TRAINING: Hack Yourself First: How to go on the Cyber-Offence (2 days)

Troy Hunt

Internet Security Specialist

TRAINING: Hack Yourself First: How to go on the Cyber-Offence (2 days)

09:00 AM 7 September, 2017

Hack Yourself First is all about building up defensive skills in developers. It looks at security from the attacker’s perspective and takes them through the steps necessary to exploit vulnerable software on the web so that they can experience hacking first hand.

Workshop participants are set specific goals they must complete that involve probing for risks and then exploiting discrete vulnerabilities in a specially built vulnerable application. The interactive nature of the workshop means that multiple attack vectors are usually identified across the spectrum of participants and each person contributes their own unique perspective as to how specific risks are exploited.

Objectives
The objective of the workshop is that each person walks away with demonstrated experience across a broad spectrum of specific risks. They not only learn about but also demonstrate practical experience across a range of different vulnerabilities targeted to the specific needs of the group.

Topics include

  • SQL injection
  • Cross site scripting
  • Cross site request forgery
  • Clickjacking
  • Session hijacking
  • Account enumeration
  • Transport layer security
  • API security
  • Mobile services integration
  • Brute force attacks
  • Passwords cracking
  • Parameter tampering
  • Attack automation
  • Dynamic analysis

Intended audience
Any software developer who wants to get a better understanding what is going on in cyber space if it comes to hacking and cracking of systems. This workshop enables you to take a pro-active approach and you learn how hackers will try to break your system. This workshop will be an eye opener for most developers and it is the starting point of becoming a better developer. It all starts with awareness and improving your own habits. So start hacking yourself first, to become a better developer!

Required equipment
Attendees will need to bring a computer with the following software installed.

Windows users please install
Fiddler: http://www.telerik.com/download/fiddler

MAC users please install
Charles Proxy: http://www.charlesproxy.com/download/

If possible please also bring your smart phone.