Title: An introduction to container hacking
Now that containers, Docker and Kubernetes are everywhere, we have to ask the most important question ‘how do we hack them!’ . This talk will take a look at some of the underpinnings of how these systems work, to give you ideas on where to start and then look at some classic container hacking techniques.
Rory has worked in the Information and IT Security arena for the last 21 years in a variety of roles. These days he spends his work time on container and cloud native security as a Cloud Native Security Advocate for Aqua. He is an active member of the container security community having delivered presentations at a variety of IT and Information security conferences. He has also presented at major containerization conferences and is an author of the CIS Benchmarks for Docker and Kubernetes and main author of the Mastering Container Security training course which has been delivered at numerous industry conferences including Blackhat USA. When he’s not working, Rory can generally be found out walking and enjoying the scenery of the Scottish highlands.
Title: An Introduction to Burp Suite
Burp Suite is a must-have tool for security professionals, especially those who are specializing in web security. In this talk, Adhy will share Burp’s basic functionalities and use them to exploit a vulnerable web application.
Adhy is a year 3 NUS Information Security undergraduate. Since a young age, he enjoys playing with codes and computers. Recently, he’s been trying to explore penetration testing and web security to broaden his horizon.
Title: Automate Reverse Engineering CTF with Angr
This talk focuses on the use of symbolic execution engine in the binary analysis framework Angr to automate solving CTF reverse engineering challenges. Bailin will cover a basic overview of Angr and solutions to some common roadblocks faced by new Angr users when solving CTF challenges.
The participants should have basic knowledge on C/C++, x86 assembly and Linux.
Li Bailin is a year 2 Computer Science student, a washed-up semi-retired CTF Reverse Engineering player. He is currently (subject to change in the next few weeks) interested in automated program analysis and bug hunting.