Have you ever been to 44CON in London? In case you haven’t, you need to go there in 2017! To be honest it was my first time attending, but it took just one 44CON for me to become excited and that not only because of the Corgi crew member - but also because of all the workshops, talks and people from around the world! If you want to get a short impression about the stuff that was going on there, just read on ;-)
So I started the conference with a two-day training about mobile security: “Mobile Application Hacker’s Handbook: Live Edition”. Dominic Chell of MDSec teaches the basics of application security on Android and IOS. This includes theoretical security concepts and background information on both systems as well as hands-on hacking on a lot of prepared mobile apps. The course itself is very well-balanced and presented by a guy who knows his stuff best! Although it’s just a two-day course, it will give you a lot of new ideas, which you can apply to your own mobile applications and even to mobile bug bounties! And to finish this great training, I did also win a small CTF at the end and got a copy of “The Mobile Application Hacker’s Handbook” as a prize, which is also a really good book!
After having a lot of fun hacking mobile apps, I went straight to the first day of the conference, which was based in the ILEC Conference Centre. The evening started with a free-to-attend community event including a really cool “HID IO Toolkit” badge (in case you had a paid 44CON ticket) and free drinks sponsored by Amazon in their big red bus:
As if this wasn’t enough, there were a lot of cool and interesting talks and workshops starting from that evening and continuing over the following 2,5 days. Just to name a few: “Advanced incident remediation techniques” by Steve Armstrong, The “CyberCPR Workshop” also by Steve Armstrong, “ARM Shellcode Basics” by Saumil Shah and even a fantastic IoT workshop brought to you by PenTest Partners! I guess I do not need to mention that they brought a lot of toys to hack, including a car :)
There were of course many, many other great talks I have not mentioned here, because the list would obviously get very long. I really wish that I had more time to attend all other talks too, but unfortunately I cannot split myself yet!
Since every security conference has its own style, this year’s 44CON was mainly dominated by a really lovely Corgi! She was always around and helped out in case you looked lost or didn’t know how to build your exploit chain - so don’t forget to vote for her in return ;-)
All in all, for just 250 pounds, you have received an awesome value of 2,5 days of pure, uncensored security in return, which you can not only apply to personal interests like bug bounties, but also to your daily security operations. At this point I would like to thank all 44CON crew members (including the Corgi ;-) ) for their enormous effort to plan and organize such an awesome conference! It was my first time, and I will return next year - for sure!