Latest News and Updates about SHAKACON 4.0:
March 20th, 2012:
Training course details have been published as well as registration information for the conference and the training courses. We’re still going through all of the speaker submissions and will publish the selected speaker list once we have decided on which speakers will be presenting. Stay tuned!
January 1st, 2012:
Once again we're excited to bring another unique training and conference event to Hawaii and as such have started the process early this year.
What: The most amazing conference in the Pacific.
Where: Neal Blaisdell Center, Honolulu HI.
When: June 18-21.
Contact Us:
For more information shoot us an email: info@shakacon.org
Diamond Sponsor:
Platinum Sponsor:
Gold Sponsor:
Silver Sponsor:
Founding Sponsor:
Conference Registration:
Register for conference here.
Training Course Registration:
Forensics and Incident Response by Gary Golomb and Kris Harms - 2 Day Course
Teensy Programming for Everyone by Nikhil Mittal - 2 Day Course
Application Security Training Class by Jared DeMott - 2 Day Course
Cyberwar: Using The Techniques and Tactics of Advanced Persistent Threat In Penetration Tests by Joe McCray - 2 Day Course
Secure Web Application Development Training Class by Jim Manico - 2 Day Course
Locking Picking and Physical Security by Deviant Ollam - 1 Day Course
Targeted malware analysis: It's not that complicated. by Kent Backman - 1 Day Course
For more information shoot us an email: info@shakacon.org
Call For Papers:
The CFP will be released on 02/10/12.
Contact Us:
For more information shoot us an email: info@shakacon.org
| Speaker | Bio | Title | Summary |
| Adam Ely | Adam Ely is the CISO of the Heroku business unit at Salesforce. Previous to Salesforce, Adam led security operations, application security, and compliance for TiVo where he was responsible for all risk management and technical security functions. Prior to TiVo, Adam led security functions within The Walt Disney Company and was responsible for security operations and application security of Walt Disney web properties including ABC.com, ESPN.com, and Disney.com. Adam was named one of the top 25 security influencers to follow in 2012 for his industry contributions. | The Cloud and You: A Love Story | Businesses have a love affair with the cloud. We in security love the innovation but aren't always ready to jump in due to risk. Like many couples dating, we're trying to get to know each other but don't know the right questions to ask, the true risks, and how to test the waters. I'll pull back the covers and reveal how to work with cloud providers, test them, and how to manage risk for a proper relationship moving forward. |
| Anthony Gelish | Anthony Gelish, a Lead Associate at Booz Allen Hamilton, earned his Master’s Degree in Systems Management, Technology, from the University of Southern California, Viterbi School of Engineering, Institute of Safety and Systems Management in 1982, and his Bachelor’s degree in Business Administration, with a Minor in Philosophy, from Loyola University of Chicago – Lewis Towers Campus in 1972. He is a Certified Functional Continuity Professional, Fellow in the American College of Healthcare Executives (FACHE - recertified), and a Certified Professional Logistician (CPL) in the Society of Logistics Engineers. He is a member of Booz Allen Cyber Technology Team. Currently Mr. Gelish is supporting US Pacific Command, Command Surgeon’s Office, J07, as an Infectious Disease Risk Analyst for Operations. Previously, he supported the University of Hawaii – Hilo, College of Pharmacy, Center for Medicare and Medicaid Services (CMS), Office of the National Coordinator (ONC), Health Information Technology (HIT) Beacon cooperative agreement project. | What Do You Know You Know, What Do You Know You Don’t Know, and What Don’t You Know You Don’t Know?: An Update on Business Continuity Planning Threats, Vulnerabilities, Impacts, and Risk |
Participants will be exposed to concrete threat and vulnerability examples relevant to Hawaii for each of the 18 Critical Infrastructure sectors: PRODUCTION INDUSTRIES: Energy; Chemical; Nuclear Reactors, Materials and Waste; Critical Manufacturing; Defense Industrial Base; Dams. SUSTENANCE AND HEALTH: Agriculture and Food; Water; Public Health and Healthcare. SERVICE INDUSTRIES: Banking and Finance; Transportation; Postal and Shipping; Information Technology; Communications; Commercial Facilities. FEDERAL AND STATE: Government Facilities; Emergency Services; National Monuments and Icons. With the threats and vulnerabilities as context the participants will learn about an analytical approach to a more objective assessment of risk they can apply to their own Business Continuity Planning. |
| Babak Javadi |
