DerbyConVIIIEvolution 2018 Oct. 3, 2018 to Oct. 7, 2018, Louisville, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
How to influence security technology in kiwi underpants Benjamin Delpy N/A
Red Teaming gaps and musings Samuel Sayen Red Teaming is currently the closest most companies get to adversary emulation. While Red Teaming ...
A Process is No One: Hunting for Token Manipulation Jared Atkinson , Robby Winchester Does your organization want to start Threat Hunting, but you’re not sure how to begin? ...
Fuzz your smartphone from 4G base station side Tso-jen Liu In this upcoming IoT world, more wireless transmission technique are used for IoT devices, such ...
Clippy for the Dark Web: Looks Like You’re Trying to Buy Some Dank Kush, Can I Help You With That? Emma Zaballos The dark web’s inherent hostility to observation makes it the perfect place for whistleblowers, freethinkers… ...
Synfuzz: Building a Grammar Based Re-targetable Test Generation Framework Joe Rozner Fuzzers have played an important role in the discovery of reliability and security flaws in ...
Escoteric Hashcat Attacks Evilmog Ever wonder how to get past the 70% password cracking barrier, EvilMog will talk about ...
NOOb OSINT in 30 Minutes or less! Greg Speaker OSINT is more than making a fake Facebook account and looking up your EX. We ...
RFID Luggage Tags, IATA vs Real Life Daniel Lagos IATA and Airlines have been testing RFID equipped luggage tags since the early 2000's. Their ...
#LOL They Placed Their DMZ in the Cloud: Easy Pwnage or Disruptive Protection Carl Alexander Uber Did It To Taxis, AirBnB Did It To Hotels, Could External Cloud DMZ Models ...
Maintaining post-exploitation opsec in a world with EDR Martin Roberts , Michael L. Roberts How a modern pentesting or red team can remain stealthy during post exploitation activities. Will ...
Hey! I found a vulnerability – now what? Crob , Lisa Bradley You found a vulnerability in a product and decide to responsibly disclose the issue. Thank ...
Foxtrot C2: A Journey of Payload Delivery Dimitry Snezhkov Execution of an offensive payload may begin with a safe delivery of the payload to ...
IRS, HR, Microsoft and your Grandma: What they all have in common Christopher Hadnagy , Cat Murdock Vishing is quickly becoming one of the most dangerous vectors in the world of social ...
I Can Be Apple, and So Can You Josh Pitts Cryptographic verification of executables is a core security feature that many third-party developers and security ...
Invoke-EmpireHound - Merging BloodHound & Empire for Enhanced Red Team Workflow Walter Legowski Empire & BloodHound are two great Post-Exploitation Tools. Since I am a PowerShell fanboy, I ...
The History of the Future of Cyber-Education Winn Schwartau When I think about what cybersecurity education in the future should look like it almost ...
#LOLBins - Nothing to LOL about! Oddvar Moe You have probably heard the term LOLBin, LOLScript or LOLLib by now. Want to get ...
From Workstation to Domain Admin: Why Secure Administration Isn't Secure and How to Fix It Sean Metcalf Organizations have been forced to adapt to the new reality: Anyone can be targeted and ...
When Macs Come Under ATT&CK Richie Cyrus Macs are becoming commonplace in corporate environments as a alternative to Windows systems. Developers, security ...
State of Win32k Security: Revisiting Insecure design Vishal Chauhan Win32k.sys is infamous for being the prime target used by hackers for modern exploitation and ...
Everything Else I Learned About Security I Learned From Hip-Hop Paul Asadoorian Come along on a fantastic voyage and learn Hip Hip and how it relates to ...
MS17-010? Zerosum0x0 MS17-010 is the most important patch in operating systems history. The ultimate high profile and ...
Abusing IoT Medical Devices For Your Precious Health Records Saurabh Harit , Nick Delewski This talk discusses the risks of connected healthcare devices. It looks at the benefits of ...
Offensive Browser Extension Development Michael Weber For the past few years, malware authors have abused the extension development functionality of Chrome ...
Hackers, Hugs, & Drugs: Mental Health in Infosec Amanda Berlin The information security community is difficult to compare to any other. We are composed of ...
The Unintended Risks of Trusting Active Directory Will Schroeder , Matt Nelson , Lee Christensen N/A
Detecting WMI exploitation Michael Gough Windows Management Instrumentation (WMI) is loved by the Red Team, Pentesters, and the criminals. There ...
Protect Your Payloads: Modern Keying Techniques Leo Loobeek Our payloads are at risk! Incident responders, threat hunters, and automated software solutions are eager ...
Android App Penetration Testing 101 Derek Banks , Joff Thyer Join us for a fun journey through the steps we use as penetration testers to ...
