If you missed any of the talks, here is a playlist that contains all of the CCOnline talks.
Welcome to the CarolinaCon schedule page. The top half of the page has the events. Click the talk title to jump down to the talk abstract.
Friday special (April 23rd)
Lunch (Friday April 23rd)
|7:00pm - 7:05||CCOnline kick-off||The CC Team|
|7:10pm - 8:00||Zero-day .NET and Nvidia GFE Vulnerabilities Explained||Matt Batten|
|8:10pm - 9:00||"Ahem Your IPv6 is showing..."||Rumham|
Dinner (Saturday April 24th)
|10:00am - 10:45||Hack in Your Sleep||David Hunt|
|11:00am - 11:45||Fuzzing by First Principles||Takko_The_Boss|
|12:00am - 1:00||- coffee break -||-|
|1:00pm - 1:45||Catching the CAN Bus: Car Hacking on a Budget||Rachel Velasco|
|2:00pm - 2:45||Practical Infrastructure Automation For Red Teams||Cedric Owens|
|3:00pm - 3:45||Host-Based Detection, Forensics, and Response with Velociraptor||Wes Lambert|
|4:00pm - 4:45||DNS tunneling down the rabbit hole||Tim Steiner|
Dessert (Sunday April 25th)
|10:00am - 10:45||Hacking Humans: Using OSINT to put together Social Engineering Scenarios that Always Work||Williams Price|
|11:00am - 11:45||Crash Course on Web Application Penetration Testing - Thinking Outside the OWASP 10||JR Johnson|
Zero-day .NET and Nvidia GFE Vulnerabilities Explained
I discovered two logical vulnerabilities that allowed for Local Privilege Escalation (LPE). These vulnerabilities are interesting and recent. I have reported both and have had them both acknowledged by Microsoft and Nvidia. Walking through the process of discovery and then the actual exploit is fun and will show everyone how installing new software will open up systems to more vulnerabilities.
"Ahem Your IPv6 is showing..."
IPv6 is often seen as a mystical protocol by many folks and its scary to think about making the transition from IPv4. What's even scarier is it's likely already in place within your organization and attackers can leverage it against you! Further, companies are quickly rolling out IPv6 within their public assets in an unsafe manner. Let's focus on how Pentesters and adversaries are getting Domain Admin on your network, as well as making sure you're covering all your bases when dealing with IPv6.
Hack in Your Sleep
When you wake up, do you brush your teeth or pour a cup of coffee? If real world decisions could be laid out on a decision tree, you could identify trends. Now imagine you're a hacker. You were just dropped into a computer network. Do you start running discovery tactics or exfiltration? In this talk, I will break down how attackers chain together benign actions to form a malicious attack. Then we'll apply this mindset and leverage autonomous red teaming to compromise a system in seconds.
Fuzzing by First Principles
It's easy to get swept away in the litany of specified frameworks to follow. This habit of finding similar enough schemas and tweaking them to make it work is unsustainable long-term. By reasoning from first principles we can create holistic fuzzing groundwork tailored to the device under test that produces the most relevant results that are repeatable. This presentation explores standard & edge-cases of fuzz testing, and compares methods for each.
Catching the CAN Bus: Car Hacking on a Budget
As cars become smarter, their attack surface grows. What exactly can you (and others) do to your own car? This talk will cover core concepts in car hacking: in-vehicle networks, electronic control units (ECUs), and how to manipulate them. We will also go over recent breakthroughs in automotive security and starting your own research workbench on the cheap.
Practical Infrastructure Automation For Red Teams
While red teams in their entirety cannot be automated, automation can surely help red teams in several different ways. In this talk I will show some examples of how I have leveraged automation on a small red team in order to help with infrastructure standup. I will also share some code samples from my automation projects that others can use and build upon.
Host-Based Detection, Forensics, and Response with Velociraptor
Host-based detection, forensics, and response -- all of these features are available in a free and open-source tool called Velociraptor. In this presentation, we'll cover how security teams can leverage the power of Velociraptor and VQL (Velociraptor Query Language) to unearth host artifacts, easily search across thousands of endpoints for indicators, perform active response, associate findings to other datasets, and increase overall endpoint visibility.
DNS tunneling down the rabbit hole
So you're saying that I just spent 50K on a SIEM for my enterprise network and you were still able to maintain C2 and exfiltrate data over DNS without detection? The words echoed menacingly in the dim conference room. The client's hardened expression was clearly visible. Before the consultant could respond, the client continued. How is that possible? Our firewall blocks all outgoing DNS and we only permit DNS to our own internal server. The consultant carefully crafted his words as he explained.
Hacking Humans: Using OSINT to put together Social Engineering Scenarios that Always Work
In this talk, we teach how to use the internet and freely available information to craft perfect social engineering attacks. We have used these very tactics to compromise employees as high-level as corporate VPs with 2FA in place! After showing how to create these social engineering scenarios and dupe victims, we show how security professionals can train their clients to beware of the data they leave so that they are aware of attackers intents.
Crash Course on Web Application Penetration Testing - Thinking Outside the OWASP 10
Many conference talks that address web application security or penetration testing focus on the OWASP Top 10 to frame the discussion, but that's not realistic! In this talk, the focus is on a realistic approach and walkthrough of web application penetration testing, aimed at the red team interested in or doing these kinds of assessments and the blue team/developers that need to better defend applications.