Babak Javadi is a hardware hacker with a wayward sprit. His first foray into the world of physical security was in the third grade, where he received detention for describing to another student in words alone how to disassemble the doorknob on the classroom door. After years of immersion in electronics and computer hardware hacking, he found his passion in the puzzling and mysterious world of high security locks and safes. After serving as a driving force within the locksport community for almost a decade and helping found the US division of The Open Organisation of Lockpickers, he has recently re-embraced the beauty of the baud and resumed hardware hacking with a vengeance. He currently serves as the President of the US group of The Open Organisation of Lockpickers (TOOOL) and is the founder of The CORE Group, a leading security research and consulting firm. |
4140 Ways Your Alarm System Can Fail | Alarm systems and panels were designed before the prevalence of wireless technology and communicate with a proprietary protocol over a two-wire data bus. This bus was designed for use between alarm panels, keypads and zone expanders. However this has now been extended to allow the system to communicate with wireless sensors. Unfortunately, little research has been performed regarding these systems, and operational information about them is scarce and often incorrect. This presentation will demonstrate several classic vulnerabilities of alarm installations and then present several new techniques for reducing the effectiveness of the alarm system. |
| Dan Guido | Dan Guido leads the strategic vision for Trail of Bits products and services and manages its day-to-day operations. His most recent research applied intelligence-driven defense to mass malware and demonstrated that, contrary to popular belief, only a very small number of vulnerabilities are used in such massive exploitation campaigns. Prior to Trail of Bits, Dan was a Senior Security Consultant at iSEC Partners where he provided application security and incident response services to a wide variety of clients in the technology, finance, and media industries. Previously, Dan has worked for the Federal Reserve System where he proposed and developed a centralized function for threat intelligence; a team that used its expert knowledge of attacks in the wild to develop sophisticated, enterprise strategies to mitigate them. In addition to his professional work, Dan is a Hacker in Residence at NYU: Poly where he oversees student research and teaches classes in Application Security and Vulnerability Analysis, the two capstone courses in the NYU-Poly security program. | Mobile Exploit Intelligence Project | As organizations look to deploy larger numbers of mobile devices over this year, there is widespread disagreement in the security industry over which platforms are more secure, what mobile security measures are effective, and what the greatest risks of these platforms are. At the same time, the mobile malware community, while still in its infancy, is developing rapidly and several successful attacks have been executed against iOS and Android in the last year. In this talk, we demonstrate an intelligence-driven approach to mobile defense, focused on attacker capabilities and methods, with data collected from past remote attacks and jailbreaks against Android and iOS. |
| Daniel Blander |
Daniel Blander is a highly experienced and recognized information risk management professional with over 20 years of experience that includes clients in six continents. Mr. Blander focuses on information security and risk management, business continuity planning, IT governance, operational design, process improvement, and organizational leadership. He has built comprehensive security and information risk management organizations. He has provided guidance on applicable regulatory compliance such as PCI, HIPAA, HITECH, Sarbanes-Oxley, GLBA, US and EU privacy regulations, as well as ISO 27001 and NIST standards. His knowledge and experience spans diverse industries such as Banking & Financial, Healthcare, Retail, Hospitality, Real Estate, Manufacturing, Airline, Service and Entertainment. Daniel was nominated in 2008 as Information Security Executive of the Year for the West by the Executive Alliance. |
So You Want to be the CSO | Do you have a CSO who seems disconnected from his team? Is your Security Manager struggling to get attention and budget from upper management? Do the users seem completely oblivious and unwilling to get on the security bandwagon? This talk presents case studies on how we can better work within our organization's to become Security Leaders and successfully integrate security into the culture of an organization |
| Deviant Ollam | While paying the bills as a security auditor and penetration testing consultant with his company, The CORE Group, Deviant Ollam is also a member of the Board of Directors of the US division of TOOOL, The Open Organisation Of Lockpickers. Every year at DEFCON and ShmooCon Deviant runs the Lockpicking Village, and he has conducted physical security training sessions at Black Hat, DeepSec, ToorCon, GovCERT, AusCERT, HackCon, ShakaCon, HackInTheBox, CanSecWest, ekoparty, and the United States Military Academy at West Point. His favorite Amendments to the US Constitution are, in no particular order, the 1st, 2nd, 9th, & 10th | Keys to the Kingdom | Would it surprise you to learn that many of the most popular and effective attacks against mechanical locks do not employ pick tools at all? Something as innocuous as blank keys themselves can be used as implements of entry... and WITHOUT the benefit of a professional key-cutting machine or access to the WORKING key to a particular door. But how many of you have tried impressioning? How many of you have decoded a master key to escalate your privileges within a given system? This talk will show what can be accomplished with a blank key, a file, along with simply some time and dedication. You might be surprised at how vulnerable you are, and how innocent an attacker and their tools might appear! |
