skip to main content

DEF CON Hacking Conference

Workshops Schedule


With new hotel space comes new opportunities, and I've wanted to try workshops and trainings for years but we've never had the room once we filled up the Rio. DEF CON is pleased to bring you free workshops, thanks to the trainers and speakers willing to help spread their knowledge.

The workshops are either 4 hours or 8 hours long with an hour break for lunch. Below is the current schedule of what's happening.

Interested? We will be pre-registering attendees, so please register here:
WORKSHOP REGISTRATION

WHEN: Friday, Saturday. 09:00 - 13:00 (Break) 14:00 to 18:00
WHERE: The 3rd floor of Ballys South tower, The Jubilee Tower. Las Vegas Ballrooms 1-7.
WHAT: Schedule and Descriptions below.

- The Dark Tangent -


Friday

09:00-13:00

14:00-18:00




Saturday

09:00-13:00

14:00-18:00



Workshop Details:


Embedded System Design: From Electronics to Microkernel Development 

Rodrigo Maximiano Antunes de Almeida Professor, Federal University of Itajubá

Las Vegas Ballroom 7
Saturday, 09:00 - 13:00 (Break) 14:00 to 18:00
Max class size: 40

The workshop consists of a introduction on the embedded systems design. At first part of the workshop we'll build a simple electronic embedded system design (microcontroller+LCD). This system will be used as target platform. Using this platform the low level side of C language as bit-wise operations, pointers to fixed memory addresses and microcontroller peripherals access will be presented. In the second part of the workshop a full embedded microkernel will be developed. Some programming structures and libraries will be coded by the presents to suit the low memory requirements of the embedded system. They will have a better understanding on the electronics-programming relationship and how these questions can impact on the kernel development. The attendants will get a deep knowledge in the kernel basic functions (processes scheduling, i/o drivers controller, etc) and its relation to electronics circuitry. Its recommended to bring your laptop to the practical activities.

Rodrigo is a professor at Federal University of Itajubá, where he earned a PhD by developing a safer real time operational system for low cost microcontrollers. He has 8 years working with embedded systems, developing projects both in home and electro-medical appliances. He teaches classes on electronics, microcontrollerers and embedded operational systems to electronic engineering students. His researches include topics on hardware development, firmware, RTOS security, microkernels and autonomous control systems. Rodrigo has presented on DEFCON, ESC and BSides conferences, mostly talking about embedded development and related security issues.

Violent Python

Sam Bowne Security Researcher

Las Vegas Ballroom 5
Friday, 09:00 - 13:00
Max class size: 50

Even if you have never programmed before, you can quickly and easily learn how to make custom hacking tools in Python. In hands-on projects, participants will create tools and hack into test systems, including:

  • Port scanning
  • Login brute-forcing
  • Port knocking
  • Cracking password hashes
  • Sneaking malware past antivirus engines
  • With just a few lines of Python, it's easy to create a keylogger that defeats every commercial antivirus product, from Kaspersky to FireEye.

Technical Requirements

Participants need a computer (Windows, Mac, or Linux) with VMware Player or VMware Fusion. USB thumbdrives will be available with Kali Linux to use. All the class materials are freely available on my Web page (samsclass.info) for anyone to use.

Prerequisite Knowledge

Participants should be familiar with basic networking and security concepts like TCP/IP and brute force attacks. Previous programming experience is helpful but not necessary.

Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at DEFCON, HOPE, BayThreat, LayerOne, and Toorcon, and taught classes at many other schools and teaching conferences.

He has these things: BS, PhD, CEH, CISSP, WCNA, and a lot of T-shirts.

Security Auditing Mobile App

Sam Bowne Security Researcher

Las Vegas Ballroom 5
Saturday, 09:00 - 13:00
Max class size: 50

Android apps are very insecure—-70% of the ones I’ve tested have vulnerabilities in the OWASP Mobile Top Ten. iOS apps have similar problems, but they are ten times less common, in my tests. It’s simple to test for common vulnerabilities with a few free tools: Android Studio, Genymotion, Burp, and apktool.

