Even being more known at AppSecForum for iOS applications reverse engineering and auditing, Julien interest in reverse engineering is wider and applies to any kind of analysis, including malwares and operating system internals. Continue reading
Just a little more than two months to go before the Application Security Forum Western Switzerland opens its doors in Yverdon-les-Bains. The first day of the forum will be dedicated to full day appsec training sessions.
You’ll find all the details on our Trainings page.
This year’s program includes:
Prices range from 650.- to 750.- per session and, in some cases, special discount prices are available for students.
Seats are limited, so register now!
Andrey Belenko is a Security Engineer at viaForensics where he enjoys breaking things about as much as building things. He became interested in iOS after Apple released iOS 4, the first iOS version to feature proper data encryption. Continue reading
Dominique Bongard is the founder of 0xcite, a Swiss company focusing on security for mobile and embedded devices. His previous position, which lasted eight years, consisted of leading the Threat Intelligence team for Kudelski Nagravision. Continue reading
Sébastien Gioria est consultant senior en Sécurité des Systèmes d’Informations au sein de la société Advens , Chapter Leader de l’OWASP pour la France (http://www.owasp.fr), membre du OWASP Global Education Committee et membre du CLUSIF (http://www.clusif.fr). Continue reading
Gianni Gnesa is a security researcher and professional trainer at Ptrace Security, a Swiss-based company that offers specialized IT security services to customers worldwide. Continue reading
Alexandre Herzog started his career in Information Technology in 1998 as an IT system administrator in the largest trading room in the Geneva region. Between 2004 and 2007 he attended the University of Applied Sciences Western Switzerland in Sierre. Continue reading
Ashar Javed is a research assistant in Ruhr University Bochum, Germany and working towards his PhD.
He has been listed ten (`X`) times in Google Security Hall of Fame, Continue reading
Philipp graduated in Mathematics and Computer Science at the University of Passau (Germany) in 2010. After that he started to pursue this PhD degree at the very same institution in January 2011. Continue reading
Early interested about electronics and computer sciences (he wrote his first application when he was 12 years old), André Liechti first graduates as an electronic engineer, before being a communication systems engineer. Continue reading
Yassine Mansri est diplômé de l’haute école d’ingénierie et de gestion et du canton de Vaud, filière sécurité informatique. Continue reading
Over the past decade, Microsoft has added several security features to the Windows operating system in order to increase the cost of developing reliable exploits for attackers. Sadly, despite the tangible security improvements in the protection of their users, the development of reliable exploits is still possible and quite simple.
During this presentation, the speaker will discuss some practical techniques to bypass modern countermeasures, such as stack cookies (/GS), SafeSEH (/SAFESEH), Address Space Layout Randomization (ASLR, /DYNAMICBASE), Data Execution Prevention (DEP), and Structured Exception Handler Overwrite Protection (SEHOP) on a Windows 8 machine. Finally, the speaker will give some recommendation on how to protect your sensitive information and minimize the impact of 0 days.
SPEAKER: Gianni Gnesa
The C++ language and its siblings like C and Objective-C are ones of the most used languages today. Significant portions of operating systems like Windows, Linux, Mac OS X, iOS and Android are written in C and C++. There is however a fact that is little known about C++: it contains a Turing-complete sub-language executed at compile time. It is called C++ template metaprogramming (not to be confounded with the C preprocessor and macros)and is close to functional programming.
During this talk, I will show how to use this language to generate, at compile time, obfuscated code without using any external tool and without modifying the compiler. The technics presented rely only on C++11, as standardized by ISO. I will also show how to introduce some form of randomness to generate polymorphic code and I will give some concrete examples like the encryption of strings literals. I will show that such technics are also applicable to applications written in Objective-C (iOS and Mac OS X). At the end of the talk, I will compare such technics with other approaches like Obfuscator-LLVM. All the examples presented will be released under GitHub.
