BlackHoodie goes Hack In The Box!

Aaaaaand…. We Hack Again! BlackHoodie is teaming up with Hack In The Box \m/ Expect us, May 9th and 10th 2019 at the majestic Beurs van Berlage building in downtown Amsterdam, during the 10th edition of HITB in the Netherlands.

We’ll be sporting two classes this time, one focussing on malware reverse engineering, brought to you by Bhavna Soman; one focussing on ARM exploitation, hosted by Maria ‘Azeria’ Markstedter. As is our habit, this BlackHoodie bootcamp will be women only (as described below), free to attend, lots of fun and really challenging.

TL;DR:

When May 9th & 10th - 0900 - 1800

Where Beurs van Berlage, Amsterdam, Netherlands

What Malware RE / ARM Exploitation classes

Who Women, trans-women, trans-men, non-binary if female born

Register Sign up here (Registration closes March 1st)


What is BlackHoodie?

BlackHoodie is a series of free, women-only reverse engineering bootcamps, which started in 2015 and in 2018 slowly became a global initiative, with events happening in different locations in Europe and the United States. More information on the idea of BlackHoodie and upcoming events can be found at blackhoodie.re.

Why women only?

The number of female engineers working on complex low-level security topics is crushingly low.

My past teaching experience shows me, that is not due to lack of interest in challenges, but has to do with aspiring hackerettes sporting impressive anxieties. And I get it, topics like modern day exploitation are intimidating, and the fact that this field’s engineers are usually all male, fancy death metal fashion and are offensive by definition, doesn’t help. But, among us, one doesn’t need to be male and death metal to be successful there.

The BlackHoodie workshops aim to make complex subjects more tangible and less intimidating for women, in order to get motivated hackerettes started on their security careers. It is not about building walls around a minority, but about creating space, where participants can build confidence, foster shared interests, build connections, and in the end, contribute themselves as part of a happier community. It keeps fascinating me how many former BlackHoodies keep sticking around, and do impressive work in several different areas of security.

Track 1 (May 9 & 10): Intro to malware RE

Bhavna Soman will be teaching Introduction to Reverse Engineering Malware. Students will go over the basics of x86 and IDAPro, and use that to analyze real world malware samples (VM set up instructions will be provided beforehand). They will learn common techniques that malware authors use to evade detection and analysis. Finally, they’ll be provided with challenge binaries to test their new RE skillz.

Prerequisites:

  • Ideally some form of computer science background
  • Laptop with minimum 8GB RAM and 25GB free disk space for VM

Track 2 (May 9): ARM Exploitation 101

In this action-packed class you will learn how to read and code in the ARM assembly language and exploit ARM binaries using buffer-overflow exploits. Our lab will involve debugging ARM binaries, executing shellcode from the stack, and how to find and use ROP gadgets to allow exploitation even on NX-protected stacks. This lab includes a detailed workbook and a lab VM.

Prerequisites:

  • Laptop with minimum 8GB RAM and around 25GB of free disk space for the Lab VM.

Track 2 (May 10): TBD ;)


Please note, schedule may be subject to change, because we love chaos <3 \ See you in Amsterdam!