17:00 Registration Begins
18:30 Opening Remarks
18:45 Intro to the Badge19:15 Phishing, Whaling: Beyond Technology Social Engineering...
The consistent and critical weakness in all cyber systems is the human. So much of cyber security focuses on "Technology" social engineering (phishing, whaling, etc). Yet these "technology" social engineering techniques are such a small possibility over the full social engineering realm at an attackers finger tips.
In this talk we will walk and talk the audience through 5 very simple, easy but profound social engineering skills that can be used to enhance "technology" social engineering, as well as move the offsec professional to more direct human-to-human attack vectors. For each technique I will provide real life stories of how effectively I have used them as I walk the audience through using them.
Luke (MindNinja) Stephens. 15+ years Information Security (mostly focused on offensive security). 30+ years IT experience. Former Special Forces, former law enforcement… life long true "bad" good guy.
In many cases, building access badges have gone the way of "keep it secret; keep it safe", similar to how physical locks were shrouded for many years. Just as with physical locks, this does nothing to effectively control risk for an organization.
For the suits - In order to perform proper tests of design and effectiveness (i.e. a risk assessment), the technologies in use must be understood if an accurate threat model is to be created.
For the breakers - This talk will provide an overview of existing tech and attack methods that have proven to be highly-effective in good, old-fashioned B&E of an environment using RFID-based authentication entry controls.
Including demonstrations for both design flaws and compromise models, this talk will explore the technologies behind RFID-based access, common implementation issues, and methods to clone and/or replay virtually all RFID cards in current use to gain unauthorized access to a badge-controlled facility.
smrk3r is an intern for the FALE Association of Locksport Enthusiasts. Supposedly he does red-teaming too and is very technical in the industry.
Since coming into popular use in the late 1960s, industrial control systems (ICS) have become prevalent throughout all areas of industry and modern life. Whether in HVAC systems, elevators, power grids, water treatment plants, traffic lights, gas pipelines, manufacturing robots or any of the myriad other applications, industrial control systems govern much of our lives.
This presentation will cover the basics of what an ICS/SCADA system is, a brief history of the technologies involved (and their security issues), a look at typical network protocols and network architectures used in ICS/SCADA systems, a glance at a typical (pentesting/red team) engagement and various attack strategies for succeeding as a pentester of industrial control systems.
Tripp Roybal (@GMRoybal_III) is a Cyber Security Engineer at Gotham Digital Science and has previously worked at a Fortune 500 energy company where he assisted in research projects aimed at securing Smart Grids and Microgrids. Tripp likes to get shells on things and is a standing member of the Pros vs. Joes CTF Red Team at BSides LV. He has also participated in a red/blue ICS exercise at Idaho Falls National Laboratory.
Bring your mail security into 2017 and protect your brand with DMARC. Review how the foundational technologies SPF and DKIM work, why DMARC is necessary, and how it's part of a balanced breakfast to stop business email compromise. Discover shadow IT, create custom threat intel feeds from would-be spoofers, and gain control over how mail from your domain is handled. Bonus content on the bleeding-edge ARC available for audiences that move quickly.
Katie Murphy is a carbon-based life form based in the SF bay area. When not fighting badness from the internet, they climb rocks, lindy hop, and take walks with their cat. Grammar Nazis may refer to https://www.washingtonpost.com/news/wonk/wp/2016/01/08/donald-trump-may-win-this-years-word-of-the-year/ or use Per (but only out of respect for Richard Stallman).
Capture The Flag competitions present a unique opportunity to practice various information security problems and topics. Staying current with diverse tools and techniques is especially important for members of the InfoSec community. Some of the challenges presented in CTFs are web exploitation, forensics, cryptography, and binary exploitation/reversing. Despite the learning opportunities and fun experiences offered by CTFs, many are reluctant to try them. In this talk, our goal is to provide everything a person would need to start working on CTFs; we'll cover the various types of CTFs, possible challenges one might encounter, useful resources, and specific competitions worth checking out.
Ray has been attending CarolinaCon since he looked like an 11 year old, and was unable to convince anyone otherwise. He currently works as a Senior Penetration Testing Consultant at Dell SecureWorks. Ray has attended the CarolinaCon security conference on and off for the last 10 years, as well as attending his first BSidesLV, DEFCON, ShmooCon, and DerbyCon this year. He has competed in numerous hacking competitions and CTFs over the years, most recently with Team Eversec, and managed to place 7th in the DEFCON Open CTF, 2nd in the DerbyCon CTF, and 1st in the DEFCON SOHOpelessly Broken CTF, winning a DEFCON 'black badge' with the team this year.
