Schedule
Friday 1 November
09:50
Registration
Arrive to the Google office at 09:50 for the workshop check in.
10:15–10:30
Introduction
The opening session
10:30–12:00
Track A: Binary Vulnerabilities
by Ari Krakauer
- Basics of binary vulnerabilities
- Intro to assembly and shellcode writing
- Stack overflows and how to exploit them (get your first root shell here!)
- Return to libc
- Intro to modern defenses and exploitation methods
10:30–12:00
Track B: Android Applications Hacking
by Olivier Tuchon
- Anatomy of an APK
- Static and Dynamic Analysis with open source tools
- Hands-on exercises (CTF like)
12:00–13:00
Lunch
at Google office
Free food is the best food.
13:00–18:00
Track A: Binary Vulnerabilities
(Continuation)
13:00–15:30
Track B: Android Applications Hacking
(Continuation)
15:30–16:00
Track B: Life of a Security Engineer
by Geta Sampemane
Security covers a wide range of topics, but what do security engineers actually do on a daily basis? This talk describes some of the possibilities, with a focus on prevention rather than attack or response.
16:00–17:00
Track B: Life at Google. Opportunities for students
by Lindsay Taub
Learn more about Google's internship program, scholarships and full-time roles for recent grads, and best practices for submitting your application. There are lots of ways to prepare for technical interviews, including taking part in Google's Coding Competitions (g.co/codingcompetitions). The session will end with some information about the programming contests we run and how to get involved.
17:00–17:30
Track B: The Google Vulnerability Reward Programs
by Jan Keller
How to hack Google and get paid for it.
17:30–18:30
Track B: Hardware Hacking
by Łukasz Siewierski
This is an introductory course to hardware "hacking". We will take a look at one commercially available device and learn how to:
- Assess the device components.
- Locate interesting elements on the PCB.
- Connect to the serial console.
- Understand bootloader.
- Reverse engineer the firmware to gain root access.
18:30–19:30
Dinner
at Google office
What could be better than free food? More free food!
Saturday 2 November
09:50
Registration
Yes, you need to come for the registration every day.
10:00–12:30
Track A: Web Security
by Conrad Grobler
The workshop will provide an overview of web security principles and security testing:
- Basics of web security
- Web security testing tools
- Hands-on exercises to find and exploit common vulnerabilities
- How to defend against these vulnerabilities
12:30–13:00
Track A: Visit CTF finals
just across the atrium
See how pros play Google CTF finals.
Track B folks — you'll also have a chance to see CTF Finals, during lunch time.
10:00–13:00
Track B: Fuzzing
by Andrew Whalley and Alex Gough
Learn how throwing random data at programs finds bugs, and how to use the tooling that makes it easy.
- Get an introduction to the history of fuzzing, and find bugs in early web browsers with random HTML.
- Hands on with libFuzzer, an advanced fuzzing framework used by many large projects.
- Write a fuzzer that catches the Heartbleed bug!
- Learn how you can use fuzzing to help open source projects, and get cash money from VRPs.
13:00–14:00
Lunch
at Google office
Just as you thought it can't get any better... Free lunch with security pros!
14:00–18:00
Track A: Web Security
(Continuation)
14:00–18:00
Track B: Android Applications Hacking
(Repetition of Friday's Android Applications Hacking workshop)
18:00–19:00
Dinner
at Google office
Sunday 3 November
09:50
Registration
Get your daily visitor badge
10:00–11:00
Interview Training
What to expect, and how to prepare for the Google interview.
11:00–11:30
Ask me anything
You ask your security-related questions and we'll try to answer.
11:30–12:00
Visit CTF Finals
The second (and the last) day of Google CTF finals.
12:00–13:00
Lunch
at Google office
You know the drill...
13:00–13:30
Hiring at Google
by Derek Sickles
- Path to navigating Google's hiring process
- Different roles related to Security Engineering and Software Engineering (with an emphasis on Security/Privacy)
- Interview Preparation and Tips
- Open Q&A
13:30–18:30
Wargames
by you
Go hack some stuff, we'll help you.
19:00–22:00
Networking & CTF Awards ceremony
by all of us
Observe Google CTF prize-giving, chat with people. Food and drinks will be provided.