From BruCON 2015
Jump to: navigation, search
(BruCON 0x07 Line-Up)
 
(299 intermediate revisions by 9 users not shown)
Line 1: Line 1:
* Wednesday 16/09 - Thursday 17/09: see [[Training]]
 
* Friday 18/09 - Saturday 19/09: Workshops + Presentations + [[Lightning Talks]]<br><br>
 
 
'''Conference doors and registration will be open at 8:00 on Friday'''
 
 
Click here to see the complete '''[[Speakers | Alphabetical list of speakers]]'''<br>
 
Click here to see the complete '''[[Presentations | Alphabetical list of presentations]]'''
 
 
==Schedule==
 
 
 
 
__NOTOC__
 
__NOTOC__
 +
{| border="1" width="100%" style="text-align:center;"
 +
| The completed schedule is available on '''http://sched.brucon.org/grid-full'''
 +
|-
 +
|}
  
{| border='1px'
+
=General Information=
|- style="font-size:11pt;font-weight:bold" align="center"
 
|
 
| colspan="4" | Friday 18th
 
| colspan="4" | Saturday 19th
 
 
 
|- style="font-size:10pt;font-weight:bold" align="center"
 
| width="92" height="15" | Hour
 
| width="92" | Speaker Track
 
| width="92" | Workshop Track #1
 
| width="92" | Workshop Track #2
 
| width="6" | The Hex Factor
 
| width="92" | Speaker Track
 
| width="92" | Workshop Track #1
 
| width="92" | Workshop Track #2
 
| width="6" | The Hex Factor
 
 
 
|- style="font-size:11pt" align="center"
 
| height="26" | 9:00
 
| rowspan="2" | [[Presentations#Trusted_Cryptography | Trusted Cryptography]]
 
| rowspan="4" | -
 
| rowspan="4" | [[Workshops#Physical_locks_by_Toool | Lockpicking #1]]
 
| rowspan="24" | [[Challenge | The Hex Factor]]
 
| rowspan="2" | [[Presentations#Social_engineering_for_penetration_testers  | Social engineering for penetration testers]]
 
| rowspan="4" | [[Workshops#Arduino:_how_we_made_the_beerduino | Arduino Workshop #2]]
 
| rowspan="4" | [[Workshops#Wireless_auditing | Wireless Security #2]]
 
| rowspan="22" | [[Challenge | The Hex Factor]]
 
 
 
|- style="font-size:11pt" align="center"
 
| height="26" | 9:30
 
 
 
|- style="font-size:11pt" align="center"
 
| height="129" | 10:00
 
| rowspan="2" | [[Presentations#SQL_Injection_-_how_far_does_the_rabbit_hole_go.3F | SQL Injection - how far does the rabbit hole go?]]
 
| rowspan="2" | [[Presentations#.E2.80.9CI_am_walking_through_a_city_made_of_glass_and_I_have_a_bag_full_of_rocks.E2.80.9D_.28Dispelling_the_myths_and_discussing_the_facts_Global_Cyber-Warfare.29 |  “I am walking through a city made of glass and I have a bag full of rocks” (Dispelling the myths and discussing the facts Global Cyber-Warfare)]]
 
 
 
|- style="font-size:11pt" align="center"
 
| height="15" | 10:30
 
 
 
|- style="font-size:11pt" align="center"
 
| height="15" | 11:00
 
| Break
 
| Break
 
| Break
 
| Break
 
| Break
 
| Break
 
 
 
|- style="font-size:11pt" align="center"
 
| height="29" | 11:30
 
| rowspan="2" | [[Presentations#How_to_prepare.2C_coordinate_and_conduct_a_cyber_attack | How to prepare, coordinate and conduct a cyber attack]]
 
| rowspan="4" |[[Workshops#Arduino:_how_we_made_the_beerduino | Arduino Workshop #1]]
 
| rowspan="4" | [[Workshops#Digital_ID | Digital ID #1]]
 
| rowspan="2" | [[Presentations#A_new_web_attack_vector:_Script_Fragmentation |  A new web attack vector: Script Fragmentation]]
 
| rowspan="4" |  [[Workshops#Digital_ID | Digital ID #2]]
 
| rowspan="4" | [[Workshops#Auditing_VOIP | VOIP #2]]
 
 
 
|- style="font-size:11pt" align="center"
 
| height="29" | 12:00
 
 
 
|- style="font-size:11pt" align="center"
 
| height="33" | 12:30
 
| rowspan="2" | [[Presentations#Transition_to_IPv6_on_the_Internet:_Threats_and_Mitigation_Techniques | Transition to IPv6 on the Internet: Threats and Mitigation Techniques]]
 
| rowspan="2" | [[Presentations#Botnets.2C_Ransomware.2C_Malware.2C_and_Stuff.21 | Botnets, Ransomware, Malware, and Stuff!]]
 