Clayton is a pentester focusing on web and iOS applications. He has attended the DEFCON security conference the past three years and competed with his team in several CTFs, including placing 1st at SOHOpelessly Broken CTF twice, and winning a DEFCON 'black badge' with Ray. Additionally, he also helped run the EverSec CTF at CarolinaCon in 2016. in 2016.
Machine Learning is frequently in the news, but you might not know what it is. This presentation gives a quick intro to the field and an approach for learning the topic yourself. The overview will survey the field of the various uses of machine learning, a demo for solving a ML problem in python and for comparison an implementation with some other languages and tools. Afterwards he will give you a guide for how to approach the field.
John F. Davis - Math 400. John is a frequent conference attendee and a past presenter. He has an interest in all things computing and has spent the past year studying Machine Learning. Consequently he is back this year sharing what he has learned and how you could as well.
Phone systems have been long forgotten in favor of more modern technology from the legacy that phreakers left us with and they are often neglected. This presentation will cover the types of issues that may be encountered when dealing with phone systems and map them to the relative OWASP category. We'll also cover how to test them, how attackers abuse phone systems and additional methods that can be leveraged in other offensive testing practices.
Owen (Snide) has worked in various IT fields from tech support to development. Combining that knowledge he moved into the security field by way of Application Security and now works on an offensive security team. He enjoys both making and breaking, tinkering with various technologies, and has experimented for prolonged periods with PBX's and the obscure side of VoIP.
"Whether or not you are just starting in InfoSec, it is always important to remember that mistakes happen, even to the best and most seasoned of analysts. The key is to learn from your mistakes and keep going. So, if you have a few minutes and want to talk a load off for a bit, come and join in as a hillbilly spins a yarn about a group of unfortunate pentesters and their misadventures. All stores and events are true (but the names have been be changed to prevent embarrassment)."
Adam Compton (tatanus) has been a programmer, researcher, professional pentester, father, husband, and farmer. Adam has over 18 years of programming, network security, incident response, security assessment, and penetration testing experience. Throughout Adam's career, he has worked for both federal and international government agencies as well as within various aspects of the private sector.
QR and Vic will walk attendees through an A-Z tutorial on how people buy illegal items online. These items include stolen data, financial account login credentials, credit card data, fake IDs, drugs, weapons, rootkits/trojans/malware, etc.
This presentation will show attendees;
Vic Vandal is his name, digital havoc is his game! From skateboards to keyboards and everything in between, Vic can manipulate, conjugate, and detonate his tactical skills (that pay the bills) to burn your eyes with visual napalm! Trained in cyber-warfare by the United States armed forces (actually it was more vice-versa, but such details are unimportant), Vic is now a digital mercenary ready to unleash his diabolical digital deeds for the right price. His objective? Communications! A modern day ENIAC, Vic makes, creates, and propagates the everyday analog into digital mayhem for the masses. A Wizard of Oz in his own private cyber-wonderland, he is on his way to taking over all global transmissions. All your base are belong to him!
Quiet Riot, AKA "QR", is ever searching for comfortable shoes, dry technical reading material, and passionate peers. He grew up on a farm in Western New York with a mechanical shop full of tools and challenges just across the street. The hacker mindset set in. In school he was drawn to FreeBSD, crypto, bio systems, RF, privacy, locksport and filmmaking. He spoke at the first CarolinaCon about lock manipulation and even today enjoys gutting locks, and drinking porters, with Oak City Locksport [.com!] on sunny Sunday afternoons. Daytime he designs and builds automated video studios, for multi-site virtualized telebriefings, around the globe. Bitcoin became a strong interest for QR in 2010.
A brief overview of OpSec techniques for various threat levels. The talk will cover different techniques depending on what your threat model is. Are you trying to hide from your parents / spouse, your ISP, or nation-state backed threat actors?
The talk will briefly cover alias and persona creation and compartmentalization, browser fingerprinting, VPNs and various ways they will fail you. Of course, we can't have a good OpSec talk with looking at and learning from some other people's glorious OpSec failures.
Justin Nordine (@jnordine) has worked in cyber security for 13 years in various engineering, architecture, and research roles. He is currently the Galactic Viceroy of Clicking & Scrolling and occasionally has a global thought.
