Wednesday, July 11, 2018

BlackHoodie Bay Area 2018

Years ago I was listening to a talk at the CCC Congress in Hamburg, where a hackerette explained to us how she managed to exploit a Tamagotchi. I was starstruck, at the time I didn't even quite understand what single stepping means. Role models gonna role model, and recently this same hackerette agreed to do an offensive security workshop, along with a number of other awesome women.  The workshop will be held in Mountain View, CA on September 7th and 8th this year. Just like other BlackHoodie events, the event will be free, it will be women only, and it will be crazy challenging.

TL;DR facts:
What: Workshops on offensive security, application security, firmware reverse engineering
When: September 7th & 8th, 2018; 10am - 5pm
Where: Google campus, Mountainview, CA
Who: Women
Prerequisites: Some form of education or solid experience in computer science, but don’t be shy, we welcome security newcomers just as well
Registration: CLOSED since July 16, since we're overfull already :)


Sessions: We will run 3 sessions in parallel, all taught by industry leaders.

Session 1: Introduction to Security Code Review
Teacher:  Natashenka, top researcher within Google's Project Zero.
Topic: Students will learn how  to review C and C++ source code for vulnerabilities

Session 2: Intro to Reversing & Reversing Android Native Code
Teacher: Maddie Stone, world’s favorite firmware reverse engineer.
Topic: Day 1 will be an introduction to reverse engineering. No experience in reversing? Come join us and get some experience! Day 2 we’ll apply the basics we learned in Day 1 to how to reverse native code in Android applications. Students will learn how the Java Native Interface works and how to find the fun stuff hidden in the assembly.  .

Session 3: A hands-on introduction to Web Application Security
Teacher: Niru Ragupathy, red teamer at Google.
Topic: Workshop on application security, where attendees will learn to break web applications by exploiting an intentionally vulnerable banking application. Day 1 will explore prevalent attacks like XSS, CSRF and logic errors. Day 2 will explore more esoteric attacks and allow participants to try and achieve pro status on the fake banking application.             

The workshops will be supported by Amanda Rousseau, Mara Tam, Bhavna Soman, Azeria, Jenna Kallaher and myself.

The Bay Area is full of engineers, even female ones, thus we think to keep registration fair, a lottery is the best option for seat selection. All together, we have plenty of seats; so no worries. 

Finally, please note that we cannot cover travel or housing for attendees. We’ll be able to provide one or another snack though. More details will be communicated prior to the event.


Why women only?
The number of female engineers working on complex low level security topics is crushingly low. My past teaching experience shows me, that is not due to lack of interest in challenges, but has to do with aspiring hackerettes sporting impressive anxieties. And I get it, modern day exploitation is an intimidating field, and the fact that this field’s engineers are usually all male, fancy death metal fashion and are offensive by definition, doesn’t help. But, among us, one doesn’t need to be male and death metal to be successful there. The BlackHoodie workshops aim to make complex subjects more tangible and less intimidating for women, in order to get motivated hackerettes started on their security careers. It is not about building walls around a minority, but about creating space, where participants can build confidence, foster shared interests, build connections, and in the end contribute themselves as part of a happier community. It keeps fascinating me how many former BlackHoodies keep sticking around, and do impressive work in several different areas of security.

What is BlackHoodie?
BlackHoodie is a series of free, women only reverse engineering bootcamps, which started in 2015 and since 2018 is supported by a number of spin off events. BlackHoodie Bay Area is a spin off event, organized in cooperation with Google, and is the first BlackHoodie event to be held within the United States. More information on the idea of BlackHoodie and the upcoming main event can be found at blackhoodie.re.

16 comments:

  1. Shouldn't this event follow Google's Event Community Guidelines?

    >Google is dedicated to providing a harassment-free and inclusive event experience for everyone regardless of gender identity and expression...

    https://www.google.com/events/policy/anti-harassmentpolicy.html

    ReplyDelete
    Replies
    1. Google is hosting BlackHoodie, and Googlers are volunteering to teach, but it is a BlackHoodie event.

