From BruCON 2015
Jump to: navigation, search
(Current list of speakers)
(BruCON 0x07 Line-Up)
 
(75 intermediate revisions by 5 users not shown)
Line 1: Line 1:
 
__NOTOC__
 
__NOTOC__
 
 
{| border="1" width="100%" style="text-align:center;"
 
{| border="1" width="100%" style="text-align:center;"
 
| The completed schedule is available on '''http://sched.brucon.org/grid-full'''
 
| The completed schedule is available on '''http://sched.brucon.org/grid-full'''
Line 9: Line 8:
  
 
* '''Registrations start at 8h30!'''
 
* '''Registrations start at 8h30!'''
* Registration for workshops will be possible '''at the venue, please be there in time!!'''
+
* Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
** we have a varied audience. Some of you are on twitter, some read the blog, some do neither. As each workshop has limited seats available, we want to give everybody the same chance to register for the workshop of their choice.
+
* Workshop rooms in the location '''Novotel Ghent (Orval, Chimay, La Trappe)''' are 5 minutes walking from the main venue
* Workshops run for 2 consecutive speaking slots (ca. 2 hours)
+
* Workshop seats are limited. '''Reserved seats get in until 5 min before the workshop. After that it is first come, first in.'''
* Workshop rooms in the location '''Novotel Ghent (Orval, Chimay, La Trappe)''' are 10 minutes walking from the main venue
+
* Read our important instructions on [[how to use SCHED.org]]!
 
* This schedule is subject to change, check back regularly.
 
* This schedule is subject to change, check back regularly.
  
=Current list of speakers=
+
=BruCON 0x07 Line-Up=
  
 
'''Keynotes'''
 
'''Keynotes'''
* Amelia Andersdotter - Member of the European Parliament on behalf of Piratpartiet
+
* Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
* David Mortman - Back in Black
+
* Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.
* Dan Guido - CEO of Trail of Bits
+
 
  
 
'''Talks'''
 
'''Talks'''
* Alex Hutton, David Mortman, Kris Buytaert, Patrick Debois - A panel on DevOPS and Security
+
* Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
* Aloria - .NET: The Framework, the Myth, the Legend
+
* Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
* David Perez, Jose Pico - Geolocation of GSM mobile devices, even if they do not want to be found.
+
* L. Grecs - Creating REAL Threat Intelligence ... with Evernote
* Erin Jacobs, Zack Fasel - Taking the BDSM out of PCI-DSS through open-source solutions
+
* Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
* Jake Valletta - CobraDroid
+
* Mark Hillick - Levelling Up Security @ Riot Games
* Robert Graham - Data-plane networking
+
* Ryan Kazanciyan and Matt Hastings - Desired state: compromise
* Russ Gideon - Paint by Numbers vs. Monet
+
* Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
* Stephan Chenette - Building Custom Android Malware for Penetration Testing
+
* David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
* Tiago Balgan Henriques, Tiago Martins, João Gouveia - Realtime analysis and visualization of internet status : from malware to compromised machines.
+
* Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
* Vaagn Toukharian - HTTP Time Bandit
+
* Chris Nickerson - Nightmares of a Pentester
 +
* Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
 +
* Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
 +
* Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware
 +
 
 +
 
 +
'''5by5'''
 +
 
 +
This edition, there will not be a 5by5, but we will revive the project next edition
 +
 
  
 
'''Workshops'''
 
'''Workshops'''
* Carlos G. Prado - Automating RE with Python
+
* Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
* Christopher Lytle - Crypto by example - A hands-on cryptography workshop
+
* Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
* Didier Stevens - Advanced Excel Hacking
+
* Prateek Gianchandani - iOS application pentesting
* Ioannis Koniaris - Analyzing Internet Attacks with Honeypots
+
* Chris Lytle - Hands-On Old School Cryptography
* Matt Erasmus, Eireann Leverett - Foundational Packetry: Using the internet on God mode
+
* Chris Lytle and Matt Jakubowski - BrewCon
* Sandro Melo - Kudo : Post Mortem Forensic Analysis with FLOSS tools 2.0
+
* Nathan Magniez - Wireless Assessment Bootcamp 101
* The Cuckoo Team - Cuckoo
+
* Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
* Willi Ballenthin/Michael Sikorski - Winter Cluster: Building a malware 'agglomerator'
+
* Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
* DJ Jackalope, Keith Myers, Count Ninjula - DJ Workshop
+
* Didier Stevens - A Hands On Introduction To Software Defined Radio
 +
* Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
 +
* Ocean Lam, Count Ninjula and Keith Myers - DJ workshop
  
  
<!--
+
'''Villages'''
{| border="1px solid" style="text-align:center;"
+
* ICS Village
|- bgcolor="#CCCCCC"
+
* Hak4kidz - Hacking conference for children (Sunday 4-Oct)
!|Time
 
!|Lounge
 
!|Westvleteren (main track)
 
!|Westmalle (workshops)
 
!|Orval (@Pand!)
 
