Kevin JohnsonOpening Keynote
More info TBA
Chris BissellДоверяй, но проверяй -Trust but Verify
In this day and age you can’t trust everyone. The one person you do want to be able to trust is the person you are sharing your life with. It’s not like the old days where the only way people could “chat” was through a phone call. There is texting on cell phones, through Facebook and about 12 other different social sites. There are sites made for just being friends and many for being “friends”. Well, we are hackers. We are paranoid and curious by nature. So I had a feeling something was going on with my ex-wife. Damn me, I’m good at digging and Googling. With some free tools and the ability to guess passwords, I learned all of my ex-wives current dirty and past dirty secrets. So do you trust your girlfriend or boyfriend?
Did I mention I even took a forensic approach to her smartphone?
Matthew ‘mandat0ry’ BryantHacking Giveaways, Contests, and Polls for Fun and Profit!
A presentation on how hackers can abuse giveaways for free stuff and how online polls/contests can be very easily rigged.
Matt ‘The Streaker’ JohnsonShattering the Glass: Crafting Post Exploitation Tools with PowerShell
ou have achieved your first goal. Shell on a Windows machine. Good. Now the real work is about to start. Where do you go from here? Time to see where we can go and what we can do. PowerShell should be your first place to go. Now included on every Windows machine in the environment this is now the perfect tool for post exploitation. In this talk I will discuss how you can easily use PowerShell to craft tools as part of your post exploitation process that can be reused everywhere with ease. From simple enumeration to data ex-filtration and command and control this talk will dive deep into PowerShell and have you leaving a better infosec pro.
Includes live demos
Mike KempSecurity Counterknowledge
You are all doing it wrong.
This efficacious talk will examine why you are all doing it wrong, explode a few myths, and ensure that the speaker pretty much alienates the entire security industry. Also I will point out why the Manson family were a shining corporate example, and show off some new shiny toys.
– Guaranteed to be entertaining
Aditya Gupta and Subho HalderThe Droid Exploitation Saga – All Over Again!
A lot has already been talked about Android malwares, botnets, fake legitimate applications and what not in android. In this presentation, we would uncover new attack methodologies on Android platform. We would also be talking about Android Framework for Exploitation, a framework (completely open-source) which we have developed and released few months back, and which has got an amazing response from the security community. We will talk about how to find vulnerabilities in Android applications, the hackers way. Also, we would show a demo on how to do mass vulnerability hunting in Android applications, using the framework, with a new feature which will be released in Grrcon. Also, we will be discussing security risks associate with BYOD in enterprises. At the end, we would be talking about how to find new vulnerabilities in Android platform (not apps), and a brief overview on how to quickly do ARM based exploitation on Android. It will be a tight presentation, both with demos as well as the concepts underlying it.
Includes live demos as well as a new tool release, and disclosing of vulnerabilities in 3 popular Android applications
Tom Richards and Justin HohnerDefensive OSINT: Getting Pwnd is Personal.
OSINT has been discussed in terms of offensive security but rarely of defensive. We will cover the basics of OSINT and discuss advanced tactics to keep up to date on the threats that are specific and relevant to you. We will include an approach that can be employed so defenders can create their own OSINT system to monitor for events that may affect their business or customers.
More Info Available Soon
More info TBA
Joel CardellaBOHICA – Your users, your problem – How to get them to really understand why security is important
This presentation seeks to give tools and techniques to help techs and managers teach users about security awareness. This can be either through an organized program or can be through ad-hoc interactions. Deliverables will be:
Yaniv Miron aka Lament MCFuck 0-days, We Will Pwn U with Hardware Mofos
We gives you the ultimate hardware hacking kit.
Wanna pwn some banks? Wanna own big companies? You need some boost up.
We will show you that your current set of tools is not enough. You need to have some help from hardware, like 007.
We have bundled a set of hardware hacking tools that will assist you.
For example we will show you how to bypass typical corporate Windows 7 machines with Bitlocker encryption enabled, dump and extract goodies from memory, long range RFID tricks to copy ur CEOs proxcard, using hardware screenloggers (not the old crappy keyloggers – cuz everybody knows them and it’s lame) and more.
You have to be there – cuz we rock.
Includes 5 live demos of cool hardware equipment
Chris RobertsThe Evolution of Hacking….
More info TBA
James PalazzoloThree Rivers
An interactive presentation discussion between speaker and audience with regards to architectural gaps in cyber intelligence.
