From BruCON 2015
(→Day 1 : Wednesday September 26th) |
(→Day 2 : Thursday September 27th) |
||
| Line 202: | Line 202: | ||
!|10:00 | !|10:00 | ||
| | | | ||
| − | |[http://2012.brucon.org/index.php/Talks_and_workshops#Mickey_Shkatov_-_we_have_you_by_the_gadgets Mickey Shkatov] | + | |We have you by the gadgets ([http://2012.brucon.org/index.php/Talks_and_workshops#Mickey_Shkatov_-_we_have_you_by_the_gadgets Mickey Shkatov]) |
|Streaming from Westvleteren | |Streaming from Westvleteren | ||
| | | | ||
| Line 209: | Line 209: | ||
!|11:00 | !|11:00 | ||
| | | | ||
| − | | [http://2012.brucon.org/index.php/Talks_and_workshops#Georgia_Weidman_-_Introducing_the_Smartphone_Penetration_Testing_Framework Georgia Weidman] | + | |Introducing the Smartphone Penetration Testing Framework ([http://2012.brucon.org/index.php/Talks_and_workshops#Georgia_Weidman_-_Introducing_the_Smartphone_Penetration_Testing_Framework Georgia Weidman]) |
| − | | rowspan="2" | [http://2012.brucon.org/index.php/Talks_and_workshops#Didier_Stevens_-_Windows_x64:_The_Essentials_.282h.29 Didier Stevens] | + | | rowspan="2" |Windows x64: The Essentials ([http://2012.brucon.org/index.php/Talks_and_workshops#Didier_Stevens_-_Windows_x64:_The_Essentials_.282h.29 Didier Stevens]) |
| rowspan="2" | [http://2012.brucon.org/index.php/Talks_and_workshops#Walter_Belgers_.28TOOOL.29_-_Lockpicking TOOOL (lockpicking)] | | rowspan="2" | [http://2012.brucon.org/index.php/Talks_and_workshops#Walter_Belgers_.28TOOOL.29_-_Lockpicking TOOOL (lockpicking)] | ||
| rowspan="2" | The Hex Factor (continuously) | | rowspan="2" | The Hex Factor (continuously) | ||
| Line 216: | Line 216: | ||
!|12:00 | !|12:00 | ||
| | | | ||
| − | | [http://2012.brucon.org/index.php/Talks_and_workshops#Andreas_Bogk_-_Herding_RATs Andreas Bogk] | + | |Herding RATs ([http://2012.brucon.org/index.php/Talks_and_workshops#Andreas_Bogk_-_Herding_RATs Andreas Bogk]) |
|- bgcolor="#CCCCCC" | |- bgcolor="#CCCCCC" | ||
!|13:00 | !|13:00 | ||
| Line 227: | Line 227: | ||
!|14:00 | !|14:00 | ||
| | | | ||
| − | |[http://2012.brucon.org/index.php/Talks_and_workshops#Robert_McArdle_-_HTML5_-_A_Whole_New_Attack_Vector Robert McArdle] | + | |HTML5 - A Whole New Attack Vector ([http://2012.brucon.org/index.php/Talks_and_workshops#Robert_McArdle_-_HTML5_-_A_Whole_New_Attack_Vector Robert McArdle]) |
|[http://2012.brucon.org/index.php/Lightning_Talks Lightning talks] | |[http://2012.brucon.org/index.php/Lightning_Talks Lightning talks] | ||
| − | | rowspan="2" |[http://2012.brucon.org/index.php/Talks_and_workshops#Vivek_Ramachandran_-_Hacking_with_Python_.282hr.29 Vivek Ramachandran] | + | | rowspan="2" |Hacking with Python ([http://2012.brucon.org/index.php/Talks_and_workshops#Vivek_Ramachandran_-_Hacking_with_Python_.282hr.29 Vivek Ramachandran]) |
| − | | rowspan="2" | [http://2012.brucon.org/index.php/Talks_and_workshops#fbz_-_Hardware_Hacking fbz] | + | | rowspan="2" |Hardware Hacking ([http://2012.brucon.org/index.php/Talks_and_workshops#fbz_-_Hardware_Hacking fbz]) |
|- | |- | ||
!|15:00 | !|15:00 | ||
| | | | ||
| − | |[http://2012.brucon.org/index.php/Talks_and_workshops#Allison_Miller_-_A_Million_Mousetraps:_Using_Big_Data_and_Little_Loops_to_Build_Better_Defenses Allison Miller] | + | |A Million Mousetraps: Using Big Data and Little Loops to Build Better Defenses ([http://2012.brucon.org/index.php/Talks_and_workshops#Allison_Miller_-_A_Million_Mousetraps:_Using_Big_Data_and_Little_Loops_to_Build_Better_Defenses Allison Miller]) |
|LSEC event | |LSEC event | ||
|- bgcolor="#CCCCCC" | |- bgcolor="#CCCCCC" | ||
| Line 246: | Line 246: | ||
!|16:30 | !|16:30 | ||
| | | | ||
| − | |[http://2012.brucon.org/index.php/Talks_and_workshops#Martin_Gallo_-_Uncovering_SAP_vulnerabilities:_dissecting_and_breaking_the_Diag_protocol Martin Gallo] | + | |Uncovering SAP vulnerabilities: dissecting and breaking the Diag protocol ([http://2012.brucon.org/index.php/Talks_and_workshops#Martin_Gallo_-_Uncovering_SAP_vulnerabilities:_dissecting_and_breaking_the_Diag_protocol Martin Gallo]) |