!|Chimay (@Pand!)
 
!|La Trappe
 
|- bgcolor="#CCCCCC"
 
!|8:30
 
|Registration
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|9:00
 
|Breakfast
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|9:50
 
|
 
|Welcome (Seba & Wim)
 
|rowspan="2" | Streaming from Westvleteren
 
|
 
|
 
|The Hex Factor (continuously)
 
|-
 
!|10:00
 
|
 
|Keynote (Katie Moussouris)
 
|
 
|
 
|
 
|-
 
!|11:00
 
|
 
|[http://2012.brucon.org/index.php/Talks_and_workshops#Meredith_L._Patterson_and_Sergey_Bratus_-_LangSec Meredith L. Patterson and Sergey Bratus]
 
| rowspan="2" | Windows x64: The Essentials ([http://2012.brucon.org/index.php/Talks_and_workshops#Didier_Stevens_-_Windows_x64:_The_Essentials_.282h.29 Didier Stevens])
 
|
 
|
 
|
 
|-
 
!|12:00
 
|
 
|The Defense RESTs: Automation and APIs for Improving Security ([http://2012.brucon.org/index.php/Talks_and_workshops#David_Mortman_-_The_Defense_RESTs:_Automation_and_APIs_for_Improving_Security David Mortman])
 
|
 
|
 
|
 
|- bgcolor="#CCCCCC"
 
!|13:00
 
|Lunch
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|14:00
 
|
 
|Satellite Hacking ([http://2012.brucon.org/index.php/Talks_and_workshops#Paul_Marsh_-_Satellite_Hacking Paul Marsh])
 
| rowspan="2" |Clearing the Red Forest ([http://2012.brucon.org/index.php/Talks_and_workshops#Michael_Sikorski_.26_William_Ballenthin_-_Clearing_the_Red_Forest_.284h.29 Michael Sikorski & Willi Ballenthin])
 
| rowspan="2" |Introducing OWTF ([http://2012.brucon.org/index.php/Talks_and_workshops#Abraham_Aranguren_-_Introducing_OWTF_.284hr.29 Abraham Aranguren])
 
| rowspan="2" |Hacking with Python ([http://2012.brucon.org/index.php/Talks_and_workshops#Vivek_Ramachandran_-_Hacking_with_Python_.282hr.29 Vivek Ramachandran])
 
| rowspan="2" |Build your own arduino clone for controlling servo motors ([http://2012.brucon.org/index.php/Talks_and_workshops#fbz_-_Hardware_Hacking fbz])
 
|-
 
!|15:00
 
|
 
|Security of National eID (smartcard-based) Web Applications ([http://2012.brucon.org/index.php/Talks_and_workshops#Raul_Siles_-_Security_of_National_eID_.28smartcard-based.29_Web_Applications Raul Siles])
 
|- bgcolor="#CCCCCC"
 
!|16:00
 
|Coffee break
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|16:30
 
| rowspan="2" | [http://2012.brucon.org/index.php/Talks_and_workshops#Beer_Hacking_workshop Beer Workshop]
 
| Moar Anti-Forensics for the Louise ([http://2012.brucon.org/index.php/Talks_and_workshops#int0x80_.28of_Dual_Core.29_-_Moar_Anti-Forensics_for_the_Louise int0x80])
 
| rowspan="2" |Clearing the Red Forest ([http://2012.brucon.org/index.php/Talks_and_workshops#Michael_Sikorski_.26_William_Ballenthin_-_Clearing_the_Red_Forest_.284h.29 Michael Sikorski & Willi Ballenthin])
 
| rowspan="2" |Introducing OWTF ([http://2012.brucon.org/index.php/Talks_and_workshops#Abraham_Aranguren_-_Introducing_OWTF_.284hr.29 Abraham Aranguren])
 
| rowspan = "2" | [http://2012.brucon.org/index.php/Talks_and_workshops#Walter_Belgers_.28TOOOL.29_-_Lockpicking TOOOL (lockpicking)]
 
| rowspan = "2" |
 
|-
 
!|17:30
 
|pMap, the silent killer ([http://2012.brucon.org/index.php/Talks_and_workshops#Gregory_Pickett_-_pMap.2C_the_silent_killer Gregory Pickett])
 
|- bgcolor="#CCCCCC"
 