 
 
|- style="font-size:11pt" align="center"
 
| height="33" | 13:00
 
 
 
|- style="font-size:11pt" align="center"
 
| height="15" | 13:30
 
| rowspan="2" | Lunch
 
| rowspan="2" | Lunch
 
| rowspan="2" | Lunch
 
| rowspan="2" | Lunch
 
| rowspan="2" | Lunch
 
| rowspan="2" | Lunch
 
 
 
|- style="font-size:11pt" align="center"
 
| height="15" | 14:00
 
 
 
|- style="font-size:11pt" align="center"
 
| height="34" | 14:30
 
| rowspan="2" | [[Presentations#Rage_Against_The_Kiosk | Rage Against The Kiosk]]
 
| rowspan="4" | Soldering workshop
 
| rowspan="2" | [[Lightning_Talks#Lightning_talks_day_1| Lightning Talks #1]]
 
| rowspan="2" | [[Open_Source_Information_Gathering | Open Source Information Gathering]]
 
| rowspan="4" | [[Workshops#JTAG| JTAG Workshop #2]]
 
 
 
| rowspan="2" |[[Lightning_Talks#Lightning_talks_day_2| Lightning Talks #2]]
 
 
 
 
 
|- style="font-size:11pt" align="center"
 
| height="34" | 15:00
 
  
|- style="font-size:11pt" align="center"
+
* '''Registrations start at 8h30!'''
| height="40" | 15:30
+
* Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
| rowspan="2" | [[Presentations#All_Your_Packets_Are_Belong_to_Us_-_Attacking_Backbone_Technologies | All Your Packets Are Belong to Us - Attacking Backbone Technologies]]
+
* Workshop rooms in the location '''Novotel Ghent (Orval, Chimay, La Trappe)''' are 5 minutes walking from the main venue
| rowspan="2" |
+
* Workshop seats are limited. '''Reserved seats get in until 5 min before the workshop. After that it is first come, first in.'''
| rowspan="2" | [[Presentations#Red_and_Tiger_Team | Red and Tiger Team]]
+
* Read our important instructions on [[how to use SCHED.org]]!
| rowspan="2" |
+
* This schedule is subject to change, check back regularly.
  
|- style="font-size:11pt" align="center"
+
=BruCON 0x07 Line-Up=
| height="40" | 16:00
 
  
|- style="font-size:11pt" align="center"
+
'''Keynotes'''
| height="15" | 16:30
+
* Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
| Break
+
* Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.
| Break
 
| Break
 
| Break
 
| Break
 
| Break
 
  
|- style="font-size:11pt" align="center"
 
| height="40" | 17:00
 
| rowspan="2" | [[Presentations#Knowing_Me_Knowing_You_.28The_dangers_of_social_networks.29 | Knowing Me Knowing You (The dangers of social networks)]]
 
| rowspan="4" |  [[Workshops#Wireless_auditing | Wireless Security #1]]
 
| rowspan="4" |  [[Workshops#Auditing_VOIP | VOIP #1]]
 
  
| rowspan="2" | [[Presentations#Malicious_Markup_-_I_thought_you_were_my_friend_-_cycle_3 | Malicious Markup - I thought you were my friend - cycle 3]]
+
'''Talks'''
| rowspan="4" |  [[Workshops#Physical_locks_by_Toool | Lockpicking #2]]
+
* Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
| rowspan="4" | Soldering workshop
+
* Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
 +
* L. Grecs - Creating REAL Threat Intelligence ... with Evernote
 +
* Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
 +
* Mark Hillick - Levelling Up Security @ Riot Games
 +
* Ryan Kazanciyan and Matt Hastings - Desired state: compromise
 +
* Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
 +
* David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
 +
* Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
 +
* Chris Nickerson - Nightmares of a Pentester
 +
* Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
 +
* Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
 +
* Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware
  
|- style="font-size:11pt" align="center"
 
| height="40" | 17:30
 
  
|- style="font-size:11pt" align="center"
+
'''5by5'''
| height="64" | 18:00
 
| rowspan="2" | [[Presentations#Building_Hackerspaces_Everywhere | Building Hackerspaces Everywhere]]
 
| rowspan="2" | [[Presentations#The_Belgian_Beer_Lovers_Guide_to_Cloud_Security | The Belgian Beer Lovers Guide to Cloud Security ]]
 
