The following is a list of presentations, speakers and abstracts with each talk title linking to the Youtube recording.
Keynote: Hello World – Ian Coldwater – @IanColdwater
I can has Linux? – Fynn Fabry – @shark_general
So you always wanted to use Linux but you are not quite confident enough to take the leap? No problemo. In this introduction we will skip the installation – mainly because Ubuntu neatly guides you through that anyway – and go straight for the jugular:
Navigating around the OS with a terminal, using a package manager and performing simple maintenance/fixing attempts. These skills have one thing in common: If you are an average user and nothing breaks, you won’t need them. But guess what – being an average user is boring. Understanding these things will not only give you the power to fix your Linux when something (simple) breaks, it will also be your foundation to manage remote systems and, well, hack them.
Reversing 101 for CTFs – Savino Jossi – @savinojossi
CTFs are already stressful enough and reverse engineering is a scary topic, even for seasoned hackers. This talk tries to demystify these challenges and enable attendees to snatch those high scoring flags without having to study the Intel assembly manual or keep a gdb cheat sheet open.
I will focus on methodologies on how to approach a reversing challenge, how to do basic reconnaissance on the challenge and quickly sniff out a simple keygen that’s binary patchable (with simple steps) and leave the ROP chains to the exploit devs. But with laying the groundwork it won’t be a big step up anymore since that already builds some confidence in navigating assembly listings and using debuggers and stack overflows are just a small concept to learn after that.
The Life of an Apprentice in an Enterprise SOC – Luke O’Brien – @_lmob & Harrison Whyton
A joint perspective on how vital apprenticeships are to the cyber security community in the UK. As the SOC manager I will give my breakdown on how useful I have found having an Apprentice as part of the team. Harrison will give his thoughts on how he has found working in a frontline enterprise SOC.
Setting up a Virtual Pentesting Lab with Vagrant – Hammerton Mwawuda – @h_mwawuda
Vagrant is an opensource software used for building and maintaining portable virtual software development environments. With the use of Vagrant we can easily set up Metasploitable3 on Linux box and have two virtual machines to practise pentesting on. A vulnerable Windows 2008 and a vulnerable Ubuntu 14.04.
Stuff I Wish I’d Been Taught in Linux 101 – TC Johnson – @tc_johnson
Tab complete, sudo !!, history recall, emulator vs shell, PS1 customization — all this and more makes up the things I wish had been a chapter of the curriculum for the Linux 101 class I took in my early journey in infosec. This talk will be intended to answer some of those questions of, “How did you just _____” that people might be too afraid to ask in fear of a reputation impact.
Threat Intelligence 101 – Daniel Gordon – @validhorizon
The talk is intended to give attendees an introduction to Cyber Threat Intelligence. The talk gives a brief overview of threat intel by giving it a definition then diving deeper into some subsections. The subsections include 1) hunting and over-the-horizon detections 2) developing effective sharing relationships and processes 3) advising decision-makers, network defenders, and partners of risks to support changes or courses of action 4) identifying a campaign/group of activity also known as building a model of an attacker.
The Pentester Blueprint – A Guide to Becoming a Pentester – Phillip Wylie – @PhillipWylie
Pentesting has become a much sought-after job by people in IT, InfoSec, or those just trying to get into the industry. In this presentation, Phillip Wylie shares the blueprint for becoming a pentester. The presentation combines Phillip’s experience as a pentester and ethical hacking instructor to give attendees a guide on how to pursue a career as a pentester. Phillip shares what has worked for his students and people that he has mentored over his years as a pentester. This presentation covers the knowledge and skills needed to become a pentester as well as the steps to achieve them.
A suite of non-technical ‘lessons learned’ from my time in IT and infosec to highlight skills and steps a beginner to infosec can take in order to enhance and grow in the field. Most of these items are things I’ve either learned ‘the hard way’ through experience, and/or things I didn’t realize the importance/significance of starting out. Having someone present these ideas and suggestions to enhance the nontechnical aspects of infosec work would have greatly helped me as I started my infosec career. Knowing skills to focus on, mindsets and approaches that are helpful in infosec, and things to think about early on I believe would help further new persons along infosec, and give them a “leg-up,” providing insights starting out that have come from 5+years of experience of the speaker.
