Security BSides London 2014

Reg Ex for Red and Blue Teamers.

This short workshop looks at how bad presentations make for bad talks. Its a shame, as most people who give talks spend little time thinking about the visual effects of terrible slide decks and how they can detract from the message they're trying to deliver. Over the years i have seen countless crap slide decks, and a handful of amazing ones. This workshop will aim to help you give a good talk that isn't death by powerpoint!

Following on from the technical talk - See the matching CfP

This Workshop will take you through the steps required to extract and decode the Configuration settings from common Remote Access Trojans and create share able IOC's

Staring with a Group effort the Instructor will lead you through all the steps required using a simple Publicly available RAT. You will be shown how to use simple debugging techniques and a few lines of python to get the information you require. Finally showing you methods that will achieve identical results without looking at a single line of assembly.

Once the group has created a working decoder each participant will be given their own random sample of a RAT to figure out and decode.

The final wrap up will deal with Creating IOC's on the artifacts you find.

You know about computers and stuff. You replaced some characters from your password so it reads 'Sw0rdf1sh' now. You know there are hundreds of tools out there, but you only have one lifetime to explore them all…

This is where the Metasploit Framework comes in. One framework to rule them all...

During this practical workshop session you will learn about the various stages of a pentest, and how the various puzzle pieces fit together. By using a centralised tool like the Metasploit Framework we can concentrate on results rather than effort. By the end of this workshop, you will have an understanding of the Metasploit Framework, how it can aid you in increasing your overall security and last but not least; You will be more bitter, but much wiser!

The next version of Dradis will ship with an API to allow you to push data in from external sources. Learn about it and how to start using it (Metasploit integration? Sure! Push using `curl` from Bash or inside your python script? Why not!).

If HTTP APIs are not your thing, we'll also be introducing a new universal file upload so you can output your results into a file and feed them to Dradis directly. Learn about this new feature, the file format and how to make your tools and scripts compatible with very little effort.

Finally, you'll also learn how to get your results into Excel. Don't roll your eyes just yet. I know, nobody likes Excel... well except *the Business* (and maybe *the Client*), meaning there is a good chance you'll be asked to provide your findings in Excel format sooner or later. Learn how to do this in the most effortless and painless way, so you can get on with your hacking efforts.

Dradis is an open-source framework to enable you to work efficiently by gathering information from different tools and presenting it in a variety of formats. We currently support Burp Scanner, Nessus, NeXpose, Nikto, Nmap, OpenVAS, OSVDB, Qualys, Retina, SureCheck, VulnDB HQ, w3af, wXf and Zed Attack Proxy but with what you'll learn in this workshop you'll be able to connect Dradis to any other tool and present the information in any way you need.

Dradis is written in Rails so this is a great chance to learn a bit about Rails and how Rails apps work under the covers.