amazonv: (Default)
Today went slightly better

Returned to the ASC
Arrived at 1 pm
Waited in the first waiting area for a bit, then finally called up.
The guard still seemed skeptical of this whole no appointment thing.
The receptionist, however, knew what she was doing and was not phased by the paperwork.
I was given a number and then I waited in the next area.
When my number was called (they seemed to be in groups of 5-10) I then went to a smaller waiting area.
Then, pretty quickly, got called back. The electronic fingerprint machine was branded "department of homeland security", he clicked the "Canada no v(and another letter)" button (there was 2 Canada buttons and 2-3 other buttons) then scanned the barcode on my paperwork which filled in my information on the screen.
I had to take off my glasses and get a picture, no smile, no teeth. Hard because the camera was far and I am pretty blind.
Then we digitally scanned my fingerprints.
Then I got sent home with the signed paperwork.
I am worried. Do I need to mail it or anything?
No idea what now, but at least I did get the fingerprints, I think, I hope.
Left at 3 pm
amazonv: (Default)
Today was very frustrating

There was a winter storm warning.

I tried to leave the house around 10 am

I should have arrived before 11 am at the application support center, however, due to weather I got there a bit after 11.

On arrival, the door declared no cameras, no cellphones, no recording devices, no food, no drinks, etc.

I entered, and really had to pee, so I looked around for the bathrooms.

the room was laid out with a guard station by the front door, with lots of clipboards.

There was one waiting area behind the clipboards

there was a long line at the receptionist

there was another waiting area in front of the receptionist.

the bathrooms were past the area in front of the receptionist.

I headed to the bathrooms and was stopped and questioned by the guard, which was weird, i explained i needed to pee and then was let go to the bathrooms.

I then returned to the clipboard area, the guard was now there.
She asked when my appointment was. I said I was a walk in.
She said they do not do walk-ins.
I explained that per the website (pulled out printout) between 11-2 they did.
She grunted and I asked if I should fill out a clipboard paper and she said no.
she said she would let me know when to go to the receptionist.

I was still unsure of what was going on, no one was very helpful, nothing was well labeled.

After watching people get yelled at for about 2 hours, I think I figured it out. Would it not have been better to have signage explaining this and/or a person explaining this?

So you arrive, you must remove any head coverings or face coverings.
you then must take a clipboard and fill out the paper
then return the clipboard and keep the paper
if you make a mistake do NOT take another paper, cross off and continue. she got very upset about people taking more than one paper.
depending on your appointment time that group would be called to reception, then and only then do you line up at the reception desk. For example, the line when I arrived a little after 11 was the 11 am appointments.
After being processed by the receptionist you waited in the other waiting area to the front of reception, there was a number display there so I assume when your number came up you went somewhere (I didn't see far enough to see if there were rooms or cubbies or whatever.

By my rough count, there were over a hundred chairs in each waiting area and they were all full.

After waiting 2 hours they made an announcement, because of the weather all government offices were shutting down. Appointments would be rescheduled.

At this time I got to read small print which was taped to the top of the clipboard stack (which I was denied and told to sit down) which seemed to imply all UK and US visa applicants goto reception. I will have to point this out/lobby for it next time I try. Hopefully tomorrow.

What should have been a slightly less than hour drive home became around 2 hours. There were many accidents, plus poor visibility.
amazonv: (Default)
Received an utterly useless reply from Canadian immigration which proves they did not even read my email to them

POSTED BELOW
Good day [name],

Thank you for contacting Immigration, Refugees and Citizenship Canada (IRCC).

According to your nationality and the type of application you are submitting, the Find out if you need to give biometrics tool on our website will help you determine if you need to provide your photo and your fingerprints (biometrics).

If you are presently in Canada and you are being asked to give your biometrics, you will need to leave Canada and provide them to one of the facilities outside Canada.

For more information about biometrics, please consult our website.

We hope the information provided is helpful in assisting you with your enquiry.

We would also like to suggest the following online services that might be helpful to you with any immigration, refugee and/or citizenship future requests:


Download application forms and guides
Change of address
Check your application status
Help Centre - To find answers, you may consult the different sections or type keywords related to your question.

