hackfest 2016 Nov. 4, 2016 to Nov. 5, 2016, quebec,canada

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
This Phish Goes To 11 Stephanie Carruthers “Testing your users and systems with generic phishing pretexts use to be enough, but now ...
LockPicker: Leaking data from live LUKS partition Adhokshaj Mishra Since the disclosure of privacy by various whistleblowers, people have realized the value of data ...
Abusing PHP 7’s OPcache to Spawn Webshells Ian Bouchard PHP 7 comes with a new built-in caching engine called OPcache. With this caching engine, ...
Unveiling One of the World’s Biggest and Oldest Cybercrime Gangs–Asprox Sun Huang , Wayne Huang Existing research on the Asprox actor has focused primarily on the malware they spread, but ...
Check Yo Self Before You Wreck Yo Self: The New Wave Of Account Checkers And Underground Rewards Fraud Benjamin Brown There’s a new wave of account checker gangs and a coinciding explosion in the underground ...
Powershell Penetration Testing Alfredo Ramirez The purpose of this talk would to introduce the audience to using Powershell during internal ...
Untangling the Dark Web: Unmasking Onion Services Sarah Jamie Lewis Life is difficult when you run an anonymous service. Being anonymous means being hyper vigilant ...
Fixing the Java Serialization mess Pierre Ernst Deserializing untrusted input with Java has been known to be a risky proposition for at ...
Le dispositif Français de lutte contre le cyber-terrorisme : Exemples par la pratique Marc Dovéro Mon intervention concerne le système de cyberdéfense mis en place en France dans le cadre ...
Make iOS Hacking Great Again: The Easy Wins! Aaron Guzman After analyzing hundreds of mobile applications, it is easy to identify where most mobile app ...
Pentesting Cruise Ships OR Hacking the High Seas Chad M. Dewey Vacationing on a cruise ship should be a relaxing, care-free endeavor that allows one to ...
Clogging the Futures Series of Tubes: A look at HTTP/2 DDoS Attacks Michael Bennet The future is here! Errrm, well it arrived a couple years, but it’s starting to ...
Blue Team Reboot: Adaptive Proactive Defence Strategy Cheryl Biswas , Haydn Johnson How about this: a blue team talk given by red teamers. But here’s our rationale ...
Adversarial Simulation: Why your defenders are the Fighter Pilots. Chris Nickerson Too many times do I hear the tales of PenTesters and “Red Teamers” awesomeness but ...
Some hypotheses on burnout and stress related illnesses in relation to Cyber Security practitioners with a ‘Hacker Mindset’ Chris Sumner This talk introduces a number of hypotheses, which if correct, suggest that Cyber Security practitioners ...
Come Bring all your Drones to the Yard Blake Cornell The Suffolk County Correctional Facility in Riverhead, New York now has the ability to detect ...
Racing the Web Aaron Hnatiw Long thought to be relegated to the domain of fast, multithreaded desktop applications, race conditions ...
Catching IMSI Catchers Geoffrey Vaughan Hunting the hunter, can you tell if your phone’s being captured by a rogue cell ...
Exploit Kits: The Biggest Threat You Know Nothing About Sunny Wear Exploit kits are an ever-present threat that can compromise innocent Internet users indiscriminately. As malware ...
Windows systems & code signing protection Paul Rascagneres This presentation explains the code signing mechanism (authenticode) developed by Microsoft on Windows systems. The ...
Hacking the Internet of Dongs Renderman , Murdoch_monkey There is an under researched branch of the Internet of Things: The Internet of Dongs. ...
Sécurité Docker en production Alexandre Guédon Exposer les différentes techniques disponibles pour sécuriser les containers Docker, leurs limites et les mitigations ...
Stratégies de fouille et recherches de preuves Sylvain Desharnais , Nadia Vigneault Nous présenterons les différentes stratégies de fouille d’une média : mots-clé, expressions régulières, arborescence, etc. ...
Hunting with LimaCharlie Maxime Lamothe-brassard LIMA CHARLIE (LC) is an Open Source, cross­platform endpoint security monitoring and mitigation solution focusing ...
Getting Beyond Bugbounty Noob Status Peter Yaworski In this chat, I’ll talk about my experience hacking on the HackerOne platform, specifically, how ...
Histoire d’un hack. Bernard Bolduc Un site web s’est fait hacker, voici l’histoire.
Workshop: XSS Auditor Bypass Olivier Arteau XSS protection provided by the browsers is getting more and more sophisticated. This workshop will ...
De-anonymizing Bitcoin one transaction at a time David Décary-hétu , Mathieu Lavoie The aims of this presentation are twofold. The first is to present an open-source tool ...
How I Darkweb Economies (and You Can Too!) Benjamin Brown , Johnny Xmas Since the infamous Silk Road takedown by the FBI in 2013, the Darkweb economy has ...
Your configs are bad and you should feel bad Stephen Hall Let’s talk about that linux server on the network that seems to be neglected, you ...
Workshop : Techniques d’informatique forensique Sylvain Desharnais , Nadia Vigneault , Mohamed Haoues , Gabriel Desharnais , Gabriel Tessier L’atelier “Techniques d’informatique forensique” est une activité d’application des stratégies de fouille de média, d’une ...
BurpSmartBuster - A smart way to find hidden treasures, the next steps Patrick Mathieu Bruteforcing non-indexed data is often use to discover hidden files and directories which can lead ...
Game Hacking Exposed. Mickael Nadeau Talking about everything needed to hack a game and all the broken concept behind a ...