SPEAKER: Sébastien Andrivet
La protection logicielle est un sujet qui prend de plus en plus d’importance, surtout depuis l’apparition de l’informatique ubiquitaire et mobile (smartphones, tablettes, etc.). L’implémentation de mesures efficaces contre le piratage et la modification illégale de logiciels induisent un coût important lors du développement, car ces mesures requièrent souvent l’intervention d’un spécialiste en sécurité. Une phase nécessaire à toute mise à disposition ou modification illégale de logiciel est appelée ”reverse-engineering” et vise à comprendre le fonctionnement interne d’un programme, dans le but de contourner et désactiver les mécanismes de protection présents.
Durant cette présentation, nous allons présenter notre outil d’obfuscation open-source basé sur la suite de compilation LLVM (http://o-llvm.org). Cet outil, développé durant ces trois derni ères années, utilise différentes passes de compilation afin d’obfusquer un binaire à l’aide de différentes techniques d’obfuscation. Le principal avantage de cette approche est le fait que notre outil est indépendant du langage et de l’architecture.
La version actuelle permet la substitution d’instructions, l’insertion de faux branchements mélangée à des prédicats opaques et du flattening. De plus, nous finalisons actuellement deux passes supplémentaires: le tamper-proofing ainsi que la fusion de fonctions.
SPEAKERS: Johan Wehrli / Julien Rinaldini
JavaScript controls our lives – we use it to zoom in and out of a map, to automatically schedule doctor appointments and toplay online games. But have we ever properly considered thesecurity state of this scripting language? Before dismissing the (in)security posture of JavaScript on the grounds of a client-side problem, consider the impact ofJavaScript vulnerability exploitation to the enterprise: from stealing serverside data to infecting users with malware. Hackers are beginning to recognize this new playground and are quicklyadding JavaScript exploitation tools to their Web attack arsenal.
SPEAKER: Helen Bravo
Depuis les révélations d’Edward Snowden, chacun s’inquiète de la protection de sa sphère privée et s’interroge sur les limites légales autorisant la surveillance et les moyens de défense du citoyen. Nous allons voir quels moyens de surveillance sont permis en Suisse et la procédure à suivre par l’autorité pour les mettre en place, et en quoi la situation est différente dans d’autres pays.
SPEAKER: Sylvain Métille
In this talk, we first present the current status of CAESAR, the Competition for Authenticated Encryption: Security, Applicability, and Robustness, which started officially on March 15, 2014. This contest aims to identify a portfolio of authenticated ciphers, i.e. cryptographic primitives that protect authenticity, confidentiality and integrity of processed data, that offer advantages over AES-GCM, the current de-facto standard for authenticated encryption, and are suitable for widespread adoption.
Secondly, we introduce NORX, our CAESAR submission, which is a novel authenticated encryption scheme based on ARX primitives, yet using only bitwise logical operations. NORX has a unique parallel architecture derived from the Sponge construction, with an original domain separation scheme allowing simple processing of header/payload/trailer data. Furthermore, NORX specifies a dedicated datagram to facilitate interoperability and avoid users the trouble of defining custom encoding and signalling. NORX was optimized for effciency in both software and hardware: on a Haswell processor, a sequential version of NORX runs at 2.51 cycles per byte; simulations on a 180 nm UMC ASIC give a throughput of 10 Gbps at 125 MHz.
SPEAKERS: Jean-Philippe Aumasson / Philipp Jovanovic / Samuel Neves
Nowadays, spywares, viruses and other hacking technologies (including bugs exploitation like Heartbleed) are regularly stolen passwords typed by users. By using a strong two factors authentication solution, the stolen passwords cannot be stored and used later anymore because each password (called OTP for One-Time Password) is only valid for one authentication and will failed if used a second time.
We will create a fully functional open source strong two factors authentication RADIUS device from scratch, using the latest version of the open source library called multiOTP (including a full featured GUI web interface), installed on a $35 Raspberry Pi nano-computer which will run under Raspbian (the Debian distribution for the Raspberry Pi). The device will be able to support more than 100 users.
Don’t worry, the hardware is Plug and Play, no need to solder anything!
