From BruCON 2015
Jump to: navigation, search
m (Day 1 : Monday September 19th)
(BruCON 0x07 Line-Up)
 
(162 intermediate revisions by 6 users not shown)
Line 1: Line 1:
 
__NOTOC__
 
__NOTOC__
 +
{| border="1" width="100%" style="text-align:center;"
 +
| The completed schedule is available on '''http://sched.brucon.org/grid-full'''
 +
|-
 +
|}
 +
 
=General Information=
 
=General Information=
* Please register for workshops [[Workshop Registration|here]]
+
 
* Workshops run for 2 consecutive speaking slots (ca. 2 hours)
+
* '''Registrations start at 8h30!'''
 +
* Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
 +
* Workshop rooms in the location '''Novotel Ghent (Orval, Chimay, La Trappe)''' are 5 minutes walking from the main venue
 +
* Workshop seats are limited. '''Reserved seats get in until 5 min before the workshop. After that it is first come, first in.'''
 +
* Read our important instructions on [[how to use SCHED.org]]!
 
* This schedule is subject to change, check back regularly.
 
* This schedule is subject to change, check back regularly.
* '''LAST MINUTE [[Announcements]] <- check it regularly!'''
 
  
==Day 1 : Monday September 19th==
+
=BruCON 0x07 Line-Up=
'''Registrations start at 9h00!'''
+
 
{| border="1px solid" style="text-align:center;"
+
'''Keynotes'''
|- bgcolor="#CCCCCC"
+
* Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
!|Time
+
* Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.
!|Lounge (Basement)
+
 
!|Westvleteren (Aula A - main track)
+
 
!|Westmalle (Aula B - workshops)
+
'''Talks'''
!|Orval (Aula D - workshop)
+
* Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
!|Outside
+
* Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
|- bgcolor="#CCCCCC"
+
* L. Grecs - Creating REAL Threat Intelligence ... with Evernote
!|9:00
+
* Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
|Breakfast
+
* Mark Hillick - Levelling Up Security @ Riot Games
|
+
* Ryan Kazanciyan and Matt Hastings - Desired state: compromise
|
+
* Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
|
+
* David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
|
+
* Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
|-
+
* Chris Nickerson - Nightmares of a Pentester
!|9:50
+
* Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
|
+
* Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
|Welcome (Seba & Wim)
+
* Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware
|
+
 
|
+
 
|
+
'''5by5'''
|-
+
 
!|10:00
+
This edition, there will not be a 5by5, but we will revive the project next edition
|
+
 
|[[Content#Alex_Hutton_.28Verizon_Business.2C_United_States.29|'''Keynote''' - Alex Hutton]]
+
 
|
+
'''Workshops'''
|
+
* Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
|
+
* Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
|-
+
* Prateek Gianchandani - iOS application pentesting
!|11:00
+
* Chris Lytle - Hands-On Old School Cryptography
|
+
* Chris Lytle and Matt Jakubowski - BrewCon
|[[Content#iOS_Data_Protection_Internals_.28Andrey_Belenko.29|IOS Data Protection Internals - Andrey Belenko]] ([http://2011.brucon.org/images/2/28/Brucon2011-Belenko_-_iOS_Data_Protection.pdf pdf])
+
* Nathan Magniez - Wireless Assessment Bootcamp 101
| rowspan="2" |[[Content#Collective_Malicious_PDF_Analysis_.28Brandon_Dixon_-_x0ner.29|Collective Malicious PDF Analysis - Brandon Dixon & x0ner]]
+
* Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
| rowspan="2" |[[Content#Lockpicking_.28Walter_Belgers.2CTOOOL.29|Lockpicking workshop - TOOOL NL]]
+
* Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
|
+
* Didier Stevens - A Hands On Introduction To Software Defined Radio
|-
+
* Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
!|12:00
+
* Ocean Lam, Count Ninjula and Keith Myers - DJ workshop
|
+
 
