| 08:30 | Opening Ceremonies |
|
| 09:00 |
Graeber
|
Subverting Trust in Windows - A Case Study of the "How" and "Why" of Engaging in Security Research |
| 10:00 |
Strand
|
I had my mom break into a prison, then we had pie. |
| 12:00 |
Hadnagy
|
So you want to be a Social Engineer |
Skoudis
|
Further Adventures in Smart Home Automation: Honey, Please Don’t Burn Down Your Office |
|
Potter
|
When to Test, and How to Test It |
|
Schwartau
|
How to Measure Your Security: Holding Security Vendors Accountable |
|
Hogan
|
Eye on the Prize |
|
| 12:30 |
Leary
|
Building Better Backdoors with WMI |
| 13:00 |
Robbins,
Schroeder,
Vazarkar
|
Here Be Dragons: The Unexplored Land of Active Directory ACLs |
Rickard
|
Securing Windows with Group Policy |
|
Cook,
Steele
|
A New Take at Payload Generation: Empty-Nest |
|
Compton,
Harsbarger
|
How we accidentally created our own RAT/C2/Distributed Computing Network |
|
Leary,
Sutherland
|
Beyond xp_cmdshell |
|
| 13:30 |
Limbago
|
Bots, Trolls, and Warriors |
| 14:00 |
Cramb,
Schwartz
|
TBD |
Holmes
|
Defending against PowerShell Attacks |
|
Smith,
Spelman
|
VMware Escapology: How to Houdini The Hypervisor |
|
M
|
Active Defense for web apps |
|
| 14:30 |
Russell
|
Building Google for Criminal Enterprises |
| 15:00 |
Bohannon
|
Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@('Tech','niques') -Join'') |
Banks,
Bullock,
Fehrman
|
CredDefense Toolkit |
|
Cook,
Lee,
Maloney,
McIntyre
|
3rd Annual Metasploit Townhall |
|
Heiland
|
IoT Security – Executing an Effective Security Testing Process |
|
Kilimnik
|
V!4GR4: Cyber-Crime, Enlarged |
|
| 16:00 |
Cobb
|
PSAmsi - An offensive PowerShell module for interacting with the Anti-Malware Scan Interface in Windows 10 |
Payne
|
Steel Sharpens Steel: Using Red Teams to improve Blue Teams |
|
Atkinson,
Winchester
|
Purpose Driven Hunt: What do I do with all this data? |
|
Brumaghin,
Grady
|
Fileless Malware - The New “Cyber” |
|
Gardner
|
The skills gap: how can we fix it? |
|
| 16:30 |
Sampson
|
Extending Burp |
| 17:00 |
Christensen,
Nelson,
Schroeder
|
An ACE in the Hole: Stealthy Host Persistence via Security Descriptors |
Conrad
|
Introducing DeepBlueCLI v2, now available in PowerShell and Python |
|
Donoso
|
DanderSpritz: How the Equation Group's 2013 tools pwn in 2017 |
|
Velazco
|
Hunting Lateral Movement for Fun and Profit |
|
Smith
|
Shellcode Via VBScript/JScript Implications |
|
| 17:30 |
Brown
|
Retail Store/POS Penetration Testing |
| 18:00 |
DeMott
|
War Stories on Embedded Security: Pentesting, IoT, Building Managers, and how to do Better |
Brockway,
Leapline
|
Run your security program like a boss / practical governance advice |
|
Swann
|
Defending the Cloud: Lessons from Intrusion Detection in SharePoint Online |
|
Dorsey
|
(Mostly) Free Defenses Against the Phishing Kill Chain |
|
Mattingly
|
Improv Comedy as a Social Engineering Tool |
|
| 18:30 |
Evil_Mog,
Renderman
|
How to safely conduct shenanigans |
| 19:00 |
Grange
|
Digital Vengeance: Exploiting the Most Notorious C&C Toolkits |
Forshaw
|
The .NET Inter-Operability Operation |
|
| 19:30 |
Blanchard
|
A presentation or presentations because... |
| 09:00 |
Hennigan,
Shaver
|
Return From The Underworld - The Future Of Red Team Kerberos |
Holland
|
JReFrameworker: One Year Later |
|
Hudak
|
To Catch a Spy |
|
Simmons
|
Advanced Threat Hunting |
|
Maresca
|
Personalities disorders in the infosec community |
|
| 09:30 |
Morrow
|
Purple team FAIL! |
| 10:00 |
Rosini
|
Memory-Based Library Loading: Someone Did That Already. |
Brown
|
Hidden Treasure: Detecting Intrusions with ETW |
|
Douglas
|
Rapid Incident Response with PowerShell |
|
Soto,
Zadeh
|
CHIRON - Home based ML IDS |
|
Elkins
|
Architecture at Scale – Save time. Reduce spend. Increase security. |
|
| 10:30 |
Herman
|
Building a full size CNC for under $500 |
| 12:00 |
Salvati
|
Building the DeathStar: getting Domain Admin with a push of a button (a.k.a. how I almost automated myself out of a job) |
Nolette
|
How to Hunt for Lateral Movement on Your Network |
|
McDown
|
Windows Rootkit Development: Python prototyping to kernel level C2 |
|
McCammon,
Smith
|
Blue Team Keeping Tempo with Offense |
|
