From BruCON 2015
Jump to: navigation, search
(Day 2 : Thursday September 27th)
(BruCON 0x07 Line-Up)
 
(108 intermediate revisions by 6 users not shown)
Line 1: Line 1:
 
__NOTOC__
 
__NOTOC__
 +
{| border="1" width="100%" style="text-align:center;"
 +
| The completed schedule is available on '''http://sched.brucon.org/grid-full'''
 +
|-
 +
|}
 +
 
=General Information=
 
=General Information=
* Registration for workshops will be possible '''at the venue'''
+
 
** we have a varied audience. Some of you are on twitter, some read the blog, some do neither. As each workshop has limited seats available, we want to give everybody the same chance to register for the workshop of their choice.
+
* '''Registrations start at 8h30!'''
* Workshops run for 2 consecutive speaking slots (ca. 2 hours)
+
* Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
* 't Pand is a location within 10 minutes walking distance of the main venue !
+
* Workshop rooms in the location '''Novotel Ghent (Orval, Chimay, La Trappe)''' are 5 minutes walking from the main venue
* La Trappe isn't a room or an aula but rather an open space gallery in the main venue. Directions will be clearly visible.
+
* Workshop seats are limited. '''Reserved seats get in until 5 min before the workshop. After that it is first come, first in.'''
* We do have the "Beer Workshop" again this year !!! It is not on the schedule yet, but prepare to brew your own !
+
* Read our important instructions on [[how to use SCHED.org]]!
 
* This schedule is subject to change, check back regularly.
 
* This schedule is subject to change, check back regularly.
  
=Current list of speakers=
+
=BruCON 0x07 Line-Up=
  
 
'''Keynotes'''
 
'''Keynotes'''
* Ed Skoudis - founder and senior security consultant with InGuardians
+
* Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
* Katie Moussouris - Lead Security Community Outreach and Strategy team at Microsoft
+
* Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.
 +
 
  
 
'''Talks'''
 
'''Talks'''
* Georgia Weidman - Introducing the Smartphone Penetration Testing Framework
+
* Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
* Robert McArdle - HTML5 - A Whole New Attack Vector
+
* Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
* Raul Siles - Security of National eID (smartcard-based) Web Applications
+
* L. Grecs - Creating REAL Threat Intelligence ... with Evernote
* Andreas Bogk - Herding RATs
+
* Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
* Josh Corman and Jericho - "Cyberwar" : Not What We Were Expecting
+
* Mark Hillick - Levelling Up Security @ Riot Games
* Allison Miller - A Million Mousetraps: Using Big Data and Little Loops to Build Better Defenses
+
* Ryan Kazanciyan and Matt Hastings - Desired state: compromise
* Mathy Vanhoef - New flaws in WPA-TKIP
+
* Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
* Martin Gallo - Uncovering SAP vulnerabilities: dissecting and breaking the Diag protocol
+
* David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
* Fernando Gont - Recent Advances in IPv6 Security
+
* Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
* Gregory Pickett - pMap, the silent killer
+
* Chris Nickerson - Nightmares of a Pentester
* Carlos Garcia - How I met your pointer (Hijacking client software for fuzz and profit)
+
* Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
* Paul Marsh - Satellite Hacking
+
* Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
* Chris Nickerson - Tactical Surveillance : Look at me now!
+
* Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware
* Mickey Shkatov - we have you by the gadgets
+
 
* int0x80 (of Dual Core) - Moar Anti-Forensics for the Louise
+
 
* David Mortman - The Defense RESTs: Automation and APIs for Improving Security
+
'''5by5'''
 +
 
 +
This edition, there will not be a 5by5, but we will revive the project next edition
  
  
 
'''Workshops'''
 
'''Workshops'''
* Didier Stevens - Windows x64: The Essentials
+
* Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
* Kyle 'Kos' Osborn & Krzysztof Kotowicz - Advanced Chrome Extension Exploitation
+
* Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
* Michael Sikorski & William Ballenthin - Clearing the Red Forest
+
* Prateek Gianchandani - iOS application pentesting
* Abraham Aranguren - Introducing OWTF
+
* Chris Lytle - Hands-On Old School Cryptography
* Biosshadow, Matt Erasmus, Benson - The PANIC Project
+
* Chris Lytle and Matt Jakubowski - BrewCon
* Vivek Ramachandran - Hacking with Python
+
* Nathan Magniez - Wireless Assessment Bootcamp 101
* fbz - Hardware Hacking
+
* Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
* Walter Belgers (TOOOL) - Lockpicking
+
* Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
* Joernchen, Astera & Mumpi - DJ Workshop
+
* Didier Stevens - A Hands On Introduction To Software Defined Radio
* Meredith L. Patterson & Sergey Bratus - Langsec Workshop
+
* Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
* Machtelt Garrels - Beer brewing workshop
+
* Ocean Lam, Count Ninjula and Keith Myers - DJ workshop
 
 
  
==Day 1 : Wednesday September 26th==
 
'''Registrations start at 9h00!'''
 