Lessons Learned by the WordPress Security Team Aaron D. Campbell Managing security for the WordPress project is a challenge to say the least. The sheer ...
Gryffindor | Pure JavaScript, Covert Exploitation Matthew Toussain Network defenses are evolving at an unprecedented rate. Our open source toolkit has become ever ...
Jump Into IOT Hacking with the Damn Vulnerable Habit Helper Device Nancy Snoke , Phoenix Snoke In this talk, husband and wife team Phoenix and Nancy Snoke introduce the Damn Vulnerable ...
Draw a Bigger Circle: InfoSec Evolves Cheryl Biswas InfoSec has never been more needed, or more in demand. Against a geopolitical backdrop of ...
IronPython... omfg Marcello Salvati Over the course of the last few years, PowerShell has been the number one way ...
Instant Response: Making IR faster than you thought possible! Mick Douglas , Josh Johnson This talk will leverage some of the latest PowerShell research that Mick and Josh have ...
Tales From the Bug Mine - Highlights from the Android VRP Brian Claire Young Every month, Google releases the Android Security Bulletin, the latest collection of public vulnerabilities found ...
Decision Analysis Applications in Threat Analysis Frameworks Emily Shawgo In the modern age, all organizations face threats from various types of cyber attacks. Although ...
How Russian Cyber Propaganda Really Works Jonathan Nichols How does PSYOP really work? Did the Russians actually influence anyone? Could they do it ...
Make Me Your Dark Web Personal Shopper! Emma Zaballos Ever wondered what it would be like to have a personal shopper on the black ...
Driving Away Social Anxiety Joey Maresca Social anxiety can be a common problem and one that can be detrimental in a ...
Off-grid coms and power Justin Herman You want ways to stay connected even when not being on the grid. Join me ...
CTFs: Leveling Up Through Competition Alex Flores CTFs are fun and informative enough as they are, but if you approach them from ...
Mapping wifi networks and triggering on interesting traffic patterns Caleb Madrigal Sure, WiFi hacking has been around for a while, and everyone knows about tools like ...
Extending Burp to Find Struts and XXE Vulnerabilities Chris Elgee How do you test for Struts vulnerabilities in clients' web apps? Have you tried writing ...
Introduction to x86 Assembly Dazzlecatduo Windows, Linux, and Mac all run x86 assembly. From your favorite software application down to ...
Pacu: Attack and Post-Exploitation in AWS Spencer Gietzen Cloud infrastructure security and configuration has been shown to be a difficult task to master. ...
An Inconvenient Truth: Evading the Ransomware Protection in Windows 10 Soya Aoyama The WannaCry cyber-attack all over the world in May, 2017 is still fresh in our ...
Brutal Blogging - Go for the Jugular Kate Brew Blogging in InfoSec is a great way to improve your visibility in the community and ...
RID Hijacking: Maintaining Access on Windows Machines Sebastián Castro The art of persistence is (and will be...) a matter of concern when successfully exploitation ...
Your Training Data is Bad and You Should Feel Bad Ryan J. O'grady Everyone is using Big Data and Machine Learning these days. Not sure how to solve ...
So many pentesting tools from a $4 Arduino Michael Vieau , Kevin Bong Arduinos are cool, but making LEDs blink and monitoring the water in your houseplants can ...
Building an Empire with (Iron)Python Jim Shaver This talk discusses porting Python payloads to Windows using a little known, former Microsoft project. ...
Hardware Slashing, Smashing, and Reconstructing for Root access Deral Heiland This presentation I will be focusing on what is typically referred to as destructive methods ...
VBA Stomping - Advanced Malware Techniques Carrie Roberts , Kirk Sayre , Harold Ogden There are powerful malicious document generation techniques that are effective at bypassing anti-virus detection. A ...
Disaster Strikes: A Hacker's Cook book Carlos Perez , Jose Quinones Go back in time to September 21, 2017 after Hurricane Maria passed over Puerto Rico ...
SAEDY: Subversion and Espionage Directed Against You Judy Towers Industrial espionage is the practice of secretly gathering information about competing corporation or business interest, ...
App-o-Lockalypse now! Oddvar Moe Want to get a good overview of AppLocker and the different AppLocker bypasses and at ...
Media hacks: an Infosec guide to dealing with journalists Sean Gallagher , Steve Ragan , Paul Wagenseil Infosec researchers, experts, and hackers in general have a…fraught relationship with media, ranging from exploitive ...
Ninja Looting Like a Pirate Infojanitor There is a vast amount of information that exist in the modern world. More so ...
OSX/Pirrit - Reverse engineering mac OSX malware and the legal department of the company who makes it Amit Serper , Niv Yona , Yuval Chuddy Back in 2016 I discovered a new OSX strain of the Pirrit adware/malware which up ...