Justin is on the board of directors for the FALE Associate of Locksport Enthusiasts as the Chief OSINT Overlord. FALE is a small non-profit whose goal is to educate others on the effectiveness, or lack thereof, of the physical security measures commonly used in today's society.
Those who know Deviant or Pinup are aware that they love fine food and top-shelf drinks. When visiting homes of others, or when guests are gracious enough to come to our home, it's a pleasure to demonstrate just how easily one can prepare gourmet-grade feasts on a budget. But what if you're not in your house, or the abode of an accommodating friend with a nice kitchen? Many of us spend much of our work life on the road, struggling to eat healthy and well while staying within budget. Well, forget the hotel lobby restaurant. Don't Uber to the nearest Morton's. Hell, don't even put on your pants. In this talk we will snub our noses at room service and not take our our credit card save for one quick visit to a local grocery store.
The Hotel Room Gourmet will be a full and complete breakdown of a dizzying array of high-class food that we often make right in our hotel rooms (no suite or kitchenette needed!) which is healthier, tastier, and cheaper than nearly all other offerings available. Stick it to the man (and make your expense report happy) as you dine on deviled eggs, savory vegetables, and the thickest, juiciest rare steaks imaginable... all with perfect companion cocktails. Those who are present will not only learn but be afforded the opportunity to taste some of these exact creations!
Those who are vegan, forswear alcohol, or prefer their meat well-done are excused from attending.
The "Internet of Things" (IoT) is taking over our lives, so we should be constantly questioning the security and integrity of these technologies. As an IoT researcher, this is precisely what I do. During this presentation, I will be sharing details of my day-to-day research, covering the various processes and methodologies around researching (attacking) various IoT technologies that we all use every day. I will be discussing the various structures of an IoT ecosystem and showing how each segment of that ecosystem can be compromised to impact the overall security of a product. Using a live demonstration, I will show several of the security issues discovered during my research over the past 12 months and how we worked with the manufacturers to get these issues mitigated.
Deral Heiland CISSP (@Percent_x), serves as a Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 8+ years Deral's career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also conducted security research on a numerous technical subject, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including CarolinaCon, Blackhat, Defcon, Shmoocon, DerbyCon, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including BBC, MIT Technical Review, MSNBC, SC Magazine, Threat Post and The Register.
20:00 Hacker Trivia
When writing exploits these days, stack protection techniques can be a pain in the ass. Return Oriented Programming (ROP) is a technique that allows you to evade stack protection and in certain cases even turn it off. In this talk we'll discuss what ROP is, how it works and some tips to get you writing ROP chains for your own exploits.
Pandatrax is a security engineer at a large financial services company. He learned to program using BASIC on an Apple IIc and his first home computer was a used Atari 400. He uses vi on a regular basis and can't find his way out of nano.
PowerShell has become a tool that many hackers and pentesters are now using. This session is a beginner's guide to getting started with PowerShell. The session covers why PowerShell is such a powerful tool, a quick history, a few basic examples of using PowerShell to log into sites or hack sites and then goes into the basics of how to use the tool. PowerShell is part of Windows 7 and up, so bring your laptop and follow along with the presentation.
Michael Wharton is a Project/SharePoint Consultant and has setup many PMO (Project Management Office) . Michael's career started as a software developer before moving into project management. His passion to improve project management processes began in 2003 when using tools like project professional and project server. Since then he has trained hundreds of project managers and implemented project server in over twenty-five PMOs. He has passed over forty-four Microsoft certification exams giving him a solid technical background with Project and SharePoint Server.
Michael's expertise is broad in scope, which includes local and federal government, health care, banking and manufacturing. He did technical reviews for the published books Missing Manual: Microsoft Project 2010/2013 by Bonnie Biafore, Forecast Scheduling with by Eric Uyttewaal and Project Management Using Microsoft Project 2013 by Gus Cicala. Michael has been awarded the MVP (Microsoft Valuable Professional) in project for the past five years.
Attending hacking and security conventions has been a past time for many years, and recently has been looking deeper into hacking and securing SharePoint for his clients. Michael has spoken at DerbyCon for past two years and has spoken at a number of other conferences throughout the years.
