All times are in Pacific Daylight Time (UTC-0700).
Artificial intelligence and machine learning are the new buzzwords in the industry. At present days, it has been widely used for analytics purposes and defensive mechanisms like detecting anomalies, raising alerts, etc. But what people are not aware of is its huge potential to be used as an offensive mechanism and another weapon in the toolkit of pentesters and red teams. In fact, proper implementation of such techniques can even eliminate the need for having red teams. Using AI, one can replace the need of human beings and can trigger attacks in a fully automated manner. Although it sounds a little futuristic, the truth is it is possible to build an AI BOT army as penetration testers to trigger comprehensive offensive attacks.
This talk is about how to apply various techniques of AI/ML into advanced cybersecurity use cases.
Here we will talk about various categories of use cases:
Tamaghna Basu, CEO of DeTaSECURE, a research-oriented company to bring innovation into cybersecurity. He is an international speaker, mentor, advisor with almost two decades of experience. He is an expert in AI/ML, product security, OSINT, cyber warfare etc. with certifications like OSCP, GCIH, RHCE, CEH, ECSA etc.Read More
This talk will highlight areas within the MacOS ecosystem where system management policies are blatantly not enforced, and in at least 1 case, where MacOS actually ships with the tools necessary to bypass its own policies when applied in a security context. This talk will also cover Apple’s response, or lack thereof, to disclosure of these vulnerabilities, and how the implications of their response may highlight that MDM is wholesale not supported as a security apparatus within the entire Apple ecosystem.Read More
Ever wanted to take your findings from some of your favorite tools, and add an autopwn component using Metasploit, all in code? Well now you can! With the unveiling of go-msf-rpc, your go program can now interact with Metasploit to automatically drive your finding to a shell.Read More
FPrime is an AppSec engineer and Penetration Tester in the LA area. When he’s not programming new tooling, he’ll be thinking about programming, ga(y)ming, or chatting with folks on Discord.Read More
For the better part of the last 30 years, the mass scale hack problem hasn’t been solved. Even entities with almost unlimited cybersec budgets like large companies & governments get hacked. It seems that stacking products and people doesn’t quite make the cut. So maybe it’s time to propose another path: free, collaborative security empowered by the power of the crowd. By leveraging a huge interception network, IPs used by malevolent actors can quickly be spotted and blocked before they even attack you.
We have produced a free (as in speech), open source tool that does just that by extracting unwanted behavior from logs, blocking the attacks, and sharing their metadata with all other users (after curation).
We see this as a form of Internet Neighborhood Watch system that should allow us to establish a Digital Herd Immunity - made by the community and for the community.Read More
Klaus Agnoletti started in infosec in 2004. As a long time active member of the infosec community in Copenhagen, Denmark he co-founded BSides København in 2019.
Currently a community manager in CrowdSec one of his current roles is to spread the word. ShellCon is a great place for that!Read More
How do you talk security to leadership? How do you convince leadership to dedicate resources to fix issues found by your security capabilities? Do you have an answer when your CEO or CTO asks you what risks exist in a particular Business Unit or Product within the company?
