x86_64 Assembly and Shellcode for Linux
With two decades of industry expertise under his belt, Marco has cultivated a profound passion for computer security, hacking, and penetration testing. Over the course of his career, he has honed his skills in the art of dismantling network infrastructures and dissecting web applications. Additionally, he has acquired hardware expertise and red teaming.
What truly distinguishes Marco is his unwavering fascination with the intricacies of network protocol analysis and the inner workings of low-level computing. Along his professional journey, Marco has authored tools geared toward identifying security vulnerabilities and has successfully uncovered numerous critical issues.
Beyond his technical pursuits, Marco also takes on the role of a speaker and trainer at security events, sharing his knowledge and insights
across a wide spectrum of security topics.
When he’s not immersed in the world of cybersecurity, Marco finds solace in his passion for cycling and exploring the beauty of the great outdoors.
Workshop description |
Introduction into x86 Assembly with Linux
Learning the basics of the x86 16/32/64Bit CPU
Registers
Basic instructions
Writing simple assembler programs
Tooling
Introduction to NASM
Introduction to GDB, with extensions
Intro to GCC
Intro to strace
x86 Assembly for Shellcoding
Learning about Syscalls
Writing programs with Linux Syscalls
Basics Shellcoding
We write our own Shellcode
Making our Shellcode more reliable
Logistics:
Students should have a pen and some paper
Install Virtualbox or VMWare, have 40GB diskspace, 4BG RAM
Securing the Cloud: A Workshop on Building a Fortified SDLC on Kubernetes with Open Source Power
Antonio Juanilla (AkA Specter)
Antonio Juanilla is a SecDevOps engineer and Security Analyst, with nearly 15 years of IT experience. Antonio is also co-organizer of HackMadrid, co-founder of HackBarcelona %27, and chapter lead of DevSecCon.
Workshop description |
This isn’t just a theoretical discussion: we’ll dive into practical exercises and share real-world examples that will equip you with practical skills.
Through these examples, you’ll learn how to identify and mitigate security risks, harden your code against potential vulnerabilities, and adopt security best practices throughout the development cycle. Cybersecurity in development doesn’t have to be tied to high software costs, allowing any person or company to make their software more secure. Don’t miss out on this transformative opportunity to unlock the potential of open-source tools in your SDLC.
RedGPT Vs BlueGPT: Realistic AI-based confrontation.
Carlos has been in the trenches, shaping the frontline of cyber defense around the globe. From training law enforcement groups to mentoring the next generation of cybersecurity leaders, Carlos is one of the cybersecurity experts selected by The European Union Agency for Cybersecurity (ENISA) to write the baseline security guideline for IoT and Critical Infrastructure protection.
Workshop description |
You will recognize the potential impact of AI threats on your organization.
-You will discover how attackers weaponize using AI.
-You will know about the delivery methods using AI.
-You will learn how attackers exploit organizations using AI.
-You will understand how AI is applied to network monitoring and intrusion detection.
-You will discover how AI helps on rapid threat identification and containment.
How to investigate with Maltego: Cyber Threat Intel (CTI) & SOCMINT
Carlos Fragoso is Principal Subject Matter Expert at Maltego Technologies with over 24 years of professional experience in information security: incident response, digital forensics, and threat intelligence/hunting. A curious and passionate investigator closely working with governments, big companies and LEAs to tackle cybercrime around the world (Europe, Middle East, LATAM…). Member of different working groups in ENISA, Europol, Interpol and other agencies. FIRST Liason for Spain. SANS Institute Instructor and Secretary for APWG.EU.
Mathieu Gaucheler spent two years working in a cyber threat intelligence in a Barcelona startup.He then joined Maltego in February 2021, focusing first on cybersecurity then exploring other fields such as disinformation, SOCMINT and geolocation.
Workshop description |
During this workshop we will teach you how to use Maltego and how to perform investigations with it. First we will explore how to carry out cyber threat intelligence investigations starting from a few IOCs (hashes, IP addresses, domains, etc.) using open source information as well as known and recognized data providers. Second, we will demonstrate how Maltego facilitate the collect of information on a given person using social media intelligence (SOCMINT). We will walk you through both type of investigations and explain the pitfalls to avoid. The session will conclude with an investigative challenge to give you the opportunity to apply what you learned. Participants will have a temporary access to the Maltego Pro version to perform the workshop. To better enjoy this workshop , please download Maltego and register to the following websites to have an API key: VirusTotal OTX AlienVault Schedule: 30 min Setup Maltego Basics 90 min 2-3 Guided Investigations 45 min Challenge |
In order to provide Maltego Trials, it would be necessary for attendees to register in advance (provide emails in advance)