Sincerely,

Samir, Agent 4071
Immigration, Refugees and Citizenship Canada
https://www.canada.ca/en/services/immigration-citizenship.html


Note The information provided may change without notice. If there is conflicting information between the text in the email and the Immigration and Refugee Protection Act, the Citizenship Act or their regulations, the Act and/or Regulations prevail. This email was sent to you in the language of your choice. The information on the IRCC website is available in both official languages. The masculine form may have been used for convenience.

From: [email]
Sent: 14/02/2019 5:07:11 PM
To: Question-DoNotReply-NePasRepondre@cic.gc.ca
Subject: In Canada Case Specific Enquiry - Permanent Residence (applied online) - Express Entry

PROTECTED B

Applicant Information
Name of applicant: [name]
Email address: []
DOB of applicant: []
Country of birth: United States of America
Client ID number:
File number: []
Telephone number:
Mobile number: []
Type of application: Permanent Residence (applied online) - Express Entry

Enquirer Information
Name of enquirer: []
Relationship to applicant: Applicant
Email address: []
Telephone number:
Mobile number: []
Consultant ICCRC number:

Enquiry:
Biometric collection [] I called ASC/USCIS and they indicated that usually appointments are made by the services that need them, not applicants.

They do not have a method for applicants to request appointments and are unsure if they can do walk-ins (ever).

My closest center is: Philadelphia, PA - Application Support Center Office Address: USCIS Application Support Center, 10300 Drummond Road, Suite 100, Philadelphia, PA 19154 They are open 8-4 eastern time M-F Is there any way that you know of to schedule me an appointment? I plan to go as soon as i can to the physical location to ask about walk-in / appointment but as I am caring for my disabled sister that may not be for a while and there is no available phone number online (beyond the USCIS main number who i did speak with) and so was hopeful you know for sure if they do walk ins on certain days/times or have a way to request an appointment.
amazonv: (Default)
So yesterday I got a noticed I had a message in my account
I was very excited!
The current estimate last time I logged in was July.

I logged in http://www.cic.gc.ca/english/e-services/mycic.asp

I had a message "Biometrics Collection Letter"

Which had me download a PDF

START PDF

This letter refers to your application to Immigration, Refugees and Citizenship Canada (IRCC) for one of the following documents to come to or remain in Canada:
• temporary resident permit; • work permit; • study permit; • temporary resident visa; • visitor record; • permanent resident application; or • permanent resident card renewal.

Under the Immigration and Refugee Protection Act (IRPA) and its Regulations, you are required to have your fingerprints scanned and your photograph taken (your biometrics) at a biometric collection service point to help Visa Officers determine if you may enter or stay in Canada. Most applicants will need to give their biometrics at a biometric collection service point abroad before they travel to Canada.

Only those who are eligible to apply for a or a at a designated port of entry can give their biometrics upon arrival in Canada.

Note: If you received this letter you must give your biometrics before coming to Canada and are not eligible to have your fingerprints and photograph taken at a Canadian port of entry. If you are already in Canada, you will have to leave the country to provide your biometrics.

Why is IRCC collecting my fingerprints and photograph?

Your biometric information will be used under the Immigration and Refugee Protection Act (IRPA) and its Regulations to determine if you may enter or stay in Canada. Your fingerprints may also be shared with law enforcement agencies in Canada and may be used for the enforcement of any Canadian or provincial law. For more information about why the Government of Canada collects biometrics, how it uses your information and how it protects your privacy, please visit: and

https://www.canada.ca/en/immigration-refugees-citizenship/campaigns/biometrics/ protecting-appplicants-privacy.html.
https://www.canada.ca/en/immigration-refugees-citizenship/campaigns/biometrics/facts.html

What you need to do next:
You need to take this letter with you and go in person to any biometric collection service point to have your fingerprints and photograph taken.
• If you are outside Canada or the United States, you may go to any Visa Application Centre (VAC) most convenient to you.
• If you are already legally in the United States, you may go to a United States Citizenship and Immigration Services (USCIS), Application Support Center (ASC) or a Visa Application Centre (VAC) located in the United States or its territories.
For more information on where to give your biometrics, please visit:

What you need to bring with you:
When you present yourself at the biometric collection service point of your choice, you must bring the following: • a copy of this letter, and • the passport or travel document that you referenced in your application.
Note: This letter is also your proof that: • you have paid the biometric fee; or • you have claimed an exemption from the biometric fee under section 315.1 of the Immigration and Refugee Protection Regulations (IRPR). If, after reviewing your request, it is determined that you do not qualify for an exemption and are required to pay the biometric fee, you will be contacted by IRCC and your fee payment options will be explained to you.

