{"id":10072,"date":"2022-11-17T04:58:50","date_gmt":"2022-11-17T04:58:50","guid":{"rendered":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/"},"modified":"2023-04-18T06:25:09","modified_gmt":"2023-04-18T06:25:09","slug":"offensive-mobile-reversing-and-exploitation-hitb2023ams","status":"publish","type":"product","link":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/","title":{"rendered":"Offensive Mobile Reversing and Exploitation"},"content":{"rendered":"
\n

REGISTRATION CLOSED<\/span><\/strong><\/h2>\n

DATE: 17-20 April 2023<\/strong><\/h4>\n<\/div>\n

TIME: 09:00 to 17:00 CEST\/GMT+2<\/strong><\/h4>\n\n\n\n\n\n\n\n
Date<\/strong><\/td>\nDay<\/strong><\/td>\nTime<\/strong><\/td>\nDuration<\/strong><\/td>\n<\/tr>\n
17 Apr<\/td>\nMonday<\/td>\n09:00 to 17:00 CEST\/GMT+2<\/td>\n8 Hours \u2013 Presentations & Hands-on exercises<\/td>\n<\/tr>\n
18 Apr<\/td>\nTuesday<\/td>\n09:00 to 17:00 CEST\/GMT+2<\/td>\n8 Hours \u2013 Presentations & Hands-on exercises<\/td>\n<\/tr>\n
19 Apr<\/td>\nWednesday<\/td>\n09:00 to 17:00 CEST\/GMT+2<\/td>\n8 Hours \u2013 Presentations & Hands-on exercises<\/td>\n<\/tr>\n
20 Apr<\/td>\nThursday<\/td>\n09:00 to 17:00 CEST\/GMT+2<\/td>\n8 Hours \u2013 Presentations & Hands-on exercises<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

 <\/p>\n

\n
After running sold-out trainings at multiple conferences over the last few years, we are back with an updated version of our course which now covers ARM64, mobile browser security, and detailed Mobile apps and operating system security. The class starts with a basic introduction to the ARM instruction set and calling conventions followed by some reverse engineering exercises. We then learn how to craft simple exploits for the ARM64 environment.<\/h5>\n

Next, we move to Mobile browser security, understand some of the browser mitigations followed by writing some simple exploits for the mobile browser. We then cover iOS and Android internals in further detail. We then discuss some of the exploitation techniques using real-world vulnerabilities (e.g., voucher_swap, checkm8, etc) followed by a walkthrough of how jailbreaks are written. We also discuss some of the common vulnerability types (Heap Overflows, Use-after-free, Uninitialized Stack variable, Race conditions).<\/p>\n

The training then moves on to application security based on exploiting the Damn Vulnerable iOS app, Android-InsecureBankv2, and InsecurePass application written by the authors of this course in addition to a broad range of other real-world applications. We also cover a variety of mitigations deployed in real-world apps and discuss how to bypass them.<\/p>\n

Slides, videos and detailed documentation on the labs will be provided to the students for practice after the class. Corellium access will be provided to students during the duration of the training course.<\/p>\n

 <\/p>\n

Key Learning Objectives<\/strong><\/h5>\n
    \n
  • Get an understanding of latest ARM64 instruction set<\/li>\n
  • Understand the Browser Security mitigations on Mobile Devices<\/li>\n
  • Understand some common vulnerabilities in Mobile Browsers<\/li>\n
  • Learn the internals of iOS and Android Kernel along with several Kernel security mitigations<\/li>\n
  • Understand some of the latest bugs and mitigations (PAC, CoreTrust, PPL, etc)<\/li>\n
  • Get an intro to some common bug categories UaF, Heap overflow, etc<\/li>\n
  • Understand how jailbreaks and exploits are written (including iOS 15-16)<\/li>\n
  • Reverse engineer iOS and Android binaries (Apps and system binaries)<\/li>\n
  • Do basic fuzz testing on Mobile apps<\/li>\n
  • Learn how to audit iOS and Android apps for security vulnerabilities<\/li>\n
  • Understand and bypass anti-debugging and obfuscation techniques<\/li>\n
  • Get a quick walkthrough on using IDA Pro, Hopper, Frida, etc<\/li>\n<\/ul>\n
    <\/h5>\n
    Students will be provided with:<\/strong><\/h5>\n
      \n
    • Videos for some vulnerabilities shared in the class<\/li>\n
    • Huge list of good reads and articles for learning mobile application security<\/li>\n
    • Source code for vulnerable applications<\/li>\n
    • Source code for Exploit PoCs’ that can be used for Bug Bounties<\/li>\n
    • Custom VM for hands-on pentesting<\/li>\n
    • Students will be provided with access to Corellium for iOS hands-on for the duration of the course<\/li>\n
    • Students using machines that do not support virtualization will be provided access to cloud instances for the duration of the course<\/li>\n
    • Slack access for the class and after for regular mobile security discussions<\/li>\n<\/ul>\n

