BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Sold Out - Whitebox Web Exploit Development\n When : Friday\, Aug 9\, 09:00 - 12:59 PDT\n Where: Springhill Suites/Dunes - [1]Map\n\n Description:\n\n Gain experience popping root shells on rea l world web applications and\n taking your hacking skills to the next le vel. Students will learn\n accessible and powerful vulnerability discove ry techniques to\n identify\, exploit and chain vulnerabilities for root shells. Getting\n hands-on experience using free and widely available L inux utilities to\n debug and dynamically monitor applications\, to more effectively\n discover and exploit vulnerabilities. Using a whitebox ap proach\n students will rapidly discover and exploit non-trivial bugs. A\ n progressive hint system will be used during the labs to incrementally\ n reveal step-by-step progressions of each exploit exercise in case\n students are stuck or fall behind. Course Objectives: --Students will\n gain hands-on experience analyzing and developing exploits for real\n wo rld application vulnerabilities. --Students will learn how to\n discover vulnerabilities and subsequently weaponize them in an exploit\n chain t o spawn remote shells on application servers. --Students will\n gain exp erience using open source linux tools like strace and tcpdump\n to analy ze application behavior and isolate vulnerabilities.\n --Students will g ain experience weaponizing web application\n vulnerabilities and writing exploits Upon Completion of this training\,\n attendees will know: --Ho w to identify situations where openbox\n application vulnerability asses sments are appropriate and how to\n leverage this powerful context. --Ho w to utilize openbox penetration\n testing methodologies to achieve more thorough and effective\n assessments. --How to leverage vulnerability c haining to assemble\n multiple medium criticality findings into a single remote root\n exploit.\n\n Speakers:Cale Smith\,Priyanka Joshi\n\n SpeakerBio: Cale Smith\, Amazon\n\n Cale Smith is a nerd who loves both building but also breaking\, so he\n can get better at building. He is passionate about understanding how\n anything and everything works\, imp roving security along the way is\n just a bonus. Also\, he is passionate about sharing his passion and\n created this course to pass along some of the more accessible\n techniques he has picked. His professional care er originated\n exclusively as a builder\, but has been focusing on the security and\n breaking side for the last 15 years. During that time he has dabbled\n in the web weenie life\, cloud\, binary\, IoT and mobile m ost recently.\n Currently he manages a device oriented AppSec team at Am azon. While\n AFK he is probably riding a bike or climbing rocks.\n\n SpeakerBio: Priyanka Joshi\, Security Engineer\, Ring AppSec at Amazon\n\ n Priyanka Joshi started her career through the academic path of\n com puter engineering followed by a masters degree in information\n security . Her learning journey truly began doing security engineering\n in the i ndustry. She discovered her passion in the identity space\n during her f irst software security engineer job at an ancient mid\n sized company. T here she focused on research\, development\, maintenance\n and security testing of OAuth2.0/OpenID implementations for over two\n years. In her current appsec engineer role at Amazon\, she enjoys\n working on secure design assessments\, bug bounty triage and fix\n validation\, consults a nd security testing of web services. Outside of\n work\, she enjoys hiki ng\, sketching\, music\, watching anime and reading\n manga.\n\n '\n\n 1. #Springhill_Full\n\n\n DTEND:20240809T195900Z DTSTART:20240809T160000Z LOCATION:WS - Springhill Suites/Dunes SUMMARY:Sold Out - Whitebox Web Exploit Development END:VEVENT END:VCALENDAR