SourabhDeshmukh Cloud of information

NULLCON - International Security Conference Goa 2018.

The NULLCON - Internation Security Conference 2018 GOA was sheduled from 27th Feb to 3rd March, as first three days for the training days’ and the conference days were 2nd March and 3rd March. The Venue of Conference was Holiday Inn Resort near Mobor Beach, Goa. Nullcon happens every year on the same place and it was my First Security Conference.

I was waiting for this conference from very long time, because I was too much exited learning about bug-hunting methodologies. When we got there I fell in love with the exiting scenario of the Resort. The venue was totally awsesome, on one side it is covered with beach and other side greenery of Cavelossim. Cavelossim is the village in goa where this resort is located. I was scanning the scenario, as I could see so many people were gathered for the conference. You can see resort here, although you will not be able to see the lovely decoration by NULLCON team. The organizers of the Conference was paytu and null-community.

From Miraj Junction we caught the train for Margao, Sonalkumar kadelwar was also there me. We reached Margao station in the morning ,2nd March. Around 10:30 hours we reached at the venue, and collected our ID’s for the entrance. While moving towards the entrance to my surprise I was standing infront of the Jobert Abama, who is one of the co-founder of hackerone. He greeted us with warm smile on face, and we had snaps together. After entring inside conference at one side all the stalls of sponsers were present, who were giving information about there work, and on other side all the workshops and talks were arranged in different hall’s. While scanning through the shedule we got to know that we missed the lightning keynote of conference.

We both rushed towards one of the hall and found Google VRP session was about to start, we moved gently and sat in the first row. Eduardo was the speaker of the session, he briefed us about Google VRP, Android VRP, Chrome VRP and Google Play SRP. He demonstrated some of the techniques such as cross site scripting, sql injection , cross site request forgery attacks etc. We enjoyed the session given by him. After attending session we had lunch as well as dessert in exhibition area., it was delecious. Then we attended Lightning talks about how they hacked Google (Google VRP researchers) Coolest bugs of 2017 which was briefed by karshan and Martin. The session was ended around 15:30 hours and then we were thinking about what to do next, as we both were beginners in the bug hunting.

The Bug Hunter Methodology title attracted our attention and we ran towards that spot. As we entered in the hall all the chairs were already occupied, so many people standing at the last near to the wall, there was too much crowd in that hall and absolutely there was no place to stand. Then we moved near to the stage and sat on the ground. It was clocking 16:30 hours and I was surprised about such a huge crowd. I searched for the name of speaker and got to know that he was none other than Jason Haddix founder of Bugcrowd. And he was sitting just infront of me. I secretly snapped his picture. All people were waiting for his session and the session begined. He introduced about how to approach towards testing, introduced various tools for testing, most of them were open source tools. One of the tool caught my attention was Burp Suite, which I was trying to learn earlier. The session was ended with beautiful bugcrowd stickers in my hand.

On the next day we decided to meet people and discuss about their methodologies and their contribution in web application testing. We arrived at the resort, and moved towards exhibition area and started interacting with people and had snaps together. Along with that we were searching for swag such as stickers as well as goodies. After interaction and snaps we had lunch and dessert which was arranged by Nullcon Community. Then we desided to explore the place and started wandering from corridors, we could see many people dived into there laptop, interacting with each other and trying to learn something new. The different events were happening around such as social enginnering village, Vehicle hacking etc. After that I went to the beach, there I enjoyed the flow of cool breeze of wind as well as the beautiful sound of sea waves. The scenario was amazing, after relaxing there for a hour. We moved to the stall near the exhibition area and collected swags from google, Adobe, stickers from hardware.io as well as from nullcon. We enjoyed that two beautiful days at holiday inn resort, it was amazing experience because I was able to meet lot of people, enjoyed these two days.

In evening aroud 15:45 hours we said goodbye to conference and started our journey back. Then I decided to come back next year with my own experience of handling bugs to share with other people.

You can see some of the tweet’s here.


Comments

comments powered by Disqus