Hi dear readers! This year I attended my first OWASP AppSec EU both as an attendee and speaker. I really enjoyed the conference, the community-driven presentations, and 3 tracks (DevOps, Developer, CISO, Hacker). Because of my interests, I decided to follow the Hacker track. Man in contacts The first presentation that I attended on AppSec was Man in contacts by Jeremy Matos and Laureline David. The main idea was to create a malicious app that has access to your contacts (you actually give the permissions), and then all your contacts are drained to the malicious C&C.
Not so long time ago, I submitted my presentation proposal on CONFidence’s Call For Papers. CONFidence is one of the best European IT Sec conferences that I love to attend due to very good presentations quality and hackish^H^H atmosphere ;-) This year I decided to actively attend as a speaker with my presentation about pentesting iOS apps using jailed iDevice. I sent my proposal, and when I received the approval, I visited the conference’s website in order to check if I’m included in the speakers list for sure (in SecuRing it’s common to prank your colleagues like for instance sending emails from the fake server, haha).