|[[Content#Botnet_Identification_and_remediation_.28Barry_Irwin.29|Botnet Identification and remediation - Barry Irwin]] ([http://2011.brucon.org/images/3/30/Brucon2011-Botnet_Identification_%26_remediation.pdf pdf])
+
 
|
+
'''Villages'''
|- bgcolor="#CCCCCC"
+
* ICS Village
!|13:00
+
* Hak4kidz - Hacking conference for children (Sunday 4-Oct)
|Lunch
+
 
|
 
|
 
|
 
|
 
|-
 
!|14:00
 
| rowspan="2" |[[Content#DJ_Workshop_.28Joernchen_and_Mumpi_of_Phenoelit.29|DJ Workshop (Joernchen and Mumpi of Phenoelit)]]
 
|[[Lightning Talks|Lightning talks Day 1]]
 
| rowspan="2" |[[Content#The_Web_Application_Hacking_Toolchain_.28Jason_Haddix_-_jhaddix.29|The web application hacking toolchain - Jason Haddix]]
 
| rowspan="2" |[[Content#White_Hat_Shellcode:_Not_for_Exploits_.28Didier_Stevens.29|White hat shellcode: not for exploits - Didier Stevens]]
 
| rowspan="2" |[[Content#Beer_brewing_workshop_.28Machtelt_Garrels.29|Beer workshop - Machtelt Garrels]] ([http://2011.brucon.org/images/a/aa/Brucon2011-Beerworkshop.pdf pdf])
 
|-
 
!|15:00
 
|[[Content#Smart_Phones_.E2.80.93_The_Weak_Link_in_the_Security_Chain_.28Nick_Walker_-_Werner_Nel.29|Smart Phones, the weak link in the security chain - Nick Walker and Werner Nel]]
 
|- bgcolor="#CCCCCC"
 
!|16:00
 
|Coffee break
 
|
 
|
 
|
 
|
 
|-
 
!|16:30
 
|
 
| '''keynote''' [[Content#Aluc_.28Germany.29_-_Incident_response_:_the_good_the_bad_and_the_ugly_or_how_to_keep_your_face_after_a_security_breach.|Incident response : the good the bad and the ugly, or how to keep your face after a security breach.- Aluc]]
 
| rowspan="2" |[[Content#WiFi_malware_for_Fun_and_Profit_.28Vivek_Ramachandran.29|Wifi malware for fun and profit - Vivek Ramachandran]] ([http://2011.brucon.org/images/a/a4/Brucon2011-Vivek-Ramachandran.pdf pdf])
 
| rowspan="2" |[[Content#Hacking_your_conference_badge_.28OpenAMD_Crew.29|Hacking your conference badge - OpenAMD]]
 
|
 
|-
 
!|17:30
 
|
 
| '''keynote''' [[Content#Dan_Kaminsky_.28United_States.29_-_Black_Ops_of_TCP.2FIP_2011|Black Ops of TCP/IP 2011 - Dan Kaminsky]]
 
|
 
|- bgcolor="#CCCCCC"
 
!|18:30
 
|Dinner
 
|
 
|
 
|
 
|
 
|-
 
!|19:30
 
|
 
|[[Content#Pentesting_High_Security_Environments_.28Joe_McCray_and_Chris_Gates.29|Pentesting high security environments - Joe McCray and Chris Gates]]
 
|[[Podcast meetup|Podcasters meetup]]
 
| rowspan="2" |[[Content#Agnitio:_the_security_code_review_Swiss_army_knife_.28David_Rook_-_Security_Ninja.29|Agnitio: the security code review Swiss knife - David Rook (Securityninja)]]
 
|
 
|-
 
!|20:30
 
|
 
|[[Content#Abusing_Locality_in_Shared_Web_Hosting_.28Nick_Nikiforakis_-_nikifor.29|Abusing locality in shared web hosting - Nick Nikiforakis]] ([http://2011.brucon.org/images/7/74/Brucon2011-abusing_locality.pdf pdf])
 
