E-SPIN & Security Innovation Hackathon Malaysia Open 2017 simulated real-world e-commerce online store web hacking learning event

Please join E-SPIN and Security Innovation for an day of networking, food, and fun. This event will provide those in technology and cybersecurity with the opportunity to grow their security knowledge via an immersive hands-on hacking experience.

Participants will take the reins in an expert-guided training session leveraging cheat sheets, attack tables, mini-labs, and breakout sessions to learn how hackers break into websites using common vulnerabilities, insecure practices (like weak passwords) and more!

This event is intended for mid level managers responsible for security or development programs who are looking for a fun and engaging way to get their teams excited about software security; and for developers and testers at varying levels, from those with limited security expertise who are looking to learn security skills through learning by doing, to seasoned developers & testers who are looking to expand their attack and security skills.

We will provide initial training and the vulnerable infrastructure for you to test your skills.

This round event focus on Shred Skateboard & Graffiti online store (e-commerce application).

Shred Retail - Ecommerce Web Site

Shred is a fully functional ecommerce Web site where participants can:

• Purchase skateboards and graffiti supplies

• Review products and read other users reviews

• Purchase and redeem gift cards

• Share and comment on photos

• Manage account information

• View past orders

Comprising 35+ vulnerabilities, challenges include (but are not limited to):

• Buying items for $0 or without a valid credit card

• Viewing/modifying another user’s account

• Modifying other users’ graffiti gallery posts

• Redeeming other user’s gift cards

• Cracking passwords

Winner with the highest score for the day will received certificate of top score achievement for the event.

Scoring & Reporting

• Each challenge/vulnerability has a title, point value (10 to 2500), description and difficulty rating.
• Discovered vulnerabilities are automatically updated on the scoreboard
• Individual report cards provide a summary of user activity

 Please come and enjoy our training on event date and perform registration with Eventbrite page only :

• The event attendance strictly by invitation only, each of the invite company, maximum is 2 pax only. 
• The event attendance please bring along your laptop to participate in the simulated real-world e-commerce online store web hacking learning event. You will need to bring a laptop with the following:
• Recent version of Firefox installed with the FireBug Extension
• Recent Java Runtime installed

• It is recommended attendance bring their own internet access to avoid share internet access which may potentially slow you down for the scoring (if you do not want to using the share internet access provided). 

Lunch will be provided.

Space is limited, so please register soon.

Be note that upon register, the system will send initial automated order. You are require to wait to receive E-SPIN phone and email double confirmation email for authentication purpose. To simplify the process, do not make use of personal email, only use company email address, as personal email, the officer will direct reject it from the system, even after system receive your order.