Important Information

You have 30 days from the date of this letter to present yourself at a biometric collection service point to give your biometrics:

You must visit a biometric collection service point to have your fingerprints scanned and photograph taken on or before . If you do not comply, your application may be refused. If your application is refused, you will have to submit a new application and pay the applicable fees.

If you cannot provide your biometric information (photograph and/or fingerprints) or if you need more than the 30 days, please contact Immigration, Refugees and Citizenship Canada at and be prepared to provide a detailed explanation.

If you have injuries or medical conditions:

Some injuries and medical conditions may affect your ability to provide your ten (10) fingerprints or photograph. If you have a temporary injury or condition on your face and/or hands, you should wait until the injury heals or condition improves before you give your biometrics. If you have a permanent injury or medical condition on your face and/or hands, your photograph will still be taken and you will be asked to provide as many fingerprints as possible.

If you hold multiple citizenship:

You must use the same travel document throughout the application process, including when you go to a biometric collection service point to give your biometrics. You must also use the same travel document upon arrival in Canada.

END PDF

I followed the link in the PDF to
http://www.cic.gc.ca/english/information/where-to-give-biometrics.asp

clicking on the name of the location takes me to
https://egov.uscis.gov/office-locator/#/
clicked ASC
https://egov.uscis.gov/office-locator/#/asc
which entering my zip brings me right back to
https://egov.uscis.gov/office-locator/#/ascprofile/PA/Philadelphia/XPA

The web page said "The only after filing service that is provided by an ASC is fingerprinting. Fingerprinting services are by appointment only and are related to an application for an immigration benefit.

You will be notified about an ASC appointment by mail. You should follow the instructions on the appointment notice to reschedule the appointment."

Which concerned me, i was expecting walk-in per the PDF

I called USCIS and used the automated system

It lead me to
https://www.uscis.gov/tools
so I made an infopass appointment using
https://my.uscis.gov/en/appointment/v2

It only looks 14 days in advance, and i only have 30, and Philly was booked, so made one in Pittsburgh (5 hour drive) on the day i was supposed to be flying back to Canada

I called USCIS to confirm i made the correct type of appointment, i talked to a person who had to put me on hold and ask a lot of questions

They directed me to
http://www.cic.gc.ca/english/visit/index.asp
I indicated that was not helpful
They sent me to
http://www.cic.gc.ca/english/visit/biometrics.asp

I said that was not helpful and could he confirm if philly did walk ins - he said he could not and did not think that they did

I asked if i could make an ASC appointment, he indicated no, applicants can NOT make an ASC appointment you are given an appointment time as your case is processed.

i repeated i was a citizen and it was Canada that wanted it.

He could not help me. we ended the call.

Information
http://www.cic.gc.ca/english/visit/biometrics.asp
all this does is

START WEBSITE

Find out if you need to give biometrics

Select one: (required) I didn’t give biometrics in the past

Select the country code that matches the one on your passport. (required) USA

Answer: You don’t need to give your biometrics.

As a U.S. citizen or national, you don’t need to give your biometrics.

Exception: If you apply for permanent residence in Canada, you need to give your biometrics.

This tool provides general guidance. Depending on your situation, you may need to give biometrics. If so, we’ll send you a letter to confirm that you need to.

END WEBSITE

OK so that was everything I already knew

I Googled
https://www.canada.ca/en/immigration-refugees-citizenship/campaigns/biometrics.html
Which took me to
https://www.canada.ca/en/immigration-refugees-citizenship/campaigns/biometrics/how-to-give-biometrics.html
which took me to
http://www.cic.gc.ca/english/information/where-to-give-biometrics.asp

AND - REPEAT SAME AS ABOVE

clicking on the name of the location takes me to
https://egov.uscis.gov/office-locator/#/
clicked ASC
https://egov.uscis.gov/office-locator/#/asc
which entering my zip brings me right back to
https://egov.uscis.gov/office-locator/#/ascprofile/PA/Philadelphia/XPA

so... i emailed immigration (Canada) and asked for help

And i emailed my lawyer, they responded they have been experiencing this issue now with multiple people and don't have an answer yet but suggested i try to do a walk in. they are seeking an extension
amazonv: (Default)
OK lawyer signed off, and it looks like they uploaded all supporting documents (they had been having me scan and email them) which I guess is nice.

