Blackhoodie NOVA 2024
Reverse Engineering, iOS, Hardware
Yo all our people on the Eastcoast, here we go! The first BlackHoodie on the eastern shores of the US is underway, and will happen January 10th and 11th 2024 at the Microsoft office in Arlington, Virginia at. We will be offering three incredible trainings, so sign up before they fill up!
Note These trainings are taking place the Wednesday and Thursday before ShmooCon 2024 in Washington, DC, just across the Potomac River.
TL;DR:
What:
- A 2-Day Hardware Hacking class
- A 1-Day iOS Reverse Engineering class
- A 1-Day Intro to Reverse Engineering class
When: January 10th and 11th, 2024
Where: Microsoft Arlington, VA
Who: Women
Registration: fill form here, closing on 12/31/23 or when all the seats are taken!
Fees: The workshop is free; food, travel and accommodation is responsibility of attendees
Agenda
Hardware Hacking Class: January 10th and 11th
During these two days of hardware hacking, attendees will get to tear open embedded devices and learn how to tap into them directly in order to bypass security controls, while gaining access to the target operating system in the process. Topics will include common tools and techniques such as using a serial adapter to connect to a device over UART, dumping its firmware and getting a root shell through the bootloader.
Teachers: Morgan Whitlow (@SynapticRewrite), Jaime Lightfoot, Amina Mahmood, Gr3mz (Nova)
What you need for this class:
A laptop with USB ports and administrator access. Hardware hacking tools such as logic analyzers and serial adapters will be provided.
iOS Reverse Engineering Class: January 10th
Are you completely in awe of iOS researchers around the globe, but you have no idea where to begin? Have no fear, iOS 0xZero to 0xHero is here! This workshop will take you on a journey through iOS systems internals and set you up on a path to continue to do iOS research on your own. It is completely okay if you don’t know where to start, your trainer, Christine, is here to guide you. She believes that anyone can be a reverse engineer, and they just need a step in the right direction!
Teacher: Christine Fossaceca (@x71n3)
What you need for this class:
You need a Macbook (it can be Intel or ARM, either works!) with Administrator access (Feel free to bring your own iPhone+ connector as well, if not, the instructor will have some) Materials Available to be provided by Instructor HackiOS DevKits: You need an iPhone that is publicly jailbreakable (reach out to instructor for info) You need the right tools to jailbreak it! (USB cables, converters) o USB to USB-C cable (only if your laptop has USB-C and no USB-A ports) o USB to lightning cable
Intro to Reverse Engineering: January 11th
This workshop will introduce attendees to the basic concepts needed to build out their reverse engineering skill set. Reverse engineering (RE) can help incident responders and threat intelligence analysts gain a deeper understanding of malware. It can also be an entry point into careers in vulnerability analysis and exploit development. This workshop will use Linux and x86/64 to introduce these topics but the underlying skills learned can be applied to other operating systems and architectures. Attendees will walk away with practice using common RE tools, knowledge about how to apply them and resources to continue exploring RE.
Teacher: Christina Johns
What you need for this class: To participate in exercises participants will need: A Intel laptop (not an M1 Mac ;-) ) with Linux installed or a Linux VM We will not be running malware, just files I have created The ability to download files and install software with sudo
What is BlackHoodie?
BlackHoodie is a free, women only reverse engineering workshop and community. More information can be found here: https://www.blackhoodie.re/about/
Why women-only?
One qualifies to attend an in-person bootcamp either if born and raised female, or if one identifies as a woman. This concept of women-only has no intention of putting up walls or feeling exclusive. Blackhoodie is about creating space in an industry that’s very competitive. It is a comfortable place, where attendees feel encouraged to grow skills without pressure. We do what we do, not to create women-only bubbles, as contradicting as it might sound, but to enable a minority to enter the security space, learn skills that are otherwise expensive to learn, find their interests and grow a professional network.
And, it works. BlackHoodie alumnae have gone far beyond being successful in the classroom since the workshop series started. They ventured out to start community projects and collaborations, got themselves new jobs in the security industry, went to speak at major security conferences, joined review boards and become influencers in our community. Many went on to mentor others after they had found their spot, came back to BlackHoodie to give trainings on their own or are now conference trainers and teach classes to the community.
Finally, why does the security industry need more women at all? The industry is growing and facing a talent shortage. More importantly, jobs are typically well paid, come with certain privileges, and are challenging and often fulfilling. And we do firmly believe our society as a whole can only benefit from having more women with money, independence and confidence. Likewise, the tech sector has grown in size and influence, and with great power comes great responsibility – responsibility best shared among a diverse body of decision makers.