From BruCON 2015
Jump to: navigation, search
(Current list of speakers)
(BruCON 0x07 Line-Up)
 
(118 intermediate revisions by 6 users not shown)
Line 1: Line 1:
 
__NOTOC__
 
__NOTOC__
 +
{| border="1" width="100%" style="text-align:center;"
 +
| The completed schedule is available on '''http://sched.brucon.org/grid-full'''
 +
|-
 +
|}
 +
 
=General Information=
 
=General Information=
* Please register for workshops [[Workshop Registration|here]]
+
 
* Workshops run for 2 consecutive speaking slots (ca. 2 hours)
+
* '''Registrations start at 8h30!'''
 +
* Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
 +
* Workshop rooms in the location '''Novotel Ghent (Orval, Chimay, La Trappe)''' are 5 minutes walking from the main venue
 +
* Workshop seats are limited. '''Reserved seats get in until 5 min before the workshop. After that it is first come, first in.'''
 +
* Read our important instructions on [[how to use SCHED.org]]!
 
* This schedule is subject to change, check back regularly.
 
* This schedule is subject to change, check back regularly.
  
=Current list of speakers=
+
=BruCON 0x07 Line-Up=
  
 
'''Keynotes'''
 
'''Keynotes'''
* Ed Skoudis - founder and senior security consultant with InGuardians
+
* Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
* Katie Moussouris - Lead Security Community Outreach and Strategy team at Microsoft
+
* Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.
 +
 
  
 
'''Talks'''
 
'''Talks'''
* Georgia Weidman - Introducing the Smartphone Penetration Testing Framework
+
* Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
* Robert McArdle - HTML5 - A Whole New Attack Vector
+
* Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
* Raul Siles - Security of National eID (smartcard-based) Web Applications
+
* L. Grecs - Creating REAL Threat Intelligence ... with Evernote
* Andreas Bogk - Herding RATs
+
* Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
* Josh Corman and Jericho - "Cyberwar" : Not What We Were Expecting
+
* Mark Hillick - Levelling Up Security @ Riot Games
* Allison Miller - A Million Mousetraps: Using Big Data and Little Loops to Build Better Defenses
+
* Ryan Kazanciyan and Matt Hastings - Desired state: compromise
* Mathy Vanhoef - New flaws in WPA-TKIP
+
* Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
* Martin Gallo - Uncovering SAP vulnerabilities: dissecting and breaking the Diag protocol
+
* David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
* Fernando Gont - Recent Advances in IPv6 Security
+
* Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
* Gregory Pickett - pMap, the silent killer
+
* Chris Nickerson - Nightmares of a Pentester
* Carlos Garcia - How I met your pointer (Hijacking client software for fuzz and profit)
+
* Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
* Paul Marsh - Satellite Hacking
+
* Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
* Chris Nickerson - Tactical Surveillance : Look at me now!
+
* Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware
* Mickey Shkatov - we have you by the gadgets
+
 
* int0x80 (of Dual Core) - Moar Anti-Forensics for the Louise
+
 
* David Mortman - The Defense RESTs: Automation and APIs for Improving Security
+
'''5by5'''
 +
 
 +
This edition, there will not be a 5by5, but we will revive the project next edition
  
  
 
'''Workshops'''
 
'''Workshops'''
* Didier Stevens - Windows x64: The Essentials
+
* Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
* Kyle 'Kos' Osborn & Krzysztof Kotowicz - Advanced Chrome Extension Exploitation
+
* Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
* Michael Sikorski & William Ballenthin - Clearing the Red Forest
+
* Prateek Gianchandani - iOS application pentesting
* Abraham Aranguren - Introducing OWTF
+
* Chris Lytle - Hands-On Old School Cryptography
* Biosshadow, Matt Erasmus, Benson - The PANIC Project
+
* Chris Lytle and Matt Jakubowski - BrewCon
* Vivek Ramachandran - Hacking with Python
+
* Nathan Magniez - Wireless Assessment Bootcamp 101
* fbz - Hardware Hacking
+
* Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
* Walter Belgers (TOOOL) - Lockpicking
+
* Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
* Joernchen, Astera & Mumpi - DJ Workshop
+
* Didier Stevens - A Hands On Introduction To Software Defined Radio
* Meredith L. Patterson & Sergey Bratus - Langsec Workshop
+
* Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
* Machtelt Garrels - Beer brewing workshop
+
* Ocean Lam, Count Ninjula and Keith Myers - DJ workshop
 
 
  
==Day 1 : Wednesday September 26th==
 
'''Registrations start at 9h00!'''
 
