Schedule 2024
Track 1
Track 2
Track 3
Track 1
Track 2
Track 3
* The organizers reserve the right to make changes to the conference program.
Workshops
Registration for the workshop will begin on Friday, 26/04/2024 at 12:00 pm . The number of places is limited.
DAY 1 [27.05.2024]
WORKSHOP 1
Enhance Your Linux DFIR Skills with MasterParser
Eilay Yosfan
Description
This workshop focuses on advancing participants' Linux Digital Forensics and Incident Response (DFIR) skills through the utilization of MasterParser, a purpose-built tool for analyzing Linux logs. MasterParser streamlines the investigative process by swiftly extracting vital information from various logs within the var/log directory, facilitating a comprehensive understanding of security incidents on Linux systems.Participants will engage in hands-on exercises to analyze diverse Linux log scenarios, utilize MasterParser, and construct a clear chain of events to unravel the complexities of security breaches.
Technical requirements
Clean Ubuntu VM on the workshop participants laptops. Basic understanding of Linux operating systems. Basic familiarity with Linux command line interface. Basic knowledge of Linux logs.
#DFIR, #linux, #Forensics, #Blue Team
Time: 180 minutes
Language: EN
Maximum number of people participating in the workshop: 40
WORKSHOP 2
Red Team Infrastructure Automation
Soumyadeep Basu Arun Nair Aravind PrakashThis workshop offers a fast-paced and engaging introduction to setting up Red Team Infrastructure, focusing on the practical use of Terraform and Ansible. The session begins with a brief overview of Red Team operations and the critical role of robust infrastructure. It then swiftly moves into the practical aspects, demonstrating the basics of Terraform for deploying cloud infrastructure and Ansible for efficient configuration management. The highlight is a demonstration on integrating these tools to automate key components of Red Team infrastructure, emphasizing their application in real-world scenarios. This workshop is tailored for those eager to quickly grasp the essentials of Red Team infrastructure automation.
Requirements
AWS, Azure, and Digital Ocean Accounts -
Participants need to have active accounts with administrative access on these platforms to engage in hands-on activities.
Software and Tool Installation -
Terraform: For deploying cloud infrastructure.
Ansible: For configuration management.
Optional: Additional tools like Gophish, Evilginx, Maurena, ired mail, and RedELK for specific components of the workshop.
Basic Knowledge Prerequisites -
Understanding of Red Team operations and lifecycle.
Familiarity with Infrastructure as Code (IaC) concepts.
Environment Setup -
Computer capable of running the necessary software and accessing cloud services.
Local setup of development environments for Terraform and Ansible scripting.
#red team, #infrastructure set, #devops
#Cloud Deception
Time: 180 minutes
Language: EN
Maximum number of people participating in the workshop: 20
WORKSHOP 3
Adversary simulation and Malware development
Zhassulan Zhussupov
Whether you are a Red Team or Blue Team specialist, learning the techniques and tricks of malware development gives you the most complete picture of advanced attacks.
Also, due to the fact that most (classic) malwares are written under Windows, as a rule, this gives you tangible knowledge of developing under Windows. The course will teach you how to develop malware, including classic tricks and tricks of modern ransomware found in the wild. Everything is supported by real examples.
The course is intended for Red Team specialists to learn in more detail the tricks of malware development (also persistence and AV bypass) and will also be useful to Blue Team specialists when conducting investigations and analyzing malware.
Requirements
Machine with virtual box (kali linux vm is + any windows 10 VM)
Most of the examples in this course require a deep understanding of the Python and C/C++ programming languages. Knowledge of assembly language basics is not required but will be an advantage
#Malware, #Cryptography
Time: 120 minutes
Language: EN
Maximum number of people participating in the workshop: 20
WORKSHOP 1
Fuzzing FastTrack: Essentials Uncovered
Zubin Devnani"Fuzzing FastTrack: Essentials Uncovered" is a dynamic workshop designed to introduce the fundamentals of fuzzing as a powerful technique for uncovering software vulnerabilities. This one-day workshop is designed to equip attendees with effective fuzzing techniques, fundamental insights into how fuzzing operates. The course also includes practical exercises and teaches how to analyze targets with debuggers and implement persistence in complex programs.
Technical requirements
Linux & Windows fundamentals Student should bring
Attendees are required to have a system with root/admin privilege with minimum 8GB RAM and 100 GB disk space with VirtualBox or VMware installed.
#vulnerability research, #fuzzing, #0days
Time: 180 minutes
Language: EN
Maximum number of people participating in the workshop: 20
WORKSHOP 2
Natural Language Processing with Deep Learning for security professionals
Pauline BourmeauToday, CTI analysts and blue team operators are required to make sense of a huge amount of OSINT-collected data. This workshop equips security professionals with the skills required to work with transformers and large languages models. We cover state-of-the-art techniques that will be integral to various development projects, while also fostering an understanding of the principles underlying effective prompting techniques. Additionally, they will become able to keep track of the last LLM research developments without feeling overwhelmed in this field.
