Skip to content

Details

#1: Malware Y U No Run

Reverse engineering and analysing the Microsoft Word vulnerability CVE-2017-11826 by demonstrating in-depth analysis and explaining about how the Exploit by-pass Microsoft mitigation techniques like ASLR, DEP; also as on add-on will cover the Shell code analysis. The exploit and vulnerability analysis will be performed using WinDbg, IDA Pro and other malware analysis tools. The attendees can walk away with basic idea on how to approach Microsoft Word vulnerability analysis.

By Arun (@arunsabapathy). Arun Sabapathy is a Senior Cyber Security Incident Responder working at one of the big four banks. He has around 9 years of experience in cyber security under various sectors like security, telecom and banking. Arun is highly skilled and very passionate about reverse engineering, malware analysis and incident response. Arun likes to do technical presentations and has delivered public talk at malware reverse engineering conference. He started his career as Malware Analyst in Comodo, worked for McAfee as Malware Research Scientist and did Incident Response for a telecom company in Dubai. Arun holds a Bachelor of Technology degree in Information Technology; when he is not dealing with Malware – he likes to travel, cook and enjoys watching cricket.

#2: CTF SYD0x20 Walk-through and SYD0x21 CTF (60min)

Solution to the previous CTF will be presented and there will be a CTF game. Whether you are a guru at CTFs or a complete beginner, you will have fun.

  1. Bring your laptop.

B) Internet access may not be provided. You may want to bring your own wifi dongles or tether to your iPwns.

F) Have a hypervisor software, e.g. VMWare player, Virtual box. It is necessary for running some CTF challenges.

  1. Based on the number of participates for the CTF, the group may be divided into teams. PREPARE TO MAKE NEW FRIENDS. We will try to team up beginners with gurus. Those that want to go solo are still welcome to do so.

five: This is a learning exercise for everyone. The idea is to think about problems, make friends and have fun. Don't treat it like a competition.

VI- The winner is the first team who solves the challenge. The winner will win the praise and admiration of fellow attendees. Gentle prods and hints will be offered during the session to move things along if people get stuck. The goal is to learn, not to beat your head against a wall for days on end.

7: Have fun. Learn. Mentor if you are able to. Participate, or just socialise. This is supposed to be a fun, learning event for the security and hacker community.

  1. Know how to run OpenVPN client on your system. This may be required to access CTF server(s).

Doors are open from 6:00 pm and the first presentation starts at 6:15 pm. As usual there will be snacks and drinks.

---

If you would like to give a talk at this or any of the upcoming meetups, please fill up http://j.mp/sectalkscfp

If you wish to volunteer to help organising SecTalks Sydney, contact us.

For sponsorship and supporting the community, visit http://www.sectalks.org/sponsor/

Related topics

Events in Barangaroo, AU

You may also like