This past weekend I attended the Orlando BSides at Full Sail University. It's a two-day event, with the first day dedicated to workshops and the second day talks and villages. The whole conference was available by streaming as well as in person. The conference wasn't far from me, and I attended both the workshops and the talks in person.
Unlike most conferences, Orlando BSides had extremely affordable tickets. The basic ticket for the conference was $25, with students able to attend for free after proof with a student ID. There was also a VIP ticket that included a T-shirt for $50. Because this was the first time I attended, I went with the VIP ticket; however, I wonder if it's worth the extra 25 dollars. The workshops were separate at the low price of $200 for a 4-hour workshop.
I signed up for the Hacking API and the Reverse Engineering with Ghidra workshop. All the workshops were 4 hours each with two separate timeslots allowing me to take both. The Hacking API workshop was virtual; however, the staff at the conference was kind enough to provide a room for those of us taking the workshop.
The instructors for each workshop emailed the class a few days before the conference with Virtual Machines, exercises, and PowerPoint. VMs required a little setup, but the workshop was only 4 hours, so I'm glad we didn't waste much time installing and configuring.
The first class was Hacking with API, which started with the basics of using Burp suite to intercept requests. We then walked through different attacks, such as JWT token, GraphQL, and identifying sensitive information. Most of the exercises were based on the PortSwigger API labs allowing those that took the class to continue their learning with the other labs after the course was over.
Reverse engineering with Ghidra was a subject that I wanted to learn more about but watching most videos on assembling and debuggers can be very dull and hard to follow, so a class was helpful. The course was fast-paced, navigating Ghidra, discussing the basics of assembly, and finally walking through basic C programs in assembly and understanding the program's function. The instructor was very knowledgeable and gave the class a lot of time to work through the programs themselves. Once I started to get an understanding of reverse engineering, I was hooked. The person who taught the class mentioned there is also an advanced version of the course, which I will keep an eye out for in the future.
The next day I drove back to Full Sail University. The conference had several villages, including lock picking, soldering, and vendors. They even had an "un-conference" for people to sign up that day and give 15-minute presentations or talks on any subject they wanted. I mainly spent my time at the main stage presentations. Three tracks covered all different topics. As I mentioned, you can check out the talks on youtube because they were all recorded. With Full Sail University being a college with a film program, the filming of these talks was some of the best I have seen at any conference; even the stage looked amazing.
Orlando BSides Schedule:
Track 1:
Track 2:
Track 3:
I did miss Sunshine CTF that took place during the conference as a result of a poorly timed motherboard failure on my laptop. The CTF was open to anyone at the conference as well as virtually. A room was dedicated to the players, and a screen showed the progress. I joined the CTF discord before the conference started, and it sounded fun. I plan to participate next year. After the CTF was over, I saw the first-place prize, a sword that said "Sunshine CTF champion," how cool is that?
Overall this is a great local conference to attend. Unlike some massive conferences, local ones in your area can be the best. I got my first pick on workshops without rushing to buy them; the talks were small, and the best part was there were no lines. I plan to attend the conference next year and will be signing up for more workshops.
Comments