This information is from a previous year. Please visit shellcon.io for up to date information.
"White hat", "black hat", "corporate", "criminal", no matter the context, "red" or offensive security practitioners tend to build their own tools in order to be successful. Weather it's to avoid paying high costs for "enterprise" level solutions, prototype new concepts, or simply "glue" solutions together that are otherwise not designed to play well with others, the accomplished attacker is also a tool smith. "What about the blue team!?" This talk aims to address just that by providing practical solutions to defender tasks that include but are not limited to: IPS/IDS, malware detection and defense, forensics, system hardening, and practical and...
Read More
Netflix is a 100% cloud first company. The traditional corporate network security perimeter no longer meets our needs. In this talk, I will be covering the core building blocks comprising of identity, single sign-on using standards like SAML, OIDC and, OAuth, multi-factor authentication, adaptive authentication, device health and authorization we have invested in, to make identity as the new security perimeter.
Tejas Dharamshi is a Senior Security Software Engineer at Netflix. Tejas specializes in security and is focused on corporate Identity and Access, multi-factor authentication, adaptive authentication and user-focused security at...
Have you ever wondered why one of your high-priority vulnerabilities got rejected or delayed even though you thought it was foolish of your company not to implement it in a timely fashion? You probably got slowed down or stopped by the gatekeepers to engineering resources namely product management. However, what product management entails and what the goals of product management are, is rarely explained. I lead a group of product managers in a medical software company, and it is my job to decide which projects make it into the engineering/R&D backlog and which ones are being delayed or even eliminated....
Read More
I am VP of Solutions (Product Management) for NextGen Healthcare with nearly 20 years experience in Product Management in the healthcare industry. My goal is to improve provider's and patient's...
This talk will be a general overview of the known attacks on the LTE cellular protocol starting with a general description of how the cellular protocol works followed by discussion of attacks that can be done at layers 1, 2, and 3.
Lastly there will be a brief discussion about the decreasing price in Software Defined Radios and how this is affecting...
Read More
Mattias is an engineer at Qualcomm working on cellular security research.
Reconnaissance plays a huge role while hacking. While there are 100s of different tools available to make this process easier, you may not be maximizing your recon process without a working methodology. This methodology helps create an automated process that will actively look for vulnerabilities using OSINT and other well known recon tools.
Ben works as the Hacker Operations Lead at HackerOne, the #1 most popular bug bounty platform by day, and a hacker by night. Prior to joining HackerOne, he has helped...
Are you looking to rapidly improve your security posture or train a new member of your security organization? Are you a Blue Team member looking to cross train with Red Team or vice versa? Purple Teaming could be the answer to your problems. You may have already heard about Purple Teaming through a spare think piece online, casual mentions or even rage tweets, but few know what makes a Purple Team. In this talk I will cover how to build your own Purple Team function from the ground up using applied gap analysis, creating meaningful test cases, modifying tools, cross-training...
Read More
Mary Sawyer is a member of the Red Team at Palo Alto Networks. In addition to her work on the Red Team to stay ahead of the attackers by embracing...
For my talk I'll be going into how to setup a Raspberry Pi Zero W with a Cellular modem to provide out of band persistence inside a target network for the purpose of using it as a pen test drop box. On the technical side of things I'll provide a hardware summary and demo along with code examples to get it all working.
The setup is super basic. Using a cellular hat for the PI you can connect it via GPIO to the Pi, install PPP for whatever distro (my demo uses a Raspbian image), and configure the cellular modem...
Read More
As the CEO of Xcape, Inc., a Managed Services Provider in the greater Los Angeles area, Tj McClearin is both executive and lead hacker with a background in Corporate IT,...
Monero is a privacy focused cryptocurrency that uses 3 distinct cryptography techniques to provide user security: 1. Ring Signatures 2. Stealth Addresses 3. RingCT (Ring Confidential Transactions)
Each will be discussed with a technical overview of how they work and what benefit they provide. I'll also briefly touch on the fact that most extortion malware and crypto-mining malware is using Monero and how this compares to previous cryptography protocol advances such as HTTPS used by porn sites early on, but then eventually by banks.