We will test for insecure network transmission, insecure local storage, and insecure logging. But the most common problem is failure to verify app signatures, so that apps can be modified and Trojan code can be added. Students will do that to a real financial app, creating a proof-of-concept that leaks out private data such as username and password.

Participants must bring laptops. Macs work best, but PCs can also be used. Linux works better than Windows. Students will set up their laptops, find vulnerabilities in real apps, and exploit them. Also bring any mobile devices you'd like to test, such as iPhones.

Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at DEFCON, HOPE, BayThreat, LayerOne, and Toorcon, and taught classes at many other schools and teaching conferences.

He has these things: BS, PhD, CEH, CISSP, WCNA, and a lot of T-shirts.

Running KALI on a Raspberry PI and other fun tricks

Dallas Security Researcher

Las Vegas Ballroom 4
Saturday, 09:00 - 13:00 (Break) 14:00 to 18:00
Max class size: 25

Like Hacking? Like Hardware? Lets have some fun with both. Go here to pay for your kit and reserve your space.

Registration Will close to allow time to get kits on July 20. Some kits will be onsite, very few. You can still reserve a spot if you have your own hardware (see eventbrite site above).

We are going to provide a list of “parts to order” hopefully if you want to bring your own, and kits to sell at Defcon. (I recommend kit, but its up to you.). In either case we will need to reserve you a spot in the class to ensure there is enough room for power, laptops, etc. Kits are targeted to be very close to the actual cost of the hardware and goodies.

We will discuss Raspberry Pi as a hardware platform, build a stock OS and then build a Kali installation with all kinds of tips and tricks around security, programming, using the Raspberry PI, wireless hacking and more as we go through it! You will leave with a complete setup ready to go when you are done. This will include a Raspberry Pi, Wireless Card, Memory, Case, Keyboard, LCD Display and more surprises (if you get the kit). You will need to bring your laptop to have the best experience, but can be done without (but not recommended). A manual link will be included as well. You will leave with a great platform for expanding into programming, security or home automation.

We are still working it out, but the seating will be limited, and we want to ensure you have everything you need to go through the class. Currently scheduled for the Saturday of Defcon, we will also work around those who want to leave for a talk and come back. But once the class closes, we cant get anyone else in. This is scheduled as an 8 hour class, but will work with you to jump in and out for a few talks (if you want to). There will be a break for lunch as well. Keep in mind we may have a few guests drop in to say hello, add to the discussion or give out freebies…so look forward to that.

You don’t have to be an expert, just have a fair understanding of networking and a desire to learn and share. We are going to talk about and walk through a lot of topics involving the hardware, sensors, cameras, software, OS and capabilities. You will need your laptop.

Pre-Order kit will be approx $135.00 and be ready for you when you get to the class, you will assemble in class. Kit essentially includes..:

  • Raspberry Pi 2 w/ Case
  • 2 – 8 Gig SD Cards loaded with Kali and Raspbian image
  • Wireless USB ‘Card’
  • Micro Combo Keyboard / Mouse (Wireless)
  • Micro Composite Display w/ cable (for Raspberry Pi 2)
  • MicroUSB AC Adapter
  • Network Cable from your PC to Pi
  • Other Goodies in the Kit.

You will need your laptop to connect to the Pi once we get the OS installed and operational, unless you enjoy looking at a very small screen.

Internet is generally unreliable, so we will base the class assuming it may not work well, but if it does you will have additional options.

Taught by JD ‘Dallas’ Landrit, who currently works in Security for a major Oil and Gas company somewhere in the Midwest. Often popping up around the world at hacker spaces, conferences, Makerfaire and other fun places – occasionally speaking and geeking out with friends. He likes to hang out with his old government buddies, explore third-world countries and Goon while at Defcon, of which this will be his 12th straight year.

Crypto for Hackers: The Workshop

Eijah Founder, demonsaw

Las Vegas Ballroom 5
Friday and Saturday, 14:00 to 18:00
Max class size: 50

Love Crypto? Hate DRM? Then let's hack the shit out of AACS together.