Jack CrookForenics Challenge
You spent the last 2 tireless days working your way through the GrrCON DFIR challenge. You have that 100 meter stare because of the battle you have just been through. You ask yourself… What more could I have done? Was there anything that I missed? You then go back and recheck your analysis to make sure you have it right.
In this presentation I will walk through the challenge I created using the tools provided. As I go through the challenge I will answer those questions that were asked. Even if you did not participate in the challenge you will still benefit from attending this talk as I try to make all my challenges as realistic as possible. The methods used to solve this challenge can be the same methods used to respond to real world intrusions.
NinjaSl0thHack the Youth/Generations
In this presentation, I will address key cocepts to dealing with the upcoming generations. With technology becoming more available, schools setting up security programs, and places getting hacked, the upcoming generations are becoming involved more than they ever have. It is important that both security professionals and students know what they are getting into, and how to do safely.
Rockie BrockwayBusiness Adaptation or: How I Learned to Stop Worrying and Love the Internet’s Unclean Conflicts
The U.S’s last official declaration of war was signed in 1942, yet we have heavily invested ourselves in many major conflicts since, from Korea and Vietnam to Grenada and Somalia to Afghanistan and Iraq. Most of these “unclean conflicts” have suffered significantly in many ways, from popularity and political capital issues to loss of clout and global leadership. Following the breakup of the USSR, our technological innovations and superiority have bred a culture that scoffs and the thought of anyone seriously engaging our country in open, clean conflict. This mentality, to a very high degree, has filtered itself into the DNA of our industrial and corporate business infrastructure, defining how we expect the rest of the world to act and conduct business.This mindset filtered down into our Business DNA, and our innovative corporations that were and are pivotal in building up our national economy began thinking the same way. We are now finding ourselves lashing out with legislation in vain attempts to enforce levels of security controls to protect our national infrastructure. Which will most likely lead to attempts to enforce levels of controls over manufacturing, science, research, medical and other verticals.
Will any of these succeed? It is too early to tell. But the simple fact is this. If you get to the point where a problem becomes so big that you need to try to legislate it in order to protect the economy and nation as a whole, you have completely missed what was wrong to begin with. The internet is finally showing us what it can really do, and what that is, we as a nation, and therefore our dominant and innovative business leaders, are completely unprepared for. For the rest of the world, there is absolutely zero need for any semblance of any official clean conflicts, when the internet makes it so easy to conceal outright theft of data, be it millions of credit card numbers and passwords for profit or the theft of industrial intellectual property from a government contractor that thereby cuts a foreign adversary’s developmental gap for sophisticated weaponry by years. So, as a country that from high levels views things in black and white, yet has significant expertise in the unclean conflict, why are we losing this new unclean conflict, and how can we and our business strategies adapt accordingly?
Isaac JonesNetwork Security For Fun and Profit, Is Dead
It seems that every year in the field of network security, the year ahead is considered to be “Different” or important, but for all the wrong reasons. If 2012 is to be remembered for anything in security, it should be remembered as the year we realized that network security, as currently practiced by many organizations, is losing. This presentation will explore how we, as an industry have devolved into a “script kiddie” defense, the disciplines that are required to defend and respond to a network, various foolishness that businesses do in trying to defend their assets, and an exploration of the idea that “security” is now, the utterly wrong word for what we do. In addition, i’ll probably bag on boxes with shiny fronts and nice lights as well.
Philip PolstraPwnage from the Skies!
This presentation will introduce the AirDeck which is the latest extension to The Deck penetration testing and forensics program. The Deck made its US debut at GrrCON 2012. The Deck is a complete penetration testing and forensics Linux distribution that runs on the BeagleBoard family of small computer systems. Since its debut several modules have been released for The Deck. The 4Deck module provides USB write blocking for forensics work. The MeshDeck module allows an army of devices running The Deck and connected by 802.15.4 Xbee and/or Zigbee mesh networking to perform coordinated attacks from distances of up to a mile. The AirDeck represents the next evolutionary step to The Deck. The AirDeck is a flying wing which runs The Deck. The AirDeck is capable of vertical takeoffs and landings and can also be flown as an airplane. This allows a penetration tester to literally fly an attack device to the target organization and land somewhere where the device will go unnoticed (such as a roof). Full specifications and code for the AirDeck and other modules will be provided.
