PHDays video

POSITIVE HACK DAYS



ORGANIZER

Hands-on Labs

MiTM Mobile

Want to visit   +169

Authors: Artur Garipov and Pavel Novikov

Many services are based on mobile technology security — from GSM/GPRS modems employed in ICS to two-factor authorization set up by a regular cell phone user to work with e-mail or bank cards.

The speakers will conduct a workshop on mobile traffic interception (USSD, SMS, GPRS) and subscriber cloning. Everyone is welcome to give it a try. The organizers will provide all necessary equipment except for laptops.

  • Language
  • Russian
Artur Garipov and Pavel Novikov Artur Garipov and Pavel Novikov

A Basic Course in Hacking Web Apps

Want to visit   +101

Author: Mikhail Firstov

The speaker will talk about the real-life cyberattacks on web applications (targeting both the server and client side) and provide the participants with a practical workshop to test their knowledge. This hands-on-lab is designed for both novices and experienced professionals.

  • Language
  • Russian
Mikhail Firstov Mikhail Firstov

Electronic Access Control Security

Want to visit   +64

Author: Matteo Beccaro

The workshop focuses on exploiting techniques of modern EAC systems. It is designed to introduce the most common access control technologies and provide details on their vulnerabilities and available attack methods. Attendees will test learned methods and win hardware gadgets offered by Opposing Force.

  • Language
  • English

Matteo Beccaro is a security researcher enrolled in Computer Engineering at the Polytechnic University of Turin. His research focuses on network protocols, NFC and EACS security. He is also the co-founder and CTO of Opposing Force, the first Italian company specialized in offensive physical security. He spoke at such international conferences as DEF CON 21, 30C3, Black Hat USA Arsenal 2014, DEF CON 22 Skytalks, Black Hat Europe 2014, Tetcon 2015, DEF CON 23, and ZeroNights 2015.

Matteo Beccaro Matteo Beccaro

DDoS Mitigation Workshop

Want to visit   +57

Author: Krassimir Tzvetanov

This DDoS mitigation hands-on lab focusing on such popular attacks as SYN flood, Sloworis, etc. will demonstrate how specific tools are used to execute the attacks. The attendees will have an opportunity to dissect pre-recorded traffic and to mitigate an attack on an nginx server.

  • Language
  • Russian

Krassimir Tzvetanov is Principal Security Engineer at A10 Networks. His primary focus is threat intelligence, software and systems security research, and security software development practices. He also runs the Product Security Incident Response Team (PSIRT). In his previous engagements with Cisco Systems, Yahoo!, and Google, he was focusing on threat intelligence, penetration testing, designing and securing the edge infrastructure of production networks. He was also a department lead for DefCon and an organizer of BayThreat.

Krassimir Tzvetanov Krassimir Tzvetanov

EAST 4 SCADA

Want to visit   +51

Authors: Emil Oleynikov, Dmitry Kazakov, Yuriy Gurkin Assistants: Mikhail Kropachev, Andrey Makhnev, Dmitry Chulkov

The moderators will demonstrate the advantages of a free framework designed in Russia, an alternative to Canvas, Metasploit, Core Impact. Novices and experienced hackers will learn about vulnerabilities in SCADA systems and try to identify and exploit them. Various automated systems will be available for testing (ABB, Siemens, Rockwell, ICP DAS, etc.). Remember to bring along your own devices.

  • Language
  • Russian

Emil Oleynikov, an information security researcher, the lead developer of EAST Framework.
Yuriy Gurkin, the chief technology officer of GLEG, a promoter of EAST Framework.
Dmitry Kazakov, a SCADA/PLC consultant and security analyst.
Mikhail Kropachev, a SCADA/PLC security analyst.
Andrey Makhnev, a programmer and tester of EAST.
Dmitry Chulkov, a programmer and tester of EAST.

Emil Oleynikov, Dmitry Kazakov, Yuriy Gurkin Assistants: Mikhail Kropachev, Andrey Makhnev, Dmitry Chulkov Emil Oleynikov, Dmitry Kazakov, Yuriy Gurkin Assistants: Mikhail Kropachev, Andrey Makhnev, Dmitry Chulkov

The CPU Does Not Matter. A Simple Analysis of Binary Files Using IDAPython

Want to visit   +34

Author: Anton Dorfman

This hands-on lab will focus on approaches to automation of a preliminary analysis of binary files. Participants will learn what information can be obtained with IDA Pro, leaving processor architecture features aside. The moderator will also pay attention to fixing IDA's improper recognitions. Practical tasks and their solutions will be given.

  • Language
  • Russian

Anton Dorfman is a Candidate of Technical Sciences, researcher, reverser, and assembly language fan. He is a leading expert of the application analysis team at Positive Technologies. Anton is interested in automating any reverse engineering tasks. He was the third in the contest Best Reverser at PHDays 2012. Spoke at HITB, PHDays, and Zeronights. The author of over 50 scientific publications on computer security.

Anton Dorfman Anton Dorfman

Crowdsourced Malware Triage

Want to visit   +32

Author: Sergey Frankoff and Sean Wilson

Malware triage is a process of quickly analyzing potentially malicious files or URLs. It is an important function in any mature incident response program. But what if you don’t have an incident response program? What if you are just setting one up? What if you don’t have the tools you need to perform your analysis? With the current offering of free online tools and the right mindset, a web browser and a notepad may be all you need. In this workshop, participants will work through the triage using only free online tools. The moderator will provide an introduction and demo of each tool.

  • Language
  • English

Sergey Frankoff
A malware researcher and the director of threat intelligence at Sentrant. Prior to joining Sentrant, worked as an incident responder and a security analyst. A strong believer in taking an open community approach to combating cybercrimes. Contributes to open source tools and tries to publish as much as possible. A co-founder of Open Analysis, a group of malware researchers and incident responders who produce open tools and services to assist with malware analysis.

Sean Wilson
A researcher at PhishMe with experience in malware analysis, incident response, and reverse engineering. He is an active contributor to open-source security tools. A co-founder of Open Analysis, a collective of malware researchers and incident responders who produce open tools and services to assist with malware analysis. In his free time, Sean loves fly fishing.

Sergey Frankoff and Sean Wilson Sergey Frankoff and Sean Wilson

SDR and Others of That Ilk

Want to visit   +29

Authors: Artur Garipov and Pavel Novikov

The hands-on lab is built around wireless technologies. The participants will find out how to intercept and analyze data transmitted wirelessly using SDR (software-defined radio) and other devices. Please bring your own SDR.

  • Language
  • Russian
Artur Garipov and Pavel Novikov Artur Garipov and Pavel Novikov