derbycon 2017 Sept. 22, 2017 to Sept. 24, 2017, derby,usa

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Subverting Trust in Windows - A Case Study of the "How" and "Why" of Engaging in Security Research Matt Graeber Since his first InfoSec talk given at DerbyCon 3, Matt has made a reputation for ...
I had my mom break into a prison, then we had pie. John Strand In this talk we will cover math, social engineering, breaking AV, open source software, Artificial ...
So you want to be a Social Engineer Chris Hadnagy One of the most asked questions we get at all of our Social-Engineer sites is ...
Further Adventures in Smart Home Automation: Honey, Please Don’t Burn Down Your Office Ed Skoudis In the last 12 months, Ed Skoudis has been on a tear adding new automation ...
When to Test, and How to Test It Bruce Potter “I think we need a penetration test". This is one of the most misunderstood phrases ...
How to Measure Your Security: Holding Security Vendors Accountable Winn Schwartau Security Guy since 1983. Cyberwar. Modelling
Here Be Dragons: The Unexplored Land of Active Directory ACLs Rohan Vazarkar , Will Schroeder , Andy Robbins "During internal penetration tests and red team assessments, Active Directory remains a key arena for ...
Securing Windows with Group Policy Josh Rickard "Group Policy exists in almost every modern business environment. Many organizations either do not use ...
A New Take at Payload Generation: Empty-Nest Tom Steele , James Cook As the evolution of endpoint, egress, and network security controls continues, adversaries and pentesters are ...
How we accidentally created our own RAT/C2/Distributed Computing Network Adam Len Compton , Bill Harshbarger Rat/C2/Botnet/Distributed Computing… Sure there are differences, but they all share common attributes and functionality. In ...
TBD Josh ‘fuzzynop’ Schwartz , John Cramb TBD FuzzyNop and ceyx were both raised by computerized wolves with a penchant for fine ...
Defending against PowerShell Attacks Lee Holmes "The security industry is ablaze with news about how PowerShell is being used by both ...
VMware Escapology: How to Houdini The Hypervisor Joshua Smith , Jasiel Spelman "Over the past year, attacks targeting VMware desktop hypervisors (Workstation, Fusion etc) have been on ...
Active Defense for web apps Scott M Attackers can ruin your day...are you ready to turn the tables on them? Of course ...
Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@('Tech','niques') -Join'') Daniel Bohannon "Attackers, administrators and many legitimate products rely on PowerShell for their core functionality. However, its ...
CredDefense Toolkit Beau Bullock , Derek Banks , Brian Fehrman Pentesting organizations as your day-to-day job quickly reveals commonalities among environments. Although each test is ...
3rd Annual Metasploit Townhall David thelightcosine Maloney , Spencer Mcintyre , James Lee , Brent Cook This will be the third year of the Metasploit Townhall at DerbyCon. This will be ...
IoT Security – Executing an Effective Security Testing Process Deral Heiland With IoT expected to top 20 billion connected devices by the end of the decade. ...
PSAmsi - An offensive PowerShell module for interacting with the Anti-Malware Scan Interface in Windows 10 Ryan Cobb "As use of ""fileless"" malware using PowerShell to stay in memory and evade traditional AV ...
Steel Sharpens Steel: Using Red Teams to improve Blue Teams Christopher Payne Understanding, anticipating, and identifying the wide array of evolving threats facing organizations today requires well-developed ...
Purpose Driven Hunt: What do I do with all this data? Jared Atkinson , Robby Winchester Does your organization want to start Threat Hunting, but you’re not sure how to begin? ...
Fileless Malware - The New “Cyber” Colin Grady , Edmund Brumaghin Buzzwords are the bane of the infosec community. Whether it’s “cyber” or “APT”, these terms ...
An ACE in the Hole: Stealthy Host Persistence via Security Descriptors Will Schroeder , Matt Nelson , Lee Christensen "Attackers and information security professionals are increasingly looking at security descriptors and their ACLs, but ...
Introducing DeepBlueCLI v2, now available in PowerShell and Python Eric Conrad "Recent malware attacks leverage PowerShell for post exploitation. Why? No EXE for antivirus or HIPS ...
DanderSpritz: How the Equation Group's 2013 tools pwn in 2017 Francisco Donoso "Everyone has focused on the Equation Group's ""weapons grade"" exploits but no one has focused ...
Hunting Lateral Movement for Fun and Profit Mauricio Velazco After obtaining an initial foothold on an environment, attackers are forced to embark in lateral ...
War Stories on Embedded Security: Pentesting, IoT, Building Managers, and how to do Better Jared Demott If security were easy, we’d have solved it 20 years ago. Unfortunately for complex networks ...