This will be the worldwide debut of the AirDeck platform.
David ‘HealWHans’ SchwartzbergZeus C&C for Tech Support
Inspired by Adam Johnson’s presentation at GrrCON 2011 titled “ZeuS – Inside Command and Control” on how to build a ZeuS bot Exploit Kit Command & Control. I thought it would be fun to use this newly gained knowledge to build a C&C in an effort to provide tech support for my family members. Have you been in that situation where everyone you know comes to you with their computer problems? Just because you have a knack for technology, people you know seem to think that you enjoy fixing all their problems, most self-inflicted. Welp, here’s your chance to help them and have some real fun. This mostly hand’s on demonstration will walk through setting up your very own C&C and configuring the basic settings to get you started. When ready to rock, you will learn how to fun while fixing their problems. Live malware will be used during this presentation so make sure you turn off your WiFi.
Includes live demos installing Zeus and it’s dependancies on BackTrack 5 R3. Showing how to manage a remote device with Zeus
Alexander MuentzAre your security devices secure? Are they defensible?
Physical security devices (IP cameras, DVRs and access control devices are often attached to the same networks we’re trying to defend. Are they vulnerable themselves?
Is the evidence obtained and stored defensible in court?
In evaluating these devices for some of our clients, I noticed that simple things, like network security and forensically sound collection and storage were afterthoughts at best.
Many of these devices can be compromised, allowing an attacker to permanently disable the device, destroy evidence or use the device to attack other hosts on the network.
I plan to show vulnerabilities on a few devices we’ve evaluated, how to mitigate the risks and a few lessons to manufacturers on how to generate admissible evidence.
Thomas RichardsDancin’ With Dalvik
So you’ve reversed you’re first Android APK; now what? Java pseduocode is nice, but how do we modify the app? This is a crash course in reading and understanding Davlik opcodes. It will go through some basics then we will jump into a couple case studies to demonstrate some of the concepts. This talk should help testers who are interested in or do Android application assessments to better understand how to mess with the underlying code.
J Wolfgang GoerlichBeautiful Models
We need beautiful models. Models attract and hold your attention. They excite you. They prompt action. And action, excitement, and focus is exactly what is needed to defend IT. By models, of course, we mean threat models. Intricate and beautiful, a good threat model tells a story. It indicates what we are protecting and where the attacks may come from. Done right, modelling highlights both the strengths and weaknesses of our IT. It becomes a means for strengthening and focusing our efforts. We need beautiful models to see what is and what could be.
This session will explore threat modeling as part of the secure development lifecycle. A case study will be presented. The stories are real and only the names have been changed to protect the innocent. Beautiful Models answers the question: what is it that makes a threat model beautiful and actionable?
More Info TBA
Scott ‘ secureholio’ Thomas50 Shades of Purple(teaming): Getting penetration testing into a conservative company
Getting paid to hack sounds pretty cool right? Unfortunately not all of us are cut out for the red team. We may not be happy being only blue team though. So maybe “Purple-team”?
For those of us feeling like we’re choking to death on ITIL stimulated change aversion, how can we show the value of a little corporate hacking or “Penetration Testing” outside of the compliance checkbox? This talk is one security professional’s journey of working in an environment where the sysadmin XKCD comic is all too true. Companies want availability and cringe at the thought of the security team hacking their systems, but want the same team to prevent the “bad guys” from doing it. Maybe they’re scared the security professional could succeed or just want to ignore the obvious. If you want to “Turn the Titanic” from this mindset, you’ll need a little bit of knowledge, a little social engineering, and of course, a little bit of help.
Kellman MeghuWeaponized Security
Imagine having access to an amazing technology, that makes searching patterns of data in the network very simple. Then imagine implementing that technology on an open wifi and seeing what you find. This talk discusses how a tool to secure people can be turned against them, and the results of random people, leaking data about their computers, and themselves. PLEASE NOTE: This presentation contains content from a free wifi connection that the users did agree to full release of information in exchange for service, in so much as they clicked accept on a captive portal to get online. You can’t say we didn’t try to warn them. The data extracted from this network in no way reflects the thoughts, feelings or attitudes of the presenter, and some of it may be offensive in nature. Who knows, maybe you are even in this presentation yourself, have you ever used ‘free’ wifi?
More info TBA
atlas 0f d00mTBA
More info TBA
*Presentations are subject to change at anytime.