Target audience:
You will have to bring:
Hardware included in the training price:
Price:
TRAINER: André Liechti
SonarQube est un outil permettant de base de gérer la dette technique. Néanmoins, Il dispose de différents moyens permettant de “gérer” des indicateurs permettant d’effectuer une analyse de code statique orienté sécurité. Nous passerons en revue lors de cette présentation, les différents modules utiles a la sécurité dans SonarQube, verrons la capacité à les intégrer les uns avec les autres, et appréhenderons sa capacité à répondre aux besoins d’une équipe de développement. Une démonstration de différents plugins sera effectuée.
SPEAKER: Sébastien Gioria
Le langage JAVA est très utilisé aujourdhui dans la majorité des applications développées par les entreprises. Malgré les tests déployés par les développeurs, les failles dans les applications sont plus que présentes. Cette formation permettra de regarder d’un point de vue code, comment corriger au plus tôt et au plus profond les failles de sécurité.
Il s’agit d’un cours complet couvrant un large ensemble de techniques et d’informations comprenant une partie théorique et des cas réels de programmation. Vous mettrez ainsi l’expérience pratique des choses apprises durant la journée pour améliorer la sécurité de vos applications Java.
La formation comprendra notamment l’analyse de quelques lignes de code réel, l’identification d’une faille de sécurité, ou encore l’implémentation des corrections pour des failles découvertes dans le Top 10 OWASP et le CWE/SANS Top 25 ou CERT Secure Coding.
Vous découvrirez une méthodologie permettant d’effectuer une revue de code, et les classes/fonctions/méthodes à auditer en priorité.
Price: 750.- CHF
TRAINER: Sébastien Gioria
Over the past decade the numbers in the mobile arena are constantly on the rise. There is a upward trend in number of people using mobile phones, number of mobile phone manufacturers, types of operating systems, number of mobile applications .i.e. mostly everything relating to the mobile technology there is an upward trend. Out of these different trends one peculiar trend that is to be noticed is the rise in number of security issues in terms of mobile. Mobile security is a huge matter of concern now days for organizations considering the amount of trivial information which these devices hold onto them and share amongst them. Keeping this in mind it is important that an organization knows what threat an application holds when it is being brought/ implemented into the organization.
According to Kaspersky Labs in 2013 out of all malware attacks on different mobile operating systems 98.5% were targeted to android devices. This is why this training will focus on security of Android devices. Participants will get an inside-out view of Android and its applications. They will learn different attacks as well as defense against them.
Price:
Droid Application Hack & Smash (Overview) (PDF)
Droid Application Hack & Smash (Training outline) (PDF)
TRAINER: Sahil Shah
Bertrand Mesot est ingénieur en informatique diplômé de l’EPFL et possède un doctorat en Machine Learning de la même école. Après ses études,il a conçu et développé la nouvelle version parallèle du logiciel Ophcrackpour le compte d’Objectif Sécurité. Continue reading
This hands-on training is designed for students who are interested in XSS and PHP, security-unaware developers who wish to secure their applications against XSS and at the same time pen-testers who want to find XSSes in an elite applications. I will share some stories of finding XSSes in top sites or how I start looking at the web application for XSSes.
During training, attendees will first learn a “systematic, easy to grasp, context-aware attack methodology” and then apply attack methodology on 30+ test-beds. For example, the attack methodology related to a URL context is a four step process. What are these four-steps? Why only four-steps? What one can conclude after applying these four-steps?
Price: 650.- CHF
TRAINER: Ashar Javed
More and more incidents involving malicious softwares are happening every day and automated solutions analysing malware in sandboxes are on the market. Still, understanding these reports requires technical skills and understandings of how malware are working. On another hand, more companies are tasking people with handling incidents internally.
This training has been designed in order to teach you the basics of malicious code analysis using recent techniques and tools that allow to ease-up the task. As malware analysis is no theoretical thing, practical labs will be performed in order to apply the concept and use the presented tools.
The following topics will be discussed during this fast-paced day:
At the end of this training both the slides and lab manual will be given to students. This course will be given in english or french, depending on the participants
Price:
Understanding Malwares Flyer (PDF)
TRAINER: Julien Bachmann
Sylvain Métille est Docteur en droit, avocat et chargé de cours à l’université. Une liste sélective de ses publications et conférences, ainsi qu’un bref CV sont disponibles ci-dessous. Continue reading