Crypto for Hackers: The Workshop is the continuation of the Crypto for Hackers talk. We'll spend 4 hours working our way through a variety of C++ crypto exercises designed specifically for Def Con attendees. We'll implement and use all five types of crypto algorithms discussed in the talk, including ciphers (e.g. AES), hash functions (e.g. SHA-512), hash-based message authentication codes (e.g. HMAC-SHA-512), key agreement schemes (e.g. Diffie-Hellman), and password-based key derivation functions (e.g. PBKDF2).

Next we'll put our new crypto knowledge to the test and attempt to reproduce the AACS memory hack I did when I released the first Blu-Ray device key to the world: AA856A1BA814AB99FFDEBA6AEFBE1C04. You'll have actual PowerDVD memory dumps that you'll need to parse, analyze, and then figure out how to reverse engineer. I'll provide guidance and oversight, but you'll be the one writing the code, exploiting the vulnerabilities, and finding the AACS encryption keys.

Please note that this is an intermediate-level, technical workshop and requires that all attendees have a strong working knowledge of C++. While attending the Crypto for Hackers talk is extremely helpful, it is not required. As part of the workshop I'm providing a free and open-source crypto library that I wrote called demoncrypt. This is the same library used by demonsaw, the secure and anonymous content sharing application that I launched last year at Def Con. Bring your laptop, your favorite C++ 11 compiler (>= gcc 4.7 or msvc 2013), and a strong attitude of civil disobedience.

Eijah is the founder of demonsaw, a secure and anonymous content sharing platform, and a Senior Programmer at a world-renowned game development studio. He has over 15 years of software development and IT Security experience. His career has covered a broad range of Internet and mid-range technologies, core security, and system architecture. Eijah has been a faculty member at multiple colleges, has spoken about security and development at conferences, and holds a master’s degree in Computer Science. Eijah is an active member of the hacking community and is an avid proponent of Internet freedom.

Twitter: @demon_saw
Web: https://www.demonsaw.com
Facebook: https://www.facebook.com/Demonsaw
Github: https://github.com/eijah/demonsaw
Email: eijah at demonsaw dot com

The Art of VoIP Hacking

Fatih Ozavci Security Researcher

Christos Archimandritis Security Researcher

Las Vegas Ballroom 6
Saturday, 09:00 - 13:00 (Break) 14:00 to 18:00
Max class size: 50

VoIP attacks have evolved, and they are targeting Unified Communications (UC), commercial services, hosted environment and call centres using major vendor and protocol vulnerabilities. This workshop is designed to demonstrate these cutting edge VoIP attacks, and improve the VoIP skills of the incident response teams, penetration testers and network engineers. Signalling protocols are the centre of UC environments, but also susceptible to IP spoofing, trust issues, call spoofing, authentication bypass and invalid signalling flows. They can be hacked with legacy techniques, but a set of new attacks will be demonstrated in this workshop. This workshop includes basic attack types for UC infrastructure, advanced attacks to the SIP and Skinny protocol weaknesses, network infrastructure attacks, value added services analysis, Cdr/Log/Billing analysis and Viproy use to analyse signalling services using novel techniques. Also the well-known attacks to the network infrastructure will be combined with the current VoIP vulnerabilities to test the target workshop network. Attacking VoIP services requires limited knowledge today with the Viproy Penetration Testing Kit (written by Fatih). It has a dozen modules to test trust hacking issues, information collected from SIP and Skinny services, gaining unauthorised access, call redirection, call spoofing, brute-forcing VoIP accounts, Cisco CUCDM exploitation and debugging services using as MITM. Furthermore, Viproy provides these attack modules in the Metasploit Framework environment with full integration. The workshop contains live demonstration of practical VoIP attacks and usage of the Viproy modules.

In this hands-on workshop, attendees will learn about basic attack types for UC infrastructure, advanced attacks to the SIP protocol weaknesses, Cisco Skinny protocol hacking, hacking Cisco CUCDM and CUCM servers, network infrastructure attacks, value added services analysis, Cdr/Log/Billing analysis and Viproy VoIP pen-test kit to analyse VoIP services using novel techniques. New CDP, CUCDM and Cisco Skinny modules and techniques of Viproy will be demonstrated in the workshop as well.