Over the past year, we have been working on ways to create meaningful metrics at scale within Twilio and use them to drive change. In this presentation we will talk about motivations, challenges and how we built automated near - real time metrics that helped us use a data driven approach to working with engineering teams to move the needle forward on Twilio’s security posture.Read More
Yash oversees the Product Security Org at Twilio Inc. Prior to Twilio he was working to help secure Box. He has been working in security for almost a decade, working in a variety of roles ranging from consulting to enterprise product security teams.Read More
In this talk, we’ll walk through a complete Bluetooth Low Energy security assessment by focusing our attention on a single device – from start to finish. Along the way, we’re going to discuss how to select interesting targets, how to spot vulnerabilities, and some reporting practices that might make your life a little easier. We’ll also cover basic tooling and implementation strategies, and I’ll share a few insights about building skillsets and how to approach your first BLE client engagement.Read More
This talk will dive into WMI/MI and what it can do for both administrators and adversaries. We will cover the history of WMI/MI, how it works, how it is used normally, and how it can be used maliciously and finally how to spot misuse. Real world scenarios will be discussed along with more theoretical capabilities of WMI/MI misuse. We will be discussing modern (last 6 months) techniques that are being seen in the wild utilizing WMI and the challenges faced by defenders to identify these techniques. Since many tools do not fully detect these WMI events it can be difficult for administrators and incident responders to clearly and easily contain WMI worms or malicious activity.Read More
Wasabi is a security researcher who dabbles in the arts of system administration. He participated in CCDC, CPTC, and many CTFs as a competitor before starting to help organize cyber defense competitions himself. He is now the Black Team lead for WRCCDC.Read More
Swift is a great language for offensive tooling due to ease of development compared to lower level languages (Objective-C/C/C++), while still having the flexibility to utilize said lower level languages when the job requires it.
In this talk, I’ll go into the research, development, and usage of a new Swift implant, Hermes, that can be used in modern red teaming operations. Hermes hooks into Cody Thomas’ Mythic framework, which serves as the controller.
I will dive into the various functionality implemented within Hermes that allows for secure communications, reconnaissance, code execution, data exfiltration, and extensibility with existing offensive tooling. Lastly, I will cover defensive considerations for different TTPs implemented within Hermes. Following this talk, Hermes will be open-sourced for security professionals to test and validate detections within macOS environments.Read More
Justin Bui is a red teamer at Zoom and was previously a red team consultant at SpecterOps. He is passionate about all things security and helping organizations improve their security posture. Justin enjoys writing code and developing offensive tools, particularly around Windows/macOS post-exploitation.Read More
In late Summer 2020, leveraging the threat hunting methodology developed at Verizon Media, the Paranoids FIRE team identified a novel piece of macOS malware that would later be dubbed Silver Sparrow. In this session we’ll talk about a key TTP leveraged by the malware authors. We’ll show how it was found, and how it was used to create new detections to monitor Silver Sparrow activity. Finally, we’ll show how based on telemetry collected by the Paranoids, the infection count estimates originally published by news organizations were inaccurate: roughly 3,000 infected machines instead of about 30,000.Read More
Plug started his journey in computer security back in 1996 when he discovered a 2600 magazine that eventually lead him to his first LA2600 meeting in 1998. He is a Sr. member of the Defcon Blue Team Village and currently leads the Threat Hunting Program at a Fortune 20 organization.Read More
With the advent of detections for PowerShell and script-based attacks, threat actors have shifted to .NET as a preferred method to perform post-exploitation tradecraft. As .NET framework is available by default on all Windows-based environments, the success rate of executing .NET assemblies is very high. .NET allows to interact with the Win32 APIs which are abused by attackers in various ways such as load assemblies directly into memory and inject into processes using a ton of process injection techniques. However, EDR vendors have upped their game to look or hook into how the unmanaged code is invoked from managed code. An attacker may get caught upon execution of suspicious Win32 APIs. Hence in this talk, we will explore tradecraft that would help evade detections that depend on such mechanisms.Read More
An Offensive Security Specialist currently focusing on performing Adversary Simulations and Purple team assessments. He has previously spoken at HITB - Abu Dhabi in 2019 and is also an active member presenting at NullDubai. He has also discovered multiple vulnerabilities on products such as Oracle, Netgear, EdgeCore, and Pulse Secure.Read More
Abhineeti Singh is a security researcher working with one of the leading security companies in UAE. Her expertise lies in application security, software development & source code reviews.