| [http://en.wikipedia.org/wiki/Powerpoint-Karaoke PowerPoint Karaoke]
 
|
 
|-
 
!|21:30
 
|Close
 
|
 
|
 
|
 
|
 
|-
 
!|22:00
 
|Doors closed
 
|
 
|
 
|
 
|
 
|-
 
|}
 
  
==Day 2 : Tuesday September 20th==
+
'''Sounds'''
{| border="1px solid" style="text-align:center;"
+
* Ocean Lam (Hong Kong)
|- bgcolor="#CCCCCC"
+
* Count Ninjula (Los Angeles)
!|Time
+
* Keith Myers (Los Angeles)
!|Lounge (Basement)
+
* keroSerene (Serene Han, pianist)
!|Westvleteren (Aula A - main track)
 
!|Westmalle (Aula B - workshops)
 
!|Orval (Aula D - workshop)
 
!|Outside
 
|- bgcolor="#CCCCCC"
 
!|9:00
 
|Breakfast
 
|
 
|
 
|
 
|
 
|-
 
!|10:00
 
|
 
|[[Content#Pushing_in.2C_leaving_a_present.2C_and_pulling_out_without_anybody_noticing_.28Ian_Amit.29|Pushing in, leaving a present and pulling out without anybody noticing - Ian Amit]] ([http://2011.brucon.org/images/a/ab/Brucon2011-DataExfiltration-iiamit-Brucon-2011.pdf pdf])
 
|
 
|
 
|
 
|-
 
!|11:00
 
|
 
| [[Content#Andreas_Bogk_-_Certified_programming_with_dependent_types_Because_the_future_of_defense_is_liberal_application_of_math|Certified programming with dependent types : Because the future of defense is liberal application of math - Andreas Bogk]]
 
| rowspan="2" |[[Content#Hacking_your_conference_badge_.28OpenAMD_Crew.29|Hacking your conference badge - OpenAMD]]
 
| rowspan="2" |[[Content#Script_Kiddie_Hacking_Techniques_.28Ellen_Moar_.26_Colin_McLean.29|Scriptkiddie hacking techniques - Ellen Moar & Colin McLean]]
 
|
 
|-
 
!|12:00
 
|
 
| [[Content#Botnets_and_Browsers_-_Brothers_in_a_Ghost_Shell_.28Aditya_K_Sood.29|Botnets and Browsers, Brothers in a Ghost Shell - Aditya K Sood]] ([http://2011.brucon.org/images/5/5d/Brucon2011-adityaks-botnet_and_browsers.pdf pdf])
 
|
 
|- bgcolor="#CCCCCC"
 
!|13:00
 
|Lunch
 
|
 
|
 
|
 
|
 
|-
 
!|14:00
 
|
 
|[[Content#Social_Engineering_Like_In_The_Movies_.28Dale_Pearson.29|Social Engineering like in the movies - Dale Pearson]] ([http://2011.brucon.org/images/e/e1/Brucon2011-SEMovies.pdf pdf])
 
| rowspan="2" |[[Content#Cisco_VoIP_insecurity_workshop_.28Sandro_Gauci_and_Joffrey_Czarny_aka_Sn0rkY.29|Cisco VoIP insecurity - Sandro Gauci and Joffrey Czarny]]
 
| rowspan="2" |[[Content#The_Web_Application_Hacking_Toolchain_.28Jason_Haddix_-_jhaddix.29|The web application hacking toolchain - Jason Haddix]]
 
|
 
|-
 
!|15:00
 
|
 
|[[Content#Myth-busting_Risk_.28Jack_Jones.29|Myth-busting Risk - Jack Jones]] ([http://2011.brucon.org/images/9/9f/Brucon2011-Mythbusting_Risk_v4.pdf pdf])
 
|
 
|- bgcolor="#CCCCCC"
 