Who should attend

Penetration testers, VoIP engineers, security engineers, internal auditors and all hackers who have a wireless card and a VM player.

Workshop Requirements

Participants should have an up to date Kali Linux virtual machine with Metasploit Framework. (The disk image will be provided by the tutors)

Christos Archimandritis has nearly 5 years’ of experience in information security consulting, having performed various security assessments for clients in the banking, telecom and government sector. Prior to joining Sense of Security, he was a senior security consultant with a major consulting company in Europe. While working there, he performed network and web application penetration tests, mobile application penetration tests and wireless assessments for various clients in Europe and the Middle East. Before that, he worked in the European branch of a major company in the automotive sector, developing solutions for the company’s SAP and Business Objects environments as well as administering the company’s data warehouse.

Linkedin : http://gr.linkedin.com/pub/chris-archimandritis/52/580/478

Fatih Ozavci is a Security Researcher, Principal Security Consultant with Sense of Security, and the author of the Viproy VoIP Penetration Testing Kit. Fatih has discovered several previously unknown security vulnerabilities and design flaws in IMS, Unified Communications, Embedded Devices, MDM, Mobility and SAP integrated environments for his customers. He has completed several unique penetration testing services during his career of more than 15 years. His current research is based on securing IMS/UC services, IPTV systems, attacking mobile VoIP clients, VoIP service level vulnerabilities, SaaS, mobility security testing, hardware hacking and MDM analysis. Fatih has presented his VoIP and mobile research at BlackHat USA’14, DefCon 22 and 21, Troopers’15, Cluecon 2013 and Ruxcon 2013. He has also provided VoIP and Mobility Security Testing workshop at AustCert’14, Kiwicon'15 and Troopers'15 events.

Homepage : http://viproy.com/fozavci
Linkedin : http://tr.linkedin.com/pub/fatih-ozavci/54/a71/a94

iOS Application exploitation 

Prateek Gianchandani Security Researcher

Las Vegas Ballroom 4
Friday, 09:00 - 13:00 (Break) 14:00 to 18:00
Max class size: 50

This will be an introductory course on exploiting iOS applications. The training will be based on exploiting Damn Vulnerable iOS app and other vulnerable apps which are written by the trainer in order to make people understand the different kinds of vulnerabilities in an iOS application. This course will also discuss how a developer can secure their applications using secure coding and obfuscation techniques. After the workshop, the students will be able to successfully pentest and secure iOS applications.

The following vulnerabilities in iOS applications will be discussed…

  • Insecure Data Storage
  • Extension Vulnerabilities
  • Attacks on third party libraries
  • Jailbreak Detection
  • Runtime Manipulation
  • Piracy Detection
  • Sensitive information in memory
  • Transport Layer Security (http, https, cert pinning)
  • Client Side Injection
  • Information Disclosure
  • Broken Cryptography
  • Security Decisions via Untrusted input
  • Side channel data leakage
  • Application Patching

It is recommended that users bring their own jailbroken iOS devices for trying out the demos. Any jailbroken device (iPhone, iPod, iPad) running up to iOS 8.4 will be fine.

Prateek Gianchandani, an OWASP member and contributor has been working in the infosec industry for about 5 years. He is currently working as an Information security engineer for an airlines company. During his five years, he has performed a number of penetration tests on mobile and web applications and even developed a lot of applications for the App Store. His core focus area is iOS application pentesting and exploitation. He is also the author of the open source vulnerable application named Damn Vulnerable iOS app and also runs a popular blog series on iOS application security at http://highaltitudehacks.com/security.