      Delete
  2. Hey,
    What does a "lottery is the best option for seat selection" mean?
    I am very interested in attending, but I want to know 100% I will have a seat, otherwise I'd have to pay the plane tickets and the hotel for nothing.
    Please let me know, thanks!

    ReplyDelete
    Replies
    1. Same, when will we find out if we got a seat? Need to ask for time off

      Delete
    2. We changed the deadline from 31st to 16th, hence notifications will go out next week.

      Delete
    3. Hey, so basically I have to wait until I receive the notification on the email before I book the plane tickets, right? Or will everyone who registered in the allotted time join?

      Delete

  3. Hello, Do you need a loan from The most trusted and reliable company
    in the world? if yes then contact us now for we offer loan to all
    categories of seekers be it companies or for staff usage. We offer
    loan at 3% interest rate, Contact us via Whats app +919205646839
    mohanmendcompany01@gmail.com

    LOAN SEEKERS APPLICATION FORM
    ******************************
    1) Full Name:
    2) Gender:
    3) Loan Amount Needed:
    4) Loan Duration:
    5) Country:
    6) Home Address:
    7) Mobile Number:
    8) Fax Number:
    9) Occupation:
    10) Monthly Income:
    11) Salary Date:
    12) Purpose of loan:
    13) Where did you get our loan advertisement:
    mohanmendcompany01@gmail.com

    ReplyDelete
  4. Have notification has been sent?

    ReplyDelete
  5. We are authorized Financial consulting firm that work directly with
    A rated banks eg Lloyds Bank,Barclays Bank,hsbc bank etc

    We provide BG, SBLC, LC, LOAN and lots more for client all over the world.

    Equally,we are ready to work with Brokers and financial
    consultants/consulting firms in their respective countries.

    We are equally ready to pay commission to those Brokers and financial
    consultants/consulting firms.

    Awaiting a favourable response from you.

    Best regards
    WALSH SMITH, ROBERT
    email : info.iqfinanceplc@gmail.com
    skype: cpt_young1
    Tel contact: +447031968934

    ReplyDelete
  6. πŸŽ†THE HACK GEEKSπŸŽ†

    Have you ever wondered if it's possible to hack things the way hackers do it in the movies.πŸ€”πŸ€”

     

             Yeah its possible!!!😁😁😁

    "AS LONG AS IT'S TECHNOLOGY, IT CAN BE HACKED"


    Hacking can easily be done by planting a computer virus or spyware(depending on what the hacker intend to do) in the targeted device.🀐🀐


        We at THE HACK GEEKS give you the best hacking service there ever is.πŸ‘ŒπŸ‘Œ

    We understand the Issues of scammers all over the internet and that's why we give you a solid prove of our services.


    We have got the top hackers in hackerone.com that are always ready to hack for you anytime ,anywhere, any device, organisation, federal agencies, university, college you just think of it.

     We can help:

    *To Hack, Clone or Track a Phone?πŸ“±πŸ“²

    *To Sniff, Erase or Change a file in a Company, Organisation or in a Federal agency?πŸ“–πŸ“ƒ

    Eg: Changing of grades in a university.

          Changing of identity.

          Deleting of files such as criminal records and evidence.

          Changing of files and evidence in federal facilities.

          Stealing of files and document from companies and organizations.

    *To retrieve lost BitCoinπŸ’°πŸ’°

    *Mining of BitCoinπŸ’°πŸ’°

    *To hack an Email or any Social Media account?πŸ’ž

    *To Transfer funds without been detected?πŸ’΄πŸ’΅πŸ’·

    *To increase your credit score?πŸ”πŸ”

    *To Hack Credit/Debit card?πŸ’³πŸ’³


       All these are what we can do for you.


    We are descrete and won't expose our service to you to anyone.