Web App 101: Getting the lay of the land Mike Saunders Getting started with web apps can be a daunting task. "Ooh, shiny!" rabbit holes are ...
Deploying Deceptive Systems: Luring Attackers from the Shadows Kevin Gennuso "Assume the network is compromised" has been a popular mantra in information security for years ...
Hacking Mobile Applications with Frida David Coursey Scientists have estimated by the year 2033 the entire solar system will be made up ...
How to test Network Investigative Techniques(NITs) used by the FBI Dr. Matthew Miller Network Investigative Techniques are used to investigate cyber criminal activities. These techniques have been used ...
Fingerprinting Encrypted Channels for Detection John B. Althouse Last year we open sourced JA3, a method for fingerprinting client applications over TLS, and ...
The Money-Laundering Cannon: Real cash; Real Criminals; and Real Layoffs Arian Evans After 15 years of building security products, I decided to join the front lines of ...
Victor or Victim? Strategies for Avoiding an InfoSec Cold War Stuart Mcintosh , Jason Lang Is your internal red team withholding their TTPs from the defense? Defenders, are you constantly ...
Cloud Computing Therapy Session Cara Marie , Andy Cooper You don't have to hate your motherboard, or want a magic wand to solve all ...
WE ARE THE ARTILLERY: Using Google Fu To Take Down The Grids Krypt3ia , Chris Sistrunk , Synackpwn In this presentation we will show how effective a team of individuals can be in ...
Perfect Storm: Taking the Helm of Kubernetes Ian Coldwater Containers don't always contain. For attackers, Kubernetes contains a number of interesting attack surfaces and ...
Ubiquitous Shells John Gorenflo Ubiquiti network gear has become a favorite among tech enthusiasts. Unfortunately, various Ubiquiti products have ...
Silent Compromise: Social Engineering Fortune 500 Businesses Joe Gray Social Engineering and Open Source Intelligence (OSINT) are silent modes of compromising businesses. This presentation ...
Just Let Yourself In David Boyd Everyone loves the ‘shiny blinky security hardware’. However, they don’t work as well if a ...
How to put on a Con for Fun and (Non) Profit Rick Hayes , John Moore , Bill Gardner , Justin Rogosky , Benny Karnes , Matt Perry , Mike Fry , Steve Truax Planning and running an InfoSec conference can be the most fun and rewarding time that ...
99 Reasons Your Perimeter Is Leaking - Evolution of C&C John Askew From the venerable bind shell, to the reverse shell, the IRC bot channel, the icmp/dns/custom ...
Dexter: the friendly forensics expert on the Coinbase security team Hayden Parker Sometimes you want to be able to pull forensic images off your production hosts but ...
Web app testing classroom in a box - the good, the bad and the ugly James Mcmurry , Chelle Clements , Lee Neely Web based applications and services are the key technologies behind modern service delivery. And their ...
Ship Hacking: a Primer for Today’s Pirate Brian Satira , Brian Olson In 1995, when the fictitious Dade Murphy and his friends stopped oil tankers from being ...
Going on a Printer Safari – Hunting Zebra Printers James Edge If you see a label or receipt there is a good chance it was printed ...
Living in a Secure Container, Down by the River Jack Mannino Linux container technologies offer the ability to run software in isolation with a significantly reduced ...
Code Execution with JDK Scripting Tools & Nashorn Javascript Engine Brett Hawkins There are several languages and methods used to execute code on a computer system, such ...
Community Based Career Development or How to Get More than a T-Shirt When Participating as part of the Community Kathleen Smith , Magen Wu , Kirsten Renner , Cindy Jones , Kathryn Seymour Career development is typically seen as a progression of education, certification and job moves. However, ...
PHONOPTICON - leveraging low-rent mobile ad services to achieve state-actor level mass surveillance on a shoestring budget Mark Milhouse By now we all know that mobile advertisements aren't secure. How would an attacker take ...
Patching: Show me where it hurts Cheryl Biswas Patching – it’s complicated. Organizations at every level struggle with patching. It feels more like ...
Advanced Deception Technology Through Behavioral Biometrics Curt Barnard , Dawud Gordon In cybersecurity, the attacker tends to have a significant advantage over the defender. A motivated ...
We are all on the spectrum: What my 10-year-old taught me about leading teams Carla A Raisler Being a parent of an autistic child has taught me how to communicate with my ...
No Place Like Home: Real Estate OSINT and OPSec Fails John Bullinger Join me in discovering the large amount of OSINT data that can be obtained through ...
The Layer2 Nightmare Chris Mallz It all started with a very simple question. Is it possible to firewall all internal ...
Attacking Azure Environments with PowerShell Karl Fosaaen For a multitude of reasons, many organizations are moving their operations to the cloud. Along ...