| Deviant Ollam | While paying the bills as a security auditor and penetration testing consultant with his company, The CORE Group, Deviant Ollam is also a member of the Board of Directors of the US division of TOOOL, The Open Organisation Of Lockpickers. Every year at DEFCON and ShmooCon Deviant runs the Lockpicking Village, and he has conducted physical security training sessions at Black Hat, DeepSec, ToorCon, GovCERT, AusCERT, HackCon, ShakaCon, HackInTheBox, CanSecWest, ekoparty, and the United States Military Academy at West Point. His favorite Amendments to the US Constitution are, in no particular order, the 1st, 2nd, 9th, & 10th | Physical Security on the Front Lines | This talk gives a look at some of the more novel ways that people can gain rapid entry using cursory tactics, many of which ignore lock cylinders entirely! As always, tactical and military analogies will be employed to make direct connections between INFOSEC and any other engagement where assailants must be kept at bay for as long as possible using the resources you have available. Remember the "Three R’s" of Physical Security? How about the "Three B's" of tactical defense? If you don’t, you’ll learn them this time. |
|
James Ochmann Dwayne Yuen Jason Tsang |
James Ochmann is a Consultant with Secure DNA Consulting whose first major project was a Stuxnet presentation. He is a graduate student at the University of Hawaii studying Electrical Engineering with a focus on computers. He is a member of the Greyhats, a student organization dedicated to security issues. He has a lifelong interest in technology and security and is currently doing research on the Tor anonymous routing network for his master's thesis. Dwayne Yuen is a Consultant with Secure DNA Consulting. He is a member of the University of Hawaii at Manoa's Greyhats, a registered independent organization whose interests involve information technology and security, pursuing projects such as honeypot deployment or participation in cyber defense competitions. He is currently pursuing his Master's in Electrical Engineering at the University of Hawaii, researching an algorithm for solving the maximum clique graph problem for his thesis. He has also been involved in researching architectural vulnerabilities in the open source free speech driven Freenet network protocol. Jason Tsang is a Consultant with Secure DNA Consulting. He is a member of the University of Hawaii at Manoa's Greyhats, pursuing projects such as honeypot deployment or participation in cyber defense competitions. He has a strong interest in forensics and malware analysis with applications to virtualization research. |
Surfing with Sharks | Drive-by-malware sites are the most prevalent attack vector for spreading viruses on the Internet today. Cybercrime has grown in size and sophistication in the past few years, with larger and more resilient botnets leading to record levels of spam, credit card theft, and banking fraud. Today we’ll provide an inside look into the modern malware industry: how online criminals leverage vulnerable web applications, ads, and search engine poisoning to funnel traffic to drive-by-malware sites; the commercialization of exploit kits and bot packs and their role compromising everyday users; and just how easy it is to purchase and setup your own botnet. Highlighting the talk will be live demonstrations of one of the most popular exploit kits still in use today, the notorious BlackHole exploit pack responsible for more than 95% of all malicious URL infections in 2011. |
| Jason Haddix | Jason Haddix is the Director of Penetration Testing at HP and develops and trains internal candidates on the mobile penetration testing team. He also has done several trainings for web application hacking and network penetration testing. | iOS Security and Penetration Testing | In contrast to Android applications written in a language like java, Objective-C, the iOS runtime, and the vulnerabilities baked into the platform are a new area for auditors, QA, and pentesters. I will present some of these vulnerabilities through both the lens of blackbox and whitebox testing, illustrating dynamic testing techniques and static review techniques, as well as the tools used for these techniques. |
