Game of Hacks: Play, Hack & Track

Presented at DEF CON 23 (2015), Aug. 8, 2015, 6 p.m. (60 minutes)

Fooling around with some ideas we found ourselves creating a hacker magnet. Game of Hacks, built using the node.js framework, displays a range of vulnerable code snippets challenging the player to locate the vulnerability. A multiplayer option makes the challenge even more attractive and the leaderboard spices up things when players compete for a seat on the iron throne. Within 24 hours we had 35K players test their hacking skills...we weren't surprised when users started breaking the rules. Join us to: Play GoH against the audience in real time and get your claim for fame Understand how vulnerabilities were planted within Game of Hacks See real attack techniques (some caught us off guard) and how we handled them Learn how to avoid vulnerabilities in your code and how to go about designing a secure application Hear what to watch out for on the ultra-popular node.js framework. Check it out at www.Gameofhacks.com

Presenters:

• Maty Siman - CTO and Founder Checkmarx
  Maty is the CTO and founder of Checkmarx. Maty has more than a decade of experience in software development, IT security and source-code analysis. Prior to founding Checkmarx, Maty worked for two years at the Israeli Prime Minister’s Office as a senior IT security expert and project manager. Prior to that, he spent six years with the Israel Defense Forces (IDF), where he established and led a development team in the IDF’s Information Security Center. Maty regularly speaks at IT security conferences and is CISSP certified since 2003. Web: www.Gameofhacks.com
• Amit Ashbel - Product Evangelist Checkmarx
  Amit Ashbel joined Checkmarx From Trusteer (acquired by IBM). He has been with the security community for more than a decade where he has taken on multiple tasks and responsibilities over the years, including technical and Senior Product lead positions. Amit adds valuable product knowledge including experience with a wide range of security platforms and familiarity with emerging threats and the hi-tech security industry.

Links:

• https://defcon.org/html/defcon-23/dc-23-speakers.html#Ashbel
• https://infocon.org/cons/DEF CON/DEF CON 23/DEF CON 23 slides/DEF CON 23 - Amit Ashbel and Maty Siman - Game of Hacks - Play Hack and Track - Slides.mp4
• https://infocon.org/cons/DEF CON/DEF CON 23/DEF CON 23 video/DEF CON 23 - Amit Ashbel and Maty Siman - Game of Hacks - Play Hack and Track - Video.mp4
• https://infocon.org/cons/DEF CON/DEF CON 23/DEF CON 23 slides/DEF CON 23 - Amit Ashbel and Maty Siman - Game of Hacks - Play Hack and Track - Slides.srt (subtitles)
• https://infocon.org/cons/DEF CON/DEF CON 23/DEF CON 23 video and slides/DEF CON 23 - Amit Ashbel and Maty Siman - Game of Hacks - Play Hack and Track - Video and Slides.srt (subtitles)
• https://infocon.org/cons/DEF CON/DEF CON 23/DEF CON 23 video/DEF CON 23 - Amit Ashbel and Maty Siman - Game of Hacks - Play Hack and Track - Video.srt (subtitles)
• https://infocon.org/cons/DEF CON/DEF CON 23/DEF CON 23 video and slides/DEF CON 23 - Amit Ashbel and Maty Siman - Game of Hacks - Play Hack and Track - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=6wiBl3lohu4

Similar Presentations:

• Black Hat USA 2020 Virtual / Discovering Hidden Properties to Attack the Node.js Ecosystem
• DEF CON 28 (2020) Virtual / Discovering Hidden Properties to Attack Node.js ecosystem
• AppSec USA 2015 / Game of Hacks: The Mother of All Honeypots