| − | | rowspan="2" |[http://2012.brucon.org/index.php/Talks_and_workshops#Kyle_.27Kos.27_Osborn_.26_Krzysztof_Kotowicz_-_Advanced_Chrome_Extension_Exploitation_.282h.29 Kyle Osborn & K. Kotowicz] | + | | rowspan="2" |Advanced Chrome Extension Exploitation ([http://2012.brucon.org/index.php/Talks_and_workshops#Kyle_.27Kos.27_Osborn_.26_Krzysztof_Kotowicz_-_Advanced_Chrome_Extension_Exploitation_.282h.29 Kyle Osborn & K. Kotowicz]) |
| − | | rowspan="2" |[http://2012.brucon.org/index.php/Talks_and_workshops#Biosshadow.2C_Matt_Erasmus.2C_Benson_-_The_PANIC_Project Biosshadow, Matt Erasmus & Benson] | + | | rowspan="2" |The PANIC Project ([http://2012.brucon.org/index.php/Talks_and_workshops#Biosshadow.2C_Matt_Erasmus.2C_Benson_-_The_PANIC_Project Biosshadow, Matt Erasmus & Benson]) |
| | | | ||
|- | |- | ||
!|17:30 | !|17:30 | ||
| | | | ||
| − | |[http://2012.brucon.org/index.php/Talks_and_workshops#.28Keynote.29_Ed_Skoudis_-_Letting_Loose_the_Dogs_of_.28cyber.29_War Ed Skoudis] | + | |Keynote ([http://2012.brucon.org/index.php/Talks_and_workshops#.28Keynote.29_Ed_Skoudis_-_Letting_Loose_the_Dogs_of_.28cyber.29_War Ed Skoudis]) |
| | | | ||
|- bgcolor="#CCCCCC" | |- bgcolor="#CCCCCC" | ||
| Line 265: | Line 265: | ||
!|19:30 | !|19:30 | ||
| | | | ||
| − | | [http://2012.brucon.org/index.php/Talks_and_workshops#Mathy_Vanhoef_-_New_flaws_in_WPA-TKIP Mathy Vanhoef] | + | |New flaws in WPA-TKIP ([http://2012.brucon.org/index.php/Talks_and_workshops#Mathy_Vanhoef_-_New_flaws_in_WPA-TKIP Mathy Vanhoef]) |
| rowspan="2" | Streaming from Westvleteren | | rowspan="2" | Streaming from Westvleteren | ||
| | | | ||
| Line 272: | Line 272: | ||
!|20:30 | !|20:30 | ||
| | | | ||
| − | | [http://2012.brucon.org/index.php/Talks_and_workshops#Carlos_Garcia_-_How_I_met_your_pointer_.28Hijacking_client_software_for_fuzz_and_profit.29 Carlos Garcia Prado] | + | |How I met your pointer (Hijacking client software for fuzz and profit) ([http://2012.brucon.org/index.php/Talks_and_workshops#Carlos_Garcia_-_How_I_met_your_pointer_.28Hijacking_client_software_for_fuzz_and_profit.29 Carlos Garcia Prado]) |
| | | | ||
| | | | ||
Revision as of 08:34, 21 September 2012
General Information
- Registration for workshops will be possible at the venue
- we have a varied audience. Some of you are on twitter, some read the blog, some do neither. As each workshop has limited seats available, we want to give everybody the same chance to register for the workshop of their choice.
- Workshops run for 2 consecutive speaking slots (ca. 2 hours)
- 't Pand is a location within 10 minutes walking distance of the main venue !
- La Trappe isn't a room or an aula but rather an open space gallery in the main venue. Directions will be clearly visible.
- We do have the "Beer Workshop" again this year !!! It is not on the schedule yet, but prepare to brew your own !
- This schedule is subject to change, check back regularly.
Current list of speakers
Keynotes
- Ed Skoudis - founder and senior security consultant with InGuardians
- Katie Moussouris - Lead Security Community Outreach and Strategy team at Microsoft
Talks
- Georgia Weidman - Introducing the Smartphone Penetration Testing Framework
- Robert McArdle - HTML5 - A Whole New Attack Vector
- Raul Siles - Security of National eID (smartcard-based) Web Applications
- Andreas Bogk - Herding RATs
- Josh Corman and Jericho - "Cyberwar" : Not What We Were Expecting
- Allison Miller - A Million Mousetraps: Using Big Data and Little Loops to Build Better Defenses
- Mathy Vanhoef - New flaws in WPA-TKIP
- Martin Gallo - Uncovering SAP vulnerabilities: dissecting and breaking the Diag protocol
- Fernando Gont - Recent Advances in IPv6 Security
- Gregory Pickett - pMap, the silent killer
- Carlos Garcia - How I met your pointer (Hijacking client software for fuzz and profit)
- Paul Marsh - Satellite Hacking
- Chris Nickerson - Tactical Surveillance : Look at me now!