worried, when I did "preview score" I have a score of 440 now and I need 445

very worried

total cost is $1125 (CAD) for this part of the application

Website seems to say 53 days is the average processing time right now
amazonv: (Default)
my app is complete, you have 60 days to do it, waiting on my lawyers sign off (they said this coming week) to submit it after they review

woooo!

i'll let you know what happens next
amazonv: (Default)
So

i started my application for permanent residency

https://www.canada.ca/en/immigration-refugees-citizenship/services/application/account.html

logged in and under "Continue an application you haven't submitted" there was now a "Permanent Residency"

clicked "continue application"

many of the fields were already filled out as they were copied from my express entry form, that was nice

Personal details

-Name, former names
-DOB, Country and city of birth, Height, etc.
-single/married/divorced/widowed
-passport info
-have you applied before?
-country of residence
-full name DOB, Date of death of all family members (parents, children, siblings, spouse, etc)

Contact details

-language preference
-telephone
-fax
-email
-mailing address
-complete 10 year no gap housing history

Study and languages

-native language
-education history
-language scores

Application details

-what province/territory do you want to live in
-have you been nominated?

Representative

-representative (lawyer etc)

Work history

-occupation (code)
-have a certificate of qualification from a Canadian province or territory
-do you have a job offer?
-work history with codes
-asking about if you have looked for a job and what research into jobs you have done

Personal history

-10 full years no gaps of what you have been doing - employment, unemployment, or note was in an educational situation
-all international travel 10 years with dates
-questions about criminal background and "had any serious disease or physical or mental disorder?"
amazonv: (Default)
I got my invitation to apply for permanent residency today!
amazonv: (Default)
So they reviewed my stuff and suggested some edits to optimize my points

NOTE: i could have skipped getting my bachelors assessed because i have the masters!!!!

They had me list only me two recent jobs not the aramark b/c probably of all the lacking data (couldn't get the letter) So i guess the 10 years isn't a hard limit

I submitted my application

the system keeps telling me i have notifications but i login and there are none, it's disconcerting and I am worried.

Also it told me to sign up for the Canadian job bank so i did.

Apparently once i get an invitation i get 60 days to apply

they also warned me if anything changes to keep the data up to date
amazonv: (Default)
So today I finally got my education assessment. what a rip-off. but it is over.

in the interim, my lawyers reviewed my file and agreed with my assessment of what was missing (nothing unknown to me was missing.

they made my online account, entered my data, had me review it, now they "cleaned it up" not sure what that means, and we were only waiting on this.

I have provided it to them, and hopefully they will now proceed / complete my application for express entry.
amazonv: (Default)
Sunday October 28

Slept in, yea sleep!

Missed and need to catch
Watch Out For That Bus! (Personal Disaster Recovery Planning)
Weaponizing Systems Administration: Leveraging IT Skills in Penetration Testing

went to brunch at The Smith - it was tasty
had
sparkles
hasufin
blu
milespj
sysaaron
TheCalliePaige
That Guy
Service was a bit spotty though

headed back and ended up just hanging out until booted away during ceremonies

dinner was at Crimson Diner with
Avi, Troutman, Blu, Githur, dakahuna

then train home

then waited an hour for a bus, that was not coming because sunday, so lyft

then sleeps
amazonv: (Default)
Saturday October 27, 2018

slept in, because up late and drinking

missed keynote but read text here: http://www.bsidesdc.org/history/geer.html

I also missed the (seeing again) Community Based Career Development or How to Get More than a T-Shirt When Participating as part of the Community

Wandered to find tea/food and failed, ended up at starbucks it was raining

I missed Finding the Right Tools and Codes for Your Career Search - will need to catch that on video
I also need to catch the video Bluetooth, Bluetooth BLE, and Tracking with Sonar

came back for

Blue Teams next tool: Social Engineering (Psychology and Sociology at Work) - which was really good
he posted the last page of his deck with resources here: https://www.cafaro.net/2018/10/28/blue-teams-next-tool-social-engineering-psychology-and-sociology-at-work-references/

