General admission to the BSidesDC Crypt Kids Con for 2018. Kids with these tickets MUST be accompanied by a ticket holding parent or guardian. No chaperone, no admittance. T-shirt size is for the Crypt Kids attendee, adults will get a BSides DC con shirt.
The EU GDPR Essentials workshop will consist of both content lecture and various hands-on exercises woven throughout to provide an administrative, legal and technical overview of the European Unions General Data Protection Regulation (GDPR).
In this fast paced crash course, attendees will get hands on training with the latest release of Bro. We'll cover the default log model, handling intelligence, dynamically extract files on the fly and examine common attacks such as SQL injection and webshells. Students will need a laptop with an SSH client to connect to a virtual lab environment.
Learn skills for a variety of situations and a variety of audiences. This training will cover some basic communication skills, how to analyze an audience, and how to develop and deliver persuasive messages.
In this hands-on-keyboard workshop we will explore different types of competitions from capture-the-flag to offense/defense and everything in between. Participants will be provided with a virtualized environment that will be used to explore techniques associated with reconnaissance, scanning and enumeration, and exploitation. Also featured will be forensic challenges, hash-cracking, binary analysis, crypto decoding, etc. Participants will need to bring a laptop capable of running a virtual machine image.
Crypto for Hackers is a four-hour workshop that delivers a broad overview of Crypto topics for Hackers. The workshop discusses the history of crypto and describes older (deprecated) crypto systems. We then discuss the basics of modern crypto primitives and show why these are secure. Throughout, we give examples of crypto failures and explain what went wrong how they can be hacked. From Caeser ciphers, the Enigma machine, One Time Pads, Stream Ciphers, Block Ciphers and Public Key Cryptography -- we cover it all.
Scrum Masters are servant leaders for Agile development environments. In this class, we will review the ideal flow versus the real challenges of being a scrum master, facilitation of the various scrum ceremonies, and problem solving tips for demanding environments.
This hands-on workshop (laptop and prior experience with R or Python needed) will challenge attendees to explore data, evaluate data quality, and analyze the implications of dataset limitations. Through an interactive lab, attendees will dig into a data set related to nuclear weapon development and the security sphere, looking at what the quality of that data and its limitations.
In this beginner friendly workshop, participants will be hands-on with your own Raspberry Pi 3 (provided in the class, and yours to keep). You will learn how to install, use and configure Raspbian Linux at the command line, and then how to install and use the popular ad-blocking DNS Pi-Hole server for your home network. Participants will receive a complete Raspberry Pi 3 B+ kit with case, power supply, MicroSSD storage, and Ethernet patch cable. Requirements: a laptop with a USB (2 or 3) type-A connector for writing the Raspbian image to the MicroSSD card, and a physical ethernet port (which can be provided by a dongle) and an installed SSH client on the laptop.
OpenSOC is a DFIR challenge meant to teach practical incident response skills in an environment that very closely resembles a real enterprise network. This virtual environment is a scaled down version of what you would find in an enterprise network, including: workstations, servers, firewalls, email, web browsing, user activity, etc. Win awesome prizes, learn new skills, and get experience with some of the best OPEN SOURCE tools for SecOps! (Entry fee goes towards the conference costs of putting on this event).
This is a very N00B friendly, instructor led course taught by the World Famous DEF CON Wireless Village Staff. Course will include slides as well as hands-on activities. Modern laptop & specific wifi cards required (see full list in schedule). The knowledge gained from this course will allow the participants to effectively configure and play with the 2.4GHz and 5GHz wireless spectrum(s) both legally and ethically. Participants will learn the following: How to practice wireless attacks; How to install and boot to a live CD with the best wireless distribution, Pentoo; Understanding wireless concepts and basics; Cracking WEP and WPA; Understanding the basics of BlueTooth and BlueTooth Low Energy; Tracking signals and direction finding (fox hunting); Basic antenna theory and reasons to use different antennas; Correct use of existing wireless tools; How to connect to wireless networks; How to use new and leading edge wireless and bluetooth tools; and how to accurately, legally, and ethically acquire a target; the skills learned here will also greatly improve on the participants Wireless Capture The Flag Skills.
New for 2018: 64-bit and Binary Ninja! Binary reverse engineering is a critical skill in the infosec world, from verifying crypto algorithms to finding and analyzing vulnerabilities and writing exploits. This often requires a balance of experience and intuition that only comes from practice. Our workshop will delve into the dark art of disassembly and provide participants with the tools and techniques required to practice it and develop the perceived "sixth sense" that accompanies expert reverse engineers. A one year personal license for Binary Ninja available for free with email mailing list signup.
The goal for this workshop will be to enable students to walk away with an understanding of how WMI, a service installed and enabled by default since Windows 2000, is utilized by attackers, demystify interacting with the service locally and remotely, and give students the ability to leverage WMI in the same manner as attackers. Students will need a laptop with a Windows 7 or Windows 10 environment.
Capture the flag competitions are great ways to learn new skills and practice the skills you have. This class will explain the basics of how CTFs work how to set up a basic pentest environment and will step through some basic CTF problems that were used in the 2018 BSidesDC Kids CTF.
This is a very kid friendly (adult/kid) instructor led course that will include slides as well as hands-on activities. The knowledge gained from this course will allow the participants to effectively configure and play with the 2.4GHz and 5GHz wireless spectrum(s) both legally and ethically.
This workshop will instruct attendees on how to carry out sophisticated wireless attacks against corporate infrastructure.