Log in

Member Log in


Cyber Huntsville Events

    • Wednesday, October 02, 2019
    • 11:30 AM - 1:00 PM
    • Jackson Center
    • 268
    Register

    Dr. Tommy Morris, UAH

    Join us for our annual Fall Luncheon and take advantage of networking opportunities.  Registration begins at 11:30 AM with a lunch buffet. At noon, we welcome our guest speaker, Dr. Tommy Morris. 

    Quietly putting together a world class Cyber operation, and Dr. Tommy Morris will provide us a comprehensive update on the many things that UAH is doing in Cyber, including details on the development of their new Cyber Security Center.

    Please be sure to reserve your spot at the luncheon!  

    • Monday, October 21, 2019
    • 8:00 AM
    • Tuesday, October 22, 2019
    • 5:00 PM
    • Dynetics, Solutions Complex

    Software (both managed and native code) has been plagued by security errors for a long time. To combat that reality, security researchers, software quality assurance/test engineers, developers, and software managers need to acquire 6 critical skills for continuous bug hunting and repair (or exploitation): SDL, System Investigation, Static Analysis (open source and commercial), Dynamic Analysis (Burp and Fuzzers), Manual Code Auditing (source and with IDA/reversing), and PoC/Repair (ROP exploits, etc).  Each of these domains is covered in detail in this mature course. As a bonus, students will leave with homework content, so they can continue pushing their abilities, well beyond the duration of the course.

     

    Click here to register:

    https://www.eventbrite.com/e/application-security-for-hackers-and-developers-tickets-65685610429

     

     TRAINERS:

     

          Dr. Jared DeMott (@jareddemott) has been training at conferences like Black Hat and DerbyCon for over 12 years.  He’s the founder of VDA Labs, and previously served as a vulnerability analyst with the NSA. He holds a PhD from Michigan State University. He regularly speaks on vulnerabilities at conferences like RSA, ToorCon, GrrCon, HITB, etc. He was a finalist in Microsoft’s BlueHat prize contest, which helped make Microsoft customers more secure. Dr. DeMott has been on three winning Defcon capture-the-flag teams, and has been an invited lecturer at prestigious institutions such as the United States Military Academy. Jared is also a Pluralsight author, and is often quoted online and has made TV appearances.

          John Stigerwalt (@jstigerwalt1) is a cyber security engineer who is experienced in penetration testing, application auditing, social engineering, exploit development, and reverse engineering. He has spent many years protecting financial organizations from evolving threats, and is very passionate about improving organizations security. John is always striving to better himself by enhancing his security knowledge. He believes in contributing to the security community with new security findings and helping others learn as well. John holds the OSCE, OSCP, and SLAE certifications.   

     

    Day 1: Managed, C/C++, and Fuzzing

    8am - 8:30am

    Handout Material

    ·         Pass around Thumb drives for VM Setup 

    8:30am - 10:00am

    Part 1 - Managed Code/Web Vulns

    Lab 1 - iSpyCentral Architecture Review and Reversing

    ·         Can start looking at before class even kicks off if your VM is ready

    Lecture 1: SDL and Product Security Testing

    ·         Lab 2 - iSpyCentral Key Exploit

    ·         Lab 3 - SAST iSpy

    10:00am - 10:15am

    Break 1 - Coffee/snacks

    10:15am - 12pm

    Continue working on first 5 labs

    ·         Lab 4 - DAST iSpy

    ·         Lab 5 - iSpyCentral RCE

    12:00pm - 1:00pm

    Lunch - On your own

    1:00pm - 3pm

    Part 2 - Unmanaged/Native Code Vulnerabilities 

    Lecture 2: Auditing C and C++

    ·         Lab 6 - Basic C Bugs

    ·         Lab 7 - UV Investigation

    ·         Lab 8 - Warm up with C++

    ·         Lab 9 - Basic C++ Bugs

    3pm - 3:15pm

    Break 2 - Coffee/snacks

    3:15pm - 5pm

    Lecture 3: Fuzzing

    ·         Pydbg Demo

    ·         Lab 10 - Peach fuzzer (file fuzzing)

    ·         Lab 11 - In-memory fuzzing

     

