beVX has changed its name to TyphoonCon - we hope to see you all at our new conference, more details available at: https://typhooncon.com

Introduction

beVX  is organized by Beyond Security and VXRL. beVX  focuses on highly technical offensive security topics such as vulnerability discovery, advanced exploitation techniques and reverse engineering. We believe that researchers want to share their research, discovery and experience with all security enthusiasts.

Registration

Training fee includes:

  • Participation in training
  • Take part in the best offensive security conference
  • Coffee breaks and free lunch
  • Continuous Professional Earning (CPE) credit of 6 hours

Conference fee includes:

  • Take part in the best offensive security conference
  • Coffee breaks and free lunch
  • Continuous Professional Earning (CPE) credit of 6 hours

Dates and Venue

Dates: 20-21 September 2018

Venue: Sheraton Hong Kong Hotel & Towers

Address:

Sheraton Hong Kong Hotel & Towers
20 Nathan Road, Kowloon, Hong Kong Hong Kong SAR, PRC
 

Schedule

NOTE: Schedule is subject to change

20st of September 2018 (Training)
08:00 - 12:00 First half of training
iOS by Hao Xu/Pangu (Room: Tang I, 3F)
Linux by Vitaly Nikolenko (Room: Tang II, 3F)
12:00 - 13:00 Launch Break (Free to trainees)
13:00 - 17:00 Second half of training
iOS by Hao Xu/Pangu (Room: Tang I, 3F)
Linux by Vitaly Nikolenko (Room: Tang II, 3F)
18:30 Speaker and VIP Dinner (by invite only)
20st of September 2018 (Contest)
08:00 - 17:00 Each contender will have a 1 hour slot - please register to receive one
 
21st of September 2018 (Conference) - Track 1 - Tang I/II 3F
08:00 - 09:00 Registration, Coffee, Tea and socializing
09:00 - 09:10 Opening Remarks and Welcome Address
Aviram Jenik, CEO Beyond Security
09:10 - 09:40
(30min)
Keynote
Andrew Wesie / @zoaedk
09:45 - 10:30
(45min)
Dissecting a 17-old Linux Kernel Bug
Vitaly Nikolenko / @vnik5287
10:35 - 11:05
(30min)
In Sowjet Russia Smartcard Hacks You
Eric Sesterhenn / @X41Sec
11:10 - 11:55
(45min)
Viewer discretion is advised: (De)coding an iOS vulnerability
Adam Donenfeld / @doadam
12:00 - 13:00 Launch Break (Free to attendees)
13:00 - 13:40
(40min)
Dual booting modern iOS devices
Max Bazaliy / @mbazaliy
13:40 - 14:20
(40min)
Thinking outside the (Virtual)Box
Niklas Baumstark / @_niklasb
14:20 - 15:00
(40min)
Bypass Android Security Mechanisms using Custom Android
SungHyoun Song / @decashx
15:00 - 15:20 Coffee Break and Socializing
15:25 - 16:05
(40min)
Crashing to root: How to escape the iOS sandbox using abort()
Brandon Azad / @_bazad
16:05 - 16:45
(40min)
The good 0(ld) days
Halvar Flake / @halvarflake
16:45 - 17:00 Closing Remarks
18:30 - ...  After party event - location: Elia

21st of September 2018 (Conference) - Track 2 - Ming, 4F
09:45 - 10:15 (30min) Wireless Hacking with 'HackCUBE'
Yunding Jian @WhiteA10n3 / KaiJern Lau @xwings
10:20 - 11:05
(45min)
Exploiting Kernel Pool Overflows on Windows 10 RS4
Nikita Tarakanov / @NTarakanov
11:10 - 11:55
(45min)
Not all IoT Devices are Created Equal: Reverse Engineering of Xiaomi's IoT ecosystem
Dennis Giese
12:00 - 13:00 Launch Break (Free to attendees)
13:05 - 13:45
(40min)
Breaking the Bluetooth stack: Where to look and what to expect
Julian Rauchberger / Tobias Dam
13:45 - 14:20
(35min)
Break
14:20 - 15:00
(40min)
Playing Malware Injection with Exploit thoughts
Sheng-Hao Ma / @aaaddress1
15:00 - 15:20 Coffee Break and Socializing
15:25 - 16:05
(40min)
A Journey of Logical Vulnerabilities in Microsoft Browsers
James Lee / @windowsrcer
16:05 - 16:45
(40min)
The Last Man Standing: The Only Practical, Lightweight and Hypervisor-Based Kernel Protector Struggling with the Real World Alone
Seunghun Han / @kkamagui1
16:45 - 17:00 Closing Remarks
18:30 - ... After party event - location: Elia
 