  
'''Workshop rooms in the location 't Pand are 10 minutes walking from the main venue.'''
+
'''Villages'''
 +
* ICS Village
 +
* Hak4kidz - Hacking conference for children (Sunday 4-Oct)
  
'''Please be there in time!!'''
 
{| border="1px solid" style="text-align:center;"
 
|- bgcolor="#CCCCCC"
 
!|Time
 
!|Lounge
 
!|Westvleteren (main track)
 
!|Westmalle (workshops)
 
!|Orval (@Pand!)
 
!|Chimay (@Pand!)
 
!|La Trappe
 
|- bgcolor="#CCCCCC"
 
!|9:00
 
|Breakfast
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|9:50
 
|
 
|Welcome (Seba & Wim)
 
|
 
|
 
|
 
|The Hex Factor (continuously)
 
|-
 
!|10:00
 
|
 
|Katie Moussouris
 
|
 
|
 
|
 
|
 
|-
 
!|11:00
 
|
 
|Meredith L. Patterson and Sergey Bratus
 
| rowspan="2" | Didier Stevens
 
| rowspan="2" |
 
|
 
|
 
|-
 
!|12:00
 
|
 
|David Mortman
 
|
 
|
 
|- bgcolor="#CCCCCC"
 
!|13:00
 
|Lunch
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|14:00
 
| rowspan="2" |
 
|Paul Marsh
 
| rowspan="2" |Michael Sikorski & Willi Ballenthin
 
| rowspan="2" |Abraham Aranguren
 
| rowspan="2" |Vivek Ramachandran
 
| rowspan="2" | fbz
 
|-
 
!|15:00
 
|Raul Siles
 
|- bgcolor="#CCCCCC"
 
!|16:00
 
|Coffee break
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|16:30
 
|
 
| int0x80
 
| rowspan="2" |Michael Sikorski & Willi Ballenthin
 
| rowspan="2" |Abraham Aranguren
 
| rowspan = "2" | TOOOL (lockpicking)
 
| rowspan = "2" |
 
|-
 
!|17:30
 
|
 
| Gregory Pickett
 
|- bgcolor="#CCCCCC"
 
!|18:30
 
|Dinner
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|19:30
 
|DJ Workshop
 
|Josh Corman & Jericho
 
|Lightning talks
 
|
 
|
 
|
 
|-
 
!|20:30
 
|DJ Workshop
 
|Fernando Gont
 
|
 
|
 
|
 
|
 
|-
 
!|21:30
 
|Close
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|22:00
 
|Doors closed
 
|
 
|
 
|
 
|
 
|
 
|-
 
|}
 
  
==Day 2 : Thursday September 27th==
+
'''Sounds'''
{| border="1px solid" style="text-align:center;"
+
* Ocean Lam (Hong Kong)
|- bgcolor="#CCCCCC"
+
* Count Ninjula (Los Angeles)
!|Time
+
* Keith Myers (Los Angeles)
!|Lounge
+
* keroSerene (Serene Han, pianist)
!|Westvleteren (main track)
 
!|Westmalle (workshops)
 
!|Orval (@Pand)
 
!|La Trappe
 
|- bgcolor="#CCCCCC"
 
!|9:00
 
|Breakfast
 
|
 
|
 
|
 
|
 
|-
 
!|10:00
 
|
 
|[http://2012.brucon.org/index.php/Talks_and_workshops#Mickey_Shkatov_-_we_have_you_by_the_gadgets Mickey Shkatov]
 
|
 
|
 
|
 
|-
 
!|11:00
 
|
 
| [http://2012.brucon.org/index.php/Talks_and_workshops#Georgia_Weidman_-_Introducing_the_Smartphone_Penetration_Testing_Framework Georgia Weidman]
 
| rowspan="2" | [http://2012.brucon.org/index.php/Talks_and_workshops#Didier_Stevens_-_Windows_x64:_The_Essentials_.282h.29 Didier Stevens]
 
| rowspan="2" | [http://2012.brucon.org/index.php/Talks_and_workshops#Walter_Belgers_.28TOOOL.29_-_Lockpicking TOOOL (lockpicking)]
 
| rowspan="2" | The Hex Factor (continuously)
 
|-
 
!|12:00
 
|
 
| [http://2012.brucon.org/index.php/Talks_and_workshops#Andreas_Bogk_-_Herding_RATs Andreas Bogk]
 
|
 
|- bgcolor="#CCCCCC"
 
