Years ago I was listening to a talk at the CCC Congress in Hamburg, where a hackerette explained to us how she managed to exploit a Tamagotchi. I was starstruck, at the time I didn’t even quite understand what single stepping means. Role models gonna role model, and recently this same hackerette agreed to do an offensive security workshop, along with a number of other awesome women. The workshop will be held in Mountain View, CA on September 7th and 8th this year. Just like other BlackHoodie events, the event will be free, it will be women only, and it will be crazy challenging.
What: Workshops on offensive security, application security, firmware reverse engineering
When: September 7th & 8th, 2018; 10am - 5pm
Where: Google campus, Mountainview, CA
Prerequisites: Some form of education or solid experience in computer science, but don’t be shy, we welcome security newcomers just as well
Registration: go to
our registration form.
We will run 3 sessions in parallel, all taught by industry leaders.
Session 2: Intro to Reversing & Reversing Android Native Code
Teacher: Maddie Stone, world’s favorite firmware reverse engineer.
Topic: Day 1 will be an introduction to reverse engineering. No experience in reversing? Come join us and get some experience! Day 2 we’ll apply the basics we learned in Day 1 to how to reverse native code in Android applications. Students will learn how the Java Native Interface works and how to find the fun stuff hidden in the assembly.
Session 3: A hands-on introduction to Web Application Security
Teacher: Niru Ragupathy, red teamer at Google.
Topic: Workshop on application security, where attendees will learn to break web applications by exploiting an intentionally vulnerable banking application. Day 1 will explore prevalent attacks like XSS, CSRF and logic errors. Day 2 will explore more esoteric attacks and allow participants to try and achieve pro status on the fake banking application.
The Bay Area is full of engineers, even female ones, thus we think to keep registration fair, a lottery is the best option for seat selection. All together, we have plenty of seats; so no worries. We would like to invite you to apply to attend, please
register here, you will be able to register until July 31st.
Finally, please note that we cannot cover travel or housing for attendees. We’ll be able to provide one or another snack though. More details will be communicated prior to the event.
Why women only?
The number of female engineers working on complex low level security topics is crushingly low. My past teaching experience shows me, that is not due to lack of interest in challenges, but has to do with aspiring hackerettes sporting impressive anxieties. And I get it, modern day exploitation is an intimidating field, and the fact that this field’s engineers are usually all male, fancy death metal fashion and are offensive by definition, doesn’t help. But, among us, one doesn’t need to be male and death metal to be successful there. The BlackHoodie workshops aim to make complex subjects more tangible and less intimidating for women, in order to get motivated hackerettes started on their security careers. It is not about building walls around a minority, but about creating space, where participants can build confidence, foster shared interests, build connections, and in the end contribute themselves as part of a happier community. It keeps fascinating me how many former BlackHoodies keep sticking around, and do impressive work in several different areas of security.
What is BlackHoodie?
BlackHoodie is a series of free, women only reverse engineering bootcamps, which started in 2015 and since 2018 is supported by a number of spin off events. BlackHoodie Bay Area is a spin off event, organized in cooperation with Google, and is the first BlackHoodie event to be held within the United States. More information on the idea of BlackHoodie and the upcoming main event can be found at www.blackhoodie.re.
PS: Original post here