| Jeremiah Grossman | Jeremiah Grossman is the Founder and Chief Technology Officer of WhiteHat Security, where he is responsible for Web security R&D and industry outreach. Over the last decade, Mr. Grossman has written dozens of articles, white papers, and is a published author. His work has been featured in the Wall Street Journal, Forbes, NY Times and hundreds of other media outlets around the world. As a well-known security expert and industry veteran, Mr. Grossman has been a guest speaker on six continents at hundreds of events including TED, BlackHat Briefings, RSA, SANS, and others. He has been invited to guest lecture at top universities such as UC Berkeley, Stanford, Harvard, UoW Madison, and UCLA. Mr. Grossman is also a co-founder of the Web Application Security Consortium (WASC) and previously named one of InfoWorld's Top 25 CTOs. He serves on the advisory board of two hot start-ups, Risk I/O and SD Elements, and is a Brazilian Jiu-Jitsu Black Belt. Before founding WhiteHat, Mr. Grossman was an information security officer at Yahoo! | When Headlines Meet Metrics: Connecting the Dots | We've seen the headlines: Citigroup, Sony, PBS, Sega, Nintendo, Gawker, AT&T, the CIA, the US Senate, NASA, Nasdaq, the NYSE, Zynga, and others all have had websites compromised. No company is immune, regardless of industry. The stories are the same with millions of lost credit-card numbers, millions of personal information records exposed, and gigabytes worth of intellectual property stolen. The net result comes to corporate losses in the hundreds of millions, sharp stock price declines, lawsuits, fines and costly downtime. Now the question becomes, what can be done about it? In this presentation Jeremiah Grossman, founder and CTO at WhiteHat Security, will discuss vulnerability assessments results performed across hundreds of organizations on thousands of the Internet's most important websites -- a process designed to identify the very same issues the bad guys routinely exploit. By mapping this volume of data against the high-profile breaches, we can learn how an organization ranks relative to their peers in the same industry. We're also able to compare the characteristic of highly secure websites versus the highly vulnerable so we can identify the business practices that work best. Ultimately, the answer to the software security question can be found through metrics. By carefully tracking and analyzing metrics, very particular key performance indicators (KPIs), an organization can determine where resources would be best invested. |
|
Jim Manico Matt Johansen |
Jim Manico is the VP of Security Architecture for WhiteHat Security where he delivers secure coding education. Jim is also the committee chair of the OWASP Connections Committee and is a significant contributor to various OWASP projects. Jim works on the beautiful island of Kauai, Hawaii where he lives with his wife Tracey. Matt Johansen is the Manager of the Threat Research Center at WhiteHat Security where he oversees 80+ web hackers maintaining and performing assessments on 7000+ websites. |
Web Security Attack and Defense | This talk will present a fast-paced wide-range of web application security vulnerability categories from both an attack and defense perspective. The presenters will illustrate the specific vulnerabilities, demonstrate a variety of different exploitation techniques, and then demonstrate developer-centric defense methods to stop said attacks deep in code. This same method will be used evaluate several real-work hacks from 2011 and 2012. Not only will we analyze some recent and devastating real world web application hacks, but we will also explain how they could have been stopped via defensive coding techniques. |
| Jimmy Shah | Jimmy Shah is a Mobile Security Researcher specializing in analysis of mobile/embedded threats on existing platforms (J2ME, Symbian, Windows Phone, iOS, Android) and potential mobile malware and spyware. If it's lighter than a car, has a microprocessor, and is likely to be a target it's probably his problem. He has presented on mobile threat research at a number of computer security conferences. | Isn't it all just SMS-sending trojans?: Real advances in Android Malware | Attackers are starting to move on from simple attacks, mainly because users are starting to figure out that the free adult entertainment or chat app shouldn't be sending SMS messages to expensive numbers. They're leveraging techniques from PC malware like server-side polymorphism, vulnerability exploits, botnets and network updates, and preemptive/direct attacks against security software. |
| Jonathan Brossard | Matt Johansen is the Manager of the Threat Research Center at WhiteHat Security where he oversees 80+ web hackers maintaining and performing assessments on 7000+ websites. | Hardware backdooring is practical. | This presentation will demonstrate that permanent backdooring of hardware is practical. We have built a generic proof of concept malware for the Intel architecture, Rakshasa, capable of infecting more than a hundred of different motherboards. The first net effect of Rakshasa is to disable NX permanently and remove SMM related fixes from the BIOS, resulting in permanent lowering of the security of the backdoored computer, even after complete erasing of hard disks and reinstallation of a new operating system. We shall also demonstrate that preexisting work on MBR subversions such as bootkiting and preboot authentication software bruteforce can be embedded in Rakshasa with little effort. Moreover, Rakshasa is built on top of free software, including the Coreboot project, meaning that most of its source code is already public. This presentation will take a deep dive into Coreboot and hardware components such as the BIOS, CMOS and PIC embedded on the motherboard, before detailing the inner workings of Rakshasa and demo its capabilities. |