Open Source Intelligence: A Usually Reliable Source – Brett Sammis
Open Source Intelligence (OSINT) is an essential tool for both red & blue cybersecurity teams (and everywhere in between). We will cover some of the challenges and critical skills involved to learn how OSINT is so much more than “just Google it.” We will cover technical obstacles as well as the legal and ethical issues in the age of increasing privacy awareness. For our hands on section, we will explore the power of Google’s advanced search page as well as search modifiers on other search engines.
Talk the talk! Information-security jargon – Dorothea Salo – @LibSkrat
When is the CIA not the CIA? When it’s an information-security model! What’s a red team, an IPS, a backdoor? If somebody exfiltrates your data, is that bad? Can they do that with a trojan? Like any specialized field, infosec has its own vocabulary. Learn a little of it in a quick low-stakes, no-prerequisites talk.
Modern TCP/IP, simplified – Ryan Castellucci – @ryancdotorg
There is a lot of material out there for learning about computer networking. Most of it focuses on being comprehensive. That certainly has its place, but a lot of that information has little bearing on what is widely in production today. This talk will answer the following (and more): How do computers talk to each other on the same network? How does one computer find another over the internet? What goes on behind the scenes when you open a web site in your browser? What is a VPN, and how is it different from a proxy? What does a modern corporate network look like? How can it go wrong? What is this “It’s always DNS!” meme that people keep posting?
Packet Analysis Using Wireshark – Ming Chow – @0xmchow
In this tutorial, attendees will learn the basics of packet analysis, looking at and understanding network traffic. Basics including network packet, the OSI model, and a PCAP file will be introduced. Attendees will then use Wireshark to reconstruct a conversation between two computers, extract pictures from a PCAP file, and extract credentials that were sent insecurely on a network –exactly what the Wall of Sheep team does.
Building Your Blue Team Arsenal – Jason Romero/glitch – @_glitchXR
In my talk, I will be giving an introduction to what a SOC is, what security analyst do, and what tools are typically used in a SOC to defend against attacks
Sysmon Deep Dive – Dusty Miller – @dustymmiller
Outline how to read and interpret Sysmon logs. Sysmon is a great tool for understanding what is truly going on in your Windows systems. A basic exploitation through a malicious word document, privilege escalation, and data exfiltration to show what Sysmon logs are generated and how to spot them.
Introductory Network Vulnerability Scanning – Tabitha Sable – @tabbysable
Network vulnerability scanning is a powerful but fragile tool for network defenders. To be meaningful, the results need to be interpreted in their full context: software vulnerabilities and exploitation, networking, the chosen vulnerability scanning tool, and the servers and applications being inspected. A well-functioning vulnerability scanning program is like a Roomba for yout network, finding obvious problems automatically so you can fix them sooner and spend more time on sophisticated stuff.
Identity and Access Management (IAM) for Newbies – C. Malia Tingler, CAMS – @IDAccessGoddess
Will go over the basics of Identity and Access Management and how it integrates with everyday life in both the security world and end user perspective.
Poking Web Apps – Chris Elgee – @chriselgee
Web applications are a cornerstone of Internet functionality. From searches to games, they’re so pervasive that we tend not to even notice them. In this session, we’ll look at various web apps, basic HTTP/web communications, and learn about defending them by practicing a few attacks. Students will only need their web browser and the command line to play along.
Social Engineering is both the easiest and hardest part of the wider security field to enter; easy in that it doesn’t always require lots of technical knowledge, and hard because it can be absolutely terrifying to start. As someone who knows this feeling, works in the field, and has been forced to make it up as they go (with a little help from some amazing people), I’d like to talk a bit about lessons learned as I began my journey.