Run your security program like a boss / practical governance advice Rockie Brockway , Justin M. Leapline "Let’s face it; it’s not easy to run a security governance program. With the continuing ...
Defending the Cloud: Lessons from Intrusion Detection in SharePoint Online Matt Swann Over the past four years we've tried, failed, and now begun to succeed at defending ...
(Mostly) Free Defenses Against the Phishing Kill Chain Schuyler Dorsey An enterprise defender does not have an easy role; however there are many free or ...
Digital Vengeance: Exploiting the Most Notorious C&C Toolkits Waylon Grange "Every year thousands of organizations are compromised by targeted attacks. In many cases the attacks ...
Eye on the Prize Adam Hogan Eye on the Prize - a Proposal for the Legalization of Hacking Back The myriad ...
Building Better Backdoors with WMI Alexander Leary This presentation will provide a brief overview of WMI, and how creating WMI providers can ...
Beyond xp_cmdshell: Owning the Empire through SQL Server Scott Sutherland , Alexander Leary "During this presentation, we’ll cover interesting techniques for executing operating system commands through SQL Server ...
Bots, Trolls, and Warriors: The Modern Adversary Playbook Andrea Little Limbago Adversaries increasingly integrate ‘traditional’ computer attack vectors with advances in automation and the power of ...
Building Google for Criminal Enterprises Anthony Russell "I was able to create a proof of concept application that scrubs a recreation of ...
V!4GR4: Cyber-Crime, Enlarged Koby Kilimnik "Trafficking of counterfeit pharmaceuticals is a massive industry, and have been known for its persistent ...
The skills gap: how can we fix it? Bill Gardner How can educator help the community get the graduates you need?
Extending Burp Carl Sampson Burp is one of the most popular tools used in dynamic web application testing with ...
Shellcode Via VBScript/JScript Implications Casey Smith "This talk will explore a recent discovery of being able to execute shellcode and make ...
Retail Store/POS Penetration Testing Daniel Brown Penetration Testing a retail/POS environment. The methods companies are using to try and protect them, ...
Improv Comedy as a Social Engineering Tool Dave Mattingly The rules of improv comedy can apply to many social interactions, including bluffing your way ...
How to safely conduct shenanigans Renderman , Evil_mog There are some legendary pranks pulled off at derbycon, this talk goes through how to ...
The .NET Inter-Operability Operation James Forshaw One of the best features of the .NET runtime is its in-built ability to call ...
A presentation or presentations because... presenting Jason Blanchard In less than 30 minutes, you'll smile, nod in agreement, be amazed, become incredibly self-aware ...
Return From The Underworld - The Future Of Red Team Kerberos Mitchell Hennigan , Jim Shaver This talk discusses Kerberos Key derivation, cracking and the future of Kerberos, kerberoasting and NTLM. ...
Memory-Based Library Loading: Someone Did That Already. Casey Rosini The technique of using memory-based library loading has been around for a number of years. ...
Building the DeathStar: getting Domain Admin with a push of a button (a.k.a. how I almost automated myself out of a job) Marcello Salvati "Ever since the advent of tools like PowerSploit, Empire, Bloodhound and CrackMapExec pentesting Active Directory ...
Modern Evasion Techniques Jason Lang As pentesters, we are often in need of working around security controls. In this talk, ...
FM, and Bluetooth, and Wifi... Oh My! Aaron Lafferty "Our organizations utilize radio frequencies (RF) on a daily basis. These signals surround us, travel ...
Detect Me If You Can Ben Ten As long as there is a "Patch Tuesday", and software has bugs, there will always ...
Full-Contact Recon Savant , Int0x80 "Imagine starting your pentest with a shell. Better yet, a shell with privileges. Skip the ...
Not a Security Boundary: Bypassing User Account Control Matt Nelson Microsoft's User Account Control feature, introduced in Windows Vista, has been a topic of interest ...
Victim Machine has joined #general: Using Third Party APIs as C&C Infrastructure. Stephen Hilt , Lord Alfred Remorin The popularity of third party chat applications is on the rise for both personal and ...
JReFrameworker: One Year Later Benjamin Holland JReFrameworker is a Java bytecode manipulation tool released at DEFCON 24 that lowers the barrier ...
Hidden Treasure: Detecting Intrusions with ETW Zac Brown "Today, defenders consume the Windows Event Log to detect intrusions. While useful, audit logs don't ...
How to Hunt for Lateral Movement on Your Network Ryan Nolette "Once inside your network, most cyber-attacks go sideways. They progressively move deeper into the network, ...
Kali Linux? Johnny Long What is Kali Linux? People outside our industry think it's cool thanks to Elliot and ...
