Call for Events
List of ctfs
- Hack-A-IoT CTF is a mix between real life exploitation involving both N-Days and 0-Days. Just like traditional CTFs there is both web and binary exploitation, but this time it’s against real targets. A corpus consisting of over 25 real life IoT devices will be made available. Devices will consist of home routers and IP cameras. Most devices will already have UART pins soldered on, and firmwares available. Contestants will try to find as many vulnerabilities as possible on as many targets. Vulnerabilities can be 0-days or N-days. Any categories of vulnerabilities that provide a capability is acceptable, but configuration issues will not be scored. For example, we are not interested in the fact credentials are transmit via clear text, but those credentials can be utilized for more advanced features. Vulnerabilities will be submitted in the form of an exploit script written in a sane programming language, raw binaries will not be tested or run.
- Requirements:Bring your laptop in order to play
- Timing: All day
- Threat Simulations is presenting a “Hack Back” Capture the Flag (TS//CTF) for attendees of BSidesSATX. This CTF is mostly centered around a hack back scenario that starts with a piece of malware and ends in exploiting the command and control (C2) server and swimming upstream into red space. This challenge requires skills in malware analysis/reversing, fuzzing, and remote exploit development. The other half of the TS//CTF is a jeopardy board style with challenges ranging in difficulty and covering topics from crypto, cracking, web attacks, networking and linux exploitation.
- Requirements: Bring your laptop with WiFi capabilities
- Timing: 9am-4pm
List of Workshops
Pwning Web Apps – An Intro to Web App Pen Testing
- Presented by Phillip Wylie
- About Phillip: Phillip Wylie is a penetration tester, adjunct instructor and Bugcrowd Ambassador with over 21 years in IT and InfoSec including over 7 years of penetration testing experience. Phillip teaches ethical hacking and web app pen testing at Richland College in Dallas, Texas. Phillip founded and runs The Pwn School Project an educational organization that meets once a month in Dallas and Denton specializing in topics related to penetration testing.
- Description: In this introductory web application penetration testing workshop, participants will learn the basics of web application penetration testing including; methodology, tools, techniques and resources. Not only will the skills taught in this workshop be useful for pen testing, they are also valuable to aspiring bug hunters for use in bug bounties. In this hands-on workshop participants will be provided with a virtualized lab environment.
- Cost: FREE! Register on eventbrite with promo code "WORKSHOP". You MUST have a BSidesSATX Ticket. If you missed out on presales, you will be required to buy one the day of or lose your space in the workshop
- Number of sessions: 2
- Timing: First session 9am-11am, second session 2pm-40pm
- Number of participants per session: 20