She is acknowledged by Oracle, Microsoft, Intel, Honeywell, Shopclues, Netherlands CERT etc. for reporting security vulnerabilities in their applications.Read More
Ransomware seems to be the talk of the town. High profile targets such as the Colonial Pipeline and Kia Motors seem to make the news just about every month. Given that such large companies, with equally large pools of resources, are falling victim… just how are cities and local governments managing? In this talk we will explore just how public sector is holding up against the ever-growing threat of ransomware by dissecting some attacks I have responded to in my years of working in cybersecurity for local government and exactly how local governments are responding (or failing to respond) to such attacks.Read More
Bluescreenofwin is a Windows System Administrator and Windows hacker. He has worked 12+ years in IT for three different Cities. He is currently employed as a Infrastructure & Security Analyst. He brews copious amounts of delicious beer for fun. He also assists in running the operations team for WRCCDC.Read More
Practical VLANning 101. An introduction to VLANs and how they can help improve a small business network. VLANs can help provide a basic foundation to improve upon by providing an easy means to control traffic and manage bandwidth.Read More
Stuart has a diverse background in IT. He started with an ISP, and moved on to a network security firm before starting a consulting firm specializing in network implementation strategies for growing businesses.
Stuart enjoys rebuilding cars, traveling overseas, and can be found playing the tuba in a local orchestra.Read More
In this presentation, we’ll share the basics of dev-focused tools and tech, and their security implications. You may never have to create a CI/CD pipeline or serverless function, but we’ll help you understand what it is, how it’s used in the real world, and how it can be compromised. So many buzzwords, so little time!Read More
Cassandra is a Senior Scientist at Security Risk Advisors, focusing on Cloud Security architecture and engineering. She’s a Masters student in Computer Science, with research on serverless/microservices security, cloud-based app development, and privacy & anonymity technologies. She is also one of the directors of Blue Team Village.Read More
Evan Perotti is a Lead Scientist at Security Risk Advisors (sra.io) that specializes in offensive security operations.Read More
Jonn is a Lead Scientist at Security Risk Advisors (SRA), focusing on appsec, secure development, cloud architecture, and containerization. While Python was his first love, Golang has become a recent mistress. He also runs a Kubernetes cluster at home, because yes: masochism is alive and well.Read More
The root of every attack begins with information gathering. With modern networks, including corporate and BYOD mobile devices that may move between private and public networks, information gathering from mobile devices is important, too. This presentation will explain a technique that abuses the link preview functionality in many modern smartphones to leak data such as operating system version and rough location from any cell-tower-connected smartphone to a third party without the need for user interaction. Additionally, a defense for this attack and a tool built around the attack to automate and store the data will be presented.Read More
Oscar Anaya is a hacker for X-Force Red specializing in hardware and web application testing. He has also previously conducted successful automotive and mobile vulnerability research. Before working for X-Force Red, Oscar conducted research on access control and had great success finding bypass methods for these systems.Read More
To connect devices with each other and the Internet, developers rely on application programming interfaces (APIs) that specify the intended behavior of the device without revealing how it works. Connected devices are now commonplace, so it’s no wonder that securing exposed APIs has risen in importance when protecting against data breaches. In this talk, the author will describe the basics of API security, and give an example of his recent run-in with a weakly secured API (that made headlines)!Read More
As Marc Andreesen so aptly noted “Software is eating the world”. Our technology-driven world increasingly relies on third party code, open source libraries and shared repositories. We don’t fully appreciate just how interconnected we are, and how that translates into software code dependencies. It took an event like the SolarWinds Orion attack to rattle the bars on that cage, and wake us up to what’s been going on for some time. The reality is that software supply chain attacks aren’t new. They’ve been around for many years, and we’ve been watching that check engine light but not really addressing the issues. Recent attacks show how easy it is to create confusion and send malicious code undetected through automated channels to trusting recipients. SolarWinds delivered a hard truth to defenders: everyone is vulnerable when trust can be abused. Where is the weakest link in your software supply chains of trust?Read More
Cheryl Biswas is a Strategic Threat Intel Specialist with TD bank in Toronto, Canada with experience in security audits and assessments, privacy, DRP, project management, vendor management and change management. She volunteers, mentors, gives talks, and champions women and diversity in Cyber Security with “The Diana Initiative”.Read More
© 2023 ShellCon