How online dating made me better at threat modeling was OK

snackies http://maison-kayser-usa.com/

then cookies and milk party with space team and unstable unicorns

then umaya - but due to conflict with a surprise party ended up just sparkles and blu and I - tasty ramen and such though

then iron horse for a drink

then back to crash
amazonv: (Default)
Friday Oct 26, 2018
Mostly training so I stayed home
Made some tea and oatmeal
working on reviewing a book i am getting a nominal fee to do so
took care of bunny
headed on bus and train to hotel
3pm ish checked in to hotel, got 2 tickets, oopse didn't realize those came with, so gave those away
all BSides and similar need a better method to "turn in" tickets
got my badge
wandered to calibash tea for tea and snack
met up with a group at Circa Chinatown for dinner
https://www.circabistros.com/location/chinatown/#lunch-copy
got a seat upstairs
we had aaron, paranoid, sparkles, blu, troutman, whisper, mkr_ultra, 3ncr1pt3d, hasufin, SinderzNAshes, and exfiltration and i think we got one more?
anyway the warm apple cider dragon drink was good and so were the pumpkin ravioli, and the apple cake was good too, not great though

we headed back and played space team and drank!

then got to bed way too late
amazonv: (Default)
Canada express entry, perminant resident

If I had to do this over, i would do this in the below order:

1.
I had a passport if you don't that might take the longest

2.
I had my birth certificate and social security card that might also take a while

3.
I had my resume already together - put that together

4.
I would have started with my education assessment (CES, ECA) ASAP as that seems to take the longest.
To complete it you need your education transcripts and your actual diplomas.

5.
Put settlement funds away ASAP and don't touch, you'll need 6 months of statements, and a letter from the bank, some banks this was easy (Marcus, capital one 360), other it was hard (TD Bank) (15k+)

6.
schedule your Health Exam, only certain people do the assessments, so get it scheduled, and set aside the cash, mine didn't do weekends so i also had to arrange time off work
($500 +)
I had to ring to health exam - 3 passport photo which i got at CVS, they only used two but asked for three (sigh), i bought two sets from CVS but if they give you the proof that might work as your third?
she seemed very fixed on TB, and i needed a chest xray (standard), basically bring your medical history cliff notes (medicine, surgical history) and if you have recurring / permanent issues the information for your specialist (they might need a letter - basically indicating it's under control and you are going to be able to work and navigate and survive in a new place without assistance)

7.
schedule your English Language Test CELPIP-General Test ($300) they are on limited dates in limited locations
i did not study, but i did watch the you tube videos
https://www.youtube.com/channel/UCsSYTLCLK0K2kq6hFSX476A
i think that was useful as i came in and knew what to expect

8.
Police Clearance - didn't take long, but use edge/IE, sign up for FBI background check, then schedule fingerprints (that was cheap and relatively fast but i live in a metro area)
to do: request an Identity History Summary from the FBI online
https://www.canada.ca/en/immigration-refugees-citizenship/services/application/medical-police/police-certificates/how/united-states.html
used: IdentoGo for fingerprints

9.
Digital Photo that meets requirements - i ended up scanning (high res) my passport photo - so do that before medical exam

10.
Work Experience 10 years certified letter - some companies did it fast, some PITA
if you need to get supporting evidence have w2's paystubs and job description - can you find your offer letter? a job posting you applied to? your annual review?

11.
no need for anything else because i am single
amazonv: (Default)
missing TD bank letter - giving up, not a high enough balance to worry about, and provided the balance statements

Finally got CELPIP paper score

Missing U of T educational assessment (a few more weeks expected...)
amazonv: (Default)
I finally scanned a digital picture, waiting to hear if it's good enough

So lawyers did audit

missing TD bank letter (next week follow up with bank)

missing CELPIP paper score (next week call and follow up)

Missing U of T educational assessment (a few moe weeks expected...)
amazonv: (Default)
Thursday, Oct 4

Starbucks for breakfast again
class
morning coffee (again no black tea)
lunch: potbelly again
class
afternoon snacks

nap, i needed it my brain was mush

dinner: was it Gordon borsh?

Sway again for hanging out at Hyatt

Friday, Oct 5

Breakfast in bed
8 am call with upwork consultant
noon call to buy CEH class and test voucher
Hiring village doing resume reviews and mock interviews for a few hours was great
Did wander the villages some
the mental health village was great
Dinner: Sway, was very slow :(
Swanked it up for #HackerSwan and did Burboncon, but then slept through vanilla ice at the party
burboncon had food this year, wish i had known i wouldn't have gone out to eat!

