HackinParis 2019 June 19, 2019 to June 20, 2019, Paris, France

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
SOCIAL FORENSICATION: A MULTIDISCIPLINARY APPROACH TO SUCCESSFUL SOCIAL ENGINEERING Joe Gray This presentation outlines a new twist on an existing social engineering attack. In the past, ...
CRACKING THE PERIMETER WITH SHARPSHOOTER Dominic Chell This talk describes opensource tooling for generating advanced payloads to be used during red team ...
DPAPI AND DPAPI-NG: DECRYPTING ALL USERS’ SECRETS AND PFX PASSWORDS Paula Januszkiewicz Come to the session and see our second discovery about how to decrypt SID-protected PFX ...
WHOAMI /PRIV - SHOW ME YOUR PRIVILEGES AND I WILL LEAD YOU TO SYSTEM Andrea Pierini On Windows systems, users can be given special privileges. Some of these, if appropriately abused ...
INTRODUCTION TO IOT REVERSE ENGINEERING WITH AN EXAMPLE ON A HOME ROUTER Valerio Di Giampietro Introduction to firmware reverse engineering process of IoT devices. The process, described with an example ...
WHO WATCHES THE WATCHMEN? ADVENTURES IN RED TEAM INFRASTRUCTURE HERDING AND BLUE TEAM OPSEC FAILURES Mark Smeets In this talk we explain our approach for red team infrastructure herding and using that ...
BMS IS DESTROYED BY "SMART BUTTON" Egor Litvinov Nowadays, there are a lot of different automation systems to reduce operating costs in modern ...
ALL YOUR GPS TRACKERS BELONG TO US Chaouki Barre Specific test-beds have been implemented to characterize the entry point for an attacker and the ...
EXPLOITS IN WETWARE Robert Sell Social engineering is now used in most attacks. This talk goes over both the statistics ...
YOU « TRY » TO DETECT MIMIKATZ Vincent Le Toux Mimikatz is a hacking tool made by Benjamin Delpy. The mimikatz name by itself is ...
IRONPYTHON... OMFG Marcello Salvati What if I told you that everything PowerShell does can also be done with Python–while ...
SNEAKING PAST DEVICE GUARD Philip Tsukerman DeviceGuard is the newest application whitelisting feature in Windows 10. I will dive into the ...
USING MACHINES TO EXPLOIT MACHINES - HARNESSING AI TO ACCELERATE EXPLOITATION Guy Caltum Imagine yourself looking through a myriad number of crash dumps trying to find that one ...
ABUSING GOOGLE PLAY BILLING FOR FUN AND UNLIMITED CREDITS! Guillaume Lopes The Google Play Billing API is vulnerable by design and allows an attacker to bypass ...
RHME3: HACKING THROUGH FAILURE Ben Gardiner , Colin Beverley Conference talks often position themselves as a way to show off hacking successes. Lacking from ...
IN NTDLL I TRUST - PROCESS REIMAGING AND ENDPOINT SECURITY SOLUTION BYPASS Eoin Carroll The Mitre Att&ck framework defense evasion techniques such as Process Hollowing and Process Doppelganging exploit ...