    Day 2: Finish Fuzzing, Reversing, and Native Exploits

    8am - 8:30am

    Work on anything from yesterday

    Ask questions about specific things

    8:30am - 10:00am

    Lecture 3: Modern Fuzzing

    • ·         Lab 12 - MSRD and AFL

    Lecture 4: Reversing C and C++

    • ·         Lab 13 - Easy Crackme

    10:30am - 10:15am

    Break 1 - Coffee/snacks

    10:15am - 12:00pm

    Keep Reversing

    ·         Lab 14 - Med Crackme

    ·         Lab 15 – Patcher

    ·         Lab 16 - C++

    12:00pm - 1:00pm

    Lunch - On your own

    1:00pm - 3pm

    Last Reversing Lab

    ·         Lab 17 - Scripting

    Lecture 5: Exploiting Native Programs

    ·         Lab 18 - Function Pointer Overwrite

    3pm - 3:15pm

    Break 2 - Coffee/snacks

    3:15pm - 5pm

    ·         Lab 19 - Windows Server Exploit

    ·         Lab 20 - ROP


    Student Requirements

    No hard prerequisites, but helpful to have a college Degree in a computer related disciple or equivalent work experience. Programming experience will help, but you will still get a lot out of the course even if you lack that, so no fears. All questions are good questions in VDA classes. We have a fun but instructive and intense learning experience. You won't walk away disappointed.

    What Students Should Bring

    Students are required to provide a laptop for the course.  You need admin rights on the laptop. Your laptop should have a USB port, at least 60GB of free HD space, 6GB+ of RAM, and VMware Fusion for the Mac or workstation/player for Windows/Linux.   Vmware should be installed ahead of time, or you’ll spend a bit of class time doing that.

    What Students Will Be Provided With

    You will be given a Windows 10 VM. Copy the VM to your disk drive and pass the portable Media to your neighbor.  You will need a normal USB port (bring an adapter if you have the newer/smaller USB-C) and an OS that can read an ExFat file system thumb drive. (Most Mac and Windows have that, but with Linux, check for the driver.) You may not share course media with non-students. 

     

     

     

    • Monday, November 04, 2019
    • 9:30 AM
    • The Huntsville Country Club, 2601 Oakwood Ave NW, Huntsville, AL 35810

    Homes For Our Troops Huntsville Classic!

    Hosted by ITSC Secure Soutions 

    The Homes For Our Troops (HFOT) Huntsville Classic is a golf tournament taking place November 4, 2019 at the Huntsville Country Club, Huntsville, AL. 100% of the proceeds from this event will be used to help HFOT continue their mission of building and donating specially adapted custom homes for severely injured post-9/11 Veterans, nationwide. 

    We need your support!

    Single player = $130

    Foursome Plus Hole Sponsorship = $500

    Sponsorships start at $150

     

    Register Today:

    https://www.itsc-ss.com/homes-for-our-troops-huntsville-classic/

     

Past events

Monday, September 16, 2019 GNU Radio Conference 2019
Tuesday, June 04, 2019 National Cyber Summit
Tuesday, May 14, 2019 Cyber Trade Compliance Seminar
Wednesday, May 08, 2019 Mayor Battle Press Conference: NCS Kick-off
Thursday, April 25, 2019 Cyber Patriot Award Ceremony
Thursday, April 18, 2019 Cyber Huntsville Spring Luncheon
Wednesday, April 10, 2019 Cyber NOW - CAISSA
Monday, March 25, 2019 HON Casey Wardynski
Thursday, March 07, 2019 HASBAT - Cyber Huntsville Cyber Intelligence Training Session
Friday, February 15, 2019 6th Annual NAC-ISSA BSides
Thursday, February 07, 2019 Cyber Huntsville Evening Reception
Thursday, January 24, 2019 Chasing the Dragon, the Life of an Opiate Addict
Tuesday, January 22, 2019 Innovate Huntsville Luncheon with Kevin Maney
Monday, December 03, 2018 Navy SBIR/STTR Topics Workshop
Thursday, November 15, 2018 FBI Industry Day
Monday, November 05, 2018 Advisory Council
Friday, October 26, 2018 NAC-ISSA ROCKET SECURE
Thursday, October 25, 2018 World of Works
Thursday, October 04, 2018 Cyber Huntsville Fall Breakfast
Tuesday, September 25, 2018 Talk SOF at the Speakeasy
Tuesday, June 05, 2018 National Cyber Summit
Thursday, May 17, 2018 Cyber Patriot Recognition and Awards Ceremony

© Cyber Huntsville

PO Box 11971 , Huntsville, AL 35814

events@cyberhuntsville.org  

Powered by Wild Apricot Membership Software