Finally we will discuss Monero's i2p router project Kovri, how it helps obscure meta-data about transactions,...
Read More
Are you tired of missing the Modbus? Do you think DALI is a weird artist? You want to bring sexy BAC? Go from novice to clueful on one of the hottest hacking targets of 2018, and see what all the fuss is about. Learn what exactly is SCADA/ICS/PCN, why it's important, and just how horrifyingly ancient it all is. If you've ever wondered why Stuxnet was so devastatingly effective, or want to lose sleep over chemical plants on your commute, this is your chance.
Dan Bougere is a Senior Security Consultant at Securicon, LLC providing ICS/SCADA clients with customized security assessments that combine traditional vulnerability assessment with controlled penetration testing. Dan has over 14...
Scenario: You've been put in charge of InfoSec for a business with no existing security posture and the executive team thinks that Antivirus and Firewall is a sufficient InfoSec budget. They expect results in one year.
If you're thinking "Oh $(*7, I have to do what?", this talk is for you. At the end of this talk you will have a roadmap for the first year of implementing a security program, with some understanding of what those who have come before you have done. I hope to explain my mistakes so that you don't have to make mine; you can...
Read More
Hudson Bush is a Senior Information Security Architect at K2 Solutions, Inc. in Southern California. When not homebrewing, Hudson spends his time assisting small and medium businesses with securing their...
Over the past decade there have been a number of automatic and semi-automatic approaches used to help security professionals find bugs including dataflow analysis, blackbox web application scanning, fuzzing, and more. Despite the fact that a number of these techniques are now widely used, there tends to be a lack of discussion and clarity around the fundamental underpinnings of the approaches and their inherent tradeoffs.
In this talk, we'll provide an overview of a number of automated bug finding techniques ranging from the well known, such as fuzzing, dataflow analysis, and blackbox scanning, to less common techniques that are gaining...
Read More
Dr. Clint Gibler is a senior security consultant and research director at NCC Group, a global information assurance specialist providing organizations with security consulting services. By day he performs penetration...
Daniel DeFreez is a co-founder of Practical Program Analysis LLC, a boutique security firm specializing in building security tools that make pen testers and security engineers more efficient. Daniel is...
In the current cyber landscape several vulnerabilities are discovered every day. The volume and multiple sources from which to consume this information creates interesting challenges for any security team. Poor vulnerability management has become a serious fundamental problem and a common factor in most data breaches in the past months.
Vulnerability management is often disregarded, improperly staffed, and rarely discussed in some circles of the infosec community. Badly implemented programs are the source of nightmares for blue teams and the joy of red teams, pentesters, and bad guys alike. Under these circumstances, are you prepared to deal with vulnerabilities accordingly?
...Chris is currently a Sr. Security Engineer at Verizon Digital Media Services (formerly EdgeCast). He started working with computers in High School, and having older slower computers quickly made the...
The CISO's role has been evolving over the years. It is moving away from so much emphasis on compliance and monitoring towards a more strategic role, particularly as CISOs get more and more access to the C-Suite.
A key to success as a CISO is collaboration with and understanding the work of other business units. A large part of the job is not about technology at all. It is about relationships, project management, and learning about several parts of the business.
It is a good CISO's job to adequately assess and point out the risks to the business of various...
Read More
Richard Greenberg, CISSP is the CISO for the LA County Department of Public Health. Previous positions include Director of Surveillance and Information Systems, Chief of Security Operations, Director of IT,...
The practice of Open Source Intelligence (OSINT) gathering can be tedious when done manually. Fortunately, there are several ways to script out some of the more time-consuming tasks, and make them a breeze. This talk will discuss several Python libraries that can be used to script out various OSINT tasks. We will discuss how to use the Google Custom Search API to get what amounts to an API for Google searches, as well as using BeautifulSoup to parse results, the NLTK or Google Cloud Language API to do sentiment analysis, and a few other libraries that can help speed up...
Read More
Emily Chance is a consultant in the Los Angeles area. She provides OSINT services to small and medium businesses and private clients for the purpose of doing risk and security...