       <\/p>\n

      Topics Covered<\/strong><\/h5>\n

      Part 1 – ARM and Browser Security<\/strong><\/p>\n

      Module 1:<\/strong><\/p>\n

      – Exploring the ARM64 instruction set
      \n– ARM calling conventions
      \n– ARM memory management
      \n– Reversing ARM binaries
      \n– Reversing the XNU kernel
      \n– Exploiting a simple Heap Overflow
      \n– Building a simple ROP chain
      \n– Exploiting a simple Race Condition vuln
      \n– Exploiting uninitialized stack variable vulnerability
      \n– Breaking ASLR with Info leaks\/Brute force
      \n– Exploit mitigations (ASLR, Heap Poisoning, PAN, etc)<\/p>\n

      Module 2:<\/strong><\/p>\n

      – Setting up WebKit environment
      \n– Debugging WebKit
      \n– WebCore and JavaScriptCore internals
      \n– Browser Mitigations – IsoHeaps, Gigacage, StructureID randomness, Site Isolation, etc
      \n– JSC Side effects
      \n– UaF, TypeConfusion etc
      \n– Exploiting a DOM UaF
      \n– Getting addrof() and fakeobj() primitive
      \n– Getting arbitrary r\/w
      \n– Creating Stage 2
      \n– SOP Bypass, Impact of PAC<\/p>\n

       <\/p>\n

      Part 2 – iOS Exploitation<\/strong><\/p>\n

      Module 1: Getting Started with iOS Security<\/strong><\/p>\n

      – iOS security model
      \n– App Signing, Sandboxing, and Provisioning
      \n– Primer to iOS 15 security
      \n– Exploring the iOS filesystem
      \n– Intro to Objective-C and Swift5
      \n– Setting up the testing environment
      \n– Jailbreaking your device
      \n– Cydia, Mobile Substrate
      \n– Sideloading apps
      \n– Binary protection
      \n– Checking for PIE, ARC
      \n– Decrypting IPA files
      \n– Self-signing IPA files<\/p>\n

      Module 2: iOS exploitation basics<\/strong><\/p>\n

      – The Boot Chain – Bootrom, LLB, iBoot
      \n– Keybags, firmware keys
      \n– Decrypting iBoot
      \n– Reversing the Kernel
      \n– Symbolicating the kernel
      \n– ARM Pointer authentication
      \n– KPP and KTRR
      \n– Intro to Mach IPC, Port spraying
      \n– XNU zones
      \n– Discussion of the voucher_swap and checkm8 exploit
      \n– How are jailbreak exploits written?
      \n– Diffing for Patches
      \n– CoreTrust, PPL
      \n– Sandbox escape
      \n– Chaining exploits
      \n– Applying Kernel Patches
      \n– Achieving persistence<\/p>\n

      Module 3: Static and Dynamic Analysis of iOS Apps<\/strong><\/p>\n

      – Static Analysis of iOS applications
      \n– Finding Secrets in Code
      \n– Lint Testing
      \n– Dumping class information
      \n– Insecure local data storage
      \n– Dumping Keychain
      \n– Exploiting URL schemes
      \n– Dynamic Analysis of iOS applications
      \n– Method Swizzling
      \n– Debugging apps using lldb
      \n– Modifying ARM registers
      \n– Basic App Exploitation techniques using Frida
      \n– Advance App Exploitation techniques using Frida
      \n– Testing React Native and Flutter Apps<\/p>\n

      Module 4: iOS application vulnerabilities<\/strong><\/p>\n

      – Exploiting iOS applications
      \n– Broken Cryptography
      \n– Side channel data leakage
      \n– Sensitive information disclosure
      \n– Exploiting URL schemes
      \n– Client-side injection
      \n– Bypassing jailbreak, piracy checks
      \n– Inspecting Network traffic
      \n– Traffic interception over HTTP, HTTPs
      \n– Manipulating network traffic
      \n– Bypassing SSL pinning<\/p>\n

