BRUCON 2018 Oct. 3, 2018 to Oct. 5, 2018, Ghent, Belgium

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Advanced WiFi Attacks using Commodity Hardware Mathy Vanhoef This talk explains how low-layer attacks against WiFi can be implemented by modifying the firmware ...
Hacking driverless vehicles Zoz Are driverless vehicles ripe for the hacking? Autonomous and unmannedsystems are already patrolling our skies ...
(Re)Investigating Powershell attacks Matt Kazanciyan At BruCon 2014, we presented “Investigating PowerShell Attacks” at what ended up being the precipice ...
Levelling Up Security @ Riot Games Mark Hillick In this talk, Mark will be discussing his 5+ years at Riot Games where the ...
Social engineering for penetration testers Sharon Conheady It’s 2018 and we can’t get enough social engineering. People are still falling for social ...
The 99c heart surgeon dilemma Stefan Friedli Let's assume you need heart sugery. I hope you don't, but let's just stick with ...
Keynote - When Lemon Markets, Imposter Syndrome & Dunning–Kruger collide ICS and IoT Village Haroon Meer A talk on why we struggle to secure organizations, or build useful security products (and ...
Reversing Industrial Protocols – Real World Use Cases (From zero to control in 10 minutes) Finding 0days in embedded systems with code coverage guided fuzzing Tijl Deneut XiaK (http://security.xiak.be/en) or Center of Expertise for Industrial Automation in Kortrijk, Belgium is a research ...
$SignaturesAreDead = “Long Live RESILIENT Signatures” wide ascii nocase Daniel Dunwoody Signatures are dead, or so we're told. It's true that many items that are shared ...
Finding 0days in embedded systems with code coverage guided fuzzing Quynh Jern Coverage guided fuzzing becomes a trending technique to discover vulnerabilities in powerful systems such as ...
All Your Cloud Are Belong To Us – Hunting Compromise in Azure Nate Warfield MongoDB, Redis, Elastic, Hadoop, SMBv1, IIS6.0, Samba. What do they all have in common? Thousands ...
Forging Trusts for Deception in Active Directory Nikhil Mittal Using Deception for defence in Active Directory is very fruitful. It makes it possible to ...
Disrupting the Kill Chain Vineet Bhatia Disrupting the Kill Chain is a defender’s approach to minimizing cyber-adversary access and success in ...
Hunting Android Malware: A novel runtime technique for identifying malicious applications Christopher Le Roy In this research, we propose a novel technique to identify malicious Android applications through the ...
Keynote - 5.256e+6 minutes in a decade ICS and IoT Village Daniel Cuthbert There are 5.256e+6 minutes in a decade, and in all of those minutes, a lot ...
Exploits in Wetware Operator Jail Breakout Robert Sell Robert discusses his third place experience at the Defcon 2017 SE CTF and how his ...
Operator Jail Breakout Frank Sarrazyn Operator stations are today one of the first systems/stations to interact with a distributed control ...
Outside the Box: Breakouts and Privilege Escalation in Container Environments Craig Stalmans Containers have quickly become a standard feature of most application and infrastructure stacks. The benefits ...
Dissecting Of Non-Malicious Artifacts: One IP At A Time Dani Naor For years and years, anti-malware solutions, across many levels of the network, have been assisted ...
IoT RCE, a Study With Disney Lilith Wyatt As desktop and server security keeps raising the baseline for successful exploitation,IOT devices are still ...
Mirror on the wall: using blue team techniques in red team ops Mark Smeets When performing multi-month, multi-C2teamserver and multi-scenario red team operations, you are working with an infrastructure ...
Process Control through Counterfeit Comms: using and abusing built-in functionality to own a PLC Jared Rittle Programmable Logic Controllers (PLCs) are devices that factories, office buildings, and utilities, among other facilities, ...