These workshops are structured into a Capture the Flag format, unless specified otherwise, to allow participants to work at their own pace. The techniques demonstrated, with complete step-by-step instructions lead beginners through the easy challenges. There are also harder challenges for more experienced participants. Help will be provided as necessary to ensure everyone learns new techniques.
Participants will need a credit card and a few dollars to rent cloud servers on Google Cloud Platform as we will be using Windows and Linux systems. All tools are freely available with the material available after the workshop ends.
This workshop introduces participants to the top 10 web application security risks as defined by OWASP. Participants will be provided guidance into tools and practice environments they can learn from or further sharpen their skills. Participants will attack web applications with Command injection, SQL injection, Cross-Site Request Forgery, Cross-Site Scripting and more. The structure of this workshop is level based, in line with participant's knowledge and comfort level.
This workshop will introduce participants to Network Analysis by understanding Wireshark. Participants will learn to understand packet activity, abnormalities and anomalies to detect attacks, troubleshoot network problems, and perform network forensics. This workshop is structured as a CTF.