  
'''Workshop rooms in the location 't Pand are 10 minutes walking from the main venue.'''
+
'''Villages'''
 +
* ICS Village
 +
* Hak4kidz - Hacking conference for children (Sunday 4-Oct)
  
'''Please be there in time!!'''
 
{| border="1px solid" style="text-align:center;"
 
|- bgcolor="#CCCCCC"
 
!|Time
 
!|Lounge
 
!|Westvleteren (main track)
 
!|Westmalle (workshops)
 
!|Orval (@Pand!)
 
!|Chimay (@Pand!)
 
!|La Trappe
 
|- bgcolor="#CCCCCC"
 
!|9:00
 
|Breakfast
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|9:50
 
|
 
|Welcome (Seba & Wim)
 
|
 
|
 
|
 
|The Hex Factor (continuously)
 
|-
 
!|10:00
 
|
 
|Katie Moussouris
 
|
 
|
 
|
 
|
 
|-
 
!|11:00
 
|
 
|Meredith L. Patterson and Sergey Bratus
 
| rowspan="2" | Didier Stevens
 
| rowspan="2" |
 
|
 
|
 
|-
 
!|12:00
 
|
 
|David Mortman
 
|
 
|
 
|- bgcolor="#CCCCCC"
 
!|13:00
 
|Lunch
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|14:00
 
| rowspan="2" |
 
|Paul Marsh
 
| rowspan="2" |Michael Sikorski & Willi Ballenthin
 
| rowspan="2" |Abraham Aranguren
 
| rowspan="2" |Vivek Ramachandran
 
| rowspan="2" | fbz
 
|-
 
!|15:00
 
|Raul Siles
 
|- bgcolor="#CCCCCC"
 
!|16:00
 
|Coffee break
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|16:30
 
|
 
| int0x80
 
| rowspan="2" |Michael Sikorski & Willi Ballenthin
 
| rowspan="2" |Abraham Aranguren
 
| rowspan = "2" | TOOOL (lockpicking)
 
| rowspan = "2" |
 
|-
 
!|17:30
 
|
 
| Gregory Pickett
 
|- bgcolor="#CCCCCC"
 
!|18:30
 
|Dinner
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|19:30
 
|DJ Workshop
 
|Josh Corman & Jericho
 
|Lightning talks
 
|
 
|
 
|
 
|-
 
!|20:30
 
|DJ Workshop
 
|Fernando Gont
 
|
 
|
 
|
 
|
 
|-
 
!|21:30
 
|Close
 
|
 
|
 
|
 
|
 
|
 
|-
 
!|22:00
 
|Doors closed
 
|
 
|
 
|
 
|
 
|
 
|-
 
|}
 
  
==Day 2 : Thursday September 27th==
+
'''Sounds'''
{| border="1px solid" style="text-align:center;"
+
* Ocean Lam (Hong Kong)
|- bgcolor="#CCCCCC"
+
* Count Ninjula (Los Angeles)
!|Time
+
* Keith Myers (Los Angeles)
!|Lounge
+
* keroSerene (Serene Han, pianist)
!|Westvleteren (main track)
 
!|Westmalle (workshops)
 
!|Orval (@Pand)
 
!|La Trappe
 
|- bgcolor="#CCCCCC"
 
!|9:00
 
|Breakfast
 
|
 
|
 
|
 
|
 
|-
 
!|10:00
 
|
 
|Mickey Shkatov
 
|
 
|
 
|
 
|-
 
!|11:00
 
|
 
| Georgia Weidman
 
| rowspan="2" | Didier Stevens
 
| rowspan="2" | TOOOL (lockpicking)
 
| rowspan="2" | The Hex Factor (continuously)
 
|-
 
!|12:00
 
|
 
| Andreas Bogk
 
|
 
|- bgcolor="#CCCCCC"
 
!|13:00
 
|Lunch
 
|
 
|
 
|
 
|
 
|-
 
!|14:00
 
|
 
|Robert McArdle
 
|Lightning talks
 
| rowspan="2" |Vivek Ramachandran
 
| rowspan="2" | fbz
 
|-
 
!|15:00
 
|
 
|Allison Miller
 
|LSEC event
 
|- bgcolor="#CCCCCC"
 