!|18:30
 
|Dinner
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|19:30
 
|[http://2012.brucon.org/index.php/Talks_and_workshops#Joernchen.2C_Astera_.26_Mumpi_-_DJ_Workshop_.282h.29 DJ Workshop]
 
|"Cyberwar" : Not What We Were Expecting ([http://2012.brucon.org/index.php/Talks_and_workshops#Josh_Corman_and_Jericho_-_.22Cyberwar.22_:_Not_What_We_Were_Expecting Josh Corman & Jericho])
 
|Streaming from Westvleteren
 
|
 
|
 
|
 
|-
 
!|20:30
 
|[http://2012.brucon.org/index.php/Talks_and_workshops#Joernchen.2C_Astera_.26_Mumpi_-_DJ_Workshop_.282h.29 DJ Workshop]
 
|Recent Advances in IPv6 Security ([http://2012.brucon.org/index.php/Talks_and_workshops#Fernando_Gont_-_Recent_Advances_in_IPv6_Security Fernando Gont])
 
|Streaming from Westvleteren
 
|
 
|
 
|
 
|-
 
!|21:30
 
|Close
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|22:00
 
|Doors closed
 
|
 
|
 
|
 
|
 
|
 
|-
 
|}
 
  
==Day 2 : Friday September 27th==
 
{| border="1px solid" style="text-align:center;"
 
|- bgcolor="#CCCCCC"
 
!|Time
 
!|Lounge
 
!|Westvleteren (main track)
 
!|Westmalle (workshops)
 
!|Orval (@Pand)
 
!|La Trappe
 
|- bgcolor="#CCCCCC"
 
!|9:00
 
|Breakfast
 
|
 
|
 
|
 
|
 
|-
 
!|10:00
 
|
 
|We have you by the gadgets ([http://2012.brucon.org/index.php/Talks_and_workshops#Mickey_Shkatov_-_we_have_you_by_the_gadgets Mickey Shkatov])
 
|Streaming from Westvleteren
 
|
 
|
 
|-
 
!|11:00
 
|
 
|Introducing the Smartphone Penetration Testing Framework ([http://2012.brucon.org/index.php/Talks_and_workshops#Georgia_Weidman_-_Introducing_the_Smartphone_Penetration_Testing_Framework Georgia Weidman])
 
| rowspan="2" |Windows x64: The Essentials ([http://2012.brucon.org/index.php/Talks_and_workshops#Didier_Stevens_-_Windows_x64:_The_Essentials_.282h.29 Didier Stevens])
 
| rowspan="2" | [http://2012.brucon.org/index.php/Talks_and_workshops#Walter_Belgers_.28TOOOL.29_-_Lockpicking TOOOL (lockpicking)]
 
| rowspan="2" | The Hex Factor (continuously)
 
|-
 
!|12:00
 
|
 
|
 
|- bgcolor="#CCCCCC"
 
!|13:00
 
|Lunch
 
|
 
|
 
|
 
|
 
|-
 
!|14:00
 
|
 
|HTML5 - A Whole New Attack Vector ([http://2012.brucon.org/index.php/Talks_and_workshops#Robert_McArdle_-_HTML5_-_A_Whole_New_Attack_Vector Robert McArdle])
 
|[http://2012.brucon.org/index.php/Lightning_Talks Lightning talks]
 
| rowspan="2" |Hacking with Python ([http://2012.brucon.org/index.php/Talks_and_workshops#Vivek_Ramachandran_-_Hacking_with_Python_.282hr.29 Vivek Ramachandran])
 
| rowspan="2" |Build a quadrifilar helix antenna and use rtl-sdr to listen to NOAA weather satellites ([http://2012.brucon.org/index.php/Talks_and_workshops#fbz_-_Hardware_Hacking fbz])
 
|-
 
!|15:00
 
|
 
|A Million Mousetraps: Using Big Data and Little Loops to Build Better Defenses ([http://2012.brucon.org/index.php/Talks_and_workshops#Allison_Miller_-_A_Million_Mousetraps:_Using_Big_Data_and_Little_Loops_to_Build_Better_Defenses Allison Miller])
 
|Hiring! Looking for volunteer Cyber FireFighters and Innovative Cyber Security Measures ([http://2012.brucon.org/index.php/Talks_and_workshops#LSEC_-_Hiring.21_Looking_for_volunteer_Cyber_FireFighters_and_Innovative_Cyber_Security_Measures LSEC])
 
|- bgcolor="#CCCCCC"
 
