Aug 29, 2013

New workshop and hackaton announcement: Cuckoo Sandbox @ BruCON

We are thrilled to announce to have a Cuckoo Sandbox hackaton and workshop at BruCON!

Cuckoo Sandbox is an open source for automating the dynamic analysis of malware. It allows you to run and monitor any suspicious file inside an isolated environment and collect indicators and evidences of its behavior.

Cuckoo is growing to be an established but complex software and there are many features, improvements and fixes that are yet to be developed.

At Brucon core developers, contributors and users will be able to sit down to discuss, hack, break (and possibly build) Cuckoo Sandbox and wonder about the future of fighting malware.

A 4 hour workshop will also be included in the - soon to be published - schedule.

Kind regards,

The BruCON crew

Aug 28, 2013

BruCON training in the spotlights: "The Art of Exploiting Injection Flaws"

We have some great trainings lined up for you at BruCON this year.
Just to make it even harder for you to choose one, we will put some of these trainings in the spotlight.

We start with The Art of Exploiting Injection Flaws, taught by Sumit ‘Sid’ Siddharth. Sid is the contributing author of the book SQL Injection: Attacks and Defense (2nd Edition). We caught up with Sid and asked him what the USPs of the course are:

Sid: "If you do penetration testing or security consultancy as a day job and want to take your skills to the next level, then this is the right course for you. In the class we focus on Injection Flaws and only Injection Flaws and cover the topic inside out. We don’t teach people how to use sqlmap to exploit sql injection but give people deep underlying concepts so that they know when a tool is going to work and how the tool does work. So, next time when the tool gives up working, they are not stuck. 

To elaborate a bit more on this:
So, everyone’s favourite tool is BURP Professional to carry out web pentesting. What are the SQL Injection checks which burp does and more importantly what it doesn’t do? Anyone who has experience with BURP scanner would have noticed 1 particular check where it injects the query “select 1” and then inject “select 1,2” and based on the response often reports it as false positive SQLI. Fair enough! But why does it do that? And what happens when this 1 time out of 10 it’s not a false positive?

This is not a 101 class, we expect audience to have a basic understanding of app security, familiarisation with SQL language and OWASP standards. We cover advance topics such as 2nd order injection, injection in stored procedures, double encoding/decoding etc.
The 2nd day is also niche stuff which hasn’t received as much coverage as SQL Injection. So, we cover:

  • Hibernate Query language Injection (ORM)
  • LDAP Injection
  • XPATH Injection
  • XXE

Again, we don’t just touch the surface, but we go deep dive into topics like Blind LDAP/XPATH injection; XPath 2.0; combining XPath and XXE to do more fun stuff!
A lot of people have told me that they have never seen XPath injection in the wild. I myself didn’t see it until I researched the topic and in last 2 years, I have seen a fair few of them. They say, knowledge is power, for a reason ;-)"

There are a bunch of teaser slides about the course which can be found here:

Sid: "While I have delivered this class many times at Black Hat, Appsec etc, this is my first brucon. So, I am quite excited about it and hope to have a good turnout."

details and registration link are available on the BruCON web site: here.


The BruCON crew

Aug 15, 2013

Without these companies, BruCON would not exist

During the last four editions, BruCON has been supported by a group of dedicated sponsors. Without their commitment and aid, BruCON would not be what it is today. The support of these organisation allows us to:
  • keep the conference affordable for everyone
  • provide catering and a party for free
  • invite quality speakers from all over the world and support their travel and accommodation
For our 2013 edition, we are very proud to announce the following organisations ... some are usual suspects and others are new joiners:

Our Two Diamond Sponsors

NVISO was founded by a group of enthusiastic security professionals working in the Information Security industry. Each of us has a specific field of expertise, allowing us to offer services ranging from security research and risk management to incident response and security testing. We firmly believe in and support the information security community and are proud to be a diamond sponsor of this precious Belgian event. Come and visit our booth at BruCON and you might just go home with a nice prize ;)

Ernst & Young (supporting since the last 4 years) is a renowned leader in Information Security both as a global player and locally. Security services truly lie at the heart of our delivery. On a global level, more than 1000 professionals work professionals are working within the information security practice on a daily basis. Key services that we deploy are based on our information security management framework.

Our Four Gold Sponsors

The SANS Institute was established in 1989 as a cooperative research and education organisation and is now the most trusted and by far the largest provider of information security training and security certification in the world, offering more than 50 expert training courses. SANS programs now reach more than 165,000 security professionals around the world with SANS' instructors and courseware being considered the very best in the industry. SANS also offers a myriad of free resources to the InfoSec community including consensus projects, research reports and newsletters; and it operates the Internet's early warning system - the Internet Storm Center.

 Microsoft  Founded in 1975, Microsoft (Nasdaq "MSFT") is the worldwide leader in software, services, and solutions that help people and businesses realize their full potential.

Rapid7’s solutions, Nexpose, Metasploit and Mobilisafe, give defenders visibility & management of the risk around their IT environment, users & threats. Used by 2,400+ enterprises & government agencies in 65+ countries, its solutions are top rated by Gartner®, Forrester® & SC Magazine. Its free products are downloaded 1,000,000 times a year & enhanced by 200,000 open source community members.

PwC Technology  helps organisations and individuals create the value they’re looking for. We’re a network of firms in 158 countries with more than 7.660 consultants who are committed to delivering quality in secure, manage and transform technology. Tell us what matters to you and find out more by visiting us at

 Our Party & CTF Sponsors

Also thanks to:

Exclusive Networks
Mac Telecom