Category: Workshop

[null] [Delhi] Learn to CTF – Part I (Reverse Engineering Challenge) / 31st May, 2014 (Sat) / TLabs, Noida

Announcing the first part of the “Learn to CTF” program at null Delhi on Reverse Engineering. Participants will be presented with a basic to intermediate level of challenge on reverse engineering which they will have to solve within the specified time frame (3-4 Hours) at venue itself. The participants can team up with several other participants or can solve it individually. They can also seek assistance from the event mods present at the venue in order to move up the ladder.

The idea behind this session is to prepare participants for advanced capture the flag (CTF) challenges and is specially designed for those who have never taken part in any CTF contest or find it difficult to play CTFs.

Note – The next part of this program will address the detailed walk through of the challenge and the strategies and techniques that can be used to solve these types of challenges

“Learn to CTF” – Part I challenge is designed by one of our volunteers Adwiteeya Agrawal.

Registration & Fees – As always this event is FREE for anyone to attend and is conducted as a part of knowledge sharing initiatives. Just come with an open mind with willingness to learn. Please register on the below link to book your place

https://docs.google.com/spreadsheet/viewform?formkey=dDV4NllSV01RQmlQVXRoc3Ixd3NPQWc6MA

Note – The entry is strictly restricted to registered participants only so please register for at the earliest and reserve your place.

Date & Time: 31st May (Saturday), 2014 – 01:00 PM IST – 04:00 PM IST

Venue: Times Internet Limited (Inside Times of India Office)
Tlabs, First floor, FC-6,
Sector 16A, Film City, Noida
(Next to huge Shiv Murti)
Close to Noida Sector 18 Metro Station

Rewards: The rewards for completing the challenge successfully will be announced at the venue itself

Mandatory Tools & Plugins
1.) A debugger loaded with your favorite plugins. (example – Olly)
2.) An IDE for writing code (optional) (example – CodeBlocks)
3.) Intel x86 Instruction reference (Olly Plugin – http://www.thelegendofrandom.com/files/Olly_Plugins/MnemonicHelp_v1.1.rar)
4.) Decompilers (example – dotpeek, jd-gui, uncompyle, p32dasm)
5.) Hex Editor (example – hex workshop)
6.) Disassembler (IDA, Olly)
7.) File Analyzer

Useful Links:
http://thelegendofrandom.com/blog/sample-page
https://tuts4you.com/download.php?list.17
http://thelegendofrandom.com/blog/archives/2100

Know more about the idea behind “Learn to CTF” – http://null.co.in/2014/05/04/the-idea-behind-learn-to-ctf-null-delhi/

In case of any queries reach out to us

Vaibhav – reverser_at_null_dot_co_in
Sandeep – san_at_null_dot_co_in
Vishal – vast_at_null_dot_co_in

[null Bangalore Workshop] | OWASP Top 10 Vulnerabilities | 29th March 2014

Hi All,

Announcing null workshop on “OWASP Top 10 Vulnerabilities”. Like all null Bangalore workshops, this is free but registration is compulsory. A group of participants will be selected based on the registrations since this workshop is invite only and with prior registration and approval of the workshop champion. Here are the details:

Workshop Title: OWASP Top 10 Vulnerabilities
Workshop Champion: Shruthi Kamath
When: 29th March 2014, 10 AM – 6 PM
Registration form: http://goo.gl/up8ht1
Registrations Close: 26th March 2014 02:00 PM
Workshop Description: This workshop is mainly for beginners in web application security and will cover the basics of discovering the OWASP Top 10 vulnerabilities. This will help you identify OWASP top 10 vulnerabilities in a web application, understand the risks associated with these vulnerabilities, create attack vectors and inputs for testing and the methods that are employed by developers to defend web applications from these threats.

The following is the agenda for the workshop:

* Introduction to the OWASP top 10 vulnerabilities: A brief introduction on identifying the most serious risks which can be present in a web application.
* Hands on exercises to test a web application to detect vulnerabilities with reference to the OWASP Top 10.
* Understanding mitigations: Securing your web applications from these vulnerabilities.

Pre-requisites:

* Laptop with WiFi/Ethernet, with minimum 2 GB RAM and minimum 4 GB free disk space.
* Install Damn Vulnerable Web Application(DVWA) over XAMPP. If you are not going to use XAMPP, just make sure DVWA is running without any issues before coming in for the session.
* Download links for DVWA and XAMPP:
*
* DVWA (http://sourceforge.net/projects/dvwa/)
* XAMPP (http://sourceforge.net/projects/xampp/)

Short Bio:
Shruthi Kamath works at Infosys Limited. She is a security enthusiast and is interested in learning new things. She has participated in jailbreak@nullcon 2014 and presented “Secure SDLC” paper at c0c0n.