!|16:00
 
|Coffee break
 
|
 
|
 
|
 
|
 
|-
 
!|16:30
 
|
 
|Uncovering SAP vulnerabilities: dissecting and breaking the Diag protocol ([http://2012.brucon.org/index.php/Talks_and_workshops#Martin_Gallo_-_Uncovering_SAP_vulnerabilities:_dissecting_and_breaking_the_Diag_protocol Martin Gallo])
 
| rowspan="2" |Advanced Chrome Extension Exploitation ([http://2012.brucon.org/index.php/Talks_and_workshops#Kyle_.27Kos.27_Osborn_.26_Krzysztof_Kotowicz_-_Advanced_Chrome_Extension_Exploitation_.282h.29 Kyle Osborn & K. Kotowicz])
 
| rowspan="2" |The PANIC Project ([http://2012.brucon.org/index.php/Talks_and_workshops#Biosshadow.2C_Matt_Erasmus.2C_Benson_-_The_PANIC_Project Biosshadow, Matt Erasmus & Benson])
 
|
 
|-
 
!|17:30
 
|
 
|Keynote ([http://2012.brucon.org/index.php/Talks_and_workshops#.28Keynote.29_Ed_Skoudis_-_Letting_Loose_the_Dogs_of_.28cyber.29_War Ed Skoudis])
 
|
 
|- bgcolor="#CCCCCC"
 
!|18:30
 
|Dinner
 
|
 
|
 
|
 
|
 
|-
 
!|19:30
 
|
 
|New flaws in WPA-TKIP ([http://2012.brucon.org/index.php/Talks_and_workshops#Mathy_Vanhoef_-_New_flaws_in_WPA-TKIP Mathy Vanhoef])
 
| rowspan="2" | Streaming from Westvleteren
 
|
 
|
 
|-
 
!|20:30
 
|
 
|How I met your pointer (Hijacking client software for fuzz and profit) ([http://2012.brucon.org/index.php/Talks_and_workshops#Carlos_Garcia_-_How_I_met_your_pointer_.28Hijacking_client_software_for_fuzz_and_profit.29 Carlos Garcia Prado])
 
|
 
|
 
|-
 
!|21:30
 
|Close
 
|
 
|
 
|
 
|
 
|-
 
!|22:00
 
|Doors closed
 
|
 
|
 
|
 
|
 
|-
 
|}
 
  
-->
+
'''Sounds'''
 +
* Ocean Lam (Hong Kong)
 +
* Count Ninjula (Los Angeles)
 +
* Keith Myers (Los Angeles)
 +
* keroSerene (Serene Han, pianist)

Latest revision as of 07:38, 3 October 2015

The completed schedule is available on http://sched.brucon.org/grid-full

General Information

  • Registrations start at 8h30!
  • Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
  • Workshop rooms in the location Novotel Ghent (Orval, Chimay, La Trappe) are 5 minutes walking from the main venue
  • Workshop seats are limited. Reserved seats get in until 5 min before the workshop. After that it is first come, first in.
  • Read our important instructions on how to use SCHED.org!
  • This schedule is subject to change, check back regularly.

BruCON 0x07 Line-Up

Keynotes

  • Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
  • Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.


Talks

  • Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
  • Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
  • L. Grecs - Creating REAL Threat Intelligence ... with Evernote
  • Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
  • Mark Hillick - Levelling Up Security @ Riot Games
  • Ryan Kazanciyan and Matt Hastings - Desired state: compromise
  • Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
  • David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
  • Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
  • Chris Nickerson - Nightmares of a Pentester
  • Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
  • Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
  • Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware


5by5

This edition, there will not be a 5by5, but we will revive the project next edition


Workshops

  • Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
  • Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
  • Prateek Gianchandani - iOS application pentesting
  • Chris Lytle - Hands-On Old School Cryptography
  • Chris Lytle and Matt Jakubowski - BrewCon
  • Nathan Magniez - Wireless Assessment Bootcamp 101
  • Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
  • Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
  • Didier Stevens - A Hands On Introduction To Software Defined Radio
  • Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
  • Ocean Lam, Count Ninjula and Keith Myers - DJ workshop


Villages

  • ICS Village
  • Hak4kidz - Hacking conference for children (Sunday 4-Oct)


Sounds

  • Ocean Lam (Hong Kong)
  • Count Ninjula (Los Angeles)
  • Keith Myers (Los Angeles)
  • keroSerene (Serene Han, pianist)