| Kent Backman | Kent Backman is an avid electronics and operating system tinkerer with skills honed through operating Fortune 500 company web servers, giant research telescopes and deep oceanographic instruments. In his independent research, Kent always breaks things but rarely finds any vulnerabilities. In his day job as a cyber-security consultant, Kent characterizes established and emerging APT actors and analyzes their tools. His many years of front-line APT experience inform his current practice and his contributions as co-author of Hands-On Ethical Hacking and Network Defense, 2nd Edition. | The Dalai Lama, Advanced Persistent Threat and the Great Whitehat Taboo. | In this talk, Kent will discuss what two years of "ethically sniffing" a Tor exit node has revealed about large scale email exploitation campaigns targeting Tibetan dissident exiles, democracy advocates and others working around the world to counter systematic human rights abuses. Also covered will be touchy ethical issues on sniffing anyone's traffic, how these ethical issues were overcome for the duration of this project, what the Tor-leveraged email exploitation says about the state of Internet email security and even your email account, and what you can do about it. |
| Kris Harms | Kris Harms is a Principal Consultant at Mandiant with nine years’ experience in information security. Kris has extensive experience investigating and resolving high risk computer intrusions. He has responded to intrusions for Fortune 100 companies, e-commerce sites and financial institutions. He has also supported multiple counter-intelligence intrusion investigations for several government entities. He is a published author, frequent industry speaker, and has appeared on CBS's 60 Minutes, PBS's Wealth and Wisdom and frequently quoted in printed and online publications. | Practical Personal Computer Security (Turbo Talk) |
If you deal with any of the following, this turbo talk is for you. 1. Frequent virus infections 2. Stealth ninja's using zero days on your browser 3. Too many passwords 4. Randomly blurting out your Gmail password at Zippy’s 5. Constantly running to Auntie's house to fix her computer We will cover some practical and some less practical but still cool things you can do to keep your home computer safe. (Windows Focused) |
| Kris Harms | Kris Harms is a Principal Consultant at Mandiant with nine years’ experience in information security. Kris has extensive experience investigating and resolving high risk computer intrusions. He has responded to intrusions for Fortune 100 companies, e-commerce sites and financial institutions. He has also supported multiple counter-intelligence intrusion investigations for several government entities. He is a published author, frequent industry speaker, and has appeared on CBS's 60 Minutes, PBS's Wealth and Wisdom and frequently quoted in printed and online publications. | Talking Story on Security | How can I tell if the malware I found is APT or not? Does that even matter? When should I remediate after I've detected a breach? What’s the newest trick attackers are using, and what should I do about it? Is a traditional SOC architecture something I should be pursing for my network? These are fairly common questions. The answers to these and other common questions, taken live, might surprise you. This presentation will include interactive discussion (with some pictures) on the latest strategies and tactics of network attackers and defenders. Case studies will be presented, highlighting attack architectures, attacker resources, and why we keep losing. No topics are off limits, so bring your tough questions. |
| Mathew Rowley | Mathew Rowley is a security consultant for Matasano Security with over 6 years’ experience as a computer security professional. His experience includes reverse engineering, mobile security, web application security assessment, network security, fuzzing, and application development. | How we tear into that little green man | Mobile applications are a part of every persons, and every organizations life. The potential for internal compromise is extremely high in relation to mobile applications due the common architecture that relies on a backend server. It is difficult to understand how easy it is to reverse engineer and modify mobile application unless you do it on a daily basis. In turn, it is difficult to realize what vulnerabilities exist within mobile applications, the backend servers accompanying those applications, and what compromises can take place. This talk focuses on helping security experts and mobile developers understand how attackers reverse engineer mobile applications, what an attacker has access to, and how easy it is to circumvent local security implementations. Attendees will be shown real world applications, how the applications security was circumvented, and what consequences occurred. This talk will give insight to security professionals and developers how a malicious user will reverse engineer their applications and how to prevent those attacks. Finally, a new tool to simplify reverse engineering of Android applications will be made available to those who attend the talk and open sourced. |