21st of September 2018 (Contest)
08:00 - 16:00 Each contender will have a 1 hour slot - please register to receive one
 

Trainings

  1. Linux Kernel Exploit Development by Vitaly Nikolenko

    This training will focus on exploiting a recent Linux kernel vulnerability on x86_64. We will provide a complete walkthrough starting from the vulnerability analysis and the initial crash to a full weaponised exploit. Though the training concentrates on a specific vulnerability, the goal is to demonstrate general exploitation concepts that can be applied to other classes of kernel memory corruption vulnerabilities.

  2. iOS Sandbox Escape Vulnerability and Exploitation by Hao Xu/Pangu

    In this training we will begin by introducing iOS architecture and its security mitigations. Followed by a talk about iOS runtime and show how to do reverse engineering. After that we will focus on Mach msg basics and how XPC works upon on it. This is done because most iOS daemons provide an XPC interface and if they don't handle the messages properly, security bugs may come up. The training will also cover some known bugs in the security history of iOS which enable you to execute code with a high privileged context. During the training students will also take an exercise in exploiting a particular bug to see how real exploit is developed.

 

Sponsors

Exploit Level

Truelit

PoC Level

MicrosoftNSHC

Partner Events

HITB logo regular.png nopconlogo.png code_blue.pnginfosec-Logohardwear_90px

 

Supporting Organizations

ISC2

Media Partner

WePro180

河北20选5走势图表

Hack2Win is a hacking competition we launched 5 years ago. So far it had two flavors - Hack2Win Online and Hack2Win CodeBlue.

We decided to go big this year with Hack2Win eXtreme! Hack2Win eXtreme will focus on two primary targets, browsers and mobile.

We have up to $500,000 USD to give away, the competition will take place during the beVX conference Hong Kong, on September 20-21, 2018.

  • 共有产权住房亮相 完善“梯队消费” 2019-06-24
  • 俄罗斯金融寡头放弃奢华生活 甘愿当农民[组图] 2019-06-24
  • 我的这五年 幸福在这里 2019-06-17
  • 新疆规范法律服务事中事后监管 实现科学有效监管 2019-06-16
  • 关于《中华人民共和国监察法(草案)》的说明 2019-06-13
  • [微笑]因为人的基本需求是存在边际的,不会出现你所谓的无限制消费!比如坐公交,你会因为不要钱就一天到晚呆在公汽上么? 2019-06-07
  • 回应美方制裁 俄国家杜马酝酿对美反制法案 2019-06-07
  • 北京百子湾车祸致2死3伤 小客车女司机系无证驾驶 2019-06-06
  • 2018海创会带你领略黑科技产品 2019-06-05
  • 【扎实推进重大项目落地见效】重庆经开区发展再提速 东港片区路网工程打通“交通动脉” 2019-06-04
  • 俄罗斯足球队50横扫沙特队真是让人大饱眼福,特提精神!俄罗斯是战斗民族名不虚传。 2019-06-01
  • 光明在线培训管理平台 2019-05-27
  • 儿童掉进冰窟 小伙用双手砸出“生命通道” 2019-05-25
  • 安检不用摸 登机刷脸过 智能技术抢眼民航成果展 2019-05-14
  • 推动发展文化产业与其他关联产业深度融合 2019-05-05
  • 欢乐斗地主兑换 brt快快3 一二三期特码资料 14场胜负彩开奖结果奖 乒乓球世锦赛赛程 26选5的好彩3 分分彩网站 广西快乐十分选号技巧 期本期特码 重庆快乐十分怎么稳赢 老快3开奖信息 新时时彩与老时时彩 免费三中三平码资料 湖北十一选五开奖方法 训营网球比分