Program:
• Introduction to Deep Learning as field of research.
• Transformers in practice.
• Build a classifier.
• Interpret the results using evaluation metrics.
• Apply Natural Language Processing to cybersecurity problems.
Requirements
Basic knowledge of Python is required. Prompt practice is a plus. We will use an online platform with GPU support such as Google Colab or Kaggle kernels (subject to change due to the fast-paced nature of the platform market).
#machine learning, #threat intelligence, #defence
Time: 180 minutes
Language: EN
Maximum number of people participating in the workshop: 20
WORKSHOP 3
Defensive Coding - JavaScript prototype poisoning defenses
Zbyszek TenerowiczMalicious code is out to get you. Can you keep your app working as expected and hold on to your secrets? Come to this workshop and try! The entire workshop will be delivered as bite-sized hands-on exercises where increasingly advanced threats are presented and you get to defend. We'll explore techniques allowing coexistence with packages that intend to steal your secrets and mess with built-in functionality of JavaScript via prototype-poisoning.
Another part of the workshop will focus on using tools to isolate code and scale the defensive coding practice up for larger codebases. Whether you're working on JavaScript in Node.js core or a web app, you can use what you learn to reach unprecedented levels of resistance to prototype poisoning.
Requirements
Laptop with Node.js installed, good knowledge of JavaScript
#web, #javascript, #defence, #prototype pollution
Time: 180 minutes
Language: EN
Maximum number of people participating in the workshop: 24
DAY 2 [28.05.2024]
WORKSHOP 1
Modelowanie zagrożeń dla bystrzaków
Sebastian Obara Mateusza Olejarka
W obliczu ciągłych zmian w dynamicznym środowisku biznesowym, zdolność organizacji do adaptacji i odporności na nowe wyzwania jest kluczowa. "Modelowanie zagrożeń dla Bystrzaków" to warsztat, który wprowadza uczestników w świat lekkich metod modelowania zagrożeń, kluczowych dla szybkiego identyfikowania i zarządzania potencjalnym ryzykiem. Skupiając się na metodach łatwych do implementacji, które przynoszą natychmiastowe korzyści, uczestnicy nauczą się, jak efektywnie chronić swoje projekty i zachować ciągłość operacyjną w zmiennym środowisku.
Nasz warsztat oferuje podejście dostosowane do potrzeb organizacji wykorzystujących "agile development" lub tych, które nie mogą poświęcić dużo czasu na szczegółową analizę bezpieczeństwa. Uczestnicy poznają metodę szybkiego określania kluczowych zagrożeń i strategii obrony, a także nauczą się testować te strategie w praktyce. To sprawia, że prezentowane podejście jest nieocenionym narzędziem w rękach każdego, kto chce skutecznie zarządzać ryzykiem, wspierając jednocześnie strategiczne cele swojej organizacji.
Zapraszamy na warsztat, który zmieni Twoje podejście do modelowania zagrożeń, czyniąc proces bardziej przystępnym i efektywnym.
*Bez obaw, warsztat będzie zawierał przykłady zarówno techniczne, jak i nietechniczne.
*b62,18luHTjlJLQCQAikgBWu1yBrxr8ZTNTCuqQPNUbpaewUIXBZ6fqUR2zP8P6XNfxALAlG9w74m8zYC0ePNmxJY8E2pehZKAcz8sqi5Gb4yKybvP09HnRFEKQK2vgI91Eif4jJIbeAxolCwjrQAuFtKyYKAHQ4HBC9DGytntMWXdHr7ro92rV5zGBVNBu6Ee1w8NaXaGEtCiP7rq6pIxon3lpQV7OJBXiaDnchuVJthYxcyL7QxohIBB1H99faxGMViKKGyQoZFQAEL4dXVOQrww2nq7FFXEpbHZoUirR7zW9dMYmC2RX1l88dzI1OUvmxEPid9nyJJuPC2x7XzuTLV98BkPUfOVLreb6LlMME2ZtVSmBSxmBAFyUBZnQviBRAZlWI7Ga5yTFYIH03O5cBUa9dukxeQiiEDQh2r7CNWGZ6wvc4uhmXyfHTn4yZB0jmobSWwzYOhvc3kuGIQvl4ThP8Q3lAXcTrjFYwNhf4ZjVmXJOM6UVxADYPJv63JR0kCEfN41ap28
Technical requirements
Warsztat będzie obejmować przykład nietechniczny.
#Threat modeling
Time: 120 minutes
Language: PL
Maximum number of people participating in the workshop: 20
WORKSHOP 2
Exploring 'Bytes of Insight' in Incident Response and Malware Hunting
Jinto AntonyLearn the Pattern Matching techniques using YARA and how to apply them in real-life incident response cases. We'll delve into File Analysis for effective Malware Hunting, teaching you how to find important artifacts for threat detection and attribution at scale.
Technical requirements
only a laptop is required for the attendees
#Malware, #Forensics, #Incident response, #Hunting
Time: 180 minutes
Language: EN
Maximum number of people participating in the workshop: 40
