## My computer, my data, my code - liberating your data from user-hostile apps.
This 2 hour workshop will guide you through analysing a real application, and re-implementing it just enough in code to get your own data out.
Date: Saturday, 24th February 2024
Venue: smallcase, 51, Convent Road, Richmond Town, Bangalore
Time: 11 am.
RSVP are closed but reach out if you're interested: https://fossunited.org/meetup/rsvp/2024/02
## Learning Outcomes:
1. A basic idea of what goes into re-implementing real-world applications as FOSS. What tools are required, what do actual flows look like.
2. Experience with ZAP/mitmproxy, the open-source proxy for such usecase.
3. A better understanding of HTTP, sessions, authentication.
4. Writing some basic web request code, generating CSV files.
## Pre-requisites
1. Basic understanding of at least one programming language. Ideally one of Python/Ruby/Bash/Javascript, but others will also do.
1. A mobile device - either iOS or Android will do. Recommended, but not necessary.
1. A laptop with a working \*nix setup and WiFi. WSL/MacOS/Linux should be fine.
2. A working setup of your favorite programming language.
## Workshop Flow
1. **Agenda, Fundamentals Workshop Walkthrough** - Tooling introduction, and explanation of fundamentals (HTTP Requests, Proxies, Reverse Engineering, FOSS)
2. **Traffic Capture & Analysis** - Walk everyone through signing up and using the application while attached to a proxy. Basics of ZAP (First 15 minutes), then letting users play around for the next 30 as we guide them towards web flows.
3. **Code Generation** - Simple code generation using tools such as https://curlconverter.com/. Understand what the code does.
4. **Data Export** - Final code changes to generate your data export, suggestions for improvements etc.
## Non-Goals
Due to this being a short 2 hour workshop, we cannot go in depth, and this is meant as a beginner-friendly workshop to dip your toes in the field. A few call-outs for what will _not be covered_:
1. Learning Reverse Engineering - We cannot deep-dive into learning Android/iOS RE skills, and will limit ourselves to just traffic analysis.
2. Teaching Basics of Programming - We assume you know how to code in atleast one programming language, and are sufficiently profecient to know how to make web requests in your language of choice.
## Workshop Trainers
Nemo is creator of endoflife.date. Previously, he was a founding engineer at Razorpay, where he reversed applications for fun and fintech.
Vivek is an ex-engineer at Razorpay, he hacks things for fun and profit.
Both of us have conducted workshops together in the past.
Sign in with Wallet
Connect another wallet