Month: October 2017
Bring your appetites to ShellCon this Thursday! We will have Mediterranean lunch for registered attendees at 12:30. Vegetarian options are available.
Here at ShellCon, we like food. Especially cake and ice cream.
Come join us at 3:50PM for ice cream, cup cakes, and talking to people about how good the ice cream and cupcakes are.
Did we mention we have a bonfire with pizza this year at ShellCon? That’s right, our after-party “Firetalks” are actually around a fire, on the beach!
Join us post-con at the Dockweiler RV park for pizza, soda/water and good times. No official talks or presentations are scheduled, but bring a beach chair, an appetite and a blanket (it can get cold at night) and enjoy the fireside conversations with your fellow attendees.
See the map below! Please note it will be dark by 8PM, and you will need to follow the LED lit path we will provide (outlined in red).
Cristina Olsen will present this micro workshop at 1600 – 1800 in the Hacker Village
Have you ever wanted to take apart android malware for yourself, or even just see what the inside of an APK looks like? In this workshop we will cover Android system concepts, compare uncompiled code with compiled and reversed code, and take apart an application using freely available tools. You’ll learn how to get the application off your phone, how to unpack an apk, decompile and interpret automatically reversed java code, and more.
A laptop is required.
Dan Crowley will be presenting this micro workshop at 1330 – 1530 in the Hacker Village!
Crypto bugs in 2017 are like SQL injection bugs in the 90s: They’re everywhere (even in the products of the biggest names in tech!), and they’re trivial to exploit given a little bit of know-how and the right tools. FeatherDuster is a tool meant to make breaking crypto easier and faster for noobs and experts alike. Come along and learn to brush away magical crypto fairy dust with FeatherDuster!
Participants should have FeatherDuster (https://github.com/nccgroup/featherduster) and socat installed, and will benefit from having a working knowledge of Python. A laptop is required.
Emily is a consultant with moderately good OSINT skills and incredibly poor bio-writing skills. When not staring at text boxes wondering what to write, she watches horror movies or musicals with her dog and attempts to find more ways to automate her job.
As the Lead Red Team Engineer at Palo Alto Networks, Prajakta Jagdale (PJ) is an information security expert who is focused on ensuring the security of the company’s infrastructure. Her red teaming success can be attributed to the 7+ years she spent as an application security researcher at Hewlett-Packard. During this period, her research on vulnerabilities in web technologies like JAVA, SQL, Flash, HTML5 and others contributed towards a software product designed to mimic a human hacker. Then, as a product security architect at Intuit, she spent her time identifying and demonstrating, to architects and engineers, the exploitable security flaws in designs of complex, large-scale network and software infrastructures responsible for delivering financial, accounting and tax preparation services. Over the years, Prajakta has had the opportunity to present her work at several security conferences including Black Hat Federal, RSA Europe, Shmoocon, InfoSec World and others.
Ben is a Technical Account Manager at HackerOne, the #1 most popular bug bounty platform, by day and a hacker by night. Prior to joining HackerOne he has helped identify and exploit over 500 security vulnerabilities across 100s of web and mobile applications for companies such as Yahoo, Airbnb, Snapchat, The US Department of Defense, Yelp, Github, and more. He also invested time in the security community by creating a community of 200+ active hackers who share ideas and their experience. He has also held a few free workshops to provide tips and teach others about security and web application hacking.
Cara has been traveling the world breaking networks, applications, and protocols professionally for over 5 years. Currently, she is a Security Engineer at Datadog working on building out their offensive security. When she isn’t breaking networks, building bombs (https://bomb.codes), or giving talks (Blackhat, InfoSeCon, ZonCon), she can be found baking ugly pies and killing zombies.
Andy Cooper is a pentesting consultant turned blue team try-hard. Currently he works for Datadog as a Security Engineer working with AWS security primarily. If he isn’t working he is often found in his Dallas home electrocuting himself on accident or building cool things with high voltage.