McIntyre
|
Python Static Analysis |
|
| 12:30 |
Echavarria,
Switzer
|
The Trap House |
| 13:00 |
Lang
|
Modern Evasion Techniques |
Long
|
Kali Linux? |
|
Serper
|
Peekaboo! I Own You. Owning Hundreds of Thousands Vulnerable Devices with only two HTTP packets |
|
Verrette
|
Data Mining Wireless Survey Data with ELK |
|
Desimone
|
Hunting for Memory-Resident Malware |
|
| 13:30 |
Wilson
|
C2 Channels - Creative Evasion |
| 14:00 |
Lafferty
|
FM, and Bluetooth, and Wifi... Oh My! |
Roberts,
White
|
Common Assessment Mistakes Pen Testers and Clients Should Avoid |
|
Tomes
|
Burping for Joy and Financial Gain |
|
Finisterre
|
How to KickStart a Drone JailBreaking Scene |
|
Gennuso
|
Reaching Across the Isle: Improving Security Through Partnership |
|
| 14:30 |
Lsly
|
Out With the Old, In With the GNU |
| 15:00 |
Ten
|
Detect Me If You Can |
Asadoorian
|
Everything I Need To Know About Security I Learned From Watching Kung Fu Movies |
|
Maddalena
|
POP POP RETN ; An Introduction to Writing Win32 Shellcode |
|
Clements,
McMurry,
Neely
|
Web Application testing - approach and cheating to win |
|
Hastings,
Hull
|
Tracing Adversaries: Detecting Attacks with ETW |
|
| 15:30 |
Carr,
Metcalf
|
The Current State of Security, an Improv-spection |
| 16:00 |
,
int0x80
|
Full-Contact Recon |
Bohannon,
Holmes
|
Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science |
|
Nitterauer
|
What A Long Strange Trip It’s Been |
|
Loveless
|
When IoT Research Matters |
|
Perry
|
I Survived Ransomware . . . TWICE |
|
| 16:30 |
Collins
|
Drone Delivered Attack Platform (DDAP) |
| 17:00 |
Nelson
|
Not a Security Boundary: Bypassing User Account Control |
Wright
|
Reverse Engineering Hardware via the HRES |
|
Petersen,
Thyer
|
Game On! Using Red Team to Rapidly Evolve Your Defenses |
|
Saunders
|
I want my EIP |
|
Flossman
|
Mobile APTs: A look at nation-state attacks and techniques |
|
| 17:30 |
George
|
MacOS host monitoring - the open source way |
| 18:00 |
Hilt,
Remorin
|
Victim Machine has joined #general: Using Third Party APIs as C&C Infrastructure. |
Corman,
MD,
MS,
Woods
|
Anatomy of a Medical Device Hack- Doctors vs. Hackers in a Clinical Simulation Cage Match |
|
Nyxgeek
|
Statistics on 100 million secrets: A look at recent password dumps |
|
| 18:30 |
Coble
|
Hacking VDI, Recon and Attack Methods |
| 19:00 |
McRee
|
DFIR Redefined |
| 10:00 |
Toterhi
|
Aiding Static Analysis: Discovering Vulnerabilities in Binary Targets through Knowledge Graph Inferences |
Stone
|
IDAPython: The Wonder Woman of Embedded Device Reversing |
|
Guagenti,
Swan
|
Windows Event Logs -- Zero 2 Hero |
|
Gough
|
EDR, ETDR, Next Gen AV is all the rage, so why am I enraged? |
|
Reid
|
Introducing SpyDir - a BurpSuite Extension |
|
| 10:30 |
Norris
|
Phishing for You and Your Grandma! |
| 11:00 |
Bisnett,
Hanslovan
|
Evading Autoruns |
Koopmann
|
Love is in the Air - DFIR and IDS for WiFi Networks |
|
Marszalik,
Wrzesniak
|
Gone In 59 Seconds - High Speed Backdoor Injection via Bootable USB |
|
Wilhoit
|
Kinetic to Digital: Terrorism in the Digital Age |
|
Scheurer
|
Regular Expressions (Regex) Overview |
|
| 11:30 |
Broche,
Johnson
|
Securing Your Network |
| 12:00 |
Gruber,
Lux
|
MitM Digital Subscriber Lines |
Siegmann
|
Going Deep and Empowering Users - PCAP Utilities and Combating Phishing in a new way |
|
Darracott,
Eidelberg
|
SniffAir – An Open-Source Framework for Wireless Security Assessments |
|
Hnatiw
|
Hacking Blockchains |
|
Toterhi
|
Diary of a Security Noob |
|
| 12:30 |
McBee,
McCutchan
|
Spy vs. Spy - Tip from the trenches for red and blue teams |
| 13:00 |
Dunlap
|
Jumping the Fence: Comparison and Improvements for Existing Jump Oriented Programming Tools |
Sanders
|
We're going on a Threat Hunt, Gonna find a bad-guy. |
|
Oney,
Robinson
|
Become the Puppet Master - the battle of cognition between man and machine |
|
MalcomVetter
|
Winning (and Quitting) the Privacy Game: What it REALLY takes to have True Privacy in the 21st Century; or How I learned to give in and embrace EXIF tags |
|
Grace
|
changeme: A better tool for hunting default creds |
|
| 14:30 | Closing Ceremony |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.