  
|- style="font-size:11pt" align="center"
+
This edition, there will not be a 5by5, but we will revive the project next edition
| height="64" | 18:30
 
  
|- style="font-size:11pt" align="center"
 
| height="15" | 19:00
 
| rowspan="2" | Dinner Break
 
| rowspan="2" | Dinner Break
 
| rowspan="2" | Dinner Break
 
| rowspan="2" | Dinner Break
 
| rowspan="2" | Dinner Break
 
| rowspan="2" | Dinner Break
 
  
|- style="font-size:11pt" align="center"
+
'''Workshops'''
| height="15" | 19:30
+
* Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
 +
* Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
 +
* Prateek Gianchandani - iOS application pentesting
 +
* Chris Lytle - Hands-On Old School Cryptography
 +
* Chris Lytle and Matt Jakubowski - BrewCon
 +
* Nathan Magniez - Wireless Assessment Bootcamp 101
 +
* Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
 +
* Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
 +
* Didier Stevens - A Hands On Introduction To Software Defined Radio
 +
* Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
 +
* Ocean Lam, Count Ninjula and Keith Myers - DJ workshop
  
|- style="font-size:11pt" align="center"
 
| height="15" | 20:00
 
| rowspan="2" | Auction
 
| rowspan="2" | Auction
 
| rowspan="2" | Auction
 
| rowspan="9" | Brucon Afterparty
 
| rowspan="9" | Brucon Afterparty
 
| rowspan="9" | Brucon Afterparty
 
| rowspan="2" | End
 
  
|- style="font-size:11pt" align="center"
+
'''Villages'''
| height="15" | 20:30
+
* ICS Village
 +
* Hak4kidz - Hacking conference for children (Sunday 4-Oct)
  
|- style="font-size:11pt" align="center"
 
| height="15" | 21:00
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
| rowspan="7" | [[Challenge | THF @ HSB ]]
 
| &nbsp;
 
  
 
+
'''Sounds'''
|- style="font-size:11pt" align="center"
+
* Ocean Lam (Hong Kong)
| height="15" | 21:30
+
* Count Ninjula (Los Angeles)
| &nbsp;
+
* Keith Myers (Los Angeles)
| &nbsp;
+
* keroSerene (Serene Han, pianist)
| &nbsp;
 
| &nbsp;
 
 
 
|- style="font-size:11pt" align="center"
 
| height="15" | 22:00
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
 
 
|- style="font-size:11pt" align="center"
 
| height="15" | 22:30
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
 
 
|- style="font-size:11pt" align="center"
 
| height="15" | 23:00
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
 
 
|- style="font-size:11pt" align="center"
 
| height="15" | 23:30
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
 
 
|- style="font-size:11pt" align="center"
 
| height="15" | 0:00
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
| &nbsp;
 
 
 
|}
 

Latest revision as of 07:38, 3 October 2015

The completed schedule is available on http://sched.brucon.org/grid-full

General Information

  • Registrations start at 8h30!
  • Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
  • Workshop rooms in the location Novotel Ghent (Orval, Chimay, La Trappe) are 5 minutes walking from the main venue
  • Workshop seats are limited. Reserved seats get in until 5 min before the workshop. After that it is first come, first in.
  • Read our important instructions on how to use SCHED.org!
  • This schedule is subject to change, check back regularly.

BruCON 0x07 Line-Up

Keynotes

  • Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
  • Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.


Talks

  • Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
  • Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
  • L. Grecs - Creating REAL Threat Intelligence ... with Evernote
  • Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
  • Mark Hillick - Levelling Up Security @ Riot Games
  • Ryan Kazanciyan and Matt Hastings - Desired state: compromise
  • Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
  • David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
  • Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
  • Chris Nickerson - Nightmares of a Pentester
  • Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
  • Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
  • Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware


5by5

This edition, there will not be a 5by5, but we will revive the project next edition


Workshops

  • Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
  • Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
  • Prateek Gianchandani - iOS application pentesting
  • Chris Lytle - Hands-On Old School Cryptography
  • Chris Lytle and Matt Jakubowski - BrewCon
  • Nathan Magniez - Wireless Assessment Bootcamp 101
  • Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
  • Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
  • Didier Stevens - A Hands On Introduction To Software Defined Radio
  • Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
  • Ocean Lam, Count Ninjula and Keith Myers - DJ workshop


Villages

  • ICS Village
  • Hak4kidz - Hacking conference for children (Sunday 4-Oct)


Sounds

  • Ocean Lam (Hong Kong)
  • Count Ninjula (Los Angeles)
  • Keith Myers (Los Angeles)
  • keroSerene (Serene Han, pianist)