You are here: Home » The Event » Workshops

Here is a list of our 2023 workshops. Workshops are on Friday 7th July, to attend you will need a main event ticket and a (free) workshop ticket, this helps us to cap numbers as places are limited. Tickets will be released on the 17th of May.

Notice that some workshops are in the morning, some in the afternoon, please don’t book yourself on two morning or two/three afternoon workshop, you can’t be in two or three places at once. Pick a workshop and stick with it, you can’t wander between them.

You will need your original ticket number, that came on the mail from Tito and is in the format XXXX-X. Speakers, crew, sponsors, please put your name or organisation in the box and we can validate you later.

Living off the Land, How to Blend in with Built-In Tools

Chris Truncer

2 hours – 10 am – 12 pm

Attackers and offensive security professionals have started to leverage built-in tooling to compromise systems. But why should they have all the fun? This workshop will perform a deep dive into different methods that you can utilize native applications to compromise workstations. On the blue team? Come join and learn what attackers are doing so you can also build detections to identify if this is used in your environment.

Adversaries Have it Easy: Having a peek behind the curtain

Andy Gill & Neil Lines

3.5 hours – 1:30 pm – 5 pm

The Adversaries Have it Easy: the workshop will teach all those attending offensive arts which replicate the real world (APT) and red teaming, covering modern windows domain attacks, some data hunting, and showing paths to leverage external attackers through internal domain compromise. The workshop will be laid-back, fun and easy to follow, with hints to blue detection and identification of the attacks we’ll show in our talk.

.NET Exploitation

Sina Kheirkhah

4 hours 9 am – 1 pm

.NET Reverse engineering for vulnerability researchers, how to map the attack surface, interesting areas of focus, tools of the trade for .NET Exploitation.


  • A windows 10 VM Visual studio 2022 installed .NET Framework 4.0 to 4.8

Container Security and Hacking with Docker and Kubernetes

Rory McCune and Iain Smart

Note: This workshop will be running before the “Capture the Flag – Kubernetes Edition”, there might be a little bit of crossover, but the presenters are working with each other to keep them distinct.

3.5 hours 9 am – 12:30 pm

Abstract – This hands-on workshop aims to give you an understanding of the security features and pitfalls of modern containerization tools like Docker and Kubernetes. We’ll cover a range of topics to build up a picture of the security options available and show practical examples of attack and defence on containerized systems.

There will be hands-on labs covering common attacks on Docker, Docker containers and Kubernetes clusters.

Prerequisites – Familiarity with basic Docker commands and Linux command line use will be helpful, but we’ll provide step-by-step instructions for people who are less familiar with them.

A laptop with a web browser that does not have strict filtering in place (e.g. no white-list only corporate proxies) and an SSH client will be needed for the practical labs.

Capture the Flag – Kubernetes Edition

Kevin Ward and James Cleverley-Prance

3.5 hours 1:30 pm – 5 pm

Delve deeper into the dark and mysterious world of Kubernetes security. Start your journey deep inside the target infrastructure, collecting flags as you exploit your position in the environment and hunt for vulnerabilities, thwarting Captain Hλ$ħ𝔍Ⱥ¢k in his quest of destruction.

Attendees can play three increasingly beguiling and demanding scenarios to bushwhack their way through the dense jungle of Kubernetes security. Everybody is welcome, from beginner to hardened veteran but attendees will be expected to be hands-on to understand more about core Kubernetes components and how they can be misconfigured and compromised.

Each attendee will be given access to their own Kubernetes cluster built within our bespoke sandboxed training environment. A laptop with an SSH client is required to participate.

Creating a Burp Extension with Montoya

Soroush Dalili

3 hours 2 pm – 5 pm

This workshop offers a concise introduction to creating a basic Burp Suite extension using Java and Montoya. Participants will learn to develop an extension by utilising a pre-written template designed for specific tasks. Additionally, the workshop will provide valuable tips for minimising resource consumption and demonstrate real-time debugging of Java extensions within Burp Suite.
Attendees should be familiar with both Java and Burp Suite, though advanced proficiency is not required.