OWASP Czech Chapter Meeting
Hosted by Information security Brno
Details
==================================================
Event isn't cancelled, but so we can prevent redundancy in attendee list, please save your spot via official OWASP Eventbrite event:
https://www.eventbrite.com/e/owasp-czech-chapter-meeting-registration-55759551319
==================================================
Dear InfoSec enthusiasts!
This time we prepared for you a shorter evening event but still full of interesting speakers. The admission is as usual free of charge, but due to OWASP rules, please save your spot via Eventbrite:
https://www.eventbrite.com/e/owasp-czech-chapter-meeting-registration-55759551319
Schedule
18:30 - 19:10 Filip Holec - Hacking 101
19:10 - 19:40 Kristian Kozak - The black market of code signing certificates
19:40 - 20:00 break
20:00 - 20:40 Edis Konstantini - How to get started with bug bounty?
20:40 - xx:xx networking
—————
Information about the speakers and talks
Filip Holec
Filip Holec is a tech-lead at the education startup ENGETO, where he also leads an Ethical Hacking course. In his free time, he's actively participating in CTF challenges and has just recently started with bug bounties.
Hacking 101
Dreaming of becoming an ethical hacker/pentester, but have no idea where to start? In this talk, we will cover simple, but common attack vectors which you can try on your own on examples of vulnerable applications. After this talk, you should have an idea on what you need to learn to get started along with resources which will help you accomplish it.
–––
Kristian Kozak
Kristian Kozak is a Security Researcher at Wandera. He is captivated by security and data science and enjoys solving security problems using data analysis and machine learning. Kristian has studied Information Technology Security at Masaryk University in Brno, spent time studying and doing research also at TU Vienna, JKU Linz and UMD in Washington, D.C. metropolitan area.
The black market of code signing certificates
Recent measurements of the Windows code signing certificate ecosystem have highlighted various forms of abuse that allow malware authors to produce malicious code carrying valid digital signatures. However, the underground trade that allows miscreants to acquire such certificates is not well understood. This talk aims to shed some light on what forces shape the supply and demand in this emerging segment of the underground economy.
–––
Edis Konstantini
Edis Konstantini is a Senior Application Security Engineer working for Bugcrowd, one of the leading bug bounty platforms. During the night, he transforms into a hacker, leveraging his extensive experience obtained from managing bug bounty programs of companies such as Tesla, Mastercard, Atlassian or Kiwi.com.
How to get started with bug bounty?
Would you like to hack companies like Tesla for money? You may start today, thanks to bug bounty platforms. This talk will introduce you to the concept of bug bounty, outline the benefits of it for companies and most importantly, show you some tips on how to become a successful bug bounty hunter.
–––
Additional information
- Venue is Impact Hub, Cyrilská 7, 602 00 Brno, for more details check https://www.hubbrno.cz/. Parking spots should be available nearby.
- All talks will be in English and the recordings will be available online ( with speakers' permission) after the convention.
- Some snacks and drinks will be provided during the break.
- The venue is in the main part of Impact Hub. There will be signs showing you way to the conference hall.
You are a hacker, you will find it;)