Introduction

beVX  is organized by Beyond Security and VXRL. beVX  focuses on highly technical offensive security topics such as vulnerability discovery, advanced exploitation techniques and reverse engineering. We believe that researchers want to share their research, discovery and experience with all security enthusiasts.

Registration

Training fee includes:

  • Participation in training
  • Take part in the best offensive security conference
  • Coffee breaks and free lunch
  • Continuous Professional Earning (CPE) credit of 6 hours

Conference fee includes:

  • Take part in the best offensive security conference
  • Coffee breaks and free lunch
  • Continuous Professional Earning (CPE) credit of 6 hours
 

Dates and Venue

Dates: 20-21 September 2018

Venue: Marco Polo Hotel

Address:

MARCO POLO HONGKONG HOTEL
No. 3 Canton Road, Harbour City, Tsim Sha Tsui,
Kowloon, Hong Kong, SAR, China
 

Schedule

NOTE: Schedule is subject to change

20st of September 2018 (Training)
08:00 - 12:00 First half of training
iOS by Hao Xu/Pangu (Room: Jade, 4F)
Linux by Vitaly Nikolenko (Room: Lotus, 4F)
12:00 - 13:00 Launch Break (Free to trainees)
13:00 - 17:00 Second half of training
iOS by Hao Xu/Pangu (Room: Jade, 4F)
Linux by Vitaly Nikolenko (Room: Lotus, 4F)
18:30 Speaker and VIP Dinner (by invite only)
20st of September 2018 (Contest)
08:00 - 17:00 Each contender will have a 1 hour slot - please register to receive one
 
21st of September 2018 (Conference) - Track 1
08:00 - 09:00  Registration, Coffee, Tea and socializing
09:00 - 09:10 Opening Remarks and Welcome Address - Aviram Jenik
09:10 - 09:40 Keynote
09:45 - 10:25 (40min) Lecture 1
10:30 - 11:10 (40min) Lecture 2
11:15 - 12:00 (45min) Lecture 3
12:00 - 13:00 Launch Break (Free to attendees)
13:00 - 13:40 (40min) Lecture 4
13:45 - 14:25 (40min) Lecture 5
14:30 - 15:10 (40min) Lecture 6
15:10 - 15:40 Coffee Break and Socializing
15:40 - 16:20 (40min) Lecture 7
16:45 - 17:00 Closing Remarks
18:30 - ... After party event - location to be announced
21st of September 2018 (Conference) - Track 2
09:45 - 10:25 (40min) Lecture 1
10:30 - 11:10 (40min) Lecture 2
11:15 - 12:00 (45min) Lecture 3
12:00 - 13:00 Launch Break (Free to attendees)
13:00 - 13:40 (40min) Lecture 4
13:45 - 14:25 (40min) Lecture 5
14:30 - 15:10 (40min) Lecture 6
15:10 - 15:40 Coffee Break and Socializing
15:40 - 16:20 (40min) Lecture 7
16:45 - 17:00 Closing Remarks
18:30 - ... After party event - location to be announced
 
21st of September 2018 (Contest)
08:00 - 16:00 Each contender will have a 1 hour slot - please register to receive one
 

Trainings

  1. Linux Kernel Exploit Development by Vitaly Nikolenko

    This training will focus on exploiting a recent Linux kernel vulnerability on x86_64. We will provide a complete walkthrough starting from the vulnerability analysis and the initial crash to a full weaponised exploit. Though the training concentrates on a specific vulnerability, the goal is to demonstrate general exploitation concepts that can be applied to other classes of kernel memory corruption vulnerabilities.

  2. iOS Sandbox Escape Vulnerability and Exploitation by Hao Xu/Pangu

    In this training we will begin by introducing iOS architecture and its security mitigations. Followed by a talk about iOS runtime and show how to do reverse engineering. After that we will focus on Mach msg basics and how XPC works upon on it. This is done because most iOS daemons provide an XPC interface and if they don't handle the messages properly, security bugs may come up. The training will also cover some known bugs in the security history of iOS which enable you to execute code with a high privileged context. During the training students will also take an exercise in exploiting a particular bug to see how real exploit is developed.

 

Sponsors

Exploit Level

Truelit

PoC Level

MicrosoftNSHC

Partner Events

HITB logo regular.png nopconlogo.png code_blue.pnginfosec-Logohardwear_90px

Hack2Win eXtreme

Hack2Win is a hacking competition we launched 5 years ago. So far it had two flavors - Hack2Win Online and Hack2Win CodeBlue.

We decided to go big this year with Hack2Win eXtreme! Hack2Win eXtreme will focus on two primary targets, browsers and mobile.

We have up to $500,000 USD to give away, the competition will take place during the beVX conference Hong Kong, on September 20-21, 2018.