!|13:00
 
|Lunch
 
|
 
|
 
|
 
|
 
|-
 
!|14:00
 
|
 
|[http://2012.brucon.org/index.php/Talks_and_workshops#Robert_McArdle_-_HTML5_-_A_Whole_New_Attack_Vector Robert McArdle]
 
|[http://2012.brucon.org/index.php/Lightning_Talks Lightning talks]
 
| rowspan="2" |[http://2012.brucon.org/index.php/Talks_and_workshops#Vivek_Ramachandran_-_Hacking_with_Python_.282hr.29 Vivek Ramachandran]
 
| rowspan="2" | [http://2012.brucon.org/index.php/Talks_and_workshops#fbz_-_Hardware_Hacking fbz]
 
|-
 
!|15:00
 
|
 
|[http://2012.brucon.org/index.php/Talks_and_workshops#Allison_Miller_-_A_Million_Mousetraps:_Using_Big_Data_and_Little_Loops_to_Build_Better_Defenses Allison Miller]
 
|LSEC event
 
|- bgcolor="#CCCCCC"
 
!|16:00
 
|Coffee break
 
|
 
|
 
|
 
|
 
|-
 
!|16:30
 
|
 
|[http://2012.brucon.org/index.php/Talks_and_workshops#Martin_Gallo_-_Uncovering_SAP_vulnerabilities:_dissecting_and_breaking_the_Diag_protocol Martin Gallo]
 
| rowspan="2" |[http://2012.brucon.org/index.php/Talks_and_workshops#Kyle_.27Kos.27_Osborn_.26_Krzysztof_Kotowicz_-_Advanced_Chrome_Extension_Exploitation_.282h.29 Kyle Osborn & K. Kotowicz]
 
| rowspan="2" |[http://2012.brucon.org/index.php/Talks_and_workshops#Biosshadow.2C_Matt_Erasmus.2C_Benson_-_The_PANIC_Project Biosshadow, Matt Erasmus & Benson]
 
| rowspan="2" |
 
|-
 
!|17:30
 
|
 
|[http://2012.brucon.org/index.php/Talks_and_workshops#.28Keynote.29_Ed_Skoudis_-_Letting_Loose_the_Dogs_of_.28cyber.29_War Ed Skoudis]
 
|
 
|- bgcolor="#CCCCCC"
 
!|18:30
 
|Dinner
 
|
 
|
 
|
 
|
 
|-
 
!|19:30
 
|
 
| [http://2012.brucon.org/index.php/Talks_and_workshops#Mathy_Vanhoef_-_New_flaws_in_WPA-TKIP Mathy Vanhoef]
 
| rowspan="2" |
 
| rowspan="2" |
 
| rowspan="2" |
 
|-
 
!|20:30
 
|
 
| [http://2012.brucon.org/index.php/Talks_and_workshops#Carlos_Garcia_-_How_I_met_your_pointer_.28Hijacking_client_software_for_fuzz_and_profit.29 Carlos Garcia Prado]
 
|-
 
!|21:30
 
|Close
 
|
 
|
 
|
 
|
 
|-
 
!|22:00
 
|Doors closed
 
|
 
|
 
|
 
|
 
|-
 
|}
 

Latest revision as of 07:38, 3 October 2015

The completed schedule is available on http://sched.brucon.org/grid-full

General Information

  • Registrations start at 8h30!
  • Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
  • Workshop rooms in the location Novotel Ghent (Orval, Chimay, La Trappe) are 5 minutes walking from the main venue
  • Workshop seats are limited. Reserved seats get in until 5 min before the workshop. After that it is first come, first in.
  • Read our important instructions on how to use SCHED.org!
  • This schedule is subject to change, check back regularly.

BruCON 0x07 Line-Up

Keynotes

  • Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
  • Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.


Talks

  • Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
  • Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
  • L. Grecs - Creating REAL Threat Intelligence ... with Evernote
  • Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
  • Mark Hillick - Levelling Up Security @ Riot Games
  • Ryan Kazanciyan and Matt Hastings - Desired state: compromise
  • Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
  • David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
  • Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
  • Chris Nickerson - Nightmares of a Pentester
  • Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
  • Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
  • Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware


5by5

This edition, there will not be a 5by5, but we will revive the project next edition


Workshops

  • Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
  • Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
  • Prateek Gianchandani - iOS application pentesting
  • Chris Lytle - Hands-On Old School Cryptography
  • Chris Lytle and Matt Jakubowski - BrewCon
  • Nathan Magniez - Wireless Assessment Bootcamp 101
  • Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
  • Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
  • Didier Stevens - A Hands On Introduction To Software Defined Radio
  • Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
  • Ocean Lam, Count Ninjula and Keith Myers - DJ workshop


Villages

  • ICS Village
  • Hak4kidz - Hacking conference for children (Sunday 4-Oct)


Sounds

  • Ocean Lam (Hong Kong)
  • Count Ninjula (Los Angeles)
  • Keith Myers (Los Angeles)
  • keroSerene (Serene Han, pianist)