      Module 5: Reversing iOS Apps<\/strong><\/p>\n

      – Introduction to Hopper
      \n– Disassembling methods
      \n– Modifying assembly instructions
      \n– Patching App Binary<\/p>\n

       <\/p>\n

      Part 3 – Android Exploitation<\/strong><\/p>\n

      Module 1: Intro to Android Security<\/strong><\/p>\n

      – Why Android
      \n– Android Security Architecture
      \n– Extracting APK files from Google Play
      \n– Understanding Android application structure
      \n– Signing Android applications
      \n– ADB \u2013 Non-Root
      \n– Rooting Android devices
      \n– ADB \u2013 Rooted
      \n– Understanding the Android file system
      \n– Permission Model Flaws
      \n– Attack Surfaces for Android applications<\/p>\n

      Module 2: Components<\/strong><\/p>\n

      – Understanding Android Components
      \n– Introducing Android Emulator
      \n– Introducing Android AVD
      \n– Setting up Android Pentest Environment<\/p>\n

      Module 3: Reversing Android apps<\/strong><\/p>\n

      – Process of Android Apps Engineering
      \n– Reverse Engineering for Android Apps
      \n– Smali Learning Labs
      \n– Examining Smali files
      \n– Smali vs Java
      \n– Dex Analysis and Obfuscation
      \n– Reversing Obfuscated Android Applications
      \n– Patching Android Applications
      \n– Android App Hooking<\/p>\n

      Module 4: Static and Dynamic analysis<\/strong><\/p>\n

      – Proxying Android Traffic
      \n– Exploiting Local Storage
      \n– Exploiting Weak Cryptography
      \n– Exploiting Side Channel Data Leakage
      \n– Multiple Manual and Automated Root Detection and Bypass Techniques
      \n– Exploiting Weak Authorization mechanism
      \n– Identifying and Exploiting Android Components
      \n– Analysing Proguard, DexGuard, and other Obfuscation Techniques
      \n– Exploiting Android NDK
      \n– Android Game Hacking
      \n– Multiple Manual and Automated SSL Pinning Bypass techniques
      \n– Writing One-Click Remote Code execution exploits for Android applications
      \n– Exploiting Android Google Play Billing
      \n– Firebase Exploitation
      \n– Exploiting Android Games
      \n– In-memory tampering<\/p>\n

      Module 5: Frida and Automated Exploitation<\/strong><\/p>\n

      – Exploiting Crypto using Frida
      \n– Basic App Exploitation techniques using Frida
      \n– Dumping Class Information using Frida
      \n– Dumping Method Information using Frida
      \n– Viewing and Changing Information using Frida
      \n– Tracing using Frida
      \n– Advance App Exploitation techniques using Frida
      \n– Frida on non-rooted Android<\/p>\n

      Module 6: Android Kernel Exploitation<\/strong><\/p>\n

      – Introduction to Android Kernel Exploitation
      \n– Recreating 1-day Exploits<\/p>\n

       <\/p>\n","protected":false},"excerpt":{"rendered":"

