CanSecWest 2022 Workshops

Abraham Aranguren Robert Yuen Abraham Aranguren Robert Yuen

Practical Mobile App Attacks By Example

If you are the kind of person who enjoys workshops with practical information that you can immediately apply when you go back to work, this workshop is for you, all action, no fluff :)

Attendants will be provided with training portal access to practice some attack vectors, including multiple mobile app attack surface attacks, deeplinks and mobile app data exfiltration with XSS. This includes: Lifetime access to vulnerable apps to practice, guided exercise PDFs and video recording explaining how to solve the exercises.

Read More
Abraham Aranguren Robert Yuen Abraham Aranguren Robert Yuen

Hacking JavaScript Desktop Apps with XSS and RCE

JavaScript Desktop apps share traditional attack vectors and also introduce new opportunities to threat actors. This workshop will teach you how to review JavaScript desktop apps, showcasing Node.js and Electron but using techniques that will also work against any other desktop app platform. Ideal for Penetration Testers, Desktop app Developers as well as everybody interested in JavaScript/Node.js/Electron app security.

Read More