| Monzy Merza | Monzy Merza is a Security Practitioner at Splunk, Inc. He has over 10 years of experience in the development and integration of security tools, and implementing security infrastructures for distributed enterprises. His experience includes, conducting large scale penetration campaigns, security product testing and evaluation and security tools development. Monzy's research is focused on integrated approaches to human driven and automated responses to advanced cyber-attacks. He holds a Bachelors Degree of Science in Psychology with a minor in Computer Science from the University of New Mexico. | Threat Detection Via MetaCharacteristic Analysis of Machine Data | Meta-Characteristic Analysis is a source agnostic, detection approach for unknown attacks that relies on event data to detect cyber threats. This approach does not rely on any traditional IPS/IDS signatures. We utilize simple measures such as event shape (length and punctuation), event frequency, and event affinity (shape correlation with event artifacts) on sources such as email logs, registry keys and system files (among others). Using publicly published breach reports as examples, we demonstrate how meta-characteristics analysis detects the disclosed threat or exfiltration path. We will show that this strategy can be used to detect a wide range of unknown attacks, persistence mechanisms and exfiltration channels. |
| Renaud Lifchitz | Renaud Lifchitz is a French computer security engineer. He has a solid penetration testing background and he is currently mainly delivering training courses and assisting his customers in their security needs. His main interests are protocol security (authentication, cryptography, protocol security, information leakage, zero-knowledge proof, RFID security) and number theory (integer factorization, primality tests, elliptic curves). | Hacking the NFC credit cards for fun and debit | MasterCard and Visa are currently releasing new contactless credits cards worldwide. Payments can become faster, simpler and easier but are they becoming more secure? We have worked on such cards and found nearly no security. Partial card cloning and unsolicited payments are possible. The talk will also deal with privacy concerns and risks for the cardholder himself. |
2 Day Training Courses:
Forensics and Incident Response
Register for this class
In every industry, preventative security measures have been failing. Many incidents go undiscovered for years, only to be revealed long after the damage has been done. Detection and response capabilities are now the new measure of an organizations security posture. This Forensics and Incident Response class is truly unique in its depth and approach to covering the entire incident lifecycle. We will cover the latest techniques, tricks, tips and processes used by top network defenders to achieve zero knowledge detection against the most advanced adversaries (nation state sponsored threats, organized crime etc). The class will be framed around lively discussion on some of the most active adversaries, and reinforced by labs throughout. If you are part of an under-resourced SOC, CERT or simply a one man defensive unit, this class has been built with you in mind!
About Gary and Kris:
Gary Golomb (Netwitness Senior Researcher) Gary is a Lead Research and Development Engineer at NetWitness Corporation where he has focused on reverse engineering and advanced pattern isolation and detection algorithms in executables, host processes, and network traffic. He has previously served as the founder of Proventsure (acquired by NetWitness), Director of R&D for the Dragon IDS at Enterasys Networks, and lead IT Forensics Investigator for the George Washington University (GWU). Mr. Golomb worked in the field of bioinformatics and proteomics, and developed an algorithm for identifying unknown proteins. Mr. Golomb served in the U.S. Marine Corps as a Recon Marine in a direct action platoon in the 2nd Force Recon Company and deployed internationally as part of the Special Operations team of the 24th Marine Expeditionary Unit.
Kris Harms (MANDIANT Consultant) Kris has spent a good portion of his career doing one of two things. Responding to high risk intrusions, or teaching others how to do it so he doesn't have to keep getting on planes. Throughout his 9 year career in security, he has responded to organized crime breaches at financial institutions and retailers as well as a hefty amount of nation state sponsored attacks. Kris is a published author who has taught regularly at a variety of locations including Blackhat USA and the FBI Academy, as well as appeared on CBS's 60 Minutes and PBS's Wealth and Wisdom. He is a dynamic, entertaining and passionate instructor, now Hawaii resident, and amateur surfer.
