Presentaciones DerbyCon 8.0

October 7, 2018
tuxotron
Conferencia, Hacking, Seguridad

DerbyCon 8.0

*DerbyCon 8.0*

Desde la página de IronGeek podéis ver los vídeos de todas (casi) las presentaciones de DerbyCon 8.0. Aquí tenéis la lista de los mismos:

Opening
How to influence security technology in kiwi underpants Benjamin Delpy
Panel Discussion - At a Glance: Information Security Ed Skoudis, John Strand, Lesley Carhart. Moderated by: Dave Kennedy
Red Teaming gaps and musings Samuel Sayen
A Process is No One: Hunting for Token Manipulation Jared Atkinson, Robby Winchester
Fuzz your smartphone from 4G base station side Tso-Jen Liu
Clippy for the Dark Web: Looks Like You’re Trying to Buy Some Dank Kush, Can I Help You With That? Emma Zaballos
Synfuzz: Building a Grammar Based Re-targetable Test Generation Framework Joe Rozner
Escoteric Hashcat Attacks Evilmog
RFID Luggage Tags, IATA vs Real Life Daniel Lagos
#LOL They Placed Their DMZ in the Cloud: Easy Pwnage or Disruptive Protection Carl Alexander
Maintaining post-exploitation opsec in a world with EDR Michael Roberts, Martin Roberts
Hey! I found a vulnerability - now what? Lisa Bradley, CRob
Foxtrot C2: A Journey of Payload Delivery Dimitry Snezhkov
Ridesharks Kaleb Brown
IRS, HR, Microsoft and your Grandma: What they all have in common Christopher Hadnagy, Cat Murdock
#LOLBins - Nothing to LOL about! Oddvar Moe
Everything Else I Learned About Security I Learned From Hip-Hop Paul Asadoorian
Hackers, Hugs, & Drugs: Mental Health in Infosec Amanda Berlin
Android App Penetration Testing 101 Joff Thyer, Derek Banks
Draw a Bigger Circle: InfoSec Evolves Cheryl Biswas
I Can Be Apple, and So Can You Josh Pitts
From Workstation to Domain Admin: Why Secure Administration Isn’t Secure and How to Fix It Sean Metcalf
MS17-010? zerosum0x0
The Unintended Risks of Trusting Active Directory Lee Christensen, Will Schroeder, Matt Nelson
Lessons Learned by the WordPress Security Team Aaron D. Campbell
IronPython… omfg Marcello Salvati
Invoke-EmpireHound - Merging BloodHound & Empire for Enhanced Red Team Workflow Walter Legowski
When Macs Come Under ATT&CK Richie Cyrus
Abusing IoT Medical Devices For Your Precious Health Records Saurabh Harit, Nick Delewski
Detecting WMI exploitation Michael Gough
Gryffindor | Pure JavaScript, Covert Exploitation Matthew Toussain
Instant Response: Making IR faster than you thought possible! Mick Douglas, Josh Johnson
The History of the Future of Cyber-Education Winn Schwartau
State of Win32k Security: Revisiting Insecure design Vishal Chauhan
Offensive Browser Extension Development Michael Weber
Protect Your Payloads: Modern Keying Techniques Leo Loobeek
Jump Into IOT Hacking with the Damn Vulnerable Habit Helper Device Nancy Snoke, Phoenix Snoke
Tales From the Bug Mine - Highlights from the Android VRP Brian Claire Young
Decision Analysis Applications in Threat Analysis Frameworks Emily Shawgo
Threat Intel On The Fly Tazz
Make Me Your Dark Web Personal Shopper! Emma Zaballos
Driving Away Social Anxiety Joey Maresca
Off-grid coms and power Justin Herman
CTFs: Leveling Up Through Competition Alex Flores
Extending Burp to Find Struts and XXE Vulnerabilities Chris Elgee
Introduction to x86 Assembly DazzleCatDuo
Pacu: Attack and Post-Exploitation in AWS Spencer Gietzen
An Inconvenient Truth: Evading the Ransomware Protection in Windows 10 Soya Aoyama
Brutal Blogging - Go for the Jugular Kate Brew
RID Hijacking: Maintaining Access on Windows Machines Sebastian Castro
Your Training Data is Bad and You Should Feel Bad Ryan J. O’Grady
So many pentesting tools from a $4 Arduino Kevin Bong, Michael Vieau
Building an Empire with (Iron)Python Jim Shaver
SAEDY: Subversion and Espionage Directed Against You Judy Towers
OSX/Pirrit - Reverse engineering mac OSX malware and the legal department of the company who makes it Amit Serper, Niv Yona, Yuval Chuddy
How to test Network Investigative Techniques(NITs) used by the FBI Dr. Matthew Miller
Cloud Computing Therapy Session Cara Marie, Andy Cooper
Silent Compromise: Social Engineering Fortune 500 Businesses Joe Gray
Going on a Printer Safari - Hunting Zebra Printers James Edge
Hardware Slashing, Smashing, and Reconstructing for Root access Deral Heiland
App-o-Lockalypse now! Oddvar Moe
Web App 101: Getting the lay of the land Mike Saunders
Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation) Daniel Bohannon
WE ARE THE ARTILLERY: Using Google Fu To Take Down The Grids Chris Sistrunk, Krypt3ia, SynAckPwn
