General
DC612 Day: March 9th 2013
This event is a one day hands-on learning conference that unlike traditional conferences, this event is geared towards hands-on learning. The topics selected are based in input from the community via survey that was completed last fall. Below is the schedule for the day. A buffet style lunch will be provided during the lunch break.
Schedule:
8:30am-9am – Get in, get settled (pastries and coffee available)
9am-12pm – Hands on Penetration Testing 101 by Scott Sutherland & Karl Fosaaen
12pm-1pm – Lunch (provided by Elsie’s)
1pm-3pm – Web Application Security: OWASP Top 10 by Brian Johnson
3pm-3:15pm – Break
3:15pm-5pm – Challenge Walk-through by Spenser Reinhardt
Beverages will be available all day. Soda is included with admission, beer/liquor is not.
Registration: http://dc612day.eventbrite.com/
Session Details:
Title: Hands on Penetration Testing 101 by Scott Sutherland & Karl Fosaaen
Abstract: The goal of this training is to introduce attendees to standard penetration test methodologies, tools, and techniques. Hands on labs will cover the basics of asset discovery, vulnerability enumeration, system penetration, privilege escalation, and bypassing end point protection. During the labs, common vulnerabilities will be leveraged to illustrate attack techniques, using freely available tools such as Nmap and Metasploit. This training will be valuable to anyone interested in gaining a better understanding of penetration testing or to system administrators trying to understand common attack approaches.
Requirements: All attendees interested in participating in the labs will need to bring their own laptop. A copy of BackTrack will be provided to all attendees on a USB flash drive that they can keep. Laptops should have a wired Ethernet port in order to participate in labs.
Title: Web Application Security: OWASP Top 10 by Brian Johnson
Abstract: In this session we will learn how to find, demonstrate how to exploit and discuss how to prevent the OWASP Top 10 Security Issues. We will also discuss how these issues are exploited in the real world. Students will have the opportunity to have hands on experience testing for and exploiting these issues.
Requirements: All attendees interested in participating in the labs will need to bring their own laptop. Laptops should have a wired Ethernet port in order to participate in labs.
Title: Challenge Walk-through by Spenser Reinhardt
Abstract: Capture the flag challenges, are no easy task and can require vast and intimate knowledge of many different aspects of computer systems. This session will guide participants through a variety of challenges, ranging from application exploitation, forensic image recovery, cryptography, and binary reverse engineering. Each task will be challenging and presents something new to learn. By the end, you should have a basic idea of how capture the flag events work, what to expect and an understanding of how to complete a variety of challenge types.
Requirements: All attendees interested in participating in the labs will need to bring their own laptop. Laptops should have a wired Ethernet port in order to participate in labs.
DC612 Day of Learning
We are looking at putting together a “Day of Learning” and would like to gauge the amount of interest. This would be similar to the hands-on challenge walk-through meetings we have had recently during DC612, except an entire day. This is not like a typical conference where the presenter talks about a topic and you sit and listen. The DC612 day of learning will consist of 3 or 4 sessions of actual hands-on activities being led by a presenter.
Please fill out the form located at the following url to help us gauge the amount of interest in an event like this:
https://docs.google.com/spreadsheet/viewform?formkey=dGdtb1ZmLXdtR1lyUHJPallEVndUVGc6MQ
Thanks in advance,
-DC612
New Site and Blog!
DC612 has a new site and blog area, please review and update any of your RSS feeds to point at the new site!
-Videoman