Advanced Cyber Exercises

Andrea Guerber Delta Risk LLC, A Chertoff Company

Las Vegas Ballroom 7
Friday, 09:00 - 13:00
Max class size: 50

This workshop discusses the rationale, types, structure, organization, execution, and value of cyber exercises. The course discusses the four phases of exercises: objective setting, planning, execution, and evaluation, compares methodologies with the national HSEEP (Homeland Security Exercise and Evaluation Program) and highlights execution considerations and risk management of "live-fire" cyber exercises on operational networks. Students are presented an overview of advanced cyber exercises, moving beyond traditional table-top exercises, and the considerations for running cyber exercises on both operational and closed-range networks.

Andrea Guerber is a Senior Associate with Delta Risk, LLC. She has 10 years of experience developing advanced cyber exercise methodologies for the US military, as well as state, local, and tribal levels that can be used in the context of the Homeland Security Exercise Evaluation Program (HSEEP) to improve the cyber defense of critical infrastructure and key resource sectors. She managed the Delta Risk effort that developed the scenario for, and supported planning and execution of, FEMA’s National Level Exercise in 2012 – the first tier-one exercise that focused on a large-scale cyber attack. She is a technical leader and innovator in cyber warfare operations with military information operations experience, understanding defensive and adversary tactics and their application to defensive operations.

Exploited Host Analysis

Robin Jackson WT Forensics

Ed Williams WT Forensics

Las Vegas Ballroom 1
Friday & Saturday, 09:00 - 13:00 (Break) 14:00 to 18:00
Max class size: 50

Exploited Host Analysis is an 8 hour overview into the various techniques used to examine a host machine and it's corresponding network traffic to determine what happened, who did it and when. The course will briefly cover the fundamentals of Digital Forensic analysis including Locard's Exchange Principle, the order of volatility, methods and tools for acquisition and proper evidence documentation and handling. After the overview students will be led through various scenarios including:

  • Packet capture analysis
  • Memory Analysis using Volatility
  • Log file analysis
  • Deobfuscation and analysis of a web shell
  • Disk analysis including timeline creation
  • Registry analysis and deobfuscation of registry only malware

There will be a ton of examples and the emphasis will be upon the use of free and open source tools to achieve results. Of course we'll only really scratch the surface of each topic but we'll give you plenty of online resources to continue your exploration of Digital Forensics.

Ed Williams and Robin Jackson are the DC3 Forensics Challenge US Overall Winners as well as the EC-Council International Civilian winners for 2010. Both Ed and Robin had a long history with computers,incident response and digital forensics. After their 2010 win they formed WT Forensics, a Montana based LLC dedicated to bringing security services, training and Digital Forensics / Incident Response (DFIR) to their home state. Robin is currently a Master Security Consultant for Hewlett Packard's Digital Investigation Service. Ed is currently a DFIR investigator for the State of Montana's Department of Administration.

ARM for Pentesters

Aseem Jakhar Security Researcher

Las Vegas Ballroom 6
Friday, 09:00 - 13:00 (Break) 14:00 to 18:00
Max class size: 20

The workshop is aimed at Pentesters and security professionals who want to get into pentesting ARM based systems such as smart phones, IoT devices, TVs etc. We will use Android as the ARM based platform for the workshop and take a deep dive into ARM assembly, Android Native development components, buffer overflows and shellcoding. The workshop introduces the attendees to the ARM Android platform including the intrinsic technical details and security issues using a balanced proportion of theory and extensive hands-on and exercises. It provides a base for the attendees to start researching on ARM based systems.

Modules

  • Android Native Dev Primer
  • ARM Architecture
  • Assembly
  • Call conventions
  • Shellcoding
  • Runtime Code injection using Indroid
  • Buffer overflows

Aseem Jakhar is the Director, Research at Payatu Technologies Pvt Ltd http://payatu.com a boutique security testing company. He is well known in the security community as the founder of null -The open security community, registered not-for-profit organization http://null.co.in and also the founder of nullcon security conference http://nullcon.net and hardwear.io security conference http://hardwear.io He has extensive experience in system programming, security research, consulting and managing security software development projects. He has worked on various security software including UTM appliances, messaging/security appliances, anti-spam engine, anti-virus software, Transparent HTTPS proxy with captive portal, bayesian spam filter to name a few. He is an active speaker at security and open source conferences; some of the conferences he has spoken at include AusCERT, Defcon, Hack.lu, Black Hat, PHDays, Xcon, Cyber security summit - Bangalore, Cocon, OSI Days - Bangalore, Clubhack, Gnunify. His research includes Linux remote thread injection, automated web application detection and dynamic web filter. He is the author of open source Linux thread injection kit -Jugaad and Indroid which demonstrate a stealthy in-memory malware infection technique.

