Please Note: Separate Registration is required and both run from 1000-1550, by participating in a workshop your schedule will be Keynote, workshop (with a break for lunch) and then the Wrap-Up.
Intro to Hacking
Instructors: Wesley Harden & Sydney Delp
Abstract: Finding a vulnerability is rarely as easy as pushing a button. In some cases some vulnerabilities can only be found by manually testing an application to unravel the secrets hidden beneath its code. Participants of this workshop will be lead through a series of hands-on exercises illustrating how to enumerate and exploit a variety of web-based vulnerabilities. In addition to the basics of pentesting, participants will also learn how some vulnerabilities escape detection by automated tools and the techniques used to uncover them.
Android Application Penetration Testing 101
Instructors: Subash Adhikari & Jamie Feist
Abstract: Have you ever pondered what different types of vulnerabilities exist within mobile applications or how to identify and exploit them? This workshop will teach you the fundamentals, tools and techniques on android mobile application penetration testing. This class covers an overview on OWASP top 10 security issues, identifying, analyzing and exploiting vulnerabilities in real-time on an android application. After the workshop attendees should be able to identify and exploit common Android Application vulnerabilities.
· Introduction to Android Internals
· Setting up the Android Hacking Lab
· OWASP and Mobile Application Testing Methodology
· Identifying and Exploiting Common Flaws in Android Apps
· MITM Vulnerabilities
· Reverse Engineering Android Applications
· A deep dive into some of the recent Android vulnerabilities
Who should take this course:
· This course is designed for all students/professionals looking to gain an understanding of Android Application security assessments.
· Laptop with VMware Player, VMware Workstation, or VirtualBox.
· Administrative access to local workstation.
· Ability to install a few tools with at least 20GB of hard drive space.
· At least 8GB of ram.
What will students be provided with?
· The training material in electronic format(presentation slides and useful resources)
· Custom Virtual Machine for mobile penetration testing.
Subash Adhikari is part of the security testing services team at Target who has 10+ years of experience in the Information Security field.
Jamie Feist is part of the security testing services team at Target. She is an avid learner in all areas of penetration testing and has been with the team for 10 months.
PowerShell All The Things
Instructor: Aaron Heikkela
Abstract: Advanced PowerShell techniques for Blue Teamers and others who wish they were. Aaron will go through various techniques that he’s learned through years of Incident Response experience. This class will benefit anyone who would like to better use Windows’ native scripting language to plus up their abilities as a practitioner, or simply automate away the stuff that isn’t fun.