ETHICAL HACKING WORKSHOP HEK.SI 2017
Hands on Hacking: Vulnerability Research and Exploit development
Wednesday, 5th April 2017, 9.00-18.00, Ljubljana, M-Hotel
Description
Educational philosophers have consistently claimed that only by learning something in depth can a person escape from the confusions that commonly accompany a superficial knowledge base. That is why this workshop exist to give the attendance deep knowledge about vulnerabilities trough process of research with discovery and exploit.
Into the training sessions, trainer will make presentation of live demo examples and provide in depth learning of research and exploit techniques. From fuzzing techniques to discover security holes to ROP gadgets and egg-hunters to build shellcode, this workshop will cover all parts that a security researcher must know. The approach will be in learn-by-example methodology.
Practical exercises in this workshop are labs based on BYOD (Bring Your Own Device) lab execution. This means that attendant must bring his own laptop and conduct lab exercises there.
Minimum requirements for lab exercises at least 25GB HDD space, 4GB RAM memory and installed VMware Player 7.1.2 with ability to run virtual machines. All lab exercises are done on virtual machines (Linux OS and Windows OS) that will be delivered on external media to the attendance at the beginning of the workshop.
Here you can learn how to:
- Enroll in security research and discover vulnerabilities
- Breakfront to use and write security research tools is various programing languages
- Pwned with creation of your custom exploits and feel the real power of hacking
Content
Part 1: Learning Foundations
- Architecture of OS and memory space
- Overflow and Injection basics
- Local and Remote Vulnerabilities
Exercises
Part 2: Research and Exploit Vulnerabilities
- Approach method
- Way to find a door
- First doorstep activity
- Ending infinity
- Engineering Exploit Code
Exercises
Target Audience
This workshop will significantly benefit security officers, auditors, security professionals, developers, and anyone who is willing to learn in depth and really understand hacking and want to pen-test custom binaries and exploit custom built applications. All attendances will have opportunity to work as Security Researcher and Exploit Developer.
Prerequisites
- Understand ethical hacking and its concepts
- Basic programming skills
- TCP/IP networking skills
- Web application security and its vulnerabilities.
Materials
All attendances will receive Presentation slides with notes (at the end of the workshop), Knowledge base materials (with interesting articles, suggested exercises etc.), unique tools and scripts with lab exercise manual.
Duration
1 day
5th April 2017, 9h-18h (9 hours)
Place
M-Hotel, Ljubljana
Certification
At the end participants will receive the Certificate of Achievement signed by the Trainer.
Price
297 € + VAT
Trainer
Mane Piperevski, Piperevski & Associates
M-r Mane Piperevski is security expert with over 10 years of experience and expertise in field of Ethical Hacking/Penetration Testing and ICT Forensics. He works currently as CEO and IT Security Consultant at Piperevski&Associates and he is also contributor to open software security community as OWASP Chapter Leader for Macedonia. Recently published white papers “Hacker Attacks - Undetectable attacks from trojans with reverse communication” and “Hacking Attacks - Security Threats in IPv6 networks”. Holder of numerous security certifications (C|EH, E|CSA, C|HFI, E|CIH, E|CSP .NET, MCSA, MCSE, MCITP, C|EI, MCT) and Europe highly ranged Cyber Crime instructor and trainer.
More information:
Kristina Velišček
+386 (0)5 338 48 51
kristina.veliscek@palsit.com
On-Line
When registering for the HEK.SI 2024, you get FREE TICKET for the INFOSEK 2024!