Michael Wharton, Project MVP, MBA, PMP, MCT, MCTS, MCITP, MCSD, MCSE+I, MCDBA
In 1981 the French Directorate of Territorial Security (DST) flipped the high ranking KGB agent Colonel Vladimir who provided invaluable intelligence such a list of Soviet agents operating within the United States borders along with their intelligence targets. Control software for gas pipelines was found to be on the list and as a result the CIA set out to leak a tampered version of the software to one of the newly discovered agents. Then in 1982 the software, which was deployed on a Trans-Siberian gas pipeline, triggered a colossal explosion and "was the most monumental non-nuclear explosion and fire ever seen from space". This and other interesting stories are the focus of this talk about the forgotten history of cyber warfare.
Sean Pierce (@secure_sean) is a Red Team Lead for Target. Sean currently specializes in Threat Emulation (Threat Modeling/Purple Teaming) and in the past has dabbled in Reverse Engineering (Malware mostly) Incident Response, Botnet Tracking, and Information Security Economics. Prior working at Target he worked as Chief Threat Emulation Engineer at iSIGHT Partners who was later acquired by FireEye. Prior to that he was an academic researcher and part time lecturer at the University of Texas at Arlington where he earned a Bachelor's of Computer Engineering with a minor in Math.
This talk is part of an open source project I'm heading up called The Human Security Assurance Maturity Model or HumanSAMM for short. This is the first in talks about methodologies designed to address the human problem. This first talk focuses on common mistakes made in deploying security awareness programs and tips on how to increase effectiveness and efficiency. These methodologies have been effective in the real world to drive user risk well below 1%
Joshua Crumbaugh is the founder of PeopleSec and experienced penetration tester with an impressive background performing high end security assessments against high profile targets. He is also an expert social engineer who has talked his way into bank vaults, fortune 500 data centers, corporate offices, restricted areas of casinos and more. His experiences highlighted a significant need for a better "human solution" -- This led him identify key mistakes commonly made in security awareness training programs and answer the question of how "patch stupid".
This talk will provide a light intro to honeypots and their benefits, and highlight two projects HoneyPy and HoneyDB. Operating honeypot sensors on your internal network is a simple way to make your network "noisy" and can trip up malicious actors that have already penetrated your network. Also, leveraging data from honeypot sensors on the Internet can be a useful source of threat information. Are you leveraging honeypots in your organization? If not, why not? Adoption of these tools is likely about having simple easy to use interfaces and integrations into existing tools used by an organization.
HoneyPy is a low interaction honeypot with the capability to be more of a medium interaction honeypot. HoneyPy is written in Python and is intended to be easy to: deploy, extend functionality with plugins, and apply custom configurations. The level of interaction is determined by the functionality of its plugins. Plugins can be created to emulate UDP or TCP based services. All activity is logged to a file by default, but posting honeypot activity to Twitter, a Slack channel, or a web service endpoint can be configured as well. HoneyPy is ideal as a production honeypot on an internal network or as a research honeypot on the Internet.
HoneyDB is a web site dedicated to publishing honeypot data from HoneyPy sensors on the Internet. It also offers honeypot data for download via a REST API. Web site users can also log into HoneyDB and maintain a ThreatBin, which is custom list of honeypot session data bookmarked by the user. Future features include consolidated threat information from other honeypot Twitter accounts, and expanding the API.
Phillip Maddux is a Senior Solutions Engineer at Signal Sciences. Prior to Signal Sciences he focused on application security in the financial services industry. In his spare time he enjoys coding and experimenting with various open source security tools.
There are a lot of good 'Breaking Into InfoSec' talks out there. My own path took little facets out of many of them and has a few details that stand alone. This is a rapid fire/meme infused/stream of consciousness style/story telling version of how to break into InfoSec. My talk goes from the time I switched careers, infiltrated my local InfoSec meetup, started attending conferences, networked with the pros, worked my way into my current job and started doing conference talks of my own. This is from a guy raised on Atari 2600 and Commodore 64 that now does OSINT and Digital Forensics stuff for a living.
A freewheeling Detroit cop pursuing a murder investigation finds himself dealing with the very different culture of Beverly Hills. No, that's Beverly Hills Cop.
Cool black private eye John Shaft is hired by a crime lord to find and retrieve his kidnapped daughter. Oh, wait that's Shaft from the 70's.
A computer hacker is abducted into the digital world and forced to participate in gladiatorial games where his only chance of escape is with the help of a heroic security program.
Dammit that's Tron... if you accept the talk let me know if you want a real one. Josh Huff - @baywolf88