- Mickey Shkatov - we have you by the gadgets
- int0x80 (of Dual Core) - Moar Anti-Forensics for the Louise
- David Mortman - The Defense RESTs: Automation and APIs for Improving Security
Workshops
- Didier Stevens - Windows x64: The Essentials
- Kyle 'Kos' Osborn & Krzysztof Kotowicz - Advanced Chrome Extension Exploitation
- Michael Sikorski & William Ballenthin - Clearing the Red Forest
- Abraham Aranguren - Introducing OWTF
- Biosshadow, Matt Erasmus, Benson - The PANIC Project
- Vivek Ramachandran - Hacking with Python
- fbz - Hardware Hacking
- Walter Belgers (TOOOL) - Lockpicking
- Joernchen, Astera & Mumpi - DJ Workshop
- Meredith L. Patterson & Sergey Bratus - Langsec Workshop
- Machtelt Garrels - Beer brewing workshop
Day 1 : Wednesday September 26th
Registrations start at 9h00!
Workshop rooms in the location 't Pand are 10 minutes walking from the main venue.
Please be there in time!!
| Time | Lounge | Westvleteren (main track) | Westmalle (workshops) | Orval (@Pand!) | Chimay (@Pand!) | La Trappe |
|---|---|---|---|---|---|---|
| 9:00 | Breakfast | |||||
| 9:50 | Welcome (Seba & Wim) | Streaming from Westvleteren | The Hex Factor (continuously) | |||
| 10:00 | Keynote (Katie Moussouris) | |||||
| 11:00 | Meredith L. Patterson and Sergey Bratus | Windows x64: The Essentials (Didier Stevens) | ||||
| 12:00 | The Defense RESTs: Automation and APIs for Improving Security (David Mortman) | |||||
| 13:00 | Lunch | |||||
| 14:00 | Satellite Hacking (Paul Marsh) | Clearing the Red Forest (Michael Sikorski & Willi Ballenthin) | Introducing OWTF (Abraham Aranguren) | Hacking with Python (Vivek Ramachandran) | Hardware Hacking (fbz) | |
| 15:00 | Security of National eID (smartcard-based) Web Applications (Raul Siles) | |||||
| 16:00 | Coffee break | |||||
| 16:30 | Beer Workshop | Moar Anti-Forensics for the Louise (int0x80) | Clearing the Red Forest (Michael Sikorski & Willi Ballenthin) | Introducing OWTF (Abraham Aranguren) | TOOOL (lockpicking) | |
| 17:30 | pMap, the silent killer (Gregory Pickett) | |||||
| 18:30 | Dinner | |||||
| 19:30 | DJ Workshop | "Cyberwar" : Not What We Were Expecting (Josh Corman & Jericho) | Lightning talks | |||
| 20:30 | DJ Workshop | Recent Advances in IPv6 Security (Fernando Gont) | Streaming from Westvleteren | |||
| 21:30 | Close | |||||
| 22:00 | Doors closed |
Day 2 : Thursday September 27th
| Time | Lounge | Westvleteren (main track) | Westmalle (workshops) | Orval (@Pand) | La Trappe |
|---|---|---|---|---|---|
| 9:00 | Breakfast | ||||
| 10:00 | We have you by the gadgets (Mickey Shkatov) | Streaming from Westvleteren | |||
| 11:00 | Introducing the Smartphone Penetration Testing Framework (Georgia Weidman) | Windows x64: The Essentials (Didier Stevens) | TOOOL (lockpicking) | The Hex Factor (continuously) | |
| 12:00 | Herding RATs (Andreas Bogk) | ||||
| 13:00 | Lunch | ||||
| 14:00 | HTML5 - A Whole New Attack Vector (Robert McArdle) | Lightning talks | Hacking with Python (Vivek Ramachandran) | Hardware Hacking (fbz) | |
| 15:00 | A Million Mousetraps: Using Big Data and Little Loops to Build Better Defenses (Allison Miller) | LSEC event | |||
| 16:00 | Coffee break | ||||
| 16:30 | Uncovering SAP vulnerabilities: dissecting and breaking the Diag protocol (Martin Gallo) | Advanced Chrome Extension Exploitation (Kyle Osborn & K. Kotowicz) | The PANIC Project (Biosshadow, Matt Erasmus & Benson) | ||
| 17:30 | Keynote (Ed Skoudis) | ||||
| 18:30 | Dinner | ||||
| 19:30 | New flaws in WPA-TKIP (Mathy Vanhoef) | Streaming from Westvleteren | |||
| 20:30 | How I met your pointer (Hijacking client software for fuzz and profit) (Carlos Garcia Prado) | ||||
| 21:30 | Close | ||||
| 22:00 | Doors closed |