Alibaba Security Meetup-Hacker Community Event

Are you going?

72 people going

Share:

AXA Tower

8 Shenton Way · Singapore

How to find us

Mezzanine Level in AXA Tower, Level 1, Visitor Centre

Location image of event venue

Details

Important:-
In order to get through the venue's building security, please fill up the following pre-registration form:
https://forms.gle/Ek5R8snsQs3UiwGB7
Once you arrive, an Alibaba/Lazada employee will check you in near the reception.

This month we will hold a Hacker Community Event.
Organizer:Alibaba Security, LAZADA
Partner:Hackerone, Alipay security
----------------------------------------------------

Agenda:-
17:30-18:00 Sign in
18:00-18:20 Break ice and Gather stamps Game & Networking
18:20-19:00 hacking game
19:00-19:30 Dinner, Networking
19:30-19:50 Bug Bounty Announce
19:50-20:20 Getting Started with Bug Bounty - ( Tips and Tricks )
20:20-20:50 Closing the vulnerable gaps in open-source
----------------------------------------------------

Speaker Sessions:
19:50-20:20
Getting Started with Bug Bounty - ( Tips and Tricks )
The focus of this presentation would be tips and tricks learn over time on bug bounty programs to get started with bug bounty program and hopefully get their first bug.

About Speaker:
Lennon works full time as a security consultant providing penetration testing services to clients primarily in Singapore.
During his spare time Lennon does bug bounty these includes VDP programs and bug bounty program.

20:20-20:50
Closing the vulnerable gaps in open-source
The software development world is adopting and consuming open-source at a pace never seen before.
Acquisition of Github and Redhat by traditionally open-source averse companies like Microsoft and IBM is a testament to this transition. However, cyber-incidents like Heartbleed and Equifax serve as cautious tales - reminding us that open-source isn't without its flaws.
In this presentation, we look at potential threats and risks associated with the use of open-source - and how they can be easily mitigated with the help of the right tools and development practices.

About Speaker:
Rohan Sood is a founding team member of the cyber-security start-up Scantist, where he leads business development and product operations. Having completed his Master's at NTU, Rohan saw a massive translational gap between cyber-security research in academia and the corresponding commercial products and offerings.
At Scantist, he aspires towards bridging that gap by leveraging his 10+ years of development experience and a knack for entrepreneurship.
----------------------------------------------------

Rules for the Gather Stamps Game:-
After sign in everyone will get a stamper and a game card after Sign in.
Networking with other people to gather stamps.
Use stamps to exchange different swags.
----------------------------------------------------

Rules for the CTF:-
1. Your objective is to get the flag by exploiting the pre-designed vulnerable application
2. The flag file path:/root/flag
3. Denial of service is strictly forbidden
4. You may use the vulnerability scanners but they wouldn't
help you much!!

-> If you want to participate, all you need is a laptop with root access and basic tools like burp proxy or an OS like Kali linux etc.
-> Internet connection will be provided at the venue. Charging points are limited.
-> Winners will be announced after the last speaker session is finished.
----------------------------------------------------

Live pictures
May (pictures will be up on May 29 17:30)
https://live.aiyaopai.com/live/5803685
April (See the live pictures on April)
https://live.aiyaopai.com/live/5682851
----------------------------------------------------

Welcome to join our bug bounty!
For more details about LAZADA bug bounty & ASRC Vulnerability Rewards Program, please visit:
https://security.alibaba.com/online
We will announce new bug bounty in meetup.

If you have any questions, just send twitter to us .
We will reach out to you as soon as possible.
Twitter:https://twitter.com/AsrcSecurity

Regards,
Alibaba & Lazada Security Teams
All together, Be Better