Thank you to all of our awesome Speakers this year! Grab your ticket in our shop so you don’t miss out on attending these great workshops.

ARM Shellcode Basics

Presented By: Saumil Shah

A 2 hour workshop on writing ARM Shellcode from scratch. The workshop will cover some simple ARM assembly, and hands-on work with two shellcode examples: a simple execve() shell and a fully working Reverse Shell. This will then be tested with with two ARM exploits.

Attendees are required to bring in their laptops with a working copy of VMWare (Player/Workstation/Fusion). ARM images running on QEMU will be distributed to the participants.

Advanced Java Application Code Review

Presented By:Philippe Arteau

Modern corporate environments use diverse technologies. Security analysts (code reviewers and pentesters) need to be able to understand how components work under the hoods. This workshop will cover various classes of vulnerabilities with a Java twist. The exercise will be on the code analysis of a custom sample application. The open-source tools Find Security Bugs and SonarQube will be used. This training will cover the following classes of vulnerabilities: XXE (XML eXternal Entity), expression injection, deserialization vulnerability, Path Traversal, HQL injections and XSS.