Teensy Programming for Everyone by Nikhil Mittal
Register for this class
Breaking into systems is getting harder by day using traditional methods. As a penetration tester or a security administrator you should know what methods an attacker may use to compromise a system. The emphasis of this training will be on using Teensy which is a Human Interface Device. It is an Arduino board based device which can be programmed and used as a keyboard and mouse. Details about Kautilya will be discussed which is a toolkit developed by the trainer which eases the use of Teensy in Penetration Tests. The participants will learn about programming Teensy as per their need using Arduino and also to customize Kautilya. There will be lots of attack vectors, discussions, hands on and fun. We will break (at least) Windows 7 and Ubuntu in the class. Participants should be able to program their own devices after the training. This training aims to bring HID usage in Penetration Tests to masses.
Everyone who takes this class will get a free TEENSY device.
Topics
1. Introduction to Teensy
2. Basics of Arduino Development Environment
3. Installing and configuring ADE to use with Teensy
4. Understanding the basics of programming using ADE
5. Writing Hello World
6. Basic usage and programming of Teensy
7. Introduction to Kautilya
8. Demonstration of Payloads in Kautilya
9. Program and perform attacks on a Windows machine
10. Program and perform advanced attacks on a Windows machine
11. Program and perform attacks on Linux Machines
12. Program and perform advanced Attacks on Linux Machines.
13. Understanding structure of and automation using Kautilya
14. Understanding Integration of payloads in Kautilya
Prerequisites:
Basic understanding of any programming and/or scripting language could be helpful but not mandatory.
An open mind
System Requirements:
System with at least 2GB of RAM
Ability to run virtual machines/operating systems.
A Teensy++ 2.0 device (Provided)
Attendees will gain the following:
1. Understanding how an input device could be used to compromise systems.
2. Understanding of Teensy as an attack vector which could be most useful trick in a pen testers collection.
3. Realize that an Operating System can be used against itself and built-in tools and commands could be very useful during penetration tests.
5. Learning that how payloads for Teensy can be implemented using Kautilya.
6. Apply this knowledge to program their own devices as per their needs.
About Nikhil:
Nikhil Mittal is a hacker, info sec researcher and enthusiast. His area of interest includes penetration testing, attack research, defence strategies and post exploitation research. He has many years experience in Penetration Testing of many Government Organizations of India and other global corporate giants. He specializes in assessing security risks at secure environments which require novel attack vectors and "out of the box" approach. He has worked extensively on using HID in Penetration Tests and is creator of Kautilya, a toolkit which makes it easy to use Teensy in penetration tests. In his free time, Nikhil likes to scan full IP ranges of countries for specific vulnerabilities, does some vulnerability research and works on his projects. He has spoken/trained at Clubhack’10, Hackfest’11, Clubhack’11, Black Hat Abu Dhabi’11, Troopers’12, GrrCon’12 and Black Hat Europe’12.
Application Security Training Class by Jared DeMott
Register for this class
There are four technical skills required by security researchers, software quality assurance engineers, or developers concerned about security: Source code auditing, fuzzing, reverse engineering, and exploitation. All these skills and more are covered. C/C++ code has been plagued by security errors resulting from memory corruption for a long time. Problematic code is discussed and searched for in lectures and labs. Fuzzing is a topic book author DeMott knows about well. Mutation file fuzzing and framework definition construction (Sulley and Peach) are just some of the lecture and lab topics. When it comes to reversing C/C++ (Java and others are briefly discussed) IDA pro is the tool of choice. Deep usage of this tool is covered in lecture and lab. Exploitation discussions and labs are the exciting final component. You’ll enjoy exploiting BSD local programs to Win7 browsers using the latest techniques.
About Jared:
Jared DeMott is a PhD candidate at Michigan State University and a security researcher for Harris Crucial Security, Inc. He has spoken at security conferences such as Black Hat, Defcon, ToorCon, Shakacon, and DakotaCon. He is active in the offensive security community by teaching his Application Security course, and has co-authored a book on Fuzzing. Mr. DeMott has been an invited lecturer at prestigious institutions such as the United States Military Academy, and prior to Harris worked for the National Security Agency.
Cyberwar: Using The Techniques and Tactics of Advanced Persistent Threat In Penetration Tests by Joe McCray
Register for this class
Google, Sony, Lockheed Martin, several large financial institutions, several large oil companies, the stock market, and countless other large organizations have all targeted and systematically compromised by hackers commonly referred to as Advanced Persistent Threat (APT). These hackers, use an attack methodology focused on stealth, data collection, and persistence. This course picks up where the wildly successful "Advanced Penetration Tester: Pentesting High Security Environments" left off. Taking Intrusion Detection System (IDS) evasion, and Anti-virus bypass to the next level.
