BlackHoodie Track

BlackHoodie is teaming up with Hack In The Box again \o/ The dates are April 23 and 24 at the NH Krasnapolsky hotel in downtown Amsterdam, during the 11th edition of HITB in the Netherlands.

We’ll have two classes: one focusing on Windows kernel development, brought to you by Yarden Shafir (@yarden_shafir) and one focusing on Linux binary exploitation, hosted by Valentine Mairet (@vm00z). As is our habit, this BlackHoodie bootcamp will be women-only (as described below), free to attend, lots of fun, and really challenging.

TL;DR:

When April 23 & 24th – 0900 – 1800

Where Hotel NH Krasnapolsky, Amsterdam, Netherlands

What Linux Binary Exploitation & Windows Kernel Development

Who Women, trans-women, trans-men, non-binary if female born

Register

Windows Kernel Development (23rd April)

Linux Binary Exploitation (24th April)


What is BlackHoodie?

BlackHoodie is a series of free, women-only reverse engineering bootcamps, which started in 2015 and in 2018 slowly became a global initiative, with events happening in different locations in Europe and the United States. More information on the idea of BlackHoodie and upcoming events can be found at blackhoodie.re.

Why women only?

The number of female engineers working on complex low-level security topics is crushingly low.

My past teaching experience shows me, that is not due to lack of interest in challenges, but has to do with aspiring hackerettes sporting impressive anxieties. And I get it, topics like modern day exploitation are intimidating, and the fact that this field’s engineers are usually all male, fancy death metal fashion and are offensive by definition, doesn’t help. But, among us, one doesn’t need to be male and death metal to be successful there.

The BlackHoodie workshops aim to make complex subjects more tangible and less intimidating for women, in order to get motivated hackerettes started on their security careers. It is not about building walls around a minority, but about creating space, where participants can build confidence, foster shared interests, build connections, and in the end, contribute themselves as part of a happier community. It keeps fascinating me how many former BlackHoodies keep sticking around, and do impressive work in several different areas of security.

Session 1 (Apr 23 from 10:00 to 18:00): Windows Kernel Development by Yarden Shafir

In this class, we’ll learn the exciting magic of windows kernel development. We will write a kernel module of our own using the WDM – Windows Driver Model – and learn how to efficiently load it and how to use a kernel debugger to debug it and find bugs.

You will finish the class with basic knowledge of driver development and the skills and sources needed to keep pursuing this path by yourself.

Prerequisites:

Required for this class is basic knowledge of C programming, Visual studio and WDK installed on your host and a virtual machine running Windows (If your host is not running Windows, you will need 2 virtual machines, with at least one of them running Windows 10 and having VS and WDK installed).

Session 2 (Apr 24 from 10:00 to 12:00): Linux Binary Exploitation by Valentine Mairet

Dive into the world of segfaults and memory management with this 2-hour workshop on Linux Binary Exploitation. During this session, we will learn how applications deal with variables, functions, and pointers and how we can abuse certain implementation flaws to “smash the stack” and execute our own malicious code. We will get hands-on exercises to pwn our own Linux binary and let it rain shells all morning.

During this workshop, you will learn:

  • How the memory stack works
  • How to smash the stack
  • Some handy Assembly operations
  • How to exploit a buffer overflow
  • hands-on: Develop your own exploit on a vulnerable binary
  • How to protect your binaries

Prerequisites:

Coding knowledge is required!

Attendees need to bring a Linux laptop, or a laptop with a Linux VM, with gdb installed and working. A Kali VM will do just fine. Make sure it all works before coming to the workshop so you can directly get your hands dirty!