Saturday, Oct 6
Slept in a lot again
wandered con a bit
Jason's Talk at mental health village but had to leave early for
Totty and Cindy and Katheens talk! (volunteering and how to put that on your resume / negotiate to be able to do it with employers, etc)
Dinner: Holy Grale
german restaurant in an old church, lots of good beers
missed the party because we fell asleep. it was offspring

Sunday, Oct 7
Slept in a lot again
Closing
Actually bid for blu b/c he was not there
the black badge got too pricey for me to bid on
MzBat and Amanda and Dustin got black badges!
Hung out at Sway dinner and drinks
sleep

Monday, Oct 8
woke up stupid o'clock to go to airport
lyft drivers kept canceling luckily got real taxi
flight to home
metro to work
worked
worked late, so much to do
amazonv: (Default)
Tuesday Oct 2

Took the bus and metro to work
worked
at lunch took stuff to post office
worked
took the metro to the airport
flight delayed, got in later than planned which sucked and i was exhausted and confused and cranky
luckily partner got my badge

mom called and told me i needed to quit and come home and help

Wednesday Oct 3

Class like 8am to 5pm
I did NOT get enough sleep
got starbucks oatmeal and chai for breakfast

We got morning coffee break and afternoon snack break, coffee break ran out of black tea day 1 before i got any and continued that trend :(

Lunch was potbelly
i quit during lunch from work
Dinner was #HackerFoodies (hackerfoodies.com)- Against the Grain

Hung out at Sway in the Hyatt (eveent moved to mariott but they were slow and grumpy and loud so many peeps stuck to hyatt, i even stayed at hyatt still)

Class info below

Application Security: For Hackers and Developers
Course name: Application Security: For Hackers and Developers

Trainer name(s): Michael Fowl and Greg Hatcher (VDA Labs)

Course description: Application Security: for Hackers and Developers, is designed for practitioners to learn about the tools and techniques used to prevent and find bugs in real world software. This class is great for anyone in software, testing, management, hacking/vulnerability research, and so much more.

We begin the class with a brief secure-by-design and strategy session. Next, understanding how and when to audit code is key for both developers and hackers. Students learn to zero in on the important components. Automated tools are employed, but auditing source manually is the key, since verifying results is a required skill even when using automated tools. Spotting and fixing bugs is the focus.

Dynamic investigation of web, mobile, and APIs requires skills with tools like burp. While hunters for bugs in core code (C/C++), often use fuzzing: a runtime method for weeding out or finding exploitable bugs. Both techniques are used by a growing number of product and security organizations.

Another technique hackers use to uncover bugs is reverse software. Managed (.net) and unmanaged code (C and C++) are covered. The IDA pro tool is taught and used throughout. Other tools like Binary Ninja are shown as well. Calling conventions, Assembly-to-C, identifying and creating structures, RTTI reconstruction, etc. are covered. Students will see IDA’s more advanced features such as flirt/flare, scripting, and plug-ins.

Finally, students will walk out of this class knowing how to exploit discovered bugs. This is useful to both developers and hackers. The attack portion will teach students how to exploit common bugs such as: command injection, SQLi, IDOR, stack buffer overflows, function pointer overwrite, heap overflow, off-by-one, integer error, uninitialized variable, use-after-free, double fetch, and more. For the exploits, return overwrites, heap spraying, ROP, and gadget discovery are presented. Shellcode creation/pitfalls and other tips and tricks will all be rolled into the exciting, final component.

Course outline:

Day 1: Managed, C/C++, and Fuzzing

8am – 8:30am

Handout Material

Pass around Thumb drives for VM Setup
8:30am – 10am

Part 1 – Managed Code/Web Vulns

Lecture 1: SDL and Product Security Testing

Lab 1 – iSpyCentral Architecture Review and Reversing
Lab 2 – iSpyCentral Key Exploit
Lab 3 – SAST iSpy
10am – 10:15am

Break 1

10:15am – 12pm

Continue working on first 5 labs

Lab 4 – DAST iSpy
Lab 5 – iSpyCentral RCE
12pm – 1pm

Lunch

1pm – 3pm

Part 2 – Unmanaged/Native Code Vulnerabilities

Lecture 2: Auditing C and C++

Lab 6 – Basic C Bugs
Lab 7 – UV Investigation
Lab 8 – Warm up with C++
Lab 9 – Basic C++ Bugs
3pm – 3:15pm