Analyzing Internet Attacks with Honeypots

Ioannis Koniaris Security Engineer, Yelp

Las Vegas Ballroom 3
Friday, 09:00 - 13:00
Max class size: 50

In the field of computer security, honeypots are systems aimed at deceiving malicious users or software that launch attacks against the servers and network infrastructure of various organizations. They can be deployed as protection mechanisms for an organization’s real systems, or as research units to study and analyze the methods employed by human hackers or malware. In this workshop we will outline the operation of two research honeypots, by manual deployment and testing in real time. A honeypot system will undertake the role of a web trap for attackers who target the SSH service in order to gain illegal server access. Another one will undertake the role of a malware collector, usually deployed by malware analysts and anti-virus companies to gather and securely store malicious binary samples. We will also talk about post-capturing activities and further analysis techniques. As an example, we will see how to index all the captured information in a search engine like Elasticsearch and then utilize ElastAlert, an easy to use framework to setup meaningful alerting. Lastly, visualization tools will be presented for the aforementioned systems, plus a honeypot bundle Linux distribution that contains pre-configured versions of the above tools and much more related utilities, which can make the deployment of honeypots in small or large networks an easy task.

Ioannis is an Information Security engineer and researcher, working to protect company assets, data and operations. His general interests are programming, security, development operations (DevOps) and cloud computing while his academic interests include honeypots, honeyclients, botnet tracking, malware analysis, intrusion detection and security visualization. Ioannis has released a number of utilities to aid information security professionals using honeypots. Some of them are Kippo-Graph, Honeyd-Viz and HoneyDrive; a self-contained honeypot bundle Linux distribution. These tools are used by numerous university researchers, various CERT teams worldwide and have also been included in the “Proactive detection of security incidents II – Honeypots” report by ENISA (European Union Agency for Network and Information Security).

Offensive and Defensive: Android Reverse Engineering

Tim "Diff" Strazzere Red Naga

Jon "jcase" Sawyer Red Naga

Caleb Fenton Red Naga

Las Vegas Ballroom 2
Friday, 09:00 - 13:00 (Break) 14:00 to 18:00
Max class size: 40

Thinking like an attacker, you will learn to identify juicy Android targets, reverse engineer them and find vulnerability and write exploits. We will deep dive into reverse engineeriing Android frameworks, applications, services and boot loaders with the end goal of rooting devices.

Approaching from a defensive perspective, we will learn quickly triage applications to determine maliciousness, exploits and weaknesses. After learning triage skills we will deep dive into malicious code along while dealing with packers, obfuscators and anti-reversing techniques.

Between the two aspects of this class, you should walk away with a basic overall of your reversing engineering knowledge and a strong understanding of how to further develop your skills specifically for mobile platforms.

Prerequisites:
We would expect students to know minimal reverse engineering concepts, would also be good though not required to have some of the following non-free tools;

  • IDA Pro
  • Hopper
  • JEB

Tim "diff" Strazzere is a Lead Research and Response Engineer at Lookout Mobile Security. Along with writing security software, he specializes in reverse engineering and malware analysis. Some interesting past projects include having reversing the Android Market protocol, Dalvik decompilers and memory manipulation on mobile devices. Past speaking engagements have included DEFCON, BlackHat, SyScan, HiTCON and EICAR, QSPI.

Jon "Justin Case" Sawyer - Father of four, and CTO of Applied Cybersecurity LLC. Jon likes to spend his nights with a fine (cheap) glass of wine, writing exploits for the latest Android devices. When not researching vulnerabilities or writing exploits, he dabbles in dalvik obfuscation.