Blue Blood Injection: Transitioning Red to Purple Lsly Ayyy Moving from a large company with a retinue of pentesters, to a start-up with far ...
Mirai, Satori, OMG, and Owari - IoT Botnets Oh My Peter Arzamendi Mirai, seen as revolutionary for malware that targets the Internet of Things (IoT), has wrought ...
Comparing apples to Apple Adam Mathis Many defenders have hard fought experience finding evil on Windows systems, but stare blankly when ...
How online dating made me better at threat modeling Isaiah Sarju Isaiah Sarju uses online dating sites such as Tinder and OkCupid. At times this seems ...
Social Engineering At Work – How to use positive influence to gain management buy-in for anything April C. Wright Do you understand how to navigate office politics and regularly get what you want and ...
Red Mirror: Bringing Telemetry to Red Teaming Zach Grace Providing impact and insights on a red team engagement is crucial to improving the security ...
Goodbye Obfuscation, Hello Invisi-Shell: Hiding Your Powershell Script in Plain Sight Omer Yair “The very concept of objective truth is fading out of the world. Lies will pass ...
Bug Hunting in RouterOS Jacob Baines RouterOS is the “operating system” that router manufacturer Mikrotik built on top of Linux for ...
Ham Radio 4 Hackers Eric Watkins , Devin Noel Introduction into the basics of Radio Frequency (RF). Why it's important to get licensed, better ...
Two-Factor, Too Furious: Evading (and Protecting) Evolving MFA Schemes Austin Baker , Dough Bienstock Multifactor authentication is often the first (and too often, the last) line of defense against ...
Cloud Forensics: Putting The Bits Back Together Brandon Sherman Cloud computing security response is no different to servers racked in a regular datacenter, except ...
Breaking Into Your Building: A Hackers Guide to Unauthorized Access Tim Roberts , Brent White During this presentation, we’ll discuss proven methods of bypassing popular physical security controls and employees, ...
Getting Control of Your Vendors Before They Take You Down Dan Browder With cloud services now a normal part of business how does your organization handle being ...
IoT: Not Even Your Bed Is Safe Darby Mullen During this talk we will discuss the tips, tools and techniques needed to identify and ...
Killsuit: The Equation Group's Swiss Army knife for persistence, evasion, and data exfil Francisco Donoso Most researchers have focused on the Equation Group's brilliant exploits but very few researchers have ...
The making of an iOS 11 jailbreak: Kiddie to kernel hacker in 14 sleepless nights. Bryce "soen" Bearchell In December 2017,Google Project 0’s Ian Beer released an exploit for two iOS kernel bugs. ...
Cyber Intelligence: There Are No Rules, and No Certainties Coleman Kane We've built an intelligence-driven security operations program over the years, and would like to impart ...
Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation) Daniel Bohannon Skilled attackers continually seek out new attack vectors and effective ways of obfuscating old techniques ...
The MS Office Magic Show Stan Hegt , Pieter Ceelen In this talk we will explore a wide range of novel techniques that abuse Microsoft ...
Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests Tomasz Tuzel Over the last decade we have seen a rapid rise in virtualization-based tools in which ...
Getting Started in CCDC Russell Nielsen In my talk, I will be covering how to set up a test environment, what ...
On the Nose: Bypassing Huawei's Fingerprint authentication by exploiting the TrustZone Nick Stephens After hundreds of vulnerabilities disclosed and countless roots of smartphones the landscape of privilege separation ...
Living off the land: enterprise post-exploitation Adam Reiser You've compromised that initial server and gained a foothold in the target network: congratulations! But ...
Pwning in the Sandbox: OSX Macro Exploitation & Beyond Danny Chrastil , Adam Gold While performing red team engagements against a hybrid OSX/Windows environment we were challenged with creating ...
Changing Our Mindset From Technical To Psychological Defenses Andrew Kalat The majority of our Information Security defensive mindset is structured around technical weaknesses and issues. ...
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010 Gabriel Ryan Existing techniques for bypassing wired port security are limited to attacking 802.1x-2004, which does not ...
Hillbilly Storytime: Pentest Fails Adam Len Compton Whether or not you are just starting in InfoSec, it is always important to remember ...
IOCs Today, Intelligence-Led Security Tomorrow Katie Kusjanovic , Matthew Shelton With the advent of STIX 2.x and the ever-increasing evolution of TIP technologies, TI analysts ...
Ridesharks Kaleb Brown Ridesharing and the gig economy are the future of DIY work and resource sharing. How ...
Threat Hunting with a Raspberry Pi Jamie Murdock Raspberry Pi's are being used more and more. This talk will cover how to utilize ...
M&A Defense and Integration – All that Glitters is not Gold Jason Morrow , Sara Leal So your enterprise bought a new bright and shiny – now what? I bet their ...