toorcon2018SanDiego 2018 Sept. 10, 2018 to Sept. 16, 2018, San Diego, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Threat Hunting with Network Forensics Using network forensic techniques to detect threats Tom Arnold This presentation looks at TCP/UDP network traffic and protocols to identify what information can be ...
Shooting Puny Phish in a Barrel Michael Wylie With millions of phishing Emails caught be spam filters and users properly trained by well-defined ...
Cheating at AppSec How devops tools can be used in digital combat for fun and profit Gene Erik DevSecOps is becoming the rule not the exception. Right? Applying the "rule" backwards can prove ...
Digital Forensics is not just for incident response anymore Irish.masms Experienced InfoSec professionals are familiar with leveraging digital forensics in their incident response efforts. There ...
Hacking and Hardening Kubernetes Jay Beale In this talk, we will demonstrate attacks on Kubernetes clusters, discuss defenses, then demonstrate how ...
KEYNOTE: The Enemy Within Simple Nomad N/A
IoT Botnets : The Crux of "Internet of Things" Chaos ! Aditya K Sood IoT botnets are deployed heavily to perform nefarious activities by circumventing the integrity of the ...
Following a Trail of Confusion Identifying and Defeating Modern Malware Code Obfuscation Josh Stroschein Modern malware uses a wide variety of code obfuscation techniques to hide it’s true intentions ...
Yet Another IoT Hack A demonstration of discovering and exploiting security vulnerabilities in the TerraMaster F2-420 NAS Joshua Meyer Security and the Internet of Things (IoT) are commonly discussed, though rarely in a positive ...
Symbolic Computing, Moving On Up. Zv This talk presents real world application of solvers for checking code, as well as some ...
Ransomware versus Cryptojacking: Latest Trends in Modern Malware Pranshu Banjpai Ransomware and cryptojacking have been recognized as the top malware threats in 2018. Financially motivated ...
Infecting the Embedded Supply Chain Alex , Zach Miller With a surge in the production of internet of things (IoT) devices, embedded development tools ...
Reversing Ethereum Smart Contracts Find out what is behind EVM bytecode Patrick Ventuzelo Ethereum is currently the reference of smart contract platform due to the possibility to create ...
Hacker Mental Health Project N/a Mental health issues within the hacker/infosec community are a growing concern. Not only as a ...
Goldilocks and the three ATM attacks David Videoman Automated Teller Machines (ATM) attacks are more sophisticated than ever before. Criminals have upped their ...
Anatomy of ICS Disruptive Attacks Lessons learned from CRASHOVERRIDE and TRISIS Joe Slowik ICS attacks are increasingly in the spotlight, yet significant misconceptions exist as to how these ...
Dissection of WebAssembly module Reversing and Analysis of the new “game changer for the web” Patrick Ventuzelo WebAssembly (WASM) is a new binary format currently developed by all major browsers including Firefox, ...
Integrated security testing Turn your QAs into hackers by leveraging your existing test framework Hackimedes Having a scalable suite of continuously run security tests seems out of reach for all ...
From FAR and NEAR: Exploiting Overflows on Windows 3.x Jacob Thompson This talk covers finding a buffer overflow vulnerability in some old Windows 3.x-based Internet software ...
Finding secrets in source code with TruffleHog Dylan Developers frequently commit secrets to source code, and sometimes push secrets to package managers. These ...
Unikernel Apocalypse Big Trouble in Ring 0 Jeff Dileo , Spencer Michaels "Unikernels" are specialized, single-address-space machine images that run entirely in ring 0 as a guest ...
If You Give a Container a Capability: A Tale of Container Exploitation Vikas Kumar , Rob Glew This talk walks through mechanisms used by container solutions to create an "isolated" computation environment ...
Avoiding default passwords and secrets breaches using open source Helping everyone from open source developers to reporters and campaign staff Dave Dittrich , Katherine Carpenter This talk covers the fundamental problem of handling secrets (e.g., passwords, API tokens, private keys) ...
Lost and Found Certificates: dealing with residual certificates for pre-owned domains Ian Foster , Dylan When purchasing a new domain name you would expect that you are the only one ...
You’re Not Alone in Your Hotel Room Michael Wylie Staying in a hotel can bring numerous privacy concerns. Shared WiFI, housekeeping with access to ...
Shining a light on a black box: Reverse engineering proprietary protocols in Embedded devices Rick Ramgattie IoT devices often present unique and unexpected challenges for hackers to overcome. In this talk, ...
My Little AWS IR Sandbox Michael Wylie A well-tuned security awareness program will fill up your team’s inbox with malware, phishing, and ...
An Inconvenient Truth Evading the Ransomware Protection in Windows 10 Soya Aoyama The ransomware protection in Windows 10 is uselessThe WannaCry cyber-attack all over the world in ...
Ridiculous Router Using OpenWRT to do all the enterprise stuff Gene Erik OpenWRT is stable on many cheap platforms. It does so many things. The power provided ...
Bug Bounty Hunting on Steroids Anshuman Bhartiya Bug bounty programs are a hot topic these days. More and more companies are realizing ...
Smart Contract Honeypots for Profit (and probably Fun) Ben Schmidt Ethereum smart contracts have bugs: a lot of them. So many, in fact, that attackers ...
Electron Harmony Drawing Readable Schematics The Right Way Funsized A good schematic should flow like a well written manuscript or a piece of music. ...
UEFI is Scary Pre-kernel attacks are getting easier Gene Erik UEFI is borked. This is nothing new. But the tools are making it easier to ...
Introducing InfoconDB.org - IMDB For Hacker Cons Tom Samstag (tecknicaltom) This talk will introduce https://InfoconDB.org - a site that aims to catalog and cross-reference all ...
It will kill or harm you and it's in you or your home medical and iot device security talk on how they can harm and kill you and how. Ryan Satterfield Exploding light bulbs? Yup. How safe is IOT? Can your speakers make you go blind ...