Register is needed

Remember to register for the trainings along with the general pass (FULL) for 10€ HERE

All trainings will be performed in english. If you have difficulties with the language please send a mail to staff at overdriveconference.com. If a certain amount of attendees has the sample problem we’ll have translators in the rooms

Threat hunting with YARA rules

Trainer: Alexei Shulmin, Andrey Dolgushev (kaspersky lab)

April 25th: from 09:00 to 13:00

Location: P-3 building, escola politècnica superior de la UdG, Montilivi

Level: Intermediate

In the workshop Alexey and Andrey want to teach you with Kaspersky malware analysts’ experience of creating detection rules. They will practice a lot in detecting text-based malware along with binary-based malware, like PowerShell scripts and MZPE executables.

At the end of the workshop they will conduct a test which involves using VirusTotal’s malware hunting platform in task of looking for test samples they will have uploaded to VirusTotal.

Having visited their class students will know answers for the following questions: “while you have one malware sample, how to find additional similar samples”, “How to hunt another malware which uses the same technique as a given one”, “What is the VirusTotal’s malware hunting platform” and will take over experts’ experience.

Offensive python for red teams

Trainer: Lance Buttars

April 25th: from 16:00 to 19:30

Location: P-3 building, escola politècnica superior de la UdG, Montilivi

Level: Intermediate

This training will teach you how to use python programming language during any penetration testing or ethical hacking operation , it will teach you how to write your own ethical hacking scripts on various information security fields like network security , web application security , and endpoint security.

Also this training will teach you how to deal with buffer overflow vulnerabilities on windows machines and how you can write fully customized fuzzers to help you in exploitation stage.

First , we will talk about how you can build your own lab with simple network configuration , then we will talk about Netcat and how we can use it , because you need to know how we can send and receive data between the attacker machine and the target machine , Then we will talk about Python sockets , sockets type and where we can use each type , and also we will learn how we can use sockets to build a simple port scanner, then we will move on to explore the whole pentesting process

Suricata rules for APT detection

Trainer: Tatyana Shishkova (Kaspersky lab)

April 26th: from 09:00 to 13:00

Location: P-3 Building, Escola politècnica superior de la UdG, Montilivi

Level: Advanced

If you want to monitor and defend your network, a network intrusion detection system is a must for perimeter protection. The most popular NIDS’s now are open-source solutions Snort and Suricata.
Snort is today the de-facto standard in intrusion prevention, while Suricata is a more fast, flexible and rapidly developing alternative. Both solutions can use the same rulesets, but latest versions of Suricata have additional features which can make the process of rule writing more efficient, fast and creative.
We will teach you how to use NIDS Suricata on Ubuntu VM, speak about rule writing principles and show step-by-step how to write IDS rules for a given traffic. The training will focus on new features of the latest version of Suricata which greatly simplify the rule writing process. We will also show how to read Suricata logs and fix false alarms.
At the end of the class, you will be able to set up your own NIDS, find malicious requests in traffic and write effective rules for various protocols using the power of the latest NIDS.
The workshop will be useful as for beginners in IDS (knowledge of network protocols would be a plus), so for those who have some experience in writing IDS rules for Snort/Suricata. It will also have a lot of new information for those who visited the Snort workshop at Overdrive’18.