!|16:00
 
|Coffee break
 
|
 
|
 
|
 
|
 
|-
 
!|16:30
 
|
 
|Martin Gallo
 
| rowspan="2" |Kyle Osborn & K. Kotowicz
 
| rowspan="2" |Biosshadow, Matt Erasmus & Benson
 
| rowspan="2" |
 
|-
 
!|17:30
 
|
 
|Ed Skoudis
 
|
 
|- bgcolor="#CCCCCC"
 
!|18:30
 
|Dinner
 
|
 
|
 
|
 
|
 
|-
 
!|19:30
 
|
 
| Mathy Vanhoef
 
| rowspan="2" |
 
| rowspan="2" |
 
| rowspan="2" |
 
|-
 
!|20:30
 
|
 
| Carlos Garcia Prado
 
|-
 
!|21:30
 
|Close
 
|
 
|
 
|
 
|
 
|-
 
!|22:00
 
|Doors closed
 
|
 
|
 
|
 
|
 
|-
 
|}
 

Latest revision as of 07:38, 3 October 2015

The completed schedule is available on http://sched.brucon.org/grid-full

General Information

  • Registrations start at 8h30!
  • Typically workshops run for 2 consecutive speaking slots (ca. 2 hours), but some of them are even longer
  • Workshop rooms in the location Novotel Ghent (Orval, Chimay, La Trappe) are 5 minutes walking from the main venue
  • Workshop seats are limited. Reserved seats get in until 5 min before the workshop. After that it is first come, first in.
  • Read our important instructions on how to use SCHED.org!
  • This schedule is subject to change, check back regularly.

BruCON 0x07 Line-Up

Keynotes

  • Dave Kennedy, Co-founder of TrustedSec and Binary Defense Systems. Co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery
  • Shyama Rose is an accomplished Information Security visionary strategist with a 15-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies.


Talks

  • Willi Ballenthin and Jon Tomczak - Shims For The Win: Case study and investigative techniques for hijacked Application Compatibility Infrastructure
  • Alexandre Dulaunoy and Pieter-Jan Moreels - cve-search - A free software to collect, search and analyse common vulnerabilities and exposures in software
  • L. Grecs - Creating REAL Threat Intelligence ... with Evernote
  • Alejandro Hernandez - Brain Waves Surfing - (In)Security in EEG (Electroencephalography) Technologies
  • Mark Hillick - Levelling Up Security @ Riot Games
  • Ryan Kazanciyan and Matt Hastings - Desired state: compromise
  • Dhia Mahjoub and Thomas Mathew - Unified DNS View to Track Threats
  • David Mortman - SSO: It's the SAML SAML Situation (With Apologies to Mötley Crüe)
  • Rushikesh Nandedkar and Amrita Iyer - The .11 Veil, Camouflage & Covert!!! /*Invisible Wifi, Revealed */
  • Chris Nickerson - Nightmares of a Pentester
  • Kuba Sendor - OSXCollector: Automated forensic evidence collection & analysis for OS X
  • Richard Thieme - Hacking as Practice for Transplanetary Life in the 21st Century: How Hackers Frame the Pictures in Which Others Live
  • Mathy Vanhoef - Advanced WiFi Attacks using Commodity Hardware


5by5

This edition, there will not be a 5by5, but we will revive the project next edition


Workshops

  • Pieter Danhieux and Erik Van Buggenhout - Hands-on Incident Response Workshop
  • Sergei Frankoff and Sean Wilson - Crowdsourced Malware Triage Workshop - Making Sense of Malware with a Browser and a Notepad
  • Prateek Gianchandani - iOS application pentesting
  • Chris Lytle - Hands-On Old School Cryptography
  • Chris Lytle and Matt Jakubowski - BrewCon
  • Nathan Magniez - Wireless Assessment Bootcamp 101
  • Vito Rallo - Kernel Tales: Security Testing of aarch64 Android Kernels
  • Arnaud Soullie - Pentesting ICS 101 (@ICS Village)
  • Didier Stevens - A Hands On Introduction To Software Defined Radio
  • Javier Marcos and Ted Reed - Intrusion detection on Linux and OS X with osquery (https://osquery.io)
  • Ocean Lam, Count Ninjula and Keith Myers - DJ workshop


Villages

  • ICS Village
  • Hak4kidz - Hacking conference for children (Sunday 4-Oct)


Sounds

  • Ocean Lam (Hong Kong)
  • Count Ninjula (Los Angeles)
  • Keith Myers (Los Angeles)
  • keroSerene (Serene Han, pianist)