Just Let Yourself In David Boyd
A “Crash” Course in Exploiting Buffer Overflows (Live Demos!) Parker Garrison
Living in a Secure Container, Down by the River Jack Mannino
VBA Stomping - Advanced Malware Techniques Carrie Roberts, Kirk Sayre, Harold Ogden
Media hacks: an Infosec guide to dealing with journalists Sean Gallagher, Steve Ragan, Paul Wagenseil
Deploying Deceptive Systems: Luring Attackers from the Shadows Kevin Gennuso
The Money-Laundering Cannon: Real cash; Real Criminals; and Real Layoffs Arian Evans
Perfect Storm: Taking the Helm of Kubernetes Ian Coldwater
How to put on a Con for Fun and (Non) Profit Benny Karnes, John Moore, Rick Hayes, Matt Perry, Bill Gardner, Justin Rogosky, Mike Fry, Steve Truax
Web app testing classroom in a box - the good, the bad and the ugly Lee Neely, Chelle Clements, James McMurry
Metasploit Town Hall 0x4 Brent Cook, Aaron Soto, Adam Cammack, Cody Pierce
Community Based Career Development or How to Get More than a T-Shirt When Participating as part of the Community Kathleen Smith, Magen Wu, Cindy Jones, Kathryn Seymour, Kirsten Renner
Disaster Strikes: A Hacker’s Cook book Jose Quinones, Carlos Perez
Ninja Looting Like a Pirate Infojanitor
Hacking Mobile Applications with Frida David Coursey
Victor or Victim? Strategies for Avoiding an InfoSec Cold War Jason Lang, Stuart McIntosh
Ubiquitous Shells Jon Gorenflo
99 Reasons Your Perimeter Is Leaking - Evolution of C&C John Askew
Ship Hacking: a Primer for Today’s Pirate Brian Satira, Brian Olson
Code Execution with JDK Scripting Tools & Nashorn Javascript Engine Brett Hawkins
PHONOPTICON - leveraging low-rent mobile ad services to achieve state-actor level mass surveillance on a shoestring budget Mark Milhouse
Patching: Show me where it hurts Cheryl Biswas
Advanced Deception Technology Through Behavioral Biometrics Curt Barnard, Dawud Gordon
We are all on the spectrum: What my 10-year-old taught me about leading teams Carla A Raisler
No Place Like Home: Real Estate OSINT and OPSec Fails John Bullinger
The Layer2 Nightmare Chris Mallz
Attacking Azure Environments with PowerShell Karl Fosaaen
Blue Blood Injection: Transitioning Red to Purple Lsly Ayyy
Mirai, Satori, OMG, and Owari - IoT Botnets Oh My Peter Arzamendi
Comparing apples to Apple Adam Mathis
How online dating made me better at threat modeling Isaiah Sarju
Threat Hunting with a Raspberry Pi Jamie Murdock
M&A Defense and Integration - All that Glitters is not Gold Sara Leal, Jason Morrow
Social Engineering At Work - How to use positive influence to gain management buy-in for anything April Wright
Ham Radio 4 Hackers Eric Watkins, Devin Noel
Getting Control of Your Vendors Before They Take You Down Dan Browder
Cyber Intelligence: There Are No Rules, and No Certainties Coleman Kane
Getting Started in CCDC Russell Nielsen
Changing Our Mindset From Technical To Psychological Defenses Andrew Kalat
Red Mirror: Bringing Telemetry to Red Teaming Zach Grace
Two-Factor, Too Furious: Evading (and Protecting) Evolving MFA Schemes Austin Baker, Doug Bienstock
IoT: Not Even Your Bed Is Safe Darby Mullen
Fingerprinting Encrypted Channels for Detection John Althouse
On the Nose: Bypassing Huawei’s Fingerprint authentication by exploiting the TrustZone Nick Stephens
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010 Gabriel Ryan
Goodbye Obfuscation, Hello Invisi-Shell: Hiding Your Powershell Script in Plain Sight Omer Yair
Cloud Forensics: Putting The Bits Back Together Brandon Sherman
Killsuit: The Equation Group’s Swiss Army knife for persistence, evasion, and data exfil Francisco Donoso
The MS Office Magic Show Stan Hegt, Pieter Ceelen
Living off the land: enterprise post-exploitation Adam Reiser
Hillbilly Storytime: Pentest Fails Adam Compton
Bug Hunting in RouterOS Jacob Baines
Breaking Into Your Building: A Hackers Guide to Unauthorized Access Tim Roberts, Brent White
The making of an iOS 11 jailbreak: Kiddie to kernel hacker in 14 sleepless nights. Bryce “soen” Bearchell
Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests Tomasz Tuzel
Pwning in the Sandbox: OSX Macro Exploitation & Beyond Adam Gold, Danny Chrastil
IOCs Today, Intelligence-Led Security Tomorrow Katie Kusjanovic, Matthew Shelton
Closing Ceremonies

Derbycon

Libros

Buscar

Enlaces

Hack a day
Microhistorias
Microsiervos
Security By Default
Seguridad Apple
SysAdmit
Un informático en el lado de mal

Presentaciones DerbyCon 8.0

Libros

Buscar

Entradas Recientes

Categorías

Enlaces