• 摄艳|花开红树乱莺啼 白鹭相亲相爱嬉戏忙 2019-06-01
  • 仓颉故里:南乐迎来县域电商发展新机遇 2019-06-01
  • 淮安市:阳光信访网络时代的社会治理新路径 2019-05-31
  • 香蕉-热门标签-华商生活 2019-05-17
  • 在深入推动长江经济带发展座谈会上的讲话 2019-04-30
  • 言而无信似乎成了特朗普政府的特质与标致 2019-04-25
  • 李沁出游暖萌喂鹿 笑靥如花欢快荡秋千 2019-04-25
  • 习近平教我们认识和把握世界大势和时代潮流 2019-04-17
  • 外卖小哥:高温下订单量激增一倍 收入破万元 2019-04-17
  • 为什么孩子特别不喜欢承认错误?是因为他们没意识到错了吗? 2019-04-13
  • 2018年石家庄高中招生计划出炉,家有中考生的快收藏! 2019-04-13
  • 不理解英语为什么要赖着高考。中国若与日、俄、韩、澳、印等国联合办高校,日、俄等国语种同等重要,而且,语种与专业是挂勾的 2019-04-10
  • 印度尼西亚一华人老板娘卖叉烧肉面成网红 2019-03-29
  • 游戏主播GodV韦神即兴演唱 这一声假音听的人都酥了 2019-03-29
  • 关于分类推进人才评价机制改革的实施意见 2019-03-19
  • beVX has changed its name to TyphoonCon - we hope to see you all at our new conference, more details available at: https://typhooncon.com

    Introduction

    beVX  is organized by Beyond Security and VXRL. beVX  focuses on highly technical offensive security topics such as vulnerability discovery, advanced exploitation techniques and reverse engineering. We believe that researchers want to share their research, discovery and experience with all security enthusiasts.

    Registration

    Training fee includes:

    • Participation in training
    • Take part in the best offensive security conference
    • Coffee breaks and free lunch
    • Continuous Professional Earning (CPE) credit of 6 hours

    Conference fee includes:

    • Take part in the best offensive security conference
    • Coffee breaks and free lunch
    • Continuous Professional Earning (CPE) credit of 6 hours

    Dates and Venue

    Dates: 20-21 September 2018

    Venue: Sheraton Hong Kong Hotel & Towers

    Address:

    Sheraton Hong Kong Hotel & Towers
    20 Nathan Road, Kowloon, Hong Kong Hong Kong SAR, PRC
     

    Schedule

    NOTE: Schedule is subject to change

    20st of September 2018 (Training)
    08:00 - 12:00 First half of training
    iOS by Hao Xu/Pangu (Room: Tang I, 3F)
    Linux by Vitaly Nikolenko (Room: Tang II, 3F)
    12:00 - 13:00 Launch Break (Free to trainees)
    13:00 - 17:00 Second half of training
    iOS by Hao Xu/Pangu (Room: Tang I, 3F)
    Linux by Vitaly Nikolenko (Room: Tang II, 3F)
    18:30 Speaker and VIP Dinner (by invite only)
    20st of September 2018 (Contest)
    08:00 - 17:00 Each contender will have a 1 hour slot - please register to receive one
     
    21st of September 2018 (Conference) - Track 1 - Tang I/II 3F
    08:00 - 09:00 Registration, Coffee, Tea and socializing
    09:00 - 09:10 Opening Remarks and Welcome Address
    Aviram Jenik, CEO Beyond Security
    09:10 - 09:40
    (30min)
    Keynote
    Andrew Wesie / @zoaedk
    09:45 - 10:30
    (45min)
    Dissecting a 17-old Linux Kernel Bug
    Vitaly Nikolenko / @vnik5287
    10:35 - 11:05
    (30min)
    In Sowjet Russia Smartcard Hacks You
    Eric Sesterhenn / @X41Sec
    11:10 - 11:55
    (45min)
    Viewer discretion is advised: (De)coding an iOS vulnerability
    Adam Donenfeld / @doadam
    12:00 - 13:00 Launch Break (Free to attendees)
    13:00 - 13:40
    (40min)
    Dual booting modern iOS devices
    Max Bazaliy / @mbazaliy
    13:40 - 14:20
    (40min)
    Thinking outside the (Virtual)Box
    Niklas Baumstark / @_niklasb
    14:20 - 15:00
    (40min)
    Bypass Android Security Mechanisms using Custom Android
    SungHyoun Song / @decashx
    15:00 - 15:20 Coffee Break and Socializing
    15:25 - 16:05
    (40min)
    Crashing to root: How to escape the iOS sandbox using abort()
    Brandon Azad / @_bazad
    16:05 - 16:45
    (40min)
    The good 0(ld) days
    Halvar Flake / @halvarflake
    16:45 - 17:00 Closing Remarks
    18:30 - ...  After party event - location: Elia