About Joe:
Joe McCray is an Air Force Veteran and has been in security for over 10 years. Joe has been involved in over 150 very high level pentesting assessments and has some major hacking accomplishments that he can share with his classes. His extensive experience and deep knowledge, mixed with his comedic style has lead Joe to be one of the most highly sought after speaking experts in the industry. Joe makes speaking appearances and gives seminars at major events in the security community such as Black Hat, DefCon, BruCon, Hacker Halted and more. Joe is the recipient of the 2009 EC-Council Instructor Circle of Excellence Award and the 2010 EC-Council Instructor of the Year Award. Joe is the founder and CEO of Strategic Security, Inc. an IT Security consulting firm that provides in-depth technical security assessments of your network, web application, and regulatory compliance gap analysis.
Secure Web Application Development Training Class by Jim Manico
Register for this class
This highly interactive, intensive 2-day class provides essential web application security training for web application software developers and architects. The class is a combination of lecture, hands-on security testing and code review. Participants will not only learn the most common threats against web applications, but more importantly they will learn how to also fix the problems via control-based defensive code samples and review. Topics such as Authentication, Access Control, Crypto, Cross Site Request Forgery, Cross Site Scripting, Injection Defense, Clickjacking Defense, Session Management and other topics will be addressed from a defensive point-of-view.
About Jim:
Jim Manico is the VP of Security Architecture for WhiteHat Security. Jim provides secure coding and developer awareness training for WhiteHat Security using his 8+ years of experience delivering developer-training courses for SANS, Aspect Security and others. Jim brings 16 years of database-driven Web software development and analysis experience to WhiteHat. A host of the OWASP Podcast Series, Jim is also the committee chair of the OWASP Connections Committee and is a significant contributor to various OWASP projects. Jim works on the beautiful island of Kauai, Hawaii where he lives with his wife Tracey.
1 Day Training Courses:
Locking Picking and Physical Security by Deviant Ollam
Register for this class
Physical security is an oft-overlooked component of data and system security in the technology world. While frequently forgotten, it is no less critical than timely patches, appropriate password policies, and proper user permissions. You can have the most hardened servers and network but that doesn't make the slightest difference if someone can gain direct access to a keyboard or, worse yet, march your hardware right out the door. This course will cover basic Pin Tumbler Locks in Doors, Deadbolts, & Padlocks Wafer Locks in Desks, Cabinets, & Access Panels Shimming & Decoding of Combination Locks Lock Bumping & Countermeasures Attacking Pick-Resistant Pins Secrets of Master Keyed Systems Quick Lock Bypassing Tactics An introduction to Key Impressioning.
About Deviant:
While paying the bills as a security auditor and penetration testing consultant with his company, The CORE Group, Deviant Ollam is also a member of the Board of Directors of the US division of TOOOL, The Open Organisation Of Lockpickers. Every year at DEFCON and ShmooCon Deviant runs the Lockpicking Village, and he has conducted physical security training sessions at Black Hat, DeepSec, ToorCon, GovCERT, AusCERT, HackCon, ShakaCon, HackInTheBox, CanSecWest, ekoparty, and the United States Military Academy at West Point. His favorite Amendments to the US Constitution are, in no particular order, the 1st, 2nd, 9th, & 10th.
Targeted malware analysis: It's not that complicated. by Kent Backman
Register for this class
Don't know much about assembly, Ollydbg, ROP, loops, branches and switches? No worries. This is malware analysis for the unprogrammer. This course shows you how to set up a safe analysis environment, and then go to town in analyzing recent malware used in actual targeted attacks. You may not need to know how the malware does what it does, but you do need to know what it does, in order to defend against it. That is what this course is about. Requires VM capable x64 laptop with Windows or Linux. All malware and virtual machines included
About Kent:
Kent Backman is an avid electronics and operating system tinkerer with skills honed through operating Fortune 500 company web servers, giant research telescopes and deep oceanographic instruments. As a cyber-security consultant Kent characterizes established and emerging APT actors and analyzes their tools. His many years of front-line APT experience inform his current practice and his contributions as co-author of Hands-On Ethical Hacking and Network Defense, 2nd Edition.