      REGISTRATION CLOSED DATE: 17-20 April 2023 TIME: 09:00 to 17:00 CEST\/GMT+2 Date Day Time Duration 17 Apr Monday 09:00 to 17:00 CEST\/GMT+2 8 Hours \u2013 Presentations & Hands-on exercises 18 Apr Tuesday 09:00 to 17:00 CEST\/GMT+2 8 Hours \u2013 Presentations & Hands-on exercises 19 Apr Wednesday 09:00 to 17:00 CEST\/GMT+2 8 Hours \u2013 Presentations & […]<\/p>\n","protected":false},"featured_media":10071,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false},"product_cat":[57,55,56],"product_tag":[],"class_list":{"0":"post-10072","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-4-day-training","7":"product_cat-hitb2023ams","8":"product_cat-in-person","10":"first","11":"instock","12":"featured","13":"shipping-taxable","14":"purchasable","15":"product-type-simple"},"acf":[],"yoast_head":"\nOffensive Mobile Reversing and Exploitation - HITBSecConf2023 - Amsterdam<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Offensive Mobile Reversing and Exploitation - HITBSecConf2023 - Amsterdam\" \/>\n<meta property=\"og:description\" content=\"REGISTRATION CLOSED DATE: 17-20 April 2023 TIME: 09:00 to 17:00 CEST\/GMT+2 Date Day Time Duration 17 Apr Monday 09:00 to 17:00 CEST\/GMT+2 8 Hours \u2013 Presentations & Hands-on exercises 18 Apr Tuesday 09:00 to 17:00 CEST\/GMT+2 8 Hours \u2013 Presentations & Hands-on exercises 19 Apr Wednesday 09:00 to 17:00 CEST\/GMT+2 8 Hours \u2013 Presentations & […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/\" \/>\n<meta property=\"og:site_name\" content=\"HITBSecConf2023 - Amsterdam\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-18T06:25:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-content\/uploads\/sites\/18\/2022\/11\/Offensive-Mobile-Reversing-and-Exploitation.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"1600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/\",\"name\":\"Offensive Mobile Reversing and Exploitation - HITBSecConf2023 - Amsterdam\",\"isPartOf\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-content\/uploads\/sites\/18\/2022\/11\/Offensive-Mobile-Reversing-and-Exploitation.jpeg\",\"datePublished\":\"2022-11-17T04:58:50+00:00\",\"dateModified\":\"2023-04-18T06:25:09+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#primaryimage\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-content\/uploads\/sites\/18\/2022\/11\/Offensive-Mobile-Reversing-and-Exploitation.jpeg\",\"contentUrl\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-content\/uploads\/sites\/18\/2022\/11\/Offensive-Mobile-Reversing-and-Exploitation.jpeg\",\"width\":1200,\"height\":1600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Products\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/shop\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Offensive Mobile Reversing and Exploitation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/#website\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/\",\"name\":\"HITBSecConf2023 - Amsterdam\",\"description\":\"#HITB2021AMS\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Offensive Mobile Reversing and Exploitation - HITBSecConf2023 - Amsterdam","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/","og_locale":"en_US","og_type":"article","og_title":"Offensive Mobile Reversing and Exploitation - HITBSecConf2023 - Amsterdam","og_description":"REGISTRATION CLOSED DATE: 17-20 April 2023 TIME: 09:00 to 17:00 CEST\/GMT+2 Date Day Time Duration 17 Apr Monday 09:00 to 17:00 CEST\/GMT+2 8 Hours \u2013 Presentations & Hands-on exercises 18 Apr Tuesday 09:00 to 17:00 CEST\/GMT+2 8 Hours \u2013 Presentations & Hands-on exercises 19 Apr Wednesday 09:00 to 17:00 CEST\/GMT+2 8 Hours \u2013 Presentations & […]","og_url":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/","og_site_name":"HITBSecConf2023 - Amsterdam","article_modified_time":"2023-04-18T06:25:09+00:00","og_image":[{"width":1200,"height":1600,"url":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-content\/uploads\/sites\/18\/2022\/11\/Offensive-Mobile-Reversing-and-Exploitation.jpeg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/","url":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/","name":"Offensive Mobile Reversing and Exploitation - HITBSecConf2023 - Amsterdam","isPartOf":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/#website"},"primaryImageOfPage":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#primaryimage"},"image":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#primaryimage"},"thumbnailUrl":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-content\/uploads\/sites\/18\/2022\/11\/Offensive-Mobile-Reversing-and-Exploitation.jpeg","datePublished":"2022-11-17T04:58:50+00:00","dateModified":"2023-04-18T06:25:09+00:00","breadcrumb":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#primaryimage","url":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-content\/uploads\/sites\/18\/2022\/11\/Offensive-Mobile-Reversing-and-Exploitation.jpeg","contentUrl":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-content\/uploads\/sites\/18\/2022\/11\/Offensive-Mobile-Reversing-and-Exploitation.jpeg","width":1200,"height":1600},{"@type":"BreadcrumbList","@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/offensive-mobile-reversing-and-exploitation-hitb2023ams\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/"},{"@type":"ListItem","position":2,"name":"Products","item":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/shop\/"},{"@type":"ListItem","position":3,"name":"Offensive Mobile Reversing and Exploitation"}]},{"@type":"WebSite","@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/#website","url":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/","name":"HITBSecConf2023 - Amsterdam","description":"#HITB2021AMS","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/product\/10072"}],"collection":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/types\/product"}],"replies":[{"embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/comments?post=10072"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/media\/10071"}],"wp:attachment":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/media?parent=10072"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/product_cat?post=10072"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/product_tag?post=10072"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}