Common Assessment Mistakes Pen Testers and Clients Should Avoid Tim Roberts , Brent White "Penetration assessments can be a stressful time for those involved. It’s a moment where the ...
Everything I Need To Know About Security I Learned From Watching Kung Fu Movies Paul Asadoorian "Whether you are a fan of Kung Fu movies or not, this will be an ...
Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science Lee Holmes , Daniel Bohannon "Attackers, administrators and many legitimate products rely on PowerShell for their core functionality. However, its ...
Reverse Engineering Hardware via the HRES Timothy Wright The Hardware Reverse Engineering Stanardard or HRES has been designed to provide security engineers with ...
To Catch a Spy Tyler Hudak In the first Vault 7 WikiLeaks dump, the documents discussed several different persistence and anti-RE ...
Rapid Incident Response with PowerShell Mick Douglas PowerShell shouldn’t just be used by pen testers! Attendees of this talk will learn how ...
Windows Rootkit Development: Python prototyping to kernel level C2 R.j. Mcdown Red teams are always looking for new ways to persist on hosts that could potentially ...
Peekaboo! I Own You. Owning Hundreds of Thousands Vulnerable Devices with only two HTTP packets Amit Serper Imagine that you've purchased your small a cheap ip security camera to feel just a ...
Burping for Joy and Financial Gain Tim “lanmaster53″ Tomes "If you do application security and don't use Burp Suite, then you're likely doing it ...
POP POP RETN ; An Introduction to Writing Win32 Shellcode Christopher Maddalena If you have ever worked with an exploit or Metasploit, you have probably used shellcode, ...
What A Long Strange Trip It’s Been Jim Nitterauer "Every day we are bombarded with news from every direction warning of impending doom for ...
Game On! Using Red Team to Rapidly Evolve Your Defenses Joff Thyer , Pete Petersen "This talk will be an enjoyable conversation with good beer, great bourbon, and terrific friends ...
Anatomy of a Medical Device Hack- Doctors vs. Hackers in a Clinical Simulation Cage Match Joshua Corman , Christian quaddi Dameff , Jeff r3plicant Tully , Beau Woods "In the near future, a crisis unfolds at a hospital: patients on automated drug infusion ...
Advanced Threat Hunting Robert Simmons "Many threat intelligence teams are small and must make limited resources work in the most ...
CHIRON - Home based ML IDS Rod Soto , Joseph Zadeh "CHIRON is an open source python based Machine Learning framework that applies security analytics to ...
Blue Team Keeping Tempo with Offense Casey Smith , Keith Mccammon "Red: Forgot about slinging binaries, and set aside Powershell. What does it take to level ...
Data Mining Wireless Survey Data with ELK Matthew Verrette Over the past few years the community has talked about collecting wireless signals, but there ...
How to KickStart a Drone JailBreaking Scene Kevin Finisterre Jailbreaking is fairly common place in the various market verticals for modern technology. The internet ...
Web Application testing - approach and cheating to win Lee Neely , Jim Mcmurry , Chelle Clements As security professionals we are often called upon to assess the security of web delivered ...
When IoT Research Matters Mark Loveless Most IoT research involves low hanging fruit and kitchen appliances. But what happens when the ...
I want my EIP Mike Saunders When I started learning buffer overflows, I thought it was something everybody else already knew. ...
Personalities disorders in the infosec community Jenny Maresca Understanding the interpersonal relationships that develope in the community and how to identify traits in ...
Purple team FAIL! Jason Morrow What went wrong with the introduction of a red team discipline into fortune 1 and ...
Architecture at Scale – Save time. Reduce spend. Increase security. Ryan Elkins An effective security architecture program must establish a framework to correlate security between operations, development, ...
Building a full size CNC for under $500 Justin Herman Everyone wishes it was easier to take an idea and make it into physical form. ...
Python Static Analysis Spencer J Mcintyre "Python is a popular language and that is true as well within the Security industry. ...
The Trap House: Making your house as paranoid as you are. Jonathan Echavarria , David E. Switzer Home automation and IoT is all the rage, but once you have your thermostat automated, ...
Hunting for Memory-Resident Malware Joe Desimone Once a staple of nation state level adversaries, memory-resident malware techniques have become ubiquitous even ...
C2 Channels - Creative Evasion Justin Wilson Shining light on new ways attackers are being creative with C2 channels.
Reaching Across the Isle: Improving Security Through Partnership Kevin Gennuso Information security has been a challenge since the dawn of computer networking. Improving the situation ...
Out With the Old, In With the GNU Lsly In our field and related subsections, we typically don’t learn from scratch. Instead, we learn ...
Tracing Adversaries: Detecting Attacks with ETW Matt Hastings , Dave Hull Event Tracing for Windows (ETW) is a powerful debugging and system telemetry feature that's been ...