    21st of September 2018 (Conference) - Track 2 - Ming, 4F
    09:45 - 10:15 (30min) Wireless Hacking with 'HackCUBE'
    Yunding Jian @WhiteA10n3 / KaiJern Lau @xwings
    10:20 - 11:05
    (45min)
    Exploiting Kernel Pool Overflows on Windows 10 RS4
    Nikita Tarakanov / @NTarakanov
    11:10 - 11:55
    (45min)
    Not all IoT Devices are Created Equal: Reverse Engineering of Xiaomi's IoT ecosystem
    Dennis Giese
    12:00 - 13:00 Launch Break (Free to attendees)
    13:05 - 13:45
    (40min)
    Breaking the Bluetooth stack: Where to look and what to expect
    Julian Rauchberger / Tobias Dam
    13:45 - 14:20
    (35min)
    Break
    14:20 - 15:00
    (40min)
    Playing Malware Injection with Exploit thoughts
    Sheng-Hao Ma / @aaaddress1
    15:00 - 15:20 Coffee Break and Socializing
    15:25 - 16:05
    (40min)
    A Journey of Logical Vulnerabilities in Microsoft Browsers
    James Lee / @windowsrcer
    16:05 - 16:45
    (40min)
    The Last Man Standing: The Only Practical, Lightweight and Hypervisor-Based Kernel Protector Struggling with the Real World Alone
    Seunghun Han / @kkamagui1
    16:45 - 17:00 Closing Remarks
    18:30 - ... After party event - location: Elia
     
    21st of September 2018 (Contest)
    08:00 - 16:00 Each contender will have a 1 hour slot - please register to receive one
     

    Trainings

    1. Linux Kernel Exploit Development by Vitaly Nikolenko

      This training will focus on exploiting a recent Linux kernel vulnerability on x86_64. We will provide a complete walkthrough starting from the vulnerability analysis and the initial crash to a full weaponised exploit. Though the training concentrates on a specific vulnerability, the goal is to demonstrate general exploitation concepts that can be applied to other classes of kernel memory corruption vulnerabilities.

    2. iOS Sandbox Escape Vulnerability and Exploitation by Hao Xu/Pangu

      In this training we will begin by introducing iOS architecture and its security mitigations. Followed by a talk about iOS runtime and show how to do reverse engineering. After that we will focus on Mach msg basics and how XPC works upon on it. This is done because most iOS daemons provide an XPC interface and if they don't handle the messages properly, security bugs may come up. The training will also cover some known bugs in the security history of iOS which enable you to execute code with a high privileged context. During the training students will also take an exercise in exploiting a particular bug to see how real exploit is developed.

     

    Sponsors

    Exploit Level

    Truelit

    PoC Level

    MicrosoftNSHC

    Partner Events

    HITB logo regular.png nopconlogo.png code_blue.pnginfosec-Logohardwear_90px

     

    Supporting Organizations

    ISC2

    Media Partner

    WePro180

    群英会跨度走势图

    Hack2Win is a hacking competition we launched 5 years ago. So far it had two flavors - Hack2Win Online and Hack2Win CodeBlue.

    We decided to go big this year with Hack2Win eXtreme! Hack2Win eXtreme will focus on two primary targets, browsers and mobile.

    We have up to $500,000 USD to give away, the competition will take place during the beVX conference Hong Kong, on September 20-21, 2018.

  • 摄艳|花开红树乱莺啼 白鹭相亲相爱嬉戏忙 2019-06-01
  • 仓颉故里:南乐迎来县域电商发展新机遇 2019-06-01
  • 淮安市:阳光信访网络时代的社会治理新路径 2019-05-31
  • 香蕉-热门标签-华商生活 2019-05-17
  • 在深入推动长江经济带发展座谈会上的讲话 2019-04-30
  • 言而无信似乎成了特朗普政府的特质与标致 2019-04-25
  • 李沁出游暖萌喂鹿 笑靥如花欢快荡秋千 2019-04-25
  • 习近平教我们认识和把握世界大势和时代潮流 2019-04-17
  • 外卖小哥:高温下订单量激增一倍 收入破万元 2019-04-17
  • 为什么孩子特别不喜欢承认错误?是因为他们没意识到错了吗? 2019-04-13
  • 2018年石家庄高中招生计划出炉,家有中考生的快收藏! 2019-04-13
  • 不理解英语为什么要赖着高考。中国若与日、俄、韩、澳、印等国联合办高校,日、俄等国语种同等重要,而且,语种与专业是挂勾的 2019-04-10
  • 印度尼西亚一华人老板娘卖叉烧肉面成网红 2019-03-29
  • 游戏主播GodV韦神即兴演唱 这一声假音听的人都酥了 2019-03-29
  • 关于分类推进人才评价机制改革的实施意见 2019-03-19
  • 山东时时彩是什么 天津11选5蛋托玩法 辛运28 急速赛车单机版 香港赛马会官网 22选5福建22选5走势图 白小姐资一肖中特四不像 真正香港六合彩网站 pc28历史结果查询 7星彩开奖结果查询今天晚 广西快3开奖选号器 体彩超级大乐透走势图带坐标 3d试机号383历史记录 湖南幸运赛车现场直播 德甲积分榜必赢网