Caleb Fenton is a security researcher at SourceClear. His focus is reverse engineering and application security. Past projects include generic Dalvik deobfuscation, Android app tampering detection and prevention, and automated Android app modification.

From Spam to Threat Intel

 

Robert Simmons Senior Threat Intelligence Researcher, ThreatConnect, Inc

Las Vegas Ballroom 7
Friday, 14:00 to 18:00
Max class size: 30

You get massive amounts of spam. I get massive amounts of spam. I love to get massive amounts of spam, and I try to find ways to get more spam every day. Why? Because it is a rich source of threat data!

The author of a new variant of Zeus has just finished a build and is going to spray the internet with copies of it. Why should you wait until someone submits it to an online virus scanner when you can have the bad guy email it directly to you!

This workshop will walk you through three basic tools that will allow you to turn your deluge of spam first into usable data, then convert it into usable threat intel. The first tool is ElasticSearch. You will learn how to convert all your spam’s component parts into a JSON document and ingest it using ElasticSearch. It can then be visualized to make pretty graphs. From there, you have two basic vectors of maliciousness: URLs and Attachments. You will then learn how to use the tool Thug, a low interaction honey client, to analyze the URLs. In the other department, attachments, you will learn how to use Cuckoo Sandbox to analyze the email attachments along with any payload binaries captured by Thug. Fortunately both of these tools produces JSON output, and you will learn how to feed that back into ElasticSearch for final analysis and visualization. You will learn a small bit of Python code (nothing to be afraid of) that will do some basic data transformation and data movement from tool to tool.

This is not a workshop about how to build or muck around with putting the system together. All the components that we will use come pre-configured so we can dive right into understanding the tools’ output and comprehending how to extract actionable intelligence from these tools.

Students are expected to provide his or her own laptop for the duration of the workshop. Windows, Linux, or Mac OS X are all acceptable, but please make sure its an up-to-date version. Additionally, please have the current version of VirtualBox installed and make sure that VMs are able to communicate using the wireless network adapter. This free software can be downloaded from https://www.virtualbox.org/wiki/Downloads

Robert Simmons is a Senior Threat Intelligence Researcher for ThreatConnect, Inc. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Robert is also the author of PlagueScanner, an open source virus scanner framework.

Robert, also known as Utkonos, has a background in biology, linguistics, and Russian area studies. He has lived extensively in Russia and Ukraine and has been known to swear profusely and constantly in Russian.

Excuse me, your RFID is showing

 

Valerie Thomas Securicon

Terry Gold IDanalyst LLC

Las Vegas Ballroom 3
Friday, 14:00 to 18:00
Max class size: 30

In the hacking world, physical access is king. Many organizations rely on RFID technology to control physical access to a variety of assets, critical infrastructure and core operations but few understand its proprietary architecture and real-world implementation. This workshop covers how physical access control systems work from the ground up including architecture, common policy, and components. We'll deep dive into the world of RFID starting with raw data analysis via oscilloscope and move on to access card technology data structures and formats. Then we'll put it all together to form attacks on various card technologies that can be utilized in red team operations in a variety of environments.

For students who wish to participate in the hands-on portion of the workshop, a laptop with Windows 7 or 8 (native or virtual machine) is required. Tweet questions to @hacktress09 and @TerryGold2048 with #YourRFIDIsShowing.

From 0 To Pwnd - The Ultimate Social Engineering Primer

Valerie Thomas Securicon

Las Vegas Ballroom 3
Saturday, 09:00 - 13:00 (Break) 14:00 to 18:00
Max class size: 50

Are you a pen tester in need of social engineering training? Perhaps you just want an understanding of what social engineering is all about. This workshop has something for everyone. First we'll begin with the basics of social engineering and why it works, then dive into non-traditional topics such as spycraft, acting, pressure sales, and the psychology behind them. Next we'll build upon that knowledge to create social engineering attacks. We'll cover the steps of the social engineering process from planning to post-attack including real-world examples. We'll end the day with the basics of appearance hacking and utilizing social engineering in physical penetration testing.