The Current State of Security, an Improv-spection Sean Metcalf , Nick Carr "Think ""Whose Line is It Anyway"" meets InfoSec - don't expect to see many slides. ...
I Survived Ransomware . . . TWICE Matthew Perry "In this talk, Matt will describe what happened at the law firm where he works ...
Drone Delivered Attack Platform (DDAP) Michael Collins "The day the chickens moved into the coop I knew there was going to be ...
Mobile APTs: A look at nation-state attacks and techniques for gathering intelligence from military and civilian devices Michael Flossman As we increasingly rely on mobile devices to create, access, and modify sensitive information, sophisticated ...
MacOS host monitoring - the open source way Michael D. George MacOS host monitoring - the open source way, I will talk about a example piece ...
Statistics on 100 million secrets: A look at recent password dumps Nyxgeek Statistics on 100 million secrets: A look at recent password dumps.
Hacking VDI, Recon and Attack Methods Patrick Coble VDI Deployments are in over 90% of all the Fortune 1000 companies and are used ...
DFIR Redefined Russ Mcree Those of us who operate within the constructs of digital forensics and incident response understand ...
Aiding Static Analysis: Discovering Vulnerabilities in Binary Targets through Knowledge Graph Inferences John Toterhi Static analysis is the foundation of vulnerability research (VR). Even with today's advanced genetic fuzzers, ...
Evading Autoruns Kyle Hanslovan , Chris Bisnett When it comes to offense, maintaining access to your endpoints is a key. For defenders, ...
Jumping the Fence: Comparison and Improvements for Existing Jump Oriented Programming Tools John Dunlap Stuck on a difficult exploit payload where you simply cannot use the stack to hold ...
IDAPython: The Wonder Woman of Embedded Device Reversing Maddie Stone "Ready to learn why and how to leverage IDAPython to take hundreds of hours off ...
Love is in the Air - DFIR and IDS for WiFi Networks Lennart Koopmann "Every company uses wireless networks in some way and asking for the WiFi password, simply ...
Going Deep and Empowering Users - PCAP Utilities and Combating Phishing in a new way Joseph M Siegmann In this day and age IDS/IPS sensors which just are not enough to detect and ...
We're going on a Threat Hunt, Gonna find a bad-guy. Todd Sanders Let's do some hunting! This talk will dive into a big buzz word that vendors ...
Windows Event Logs -- Zero 2 Hero Nate Guagenti , Adam Swan "In this talk you will be shown logging, consuming, and analyzing (on a small & ...
Gone In 59 Seconds - High Speed Backdoor Injection via Bootable USB Piotr Marszalik , Michael Wrzesniak Gaining physical access was trivial, but now the computer is locked (or off) and time ...
SniffAir – An Open-Source Framework for Wireless Security Assessments Steven Darracott , Matthew Eidelberg "SniffAir is an open-source wireless security framework. Its primary purpose is to provide pentesters, systems ...
Become the Puppet Master - the battle of cognition between man and machine Michael Robinson , Joseph Oney How do you approach an investigation? How do you deal with large amounts of data? ...
EDR, ETDR, Next Gen AV is all the rage, so why am I enraged? Michael Gough A funny thing happened when I evaluated several EDR, ETDR and Next Gen AV products, ...
Kinetic to Digital: Terrorism in the Digital Age Kyle Wilhoit "Terrorists have found novel ways to circumvent typical security controls. Examples of these activities come ...
Hacking Blockchains Aaron Hnatiw More than just the system behind Bitcoin, blockchain is a new technology that has the ...
Winning (and Quitting) the Privacy Game: What it REALLY takes to have True Privacy in the 21st Century; or How I learned to give in and embrace EXIF tags Tim Malcomvetter "The privacy vs. technology debate rages on. So many people say they want “total privacy,” ...
Introducing SpyDir - a BurpSuite Extension Ryan Reid "The problem? Too much code, huge dynamic environments, and far too little time. The answer? ...
Phishing for You and Your Grandma! Sarah Norris Phishing attacks may seem like a breeze, however sometimes the hard part is getting past ...
Regular Expressions (Regex) Overview Matt Scheurer Writing Regular Expressions (Regex) is a versatile skill set to have across the IT landscape. ...
Securing Your Network: How to Prevent Ransomware Infection Jonathan Broche , Alton Johnson "Malware and Zero Day Exploits are a hot topic in the Information Security community as ...
Diary of a Security Noob Tj Toterhi "So you’re looking to get into or have just landed your first job in security. ...
Spy vs. Spy - Tip from the trenches for red and blue teams Jeff Mccutchan , Tom Mcbee "This talk outlines some common, but effective, red team tactics as well as some of ...