Workshop Topic Details:
Hands-On Exploit Development
Want to write memory corruption vulnerabilities but don’t know where to start? Do you secretly aspire to Pwn2Own glory and a life as a freelance bug hunter? So many tutorials assume a certain amount of previous knowledge, or the example programs are so hard to find and setup so you can follow along.
This workshop tackles the basics of how memory corruption vulnerabilities work as well as helping you get familiar with the tools of the trade such as Immunity Debugger, WinDBG, and Mona.py. Using real vulnerable programs in a contained lab environment, this hands-on class will get you up to speed on the basics in preparation for further study in this exciting realm.
We're excited to have Georgia Weidman as our guest instructor. Shevirah founder and CEO Georgia Weidman is a serial entrepreneur, penetration tester, security researcher, speaker, trainer, and author. She holds a MS in computer science as well as holding CISSP, CEH, and OSCP certifications. Her work in the field of smartphone exploitation has been featured internationally in print and on television. She has provided training at conferences such as Blackhat USA, Brucon, and Security Zone. Georgia founded Bulb Security LLC, a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security culminating in the release of the open source project the Smartphone Pentest Framework (SPF).
She founded Shevirah Inc. to create product solutions for assessing and managing the risk of mobile devices in the enterprise and testing the effectiveness of enterprise mobility management solutions and is a graduate of the Mach37 cybersecurity accelerator. She is the author of Penetration Testing: A Hands-On Introduction to Hacking from No Starch Press. She was the recipient of the 2015 Women’s Society of CyberJutsu Pentest Ninja award.
For Every Workshop:
This is a hands-on workshop where you will put into practice those things you may have read about or covered in a class. This is also a great opportunity to meet other like-minded women and to keep your skills fresh if you're a veteran! You will also earn continuing education credits towards your certification renewal.
Every workshop progresses from beginner through advanced topic material. Beginners are encouraged to watch and learn as much as possible even though you might not have a clue. Exposure to new tools and techniques by watching will advance your learning process a lot more quickly than trying to learn on your own. You will get to ask questions and see how it's done in the real world. Advanced attendees are encouraged to share their knowledge and experience and help answer "noob" questions as much as possible.
1200 - 100: Set-up, introductions, and lunch (included)
100 - 600: Training
(Please note that this will be active workshop time - if you have not completed set-up it will be challenging to follow along.)
Basic IT knowledge.
A good attitude and willingness to learn.
Remote and Male Associate Member Participation:
Register online. Once registered, you'll receive the meeting participation info by email the day before the workshop. Expect to join 15-30 minutes prior to test your technical configurations.
- Laptop with tools installed. Details will be posted soon.
Full/Student/Military Member: $35
Associate Member and Remote Attendee: $15
CTA Member: FREE with code
Free (non-paying) Member: $50
Thank you to our venue sponsor: Launch Workplaces