Our workshops have reached capacity, but free training is still available!

Please visit ShellCon University to sign up!


Workshop Title: RFID
Time: Saturday 0800-1200
Intructor: Valentine Leon (@vleonbonne)

Summary: This training will cover the basics of RFID, provide hands on labs using Proxmark3 devices, and provide a fun environment for attendees to learn about different RFID communication protocol attacks. Upon completion of the training, students will:
-Understand the technologies involved in RFID
-Be able to perform clones of prox RFID
-Be able to reverse engineer unknown prox formats
-Be able to clone vulnerable ISO/IEC 14443 RFID
-Be familiar with the use of the proxmark tool/hardware

-Laptop with VMWare and a Kali Linux VM (preferably with proxmark3 tools already installed)
-Basic understanding of linux command line
-General understanding of binary and hexadecimal and their conversions

Registration Closed


Workshop Title: Powershell
Time: Friday 1300-1700 PowerShell
Instructors: Pookie Bear/Bad2Beef (@bad2beef and @0xpookie)

Summary: Microsoft systems are in use by most companies around the world. As technology professionals especially, Windows is almost unavoidable. In recent generations, PowerShell has become deeply tied to the Windows operating system and its management. The aim of this workshop is to make you competent in PowerShell quickly. Our approach is simple: We’ll walk through some programming concepts and language particulars. If you’re the curious type, you’ll dig deeper into each area on your own or help us guide the class conversation. If not, you should still be able to stumble though most of the content with us. By the end of the workshop, you should have a working knowledge of PowerShell, the ability to comprehend others' code, as well as the fundamental skills to build your own tools.

- Laptop with a windows install or VM
- General understanding of Windows OS and programming concepts

Registration Closed

Process Hollowing and Malware Unpacking

Workshop Title: Process Hollowing
Time: Saturday 1300-1700
Instructor: Marcus Hutchins (@MalwareTechBlog)

Summary: An introduction to process hollowing works, how it is used by malware, and why. The main exercise will focus on teaching you how to spot process hollowing, as well as some dynamic analysis techniques to unpack malware using this knowledge.

- Basic knowledge of x86 Assembly and the ability to use a disassembler
- A laptop capable of running a 64-bit Windows 7 Virtual Machine
- Some familiarity with VMWare or Virtual Box (enough to run a VM)

Registration Closed

Static Analysis

Workshop Title: Static Analysis
Time: Friday 0800-1200
Instructors: Clint Gibler (@clintgibler) and Daniel DeFreez (@defreez)

- Quick intro to threat modeling - when given a new application, where should you focus your time?
- Outside in vs inside out testing - tips on what's useful to test dynamically and confirm via source review vs locating an issue through source review and PoC-ing via dynamic testing
- Looking for common issues via source review - present some issues whose origin cannot be expressed with grep (e.g. a controller method not calling an authz method, ordering of methods being called, missing annotations, etc.)
- These issues motivate the usefulness of being able to search code in a way that has some syntactic understanding of the underlying language (i.e. not just string searching)
- Overview of static and dynamic analysis - strengths and limitations
- Static analysis - the big picture, taint analysis-type problems: sources, sinks, and transfer and cleanse functions
- Static analysis fundamentals - lexing, parsing, building Abstract Syntax Trees (ASTs), ...
- Challenges when performing static analysis - supporting many languages, dynamic typing, eval/reflection constructs, container types, precision vs. memory and speed trade-offs
- A brief tour of other types of program analysis - fuzzing, symbolic execution, model checking, etc. - basically, what are all the ways you can build tools to find bugs?
- Hands-on exercise of doing some lightweight static analysis

- Laptop with VirtualBox or VMware capable of running a Linux VM
- Basic understanding of Linux command line
- Basic Programming skills in 1 language
- InfoSec vocabulary (OWASP Top 10)

Registration Closed