Every single application we use has at least a few vulnerabilities. Some of them so complex it’s pretty impossible to discover them with a closed-box approach. Having the source code allows us to find bugs that we would miss otherwise. However, for that to be true, you must know how to analyse it effectively. In this workshop, we’ll go through the process of analysing the source code of a web application. We’ll start with catching the low-hanging fruit with automated analysis using tools like semgrep and CodeQL. However, automated tools aren’t enough. Thus, we’ll then go through the process of manual analysis – the setup, the tools, the approach. You will learn what is a source, a sink and if you should rather go sources-to-sinks or sinks-to-sources and debugging the code. And don’t worry if you don’t know the terms from the previous sentence yet. However, you should have prior experience with testing web applications and at least a minimum experience with coding.
This is the plan of the workshop:
- Automated analysis with semgrep
- Automated analysis with CodeQL
- Tools to use for manual analysis – In the workshop we’ll only use VS Code and we’ll focus on languages it’s best for – Golang, Node.js, Python, Ruby. I’m going to tell the audience that for languages like Java or .net I would use IDEs from Jetbrains but I don’t want everyone to install million tools so during the workshop we’ll only use VS Code. It’s the most flexible and my personal favourite as well.
- Starting manual testing – going through the web application manually. Here, I’m going to introduce a real-world application. I’ll go through installation steps and what I do when I first install the app. I haven’t chosen the one yet but I’ll probably prioritize the ease of installation. Ideally, every participant would have a local instance but it would be naive that it would happen. Thus, I’m also going to deploy my instance with a public IP and make it available for participants.
- Getting the feel for the source code – what do to after first opening thousands lines of code.
- What are sources, sinks and the comparison of sources-to-sinks and sinks-to-sources approaches.
- Finding a few bugs
- *Debugging – this one is starred because, as I’ve written in point 4. – not everyone will have a working setup so this will be more presentational to not make them sit and do nothing or get frustrated.
About the Speaker
Grzegorz Niedziela is an ethical hacker who left his job as a pentester to pursue the bug bounty hunter lifestyle. He is focused on hacking web applications and has made a name for himself on leaderboards such as Google, Facebook, GitLab, GitHub Security Lab, Epic Games, Opera, and more. He specializes in security code review of open-source projects and has numerous CVEs to his name. He runs one of the largest YouTube channels about bug bounty called “Bug Bounty Reports Explained”, a podcast as well as other social media platforms. When he’s not at his computer, he leads an active lifestyle, spending a lot of time doing sports, acro-yoga, climbing, or training Brazilian jiu-jitsu.
Mastering Web Application Source Code Review Workshop
Every single application we use has at least a few vulnerabilities. Some of them so complex it’s pretty impossible to discover them with a closed-box approach. Having the source code allows us to find bugs that we would miss otherwise. However, for that to be true, you must know how to analyse it effectively. In this workshop, we’ll go through the process of analysing the source code of a web application. We’ll start with catching the low-hanging fruit with automated
Exploring OpenSSH: Hands-On Workshop for Beginners
During this workshop, you will learn how to use the various tools from the OpenSSH suite. We will start with a presentation of the problems that are solved by OpenSSH, then we will dive into the details of its most important and useful features. Among the topics covered, we will discuss about remote host authentication, password and public key client authentication, key generation, local and remote ports forwarding, SOCKS proxying, X11 forwarding, jumphosts, connection to legacy systems, and more. Hands-on exercises
Natural Language Processing (NLP): A Hands-On Workshop
About the Speaker Pauline Bourmeau has spent a long-time fixing languages and bikes with very little money and great ingenuity, squatting university benches and corrupting teachers for beer. Working for the past four years as a Threat Analyst, she is also a trained linguist and former teacher who brings a unique perspective to her work by exploring and exploiting threats through criminology, social anthropology, philosophy, and psychology. She actively participates in the open-source community and promotes defensive security practices by training
Evading Modern Day Security Defenses in Corporate Environments
About the Speakers Rahul Vashisht is a security researcher with over 4+ years of experience in the information security ecosystem. He's a full-time Red Teamer working with a sophisticated cyber security provider with clients all across the globe in numerous industries such as telecom, banking, pharmaceuticals etc. With his vast programming experience, his day job includes developing industry-grade toolkits for his red team and he has a knack for finding effective ways to bypass the majority of the corporate AV/EDR solutions
7 Steps to Secure a SaaS Platform – the Worlds Biggest Companies Trust
Liferay is an enterprise Open Source company founded in 2004. In 2022 we announced our SaaS platform which enables the worlds largest organizations (especially from finance, insurance, government, manufacturing) to build their own digital experience. Securing the platform and the company brought a lot of challenges both on the technical and the human side. I'll bring the 7 most interesting from various areas of the journey to share how we had to transform our company. Some of the challenges are
Pwning into Power System Center
About the Speaker Omkar Joshi has 10 years of experience in Security domain especially Pentest, Application Security, Forensics Investigation Passionate Red teamer, Security researcher Reported multiple vulnerabilities in products, applications and acknowledged with CVE's
SIEM Slam: Tricking Modern SIEMs with Fake Logs and Confusing Blue Teams
About the Speaker Ozgun Kultekin is a 23-year-old Offensive Security Engineer at Trendyol Group, focusing on breach & attack simulation and penetration testing. Prior to joining Trendyol, Ozgun gained valuable experience in the realm of wireless security, specializing in Bluetooth, RF protocols, Wi-Fi, and other related technologies. Currently, his primary focus revolves around the advancement of red team operations and penetration testing, with a particular emphasis on web security. Ozgun holds a Bachelor of Science degree in Computer Engineering as well