Four Workshops

Learn in a fun CTF-style format, and progress at your own pace. Each technique will be demonstrated, and help will be provided as needed. Some challenges are accessible to beginners, and others will challenge experts. Everyone should learn something new!

Required Equipment

Each participant must bring a laptop capable of running virtual machines on VirtualBox and VMware. USB sticks will be available with the required virtual machines.

All materials, including the live scoreboard, are freely available online at and will remain available after the convention ends.

1. Hacking Android Apps

Audit Android apps for common security flaws including in network transmission, local storage, and code modification. Exploit real Android apps from financial and retail companies.

Participants will need a laptop with Mac OS or Linux installed on the bare metal. Virtual machines on Windows won't work well for these projects.

2. Red v Blue

Blue teams will run vulnerable servers, monitor attacks on them, and defend them, while the red teams attack them. Both teams will have scripts to follow, with challenges and hints. A live scoreboard will run showing the progress of all the teams.

3. Threat Hunting with Splunk

Splunk is the SIEM leader, also called "Google for log data". Use a local installation of Splunk to identify and analyze exploits and failures in real network data. Detect infections and attacks, analyze root causes, and perform threat actor attribution.

4. Binary Exploits and Assembly Code

Analyze Windows software at the binary level, using Visual Studio, Immunity Debugger, and IDA Pro. Modify binaries to cheat at games and insert trojan code. Learn the essentials of assembly code for Windows.
Posted: 1-12-19