!|16:00
 
|Coffee break
 
|
 
|
 
|
 
|
 
|-
 
!|16:30
 
|
 
|[[Content#Attacking_SAP.27s_J2EE_Engine_.28Alexander_Polyakov_and_Dmitriy_Chastuhin.29|Attacking SAP's J2EE Engine - Alexander Polyakov and Dmitriy Chastuhin]]
 
| rowspan="2" |[[Content#White_Hat_Shellcode:_Not_for_Exploits_.28Didier_Stevens.29|White hat shellcode: not for exploits - Didier Stevens]]
 
| rowspan="2" |[[Content#WiFi_malware_for_Fun_and_Profit_.28Vivek_Ramachandran.29|Wifi malware for fun and profit - Vivek Ramachandran]] ([http://2011.brucon.org/images/a/a4/Brucon2011-Vivek-Ramachandran.pdf pdf])
 
|
 
|-
 
!|17:30
 
|
 
|Keynote : [[Content#Haroon_Meer_.28Thinkst.com.2C_South-Africa.29_--_You_and_your_research|You and your research - Haroon Meer]]
 
|
 
|- bgcolor="#CCCCCC"
 
!|18:30
 
|Dinner
 
|
 
|
 
|
 
|
 
|-
 
!|19:30
 
|
 
|[[Lightning Talks|Lightning talks Day 2]]
 
| rowspan="2" |[http://site.infosecmentors.com/ Infosec Mentors]
 
| rowspan="2" |[[Content#Collective_Malicious_PDF_Analysis_.28Brandon_Dixon_-_x0ner.29|Collective Malicious PDF Analysis - Brandon Dixon & x0ner]]
 
|
 
|-
 
!|20:30
 
|
 
|[[Content#The_99.C2.A2_heart_surgeon_dilemma_.28Stefan_Friedli.29|The 99c heart surgeon dilemma - Stefan Friedli]]
 
|
 
|-
 
!|21:30
 
|Close
 
|
 
|
 
|
 
|
 
|-
 
!|22:00
 
|Doors closed
 
|
 
|
 
|
 
|
 
|-
 
|}
 

Latest revision as of 07:38, 3 October 2015

The completed schedule is available on http://sched.brucon.org/grid-full

General Information

  • Registrations start at 8h30!
  • Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
  • Workshop rooms in the location Novotel Ghent (Orval, Chimay, La Trappe) are 5 minutes walking from the main venue
  • Workshop seats are limited. Reserved seats get in until 5 min before the workshop. After that it is first come, first in.
  • Read our important instructions on how to use SCHED.org!
  • This schedule is subject to change, check back regularly.

BruCON 0x07 Line-Up

Keynotes

  • Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
  • Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.


Talks

  • Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
  • Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
  • L. Grecs - Creating REAL Threat Intelligence ... with Evernote
  • Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
  • Mark Hillick - Levelling Up Security @ Riot Games
  • Ryan Kazanciyan and Matt Hastings - Desired state: compromise
  • Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
  • David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
  • Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
  • Chris Nickerson - Nightmares of a Pentester
  • Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
  • Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
  • Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware


5by5

This edition, there will not be a 5by5, but we will revive the project next edition


Workshops

  • Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
  • Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
  • Prateek Gianchandani - iOS application pentesting
  • Chris Lytle - Hands-On Old School Cryptography
  • Chris Lytle and Matt Jakubowski - BrewCon
  • Nathan Magniez - Wireless Assessment Bootcamp 101
  • Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
  • Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
  • Didier Stevens - A Hands On Introduction To Software Defined Radio
  • Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
  • Ocean Lam, Count Ninjula and Keith Myers - DJ workshop


Villages

  • ICS Village
  • Hak4kidz - Hacking conference for children (Sunday 4-Oct)


Sounds

  • Ocean Lam (Hong Kong)
  • Count Ninjula (Los Angeles)
  • Keith Myers (Los Angeles)
  • keroSerene (Serene Han, pianist)