le développement d’exploit grâce à l’API fourni par metasploit.

  • Prix normal : 750 CHF
  • Prix Early‐bird : 690 CHF
  • Prix Etudiant : N/A
  • Langue : FR

Mario Heiderich

Mario Heiderich is a Microsoft security contractor and founder of the German/UK pen‐test outfit Cure53. He focuses on HTML5, SVG security and believes XSS can be eradicated by using JavaScript. Maybe. Some day.

Mario invoked the HTML5 security cheat‐sheet and maintains the PHPIDS filter rules. In his spare time he delivers trainings and security consultancy for larger German and international companies for sweet sweet money and the simple minded fun in breaking things.

Mario has spoken on a large variety of international conferences, co‐authored two books, several academic papers and doesn’t see a problem in his one year old son having a tablet already.

Offensive HTML, HTML5, SVG and CSS or How to make sure your Pentest Report is never empty

This workshop was formerly held in closed environments for government contractors, companies and other organizations and is now available on conferences and alike. This one‐day hands‐on no‐bullshit guide through the crazy world of HTML and its satellite technologies will give a very detailed overview on the current attack landscape. Did you know, CSS3 can function as XSS filter and steal session tokens?

The focus of this workshop will be on the offensive parts of HTML, the nasty and undocumented stuff, dozens of new attack techniques straight from the laboratory of horrors of those maintaining the HTML5 Security Cheatsheet… and will even cover the defense parts necessary to protect one’s fine web‐applications.

We’ll learn how to attack any web‐application with either legacy madness — or the half‐baked results coming to your browser from the meth‐labs of W3C and WHATWG without you even knowing it. Whoever likes crazy HTML, CSS and JavaScript might enjoy and benefit this workshop. A bit of knowledge on either of those is required, rocket scientists and adepts will be satisfied equally.

  • Regular Price : 750 CHF
  • Early‐bird Price : 690 CHF
  • Student Price : N/A
  • Language : EN

Jeremy Kenaghan

Méthodologies simples de management de risques : CORAS & OCTAVEALLEGRO

Vous découvrirez les principes généraux du management du risqué, ainsi que deux méthodologies simples et agréables qui sont spécifiques au domaine de la sécurité de l’information :

  • OCTAVE Allegro — la petite sœur de la méthode OCTAVE
  • CORAS — une méthode graphique qui s’inspire de la modélisation UML

Une partie de l’atelier est consacrée aux exercices pratiques.

Pré‐requis : Aucune connaissance technique n’est nécessaire pour profiter de cet atelier, mais un esprit logique et créatif serait un plus !

  • Prix normal : 220 CHF
  • Prix Early‐bird : 150 CHF
  • Prix Etudiant : N/A
  • Langue : FR

SCRT

Exploitation Linux
  • Rappel sur l’assembleur x86 32bit
  • Shellcoding
  • Exploitation de buffer overflow
  • Exploitation de format string
  • Technique ret2libc
  • Return Oriented Programming

Pré‐requis:

  • Connaissance en C et assembleur.
  • Bonnes bases en Linux.
  • Un laptop avec au moins vmware player.

  • Prix normal : 450 CHF
  • Prix Early‐bird : 350 CHF
  • Prix Etudiant : 150 CHF
  • Langue : FR