FRIDAY, NOVEMBER 8, 2024

The Unlock your brain workshops

NATURAL LANGUAGE PROCESSING (NLP) FOR THREAT INTELLIGENCE

English

Beginners

10:00 AM – 12:00 PM (sold out)
and
2:00 PM – 6:00 PM

Pauline BOURMEAU

Natural language processing is a subfield of AI. It is at the core of large language models. In this workshop you learn how to break AI into tools and build your first NLP program. You learn to use natural language processing to extract
knowledge and uncover patterns in text data. This workshop provides you with practical knowledge and skills that you can apply in your daily practice as a security professional. It is designed for beginners, you will be introduced to t
he foundations of NLP and gain practical experience in text pre-processing, representation, and classification.

Detecting and exploiting prototype pollution in JavaScript applications

French

Intermediate

10:00 AM – 12:00 PM

BitK

Prototype pollution is a critical vulnerability in JavaScript applications, exploiting the prototype inheritance feature to introduce malicious properties. This workshop will provide an in-depth, hands-on experience to help participants understand, identify, and mitigate prototype pollution vulnerabilities.

GO FIGUR by yourself

French

Beginners

10:00 AM – 12:30 PM

Darcosion

It all starts with a small spam campaign to sell fake drugs on Facebook. And it ends with a multinational infrastructure of spam, account creation farms, identity theft, and black SEO.

On the agenda: OSINT, web infrastructure analysis, SOCMINT, GEOINT, FININT, IMINT, and plenty of bonus content specific to this field.

This ‘workshop’ isn’t really a workshop in the sense that you won’t be doing any hands-on work on your computer. It’s more of a deep dive into the world of OSINT in all its forms, even the most unexpected ones. Buckle up. 😉

Zeek and Destroy with Python and Machine Learning

English

Intermediate

2:00 PM – 6:00 PM

Eva SZILAGYI

Zeek is an open-source network security monitor (NSM) and analytics platform that has been around for quite some time (since the mid-90s). It is used at large university campuses and research labs, but in the past few years, more and more security professionals in the industry have turned their attention to this fantastic tool.

Deserialization attacks: exploit research and development

French

Intermediate

2:00 PM – 6:00 PM

Vincent MICHEL
Gaëtan CARABETTA

Deserialization attacks can enable remote code execution on a system. During this workshop, participants will have the opportunity to try out this type of attack on vulnerable applications and develop their own exploit.

Unsafe code deserialization attacks are one way to achieve remote code execution on a system. One could say that deserialization exploits are the equivalent of ROP chains, but at higher application layers.

Exploring OpenSSH: Hands-On Workshop for Beginners

French

Beginners

2:30 PM – 4:30 PM

William ROBINET

During this workshop, you will learn how to use the various tools from the OpenSSH suite. We will start with a presentation of the problems that are solved by OpenSSH, then we will dive into the details of its most important and useful features.
Among the topics covered, we will discuss about remote host authentication, password and public key client authentication, key generation, local and remote port forwarding, forward and reverse SOCKS proxying, X11 forwarding, jumphosts, connection to legacy systems, and more.

Hands-on exercises will be proposed throughout the exploration of the tool suite using real-life scenarios. There will be space for questions and discussion.