Elizabeth Biddlecome is a consultant and instructor, delivering technical training and mentorship to students and professionals. She is a senior instructor for infosec and leverages her enthusiasm for architecture, security, and code to design and implement comprehensive information security solutions for business needs. Elizabeth enjoys wielding everything from soldering irons to scripting languages in cybersecurity competitions, hackathons, and CTFs.
Go the Wrong Way
Good developers study documentation carefully and thoroughly understand their language. However, some people just want to code fast, break into things, and skip over the details. This Capture the Flag workshop is for them.
Even if you've never programmed before, you can make simple attack tools in Go. You will learn to perform port scans, HTTP requests, brute-force logins, crack password hashes, and perform encryption using XOR and AES.
The workshop is structured in a CTF format. Each participant works at their own pace. The techniques will be demonstrated, with complete step-by-step instructions to lead beginners through the easy challenges. There are also harder challenges for more experienced participants. You will be helped as needed, to ensure that everyone learns something new.
Incident Response and the ATT&CK Matrix
This workshop will help you practice techniques to detect, analyze, and respond to intrusions. You will construct targets and attackers on the Google cloud, and send attacks using Metasploit and Caldera to emulate APT attackers. Participants will monitor and analyze the attacks using Splunk, Suricata, Sysmon, Wireshark, Yara, and online analysis tools including PacketTotal and VirusTotal. The ATT&CK Matrix will be covered in detail, which enumerates threat actors, tactics, and techniques, so red and blue teams can better communicate and work together to secure networks.
The workshop is structured in a Capture the Flag format. Each participant works at their own pace. The techniques will be demonstrated, with complete step-by-step instructions to lead beginners through the easy challenges. There are also harder challenges for more experienced participants. We will help participants as needed, to ensure that everyone learns new techniques.
Participants need a credit card and a few dollars to rent Google Cloud servers. Debian Linux and Windows Server 2016 systems will be used. All the tools used are freely available, and all the training materials will remain available to everyone after the workshop ends.
Introduction to Attack Techniques
Learn how to take over Windows, Linux, and Android systems, and how to defend them. You'll begin with common tools: Nmap, Metasploit, and Armitage, and then go into buffer overflows, packet crafting, command injection, and SQL injection.
Securing Web Apps
Participants will attack web applications with: command injection, SQL injection, cross-site request forgery, cross-site scripting, cookie manipulation, and server-side template injection. This workshop will also exploit Drupal and SAML. Participants will then implement network defenses and monitoring agents, using Burp, Splunk, and Suricata.
The world runs on COBOL! 95 percent of ATM swipes rely on COBOL, but few people know how to use it. Let's fix that! Party like it's 1959!
In this workshop, participants will learn basic COBOL programming and solve challenges including building HTTP requests, processing strings, file I/O, ASCII encoding, modular arithmetic and RSA encryption. You will use free Google cloud servers and a real public IBM mainframe.
The workshop is structured in a Capture the Flag format. Each participant works at their own pace. The techniques will be demonstrated, with complete step-by-step instructions to lead beginners through the easy challenges. There are also harder challenges for more experienced participants. Each participants will be helped as needed to ensure that everyone learns something new.