BlackHoodie is teaming up with Hack In The Box again \o/ The dates are April 23 and 24 at the NH Krasnapolsky hotel in downtown Amsterdam, during the 11th edition of HITB in the Netherlands.

What is BlackHoodie?

BlackHoodie is a series of free, women-only reverse engineering bootcamps, which started in 2015 and in 2018 slowly became a global initiative, with events happening in different locations in Europe and the United States. More information on the idea of BlackHoodie and upcoming events can be found at blackhoodie.re.

Why women only?

The number of female engineers working on complex low-level security topics is crushingly low.

My past teaching experience shows me, that is not due to lack of interest in challenges, but has to do with aspiring hackerettes sporting impressive anxieties. And I get it, topics like modern day exploitation are intimidating, and the fact that this field’s engineers are usually all male, fancy death metal fashion and are offensive by definition, doesn’t help. But, among us, one doesn’t need to be male and death metal to be successful there.

The BlackHoodie workshops aim to make complex subjects more tangible and less intimidating for women, in order to get motivated hackerettes started on their security careers. It is not about building walls around a minority, but about creating space, where participants can build confidence, foster shared interests, build connections, and in the end, contribute themselves as part of a happier community. It keeps fascinating me how many former BlackHoodies keep sticking around, and do impressive work in several different areas of security.

Description:

Dive into the world of segfaults and memory management with this 2-hour workshop on Linux Binary Exploitation. During this session, we will learn how applications deal with variables, functions, and pointers and how we can abuse certain implementation flaws to "smash the stack" and execute our own malicious code. We will get hands-on exercises to pwn our own Linux binary and let it rain shells all morning.

During this workshop, you will learn:

- How the memory stack works

- How to smash the stack

- Some handy Assembly operations

- How to exploit a buffer overflow

- hands-on: Develop your own exploit on a vulnerable binary

- How to protect your binaries

Prerequisites:

Coding knowledge is required!

Attendees need to bring a Linux laptop, or a laptop with a Linux VM, with gdb installed and working. A Kali VM will do just fine. Make sure it all works before coming to the workshop so you can directly get your hands dirty!