    Contact:

    thehackgeeks@gmail.com

    We look forward to hacking for you

    ReplyDelete


  7. PLEASE READ!!!! PLEASE READ!!!! PLEASE READ!!!! PLEASE READ!!!!

    Hey Guys!!!Am so happy I got mine from Mike Fisher. My blank ATM card can withdraw $2,000 daily. I got it from Her last week and now I have $14,000 for free. The blank ATM withdraws money from any ATM machines and there is no name on it, it is not traceable and now i have money for business and enough money for me and my family to live on .I am really happy i met Mike Fisher because i met two people before her and they took my money not knowing that they were scams. But am happy now. Mike Fisher sent the card through DHL and i got it in two days. Get your own card from her now she is not like other scammer pretending to have the ATM card,She is giving it out for free to help people even if it is illegal but it helps a lot and no one ever gets caught. i'm grateful to Mike Fisher because she changed my story all of a sudden . The card works in all countries except, Mali and Nigeria. Mike Fisher email address is blankatm156@gmail.com

    ReplyDelete
  8. We are authorized Financial consulting firm that work directly with
    A rated banks eg Lloyds Bank,Barclays Bank,hsbc bank etc
    We provide BG, SBLC, LC, LOAN and lots more for client all over the world.
    Equally,we are ready to work with Brokers and financial
    consultants/consulting firms in their respective countries.
    We are equally ready to pay commission to those Brokers and financial
    consultants/consulting firms.
    Awaiting a favourable response from you.
    Best regards
    WALSH SMITH, ROBERT
    email : info.iqfinanceplc@gmail.com
    skype: cpt_young1

    ReplyDelete
  9. XMAS FUNDS/FORGET ABOUT GETTING A LOAN

    GET YOUR BLANK ATM AND CREDIT CARD AT AFFORDABLE PRICE
    We sell this cards to all our customers and interested buyers worldwide, the card has a daily withdrawal limit of $5000 and up to $50,000 spending limit in stores and unlimited on POS.
    email blankatmmasterusa@gmail.com
    website:https://blankatmmasterusa.wixsite.com/blankatmhackers
    you can also call or whatsapp us Contact us today for more enlightenment +1(539) 888-2243
    BEWARE OF SCAMMERS AND FAKE HACKERS IMPERSONATING US BUT THEY ARE NOT FROM US CONTACT US ONLY VIA THIS CONTACT
    WE ARE REAL AND LEGIT

    ReplyDelete
  10. If you are looking for cool unique hoodies in London, then BVD BOY is one of the best choices for you.

    ReplyDelete
  11. XMAS FUNDS/FORGET ABOUT GETTING A LOAN

    GET YOUR BLANK ATM AND CREDIT CARD AT AFFORDABLE PRICE
    We sell this cards to all our customers and interested buyers worldwide, the card has a daily withdrawal limit of $5000 and up to $50,000 spending limit in stores and unlimited on POS.
    email blankatmmasterusa@gmail.com
    website:https://blankatmmasterusa.wixsite.com/blankatmhackers
    you can also call or whatsapp us Contact us today for more enlightenment +1(539) 888-2243
    BEWARE OF SCAMMERS AND FAKE HACKERS IMPERSONATING US BUT THEY ARE NOT FROM US CONTACT US ONLY VIA THIS CONTACT
    WE ARE REAL AND LEGIT........................

    ReplyDelete
  12. I being hearing about this blank ATM card for a while and i never really paid any interest to it because of my doubts. Until one day i discovered a hacking guy called Engineer Micharel, he is really good at what he is doing. Back to the point, I inquired about The Blank ATM Card. If it works or even Exist. They told me Yes and that its a card programmed for random money withdraws without being noticed and can also be used for free online purchases of any kind. This was shocking and i still had my doubts. Then i gave it a try and asked for the card and agreed to their terms and conditions. Hoping and praying it was not fake. One week later i received my card and tried with the closest ATM machine close to me, It worked like magic. I was able to withdraw up to $10,000. This was unbelievable and the happiest day of my life with my girlfriend Laurel. So far i have being able to withdraw up to $78000 without any stress of being caught. I don't know why i am posting this here, i just felt this might help those of us in need of financial stability. blank ATM has really change my life. If you want to contact them, Here is the email address ( blankatm002@gmail.com ). And he can help you as well

    ReplyDelete