Break 2

3:15pm – 5pm

Lecture 3: Fuzzing

Pydbg Demo
Lab 10 – Peach fuzzer (file fuzzing)
Lab 11 – In-memory fuzzing
Day 2: Finish Fuzzing, Reversing, and Native Exploits

8am – 8:30am

Work on anything from yesterday

Ask questions about specific things

8:30am – 10am

Lecture 3: Continue Fuzzing

Lab 12 – AFL
Lecture 4: Reversing C and C++

Lab 13 – Easy Crackme
10am – 10:15am

Break 1

10:15am – 12pm

Keep Reversing

Lab 14 – Med Crackme
Lab 15 – Patcher
Lab 16 – C++
12pm – 1pm

Lunch

1pm – 3pm

Last Reversing Lab

Lab 17 – Scripting
Lecture 5: Exploiting Native Programs

Lab 18 – Function Pointer Overwrite
3pm – 3:15pm

Break 2

3:15pm – 5pm

Lab 19 – Windows Server Exploit
Lab 20 – ROP
Student Requirements:

Students are required to provide a laptop for the course. Your laptop should have at least 30GB of free HD space, 4GB+ of RAM and VMware workstation/player for Windows or Fusion for the Mac installed ahead of time.
You will be given a Windows VM. Copy to your hard drive, and pass the portable Media to your neighbor. You will need a USB port and an OS that can read ExFat FileSystem to copy the data. (Most Mac and Windows have that, but with Linux, check for the driver) You may not share course media with non-students.
amazonv: (Default)
Thursday August 9

Switching to Caesars checking out of Tuscany

Caesar’s Kiosk didn’t work trying to check in

Line was LONG

FYI: Render had attempted to check in the night before. We never got the room is ready notification from night before.

Desk agent insisted he could not refund us that night, and called manager who also refused.

I worried I would be late to Diana Initiative. https://www.dianainitiative.org/

We finally got room and I headed to Diana.

I got my badge and shirt and my speaker gift. It was a presentation device! Awesome.
Hung out in lockpicks waiting on my talk and testing the presentation device. I caught the tail end of the Amazon devices talk.

Sadly Diana as a whole had to turn away people at the door as they were over fire marshall capacity.

I gave my talk in a small packed room. I had multiple A/V issues (Probably my laptop’s fault? Although It worked fine at BSidesLV.) But apparently the talk went well anyway. I need to go ahead and give the presentation via YouTube or something and record it as Diana didn’t have A/V this year and people missed it.

Slides: https://docs.google.com/presentation/d/1x36aquLFOFUdZaHlteTnKhWYU4rzSWxdOwGx17kz-jI/edit#slide=id.p

The talk focused on actionable items people of a variety of positions and walks of life could take. Hopefully each person attending could find one to leverage.

The talk can be given in different ways, I could tweak it to present to those specifically apply for jobs, those specifically hiring for jobs, parents or those with the opportunity to educate children, those in media (TV, print, games, etc), and lastly just those allies that want to help and are not managerial.

FYI Google Unconsious Bias Training: https://rework.withgoogle.com/guides/unbiasing-raise-awareness/steps/introduction/
After that I ran off to settle into the room and get ready for Skytalks setup, despite the rumor we would NOT get in early for setup, we did.

Dinner was #HackerFoodies Hackerfoodies.com at Jaleo
It was very tasty.

After I hung out with funsize and then crashed.
amazonv: (Default)
9/20

tried to call UoT, Thursday from airport right before they closed no luck, try again Monday

9/21

Vanguard Got generic letter and statements from website

Capital One got generic letter and statements from website

Marcus and TD got statements and sent


9/24

Called U of T and they confirmed getting my transcript and diplomas, and that I had nothing else to mail them.

To Do

Marcus Goldman Sachs, and TD Bank letters on the way, scan on arrival

Get September statements 4 banks

digital picture

Proof of relationship ?

current employer employment verification

Profile

amazonv: (Default)
amazonv

February 2019

S M T W T F S
     12
3456789
1011121314 1516
171819 20 212223
2425262728  

Syndicate

RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Apr. 22nd, 2019 01:03 am
Powered by Dreamwidth Studios