Are we in the cloud yet? Yes. It's not raining yet, but it will soon. In recent years, Fortune 500 organizations have suffered breaches and leaked data making the cloud scary. If you've got the big bucks, you can get fancy toys with pretty dashboards to protect your cloud, but what about the rest of us on the dollar menu budget? How do we protect our cloud? This talk will focus on basic AWS cloud security methodologies, benchmarks, and using free/cheap tools to blue-ify your cloud.
Michael Wylie, MBA, CISSP is the Director of Cybersecurity Services at Richey Richey May Technology Solutions. In his role, Michael is responsible for delivering information assurance by means of vulnerability...
Arnel Manalo is a Cybersecurity Architect at Richey May Technology Solutions. Arnel has more than nine years of experience in the information technology and cybersecurity industry, with an emphasis on...
Python is a fantastic programming language that is extensively used in many domains and widely used in the cybersecurity/infosec industry. A good grasp of Python will help automate numerous tasks and open up the use of libraries that in some cases are easier to use than the bash variant. E.g. Python HTTP requests vs curl.
In this interactive talk we will be walking through the Python language by building a tool similar to a pared down version of BruteSpray in 50 minutes. BruteSpray was chosen because it's a tool that is now included in Kali by default and is a...
Read More
Ravin Kumar is a Data Scientist by day and a hacker enthusiast at night. He has been involved in security circles for over a decade now and is a keyholder...
Learn what it takes to create a basic blockchain, explore ways to break it, and look at some attacks on production blockchains and smart contracts. This talk will demonstrate the properties and source code of a basic blockchain in Python. Theoretical weaknesses and potential attacks are discussed, then implemented and executed. With this foundation in place, we will look at various attacks in the wild on production blockchains and their machinery, such as smart contracts. Finally, we'll discuss some best practices and mitigations for your own blockchain projects.
Merlin is a software and systems wizard with a penchant for cryptography and security who loves to share knowledge and ideas with anyone who will listen. Professionally, Merlin is currently...
Being able to comprehend causal relationships between sources of user input and their corresponding output is a distinguishing characteristic that separates the master web hacker from the novice script kiddy. The better a tester can grasp these relationships, the faster they can abuse lapses in input sanitization, identify dangerous programming patterns, and understand the overall attack surface of the application.
However, enumerating these relationships is difficult and time intensive to do by hand, especially with JavaScript-heavy apps. Security scanning tools have tried to automate this procedure, but they face several problems in modern web applications:
To solve these problems, we...
Read More
Jake Heath is a penetration tester with NCC Group. Jake performs web application and network penetration tests as well as various types of hardware engagements, including hardware teardowns, physical threat...
Michael Roberts is a penetration tester with NCC Group. Michael performs web, mobile application and network penetration tests, and has a passion for virtual reality and machine learning outside of...
While there are many ways to solidify a role in the community, without a doubt Capture the Flag competitions occupy a critical position in hacker culture. With a combination of technical challenge and raw puzzle solving skill, CTF events provide an opportunity for individuals to simultaneously learn and compete with one another.
The purpose of this talk is to provide attendees with a general overview of the challenge creation process for CTFs, in order to enable their participation in this sort of event from the position of a designer/organizer rather than a competitor. Alternatively, for competitors this talk may improve...
Read More
With organizational success comes the exciting period of ever-increasing scale and scope. This talk will cover some of the past and current efforts that Eric personally took on while creating and scaling the application security program at Hulu. A retrospective look will be taken at the focus points, tradeoffs and decisions made by the application security team while keeping up with the growth and continued success of Hulu.
Eric is an information security leader currently specializing in application security. He leads the application security program at Hulu as the manager of application security in Santa Monica. Throughout his...
Facial recognition and biometric data systems are being integrated worldwide on a massive scale. While these existing systems are only operated by a relative few, the technologies which form these systems are widely available, and even open-source. Utilizing machine learning, facial recognition, data crawling, and modern database management, this same style of surveillance system can be integrated by practically anyone.
Writer of hacking tutorials with an interest in surveillance, countersurveillance, and making memes with machine learning.