• Email info@derpcon.io
  • Location Virtual



Appsec DFIR 200

Serge Borso - SpyderSec

In this guided lab you will be introduced to a vulnerable website which has already been compromised. It will be your job to find the flaws, figure out the path of exploitation and fix the issues before the adversary comes back to pillage more PII. Join as an individual or a team and beat the clock, outsmart the adversary and protect the PII! To be successful at this workshop, familiarity to mastery of web vulnerabilities, Metasploit and the LAMP stack will be advantageous.

Bypassing Application Whitelisting

Joe Leon - FortyNorth

Students will learn how to conduct five of the most popular Application Whitelisting Bypasses, including MSBuild, WMIC, InstallUtil, RegSrv32 and Microsoft Teams. The course is lab-focused, so each student will be provisioned a few VMs to actually build payloads and execute them on a patched Win10 machine. In addition to the 5 AWL bypasses, we'll cover the DotNetToJScript and GadgetToJscript tools as well as defensive measures for detecting AWL bypasses. Bypassing application whitelisting is a key skillset for all offensive security engineers and should be studied by both red teams and blue teams.

Getting Your Hands Dirty: CTF Workshop

Barrett Darnell & Wes Thurner

CTFs are a great way to learn new skills, have fun, meet people and compete against others. If you haven't participated in a CTF before, it can be intimidating. If you don't know where to start, this workshop is designed to give you the basic Linux and CTF skills to get started. We walk you through a CTF teaching you how to understand a problem and then the skills needed to solve it. The workshop will follow along in a OverTheWire style CTF, where you ssh in to each level. You will learn some Linux and command line as well as you solve the challenges. If you have a windows laptop, ensure Putty or Windows Linux Subsystem (WSL) is installed. If you have a linux or Mac, a terminal is all you need.

Introduction to Exploit Development

Sam Bowne

Learn how to take control of Windows and Linux servers running vulnerable software, in a hands-on CTF-style workshop. We begin with easy command injections and SQL injections, and proceed through binary exploits including buffer overflows on the stack and the heap, format string vulnerabilities, and race conditions.

After this workshop, you will understand how memory is used by software, and why computers are so easily tricked into executing bytes as code that entered the system as data.

We will exploit 32-bit and 64-bit Intel systems. We will examine modern Windows defenses in detail and learn how to defeat them, including ASLR, DEP, stack cookies, and SEHOP.

Previous experience with C and assembly language is helpful but not required. Participants will need a laptop that can run VMware or VirtualBox virtual machines, and a credit card to register for free Google Cloud machines.

Breaching the Cloud Perimeter

Beau Bullock

Do you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform. In this 4-hour workshop hacking concepts will be introduced for each of those services. Learn how to perform reconnaissance against cloud assets and identify common vulnerabilities that lead to compromise of an organization. Tools and techniques used on real-world penetration tests against cloud assets will be shared including hands-on demonstrations. You will leave this workshop with new skills for assessing cloud-based infrastructure!