ekoparty 2013 – Wrap Up of 1st Day

Ekoparty is an Infomartion Security Conference that happens every year in Buenos Aires Argentina. And it is known as one of the best InfoSec Conferences in Latin America, if not the best, at least in my opinion so far.

The first day at Ekoparty 2013 was mostly for Registration, Workshops and Wardriving. The venue is really nice, as it has an underground like look and feel. You really feel that you are at a hacker conference. I went first to the workshop called Mobile Apps and How to Pentest them. It was in Spanish but it was quite easy to understand as it was full of technical terms and words in english, also, they have simultaneous translation to english if necessary.

The workshop talked about how to create your own penetration testing lab for mobile applications. The speaker name was Gustavo Sorondo, aka puky. He started showing the different types of mobile apps, systems and devices, and how to work with all of those. He talked about the OWASP Mobile Security Project, which is a very interesting project made by OWASP for Mobile Applications. It has its own OWASP Top 10 for Mobile Apps and also insecure apps for learning like the iGoat or GoatDroid, versions of WebGoat for iOS and Android respectively.

He demonstrated how to set up and user the Android emulator and how to perfom Memory Analysis, Reverse the source code, analyze the logic of the application and how to bypass some security controls that are made by the developers and how to capture and view the communications between the application and it’s servers.

Overall it was a quite interesting workshop and the topic it is very important nowadays as companies are creating more and more mobile apps and they need to be safe and protect their clients data.


After the workshops there was Wardriving contest. We all gathered inside a pirate-ship-like bus and did a city tour with hackers full of big antennas and all their gears to perform wardriving. The wardriving was made to see who gets the biggest amout of wireless networks. That was it for the first day of ekoparty. More reviews are coming. We’ll keep you posted!

Originalmente postado no Blog da Conviso Application Security – Siga-nos no Twitter @conviso Google+
About author


A team of professionals, highly connected on news, techniques and information about application security
Related posts

Conviso acquired

The technology developed by Gauntlet will be incorporated to the AppSec Flow, expanding the services…
Read more

WildFly 8 (JBossAS) Application Directory Traversal Vulnerability - CVE-2014-7816

WildFly[1], formerly known as JBoss AS, or simply JBoss, is an application server authored by JBoss…
Read more

Spree Commerce Multiple Unsafe Reflection Vulnerabilities (CVE-2013-1656)

Spree Commerce [1] is “a 100% open source e-commerce platform powered by the popular Ruby on…
Read more

1 Comment

Deixe um comentário

%d bloggers like this: