Talks from ShellCon 2020

Jump to:

Main Track Talks

All times are in Pacific Daylight Time (UTC-0700).

  • Track: Main Channel: Friday 10/09 @ 1030-1125 PDT

Thinking about what traces are left when activities occur on a Windows system? Think past the operating system itself! Everything that occurs within the Windows operating system must cross RAM, making it the vessel of an abundant amount of residual data from user activities. Decrypted versions of encrypted data, internet activity, user communication, network information, evidence of program execution, passwords and encryption keys, and more! Much of this data will only be found in memory, leaving no traces behind on the associated endpoint. This lecture will discuss the intricacies of Windows memory, how data gets stored in RAM, and delve into examples of the type of data you can piece together! There’s so much data to find in memory alone, come have a look!

Read More

Tarah Melton, GCFA, GREM, is a digital forensics examiner with a background in the Federal Government, supporting customers focused on counterterrorism, cyber defense, and incident response. Her responsibilities included forensic lab management and conducting digital forensic investigations in both the US as well as overseas, completing two deployments to Afghanistan. She...

Read More

twitter @melton_tarah
  • Track: Main Channel: Friday 10/09 @ 1130-1155 PDT

houdinID is a mobile application for physical pentesters to help them identify and strategize attacks against locks encountered in the field. Its dynamic quiz feature facilitates quick lock identification; photos of keyways can be matched with known keyways and key blanks; and its database, which provides information and attack advice on each lock, draws on research from the community of locksport enthusiasts and lock researchers. Moreover, this tool provides a security ranking for each lock that takes into account attacks not considered by current lock rating standards. Learn about lock identification and security ranking, and contribute your own intel to this community-driven project!

Read More

Tiffany Cheezem is a hacking apprentice with X-Force Red with a particular interest in physical pentesting. On the weekends, Tiffany can be found out in the mountains tracking ungulates and spying on birds, because someone’s got to find out if they’re real.

Read More

twitter @caticorn_sun
  • Track: Main Channel: Friday 10/09 @ 1200-1255 PDT
  • Slides

This is going to be a talk that dives into our experiences with running a cyber security competition training for local high school students. While it will contain a few jokes and memes, it will cover the ins and outs of how we were able to build a fun and engaging environment despite limited resources. Told from the perspective of university students who constantly seek out and participate in cyber competitions as well as CTF events, the objective of this talk will be to share our experiences giving back to local communities as well as sharing the knowledge/techniques that we have learned along the way.

Read More

Silas is an experienced undergraduate cyber security specialist with a demonstrated history of working in the information technology industry. Professional experience in system administration, incident response, digital forensics, threat mitigation, technical support, and penetration testing.

Read More

twitter @SighLessShen

Jimmy is an undergraduate student interested in computer science and cybersecurity. He has participated in various cybersecurity competitions including CyberPatriot and CTF contests. Additionally, he has submitted security vulnerabilities to companies such as Google.

Read More

twitter @jimfutsu

I am a student at Cal Poly Pomona studying cybersecurity. I am interested in Linux, digital privacy issues, and The Smiths!

Read More

twitter @FBetern0
  • Track: Main Channel: Friday 10/09 @ 1300-1355 PDT

Game theory is the study of choices and strategies made by rational actors in competitive situations. In this talk, we will model the choices and behavior demonstrated by real-world scenarios of human conflict as well as the actions of participants. Using these models, we will discuss how strategies are formed as well as how they can be influenced.

We start with demonstrations of basic game theory concepts using participants from the audience to play through scenarios such as the prisoners dilemma. From that foundation, I discuss the math behind the choices in these games in order to prove how each player’s choices influence the strategy of their opponent. Next, I will introduce some of the different techniques that can be used to turn games sideways. By adding secret information or the ability to deceive these games can be won more often by an enterprising individual.

By analyzing conflict where strategy and choices determine the outcome we learn more about how to determine the strategies of others as well as influence them with our own decisions. We gain a deeper understanding of strategy and motivation.

Read More

Raised in the woods of Alaska, Juneau attributes her love of hacking to a childhood spent building and breaking things. After studying computer science and economics she moved to Dallas, Texas and took a job as a network security engineer. In Dallas; Juneau found a home in the local community and...

Read More

twitter @Jun34u_sec
  • Track: Main Channel: Friday 10/09 @ 1400-1455 PDT

This demo-heavy talk with teach you how to attack a Kubernetes cluster, with a new Bust-a-kube scenario themed on the movie, “Inception.” You’ll see a four-stage attack that starts by gaining access in a low-privileged container that was built from a typo-squatted library. From there, we’ll find ourselves in a Kubernetes cluster within a Kubernetes cluster, as with Inception’s “dream within a dream.” You’ll learn how to break this attack with multiple defeneses, including OPA Gatekeeper. Afterward, practice the attack and defense with the open source Bustakube cluster.

Read More

Jay Beale works on Kubernetes and cloud native security, both as a professional threat actor and as a co-lead of the Kubernetes project’s security audit working group. He’s the architect of the Peirates attack tool for Kubernetes, as well as the @Bustakube Kubernetes cluster. Beale created Bastille Linux and the Center...

Read More

twitter @jaybeale linkedin Jay Beale
  • Track: Main Channel: Friday 10/09 @ 1500-1555 PDT
  • Slides

So you’ve put a giant pile of data into Splunk… how do you get started digging into it, cleaning it up, making it useful and manageable so that you can derive value from it?

This is a simple methodology for getting started with a new unfamiliar data set that will help you figure out what’s useful so that you can start developing alerts, reports, dashboards etc.

If you want to play along at home, download and boot the VM (well) ahead of time: 30G available disk space required; configurable RAM/CPU bit.ly/shellcon2020-spl.

Read More

Mary is a member of the Splunk Trust, an elite brain trust of about 60 of the most experienced Splunk users around the globe who give back to the Splunk community. She has worked in the threat detection and response space for various industry leaders in gaming, media, and entertainment and...

Read More

twitter @cyphoid_mary
  • Track: Main Channel: Friday 10/09 @ 1600-1625 PDT
  • Slides

Are you overwhelmed by the amount of awesome tools that have been released in the past year to help you secure your cloud data? In this talk, we’ll sprint through a number of options that you can start deploying ASAP to secure the data you most care about.

Read More

Daniel has 15+ years experience in the creation and deployment of solutions protecting networks, systems and information assets. He has a Masters of Science in Networking and Telecommunications from the University of Pennsylvania and is a former Director of Security, DevOps and IT at a fintech company with over $1.5 trillion...

Read More

twitter @dant24
  • Track: Main Channel: Friday 10/09 @ 1630-1655 PDT
  • Slides

The adoption of cloud services in today’s tech climate is overwhelmingly pervasive, not only with startups, but also larger, more established corporations. The need to scale and accelerate deployments has become blisteringly fast for both IT and engineering teams globally. Security, however, has never really caught up to keep pace. Luckily, enough vendors and consulting groups have built software, both closed and open source, to help IT and security professionals manage this cloud environment adoption. In this session, we will cover the basics of this relatively new space, Cloud Security Posture Management, designed to address customer misconfiguration, mismanagement and mistakes in managing their cloud environment. After some initial background and introduction of some tools related to the space, we will walk through what the IT or security practitioner should worry about in planning to leverage this type of technology to aid your team’s oversight and coverage in assessing cloud usage and adoption.

Read More

As a security {engineer | data scientist}, Henry operates as an information/data security architect, previously as a security consultant and developer in both the security and networking industries. In his current role, he interfaces with internal business partners in providing architectural guidance and aligning the business with best practices. As a...

Read More

twitter @bazinga73 linkedin Henry Canivel github hcbomb
  • Track: Main Channel: Friday 10/09 @ 1700-1755 PDT

Amazon Web Services (AWS) is one of the most popular ways for companies large and small to deploy their software and infrastructure. That popularity makes it a prime target for attackers, but what do attacks in AWS even look like? We’ve all heard of the SSRF to metadata trick, but what else can attackers do? With this talk we’ll dive into the tactics, techniques, and procedures a modern Penetration Testing or Red Team can leverage to exploit cloud infrastructure/applications, and what defenders can do to make this more difficult.

Read More

Nick Frichette currently works as the team lead for the Penetration Testing Team at a large financial services company. His primary focus is on web application and AWS with a dash of containerization. In his free time he does vulnerability research, blogs regularly on his website, collects certifications, and spends...

Read More

twitter @frichette_n
  • Track: Main Channel: Friday 10/09 @ 1800-1855 PDT

This talk is inspired by an episode of Black Mirror. I will be demonstrating a live demo creating a bot who talks like me and can be used to impersonate me online and do social engineering. I will be showing a live demo of how to create such bots over text, voice, or video and walk through various techniques that the attendees can use to create such smart social engineering attacks.

I will also release my GitHub of the AI notebooks as open-source for the attendees to try out and experiment.

Read More

Tamaghna Basu, CEO of DeTaSECURE, a research-oriented company to bring innovation into cybersecurity. He is an international speaker, mentor, advisor with almost two decades of experience. He is an expert in AI/ML, product security, OSINT, cyber warfare etc. with certifications like OSCP, GCIH, RHCE, CEH, ECSA etc.

Read More

  • Track: Main Channel: Saturday 10/10 @ 1000-1055 PDT

Documenting and reporting is a key part of red teaming and generally the part we all look forward to the least. Compared to the rest of the work we do it’s not the most fun and and exciting. Teams generally solve this with ad hoc solutions for note taking, recording and sharing screenshots, and collecting other evidence but these solutions rarely scale. As teams grow and scope expands these are not always easily shared and typically require manual steps to manage. Having to dig through a pile of evidence after an operation to find the one screenshot you need, if you even have it, can be time intensive and cumbersome. ASHIRT solves this by serving as a non-intrusive, automatic when possible, way to capture, index, and provide search over a centralized synchronization point of high fidelity data from all your evidence sources during an operation.

https://www.github.com/theparanoids/ashirt-server

https://www.github.com/theparanoids/ashirt

https://www.github.com/theparanoids/aterm

https://www.github.com/theparanoids/ashirt-helm

Read More

Joe is a member of the Red Team at Verizon Media where he plots world domination and builds offensive tooling. He has a passion for reverse engineering, exploitation, teaching, and sharing research with others. He is the undisputed champion of the Brawndo and Booze competition from DEFCONs past with his Irish...

Read More

twitter @jrozner
  • Track: Main Channel: Saturday 10/10 @ 1100-1155 PDT
  • Slides

Whether network connected or standalone, firmware is the center of controlling any embedded device. As such, it is crucial to understand how firmware can be manipulated to perform unauthorized functions and potentially cripple the supporting ecosystem’s security. This presentation will provide an overview of how to get started with performing security testing and reverse engineering of firmware leveraging the OWASP Firmware Security Testing Methodology (FSTM) as guidance when embarking on an upcoming assessment.

Read More

Aaron Guzman is co-author of the “IoT Penetration Testing Cookbook” and is a Technical Leader within Cisco Meraki’s security team. He leads open-source initiatives that provide awareness around IoT security defensive strategies as well as lowering the barrier of entry into IoT hacking under OWASP’s IoT and Embedded Application Security projects....

Read More

twitter @scriptingxss
  • Track: Main Channel: Saturday 10/10 @ 1200-1255 PDT

Ever wonder if your TV is watching you watch it? In this talk, we will do a high level discussion on a project from the CIA’s Vault 7 wiki leaks, dubbed “Weeping Angel”.

Read More

From notepad to Dreamweaver to Flash to the CMS, this failed web developer turned hacker back in the early 2000’s. It wasn’t until his own apps began getting hacked that he turned to application security and never looked back. A man of many hats, mostly white, he is currently a Security...

Read More

github nodisassemble
  • Track: Main Channel: Saturday 10/10 @ 1300-1355 PDT

While the Bluetooth family of protocols continues to claim the spotlight of low energy RF technologies, ZigBee remains an important attack surface to consider due to its heavy deployment in building automation, and even smart home devices. This talk will give a basic breakdown of ZigBee as a technology, discuss the current threats, and look at the tools needed to start hacking this often-overlooked wireless protocol.

Read More

Maxine is a US Army Veteran, who recently graduated from the University of Washington – Tacoma with a BSc in Information Assurance and Cybersecurity. She has experience as a Security Analyst hunting wireless threats and vulnerabilities, and currently works for IOActive as a Security Consultant applying her knowledge to help companies...

Read More

twitter @FreqyXin
  • Track: Main Channel: Saturday 10/10 @ 1400-1455 PDT
  • Slides

When you work in information security, not everyone is thankful for the job that you do. Frequently, you’ll have to work and communicate with people who really would prefer you’d just go away.

We will enumerate some of the common adversarial scenarios you may find yourself in, such as handling vulnerability disclosure with a hostile vendor, or working for a team that doesn’t want a security test, but got one for regulatory reasons. We will also discuss how to identify that you’re in an adversarial scenario, and either get yourself out of it by correcting misconceptions about you and your work, or work through it, using strategies developed over a decade of penetration testing and vulnerability disclosure experiences.

Read More

Daniel Crowley is the head of research and a penetration tester for X-Force Red. Daniel denies all allegations regarding unicorn smuggling and questions your character for even suggesting it. Daniel is the primary author of both the Magical Code Injection Rainbow, a configurable vulnerability testbed, and FeatherDuster, an automated cryptanalysis tool....

Read More

twitter @dan_crowley
  • Track: Main Channel: Saturday 10/10 @ 1500-1525 PDT

The use of voice recognition is becoming prominent and is on the rise in many pieces of software. Yet there are vulnerabilities and shortcomings of algorithms and technologies that allow attackers to perform voice morphing, theft of voice histories, etc., to perform other destructive attacks and influence companies, individuals, politics, legal proceedings, and more. The possibilities are limitless. This talk identifies those vulnerabilities, risks, and preventions.

Read More

Kim is working as a Teaching Assistant at CityU School of Technology & Computing and is a full time M.S. Computer Science student and security researcher. Currently Kim focuses on exploit development and mobile application exploitation. She finds her passion in helping people elevate their technical skills and knowledge, especially the...

Read More

linkedin Kim Nguyen
  • Track: Main Channel: Saturday 10/10 @ 1530-1555 PDT
  • Slides

SOC analysts need to be able to triage suspicious artifacts identified by alerts or while performing threat hunts. It’s common for SOC analysts to submit artifacts to public sandboxes which could alert threat actors and allow them to quickly pivot and implement new tactics and techniques or to make minor tweaks that will go undetected.

The ability to triage suspicious artifacts is typically viewed as an advanced topic left for highly technical malware analysts. This talk will provide basic examples and demonstrate how to perform initial triage of suspicious artifacts in a safe and operationally secure manner.

Read More

Dances with the dark arts • Mischievous Architect • TWVvd1dhcmU= • @ctfjawn • @defconphilly DC☠215 • Blue Team Village • about.me/veii0x • @woprsummit

Read More

twitter @ttheveii0x

Jonas Eichinger currently works as a Sr. Consultant for Security Risk Advisors. His focus is Digital Forensics & Incident Response, malware reverse engineering, defensive tool development, and cloud security. Any time not spent taking apart payloads, investigating security incidents, or knowledge sharing is divvied up between fermenting cabbage, collecting vintage computers,...

Read More

  • Track: Main Channel: Saturday 10/10 @ 1600-1655 PDT
  • Slides

Given enough time and resources, advanced adversaries will bypass modern intrusion detection solutions. SIEMs are often configured to gather as much information as possible in an environment, and the resulting value of provided alerts and responses rely on attempting to lower the number of false positives. The goal of The Aerospace Corporation was to conduct an experiment in achieving higher fidelity true positive alerts by utilizing cyber deception concepts. Our research concluded that by through a mix of low and medium interactivity honeypots deployed on a production system, it is possible to gather not only true positive alerts but also threat intelligence on adversaries.

The talk will cover a brief overview of current FOSS deception solutions and will pivot to the research showcasing our own FOSS cyber deception experiment that detects and monitors cyber adversaries.

Read More

Henry Reed is a senior at California State University, Northridge and an intern in the Cyber Defense Solutions Department at The Aerospace Corporation. Reed obtained the Security+, RHCSA, and GPEN certifications, extensively researched both offensive and defensive cyber operations (managing to get yelled at by Aerospace’s IT in the process), worked...

Read More

twitter @MemeticHenry
  • Track: Main Channel: Saturday 10/10 @ 1700-1755 PDT

They say life imitates art, and like the classic hacking films of the 1990’s this talk involves money and banks. Except we made a functioning mock bank, and the money is Jamaican. Join our journey of rediscovery inner workings of Automated Teller Machines (ATMs). Using no existing external infrastructure we dive into our successes and failures as we crossed wires, consoled, and dial-in to real Hyosung ATMs in an effort to become a payment processor. There will be demos, code, and maybe a bit of gum, as we rock the cash box. This talk is meant for beginners or seasoned phreakers alike. Our talk explores the approach and much as the techniques behind our efforts. Our goal is to take you back (at least with hardware) to the glory days of hacking, when phreaking still worked, and blue boxes still roamed free.

Read More

Wasabi is a security researcher who dabbles in the arts of system administration. He participated in CCDC, CPTC, and many CTFs as a competitor before starting to help organize cyber defense competitions himself. He is now the Black Team lead for WRCCDC.

Read More

twitter @spiceywasabi

Forrest Fuqua is a DoD Subcontractor CyberSecurity Pentester and Auditor. Owner of Hatchan, He designs interesting projects while saving the interweb with his work on the Archive Team. Redteam of NECCDC.

Read More

twitter @JRWR
  • Track: Main Channel: Saturday 10/10 @ 1800-1825 PDT

There are many important elections this year. As you read this, Russia is already disrupting them.

When we talk about election security, most people think of hacking voting machines. But what about other cyber methods and means of disrupting an election? What can nation state threat actors do today, tomorrow, the day of the election, and after to sow chaos and erode our faith in democracy?

In this session, Allie will discuss how Russia has influenced worldwide elections using cyberwarfare and the means of fighting back. We’ll understand the natural asymmetry between how Russia and other countries are able to respond, and how defensive approaches have changed since 2016.

Expect some brainstorming on all of the ways to disrupt an election that countries aren’t prepared for. Get ready to put your nation state threat actor hat on and disrupt some elections - and maybe even earn some ириски-тянучки.

Read More

Allie Mellen has spent the past decade in engineering, development, and technical consulting roles at multiple venture-backed startups, as well as research roles at MIT and Boston University. Her passion is combining technology and entrepreneurship, having run her own successful iOS development company out of college and been an investment partner...

Read More

twitter @hackerxbella linkedin Allie Mellen

RaiseMe Track Talks

All times are in Pacific Daylight Time (UTC-0700).

  • Track: RaiseMe Channel: Friday 10/09 @ 1030-1125 PDT

Infosec is an exciting field and statistics are constantly showing a high demand for individuals with security-centric skills. Whether you’re a student who just graduated, an IT professional pivoting to security, or someone looking for a career change, one ever-present variable is the challenge to transition into infosec. Bypassing the HR Firewall discusses the reality of transitioning into infosec, the challenges involved with that transition, and how to overcome those challenges.

Read More

When I began my infosec journey I quickly realized that it wasn’t an easy field to get into. I was introduced to RaiseMe at the LayerOne conference and was grateful there was a place for a noob like me to gain insight and direction. The advice from RaiseMe helped me in...

Read More

twitter @_glitchXR
  • Track: RaiseMe Channel: Friday 10/09 @ 1130-1225 PDT

Hiring is hard. Hiring in tech is often harder because we tend to focus on concrete, measurable skills and often ignore or devalue soft skills since they’re not as easy to evaluate. As the gatekeepers of an operation, many security roles face soft skills challenges that other engineering disciplines do not.

Individuals should attend to learn ways to directly improve the quality of your interview process and the new hires that will become your colleagues. Managers should attend to understand how to better facilitate improvements to your Hiring Pipeline and ensure every hire is a Great Engineer.

Read More

Brian is an SRE at Twitter where he works on Core Services and all the things they touch (so pretty much everything). Often that means just trying to ensure all the different services and people get along together.

Brian has also been a technical leader at Twitter for over six years....

Read More

twitter @arocknerd
  • Track: RaiseMe Channel: Friday 10/09 @ 1300-1355 PDT

Leaders are shaped and challenged constantly. Patience and perseverance are what make them considered great. Our community needs mentors and mentees badly. Also, each needs the other and picking the right pairings are important.

How do you become a mentor, a mentee, or both? We’ll discuss how to pick the right role and person. We’ll take a look at how volunteering can present both opportunities and obstacles to becoming a good leader. We’ll look at the cost of burnout and timing for moving on to the next role.

Read More

@BSidesSATX coordinator. @BSidesLV AV Staff. IAM practitioner. #InfoSec #podcast host, photographer, videographer.

Working in the field of Digital Identity since 2002, SciaticNerd is actively involved in the San Antonio InfoSec community, attending and contributing to SAHA and other local groups and diligently working to promote involvement with computing, security, and technology.

...</p> Read More

  • Track: RaiseMe Channel: Friday 10/09 @ 1400-1455 PDT

Whether your current staff members are handing in their notice, or that candidate you’re excited to hire is turning down your offer you’re feeling the Information Security skills gap. With unemployment in the security industry at such low levels, the pandemic is reducing the candidates on the market. The skills gap is getting bigger, not smaller.

Candidates are getting more offers and your security team are getting multiple calls and emails offering them the world. You need to make sure that you understand the drivers of why people start looking for new opportunities, as they are the same reasons that candidates accept positions.

Read More

Kris has been working in technical staffing for over 20 years and is Founder and CEO of Tiro Security, a cyber security staffing and professional services firm over 8 years ago. Kris is the current President of the Los Angeles, Cloud Security Alliance Chapter and is a founding Board Member of...

Read More

  • Track: RaiseMe Channel: Friday 10/09 @ 1500-1555 PDT

Cybersecurity leaders are beginning to recognize they need a new way to cultivate expert talent. Using apprenticeships as a foothold, they can bridge the workforce gap for a much broader population of Americans and bring in a new talent pipeline. To show an example of how this is currently being used in the US workforce, we will look at Purdue University’s Cyber Apprenticeship Program (P-CAP), which provides an implementation path for successful apprenticeships. P-CAP blends traditional models for a Bachelor’s and Master’s degree and is built on the NICE workforce framework. In the program, apprentices can earn a degree while they are employed, gaining simultaneous on-the-job training and mentorship through an employer coalition.

Note: This presentation has content for Salute! attendees.

Read More

Dr. Geanie Umberger is the Executive Director of the Purdue Cyber Apprenticeship Program (P-CAP) a DOL-funded program at Purdue University. Dr. Umberger was the Assistant Vice President for Research, focusing on industry-academic research relationships, technology transfer, and economic development prior to joining the Purdue Polytechnic Institute as the Associate Dean for...

Read More

  • Track: RaiseMe Channel: Friday 10/09 @ 1600-1655 PDT

Transitioning from the Military isn’t simple, but we make it more complicated when we think we are the only ones who do it. The Military has trained us to be flexible and responsive in our leadership and work ethic, why can’t we use those skills when we leave the Military? Preparing for your transition and being your own advocate is not only essential but common sense. Transitioning to an area where the Military or Federal Government is not prevalent is not a hindrance but an advantage if you make it that way.

Read More

Christopher Elliot is the Director, Corporate Security and Security Operations for SoFi. His “Forrest Gump-like” career has led him to spending 23 years in the Army, in prestigious units like 1st Special Forces Operational Detachment- Delta, NATO and the NSA. His time in Army also kept him in Iraq and Afghanistan...

Read More

linkedin Christopher Elliot
  • Track: RaiseMe Channel: Friday 10/09 @ 1700-1755 PDT

We’ll work with you in real time on your resume language, and you’ll get group feedback and support on your job hunting situation. We’ll also tell you about the job hunting dogma you need to avoid. Some of the people who have met in these groups stay in contact with each other long after the event is over, and return to give us good news about progress in their careers.

This is a ShellCon U class taught by the RaiseMe instructor team.

Read More

The industry professionals on our team volunteer their time and expertise to help make your dreams come true.

RaiseMe Events was born at ShellCon here in Southern California, and our biggest event every year is the RaiseMe Career Hall. We also contribute to other technology events around the country. We will...

Read More

  • Track: RaiseMe Channel: Saturday 10/10 @ 1100-1155 PDT

Stuck in a bit of a career rut? Perhaps it’s time for you to explore where bits and bytes meet flesh and blood- the fast paced and dynamic world of healthcare security. From insulin pumps to electronic medical records, from pacemakers to PACS systems, modern healthcare is dependent on the same connected technologies that permeate every other aspect of our lives- but the sector is drastically lacking the security talent enjoyed by other industries. The congressionally mandated HHS Healthcare Cybersecurity Task Force of 2017 estimated that most medical facilities across the country lack even a single full time security professional- that’s a lot of patients who need protecting. Join quaddi and r3plicant, physicians by day, hackers by night, as they give you an overview of the operational needs of this space, describe the perspective needed to succeed in healthcare, explore the conundrum between best practices and standard practices and how that may lead to tension between clinicians, administrators, and security professionals, and how you can literally use your skills to save lives.

Read More

Christian Dameff is an Emergency Medicine Physician and Researcher. He is currently a Clinical Informatics Fellow at the University of California, San Diego. Dameff is also an ethical hacker and security researcher interested in the intersection of healthcare, patient safety and cybersecurity. He has previously spoken at RSAC, Black Hat, DEF...

Read More

twitter @cdameffmd linkedin Dr. Christian Dameff

Jeff Tully is an Anesthesiologist, Pediatrician and Security Researcher with an interest in understanding the ever-growing intersections between healthcare and technology. Prior to medical school he worked on hacking the genetic code of Salmonella bacteria to create anti-cancer tools, and throughout medical training has remained involved in the conversations and projects...

Read More

twitter @jefftullymd linkedin Dr. Jeff Tully website http://inoculum.health
  • Track: RaiseMe Channel: Saturday 10/10 @ 1230-1255 PDT

Supporting under-represented minorities in infosec, including BIPOC (Black, Indigenous, and People of Color), members of the LGBTQ2IA community, neurodiverse people, and disabled people typically looks like creating physical spaces for fostering dialogue or running live events with diverse representation. Unfortunately with wide scale work-from-home requirements and social distancing in place, it can be harder to show up for these communities in a time when they might need it most. This talk will offer practical guidance that can be immediately implemented to create more inclusive environments.

Read More

Red (she/they) has been in InfoSec for 5 years and has a wide range of experience in security, from pen testing to developing policy and risk management programs. They are passionate about making space for underrepresented minorities in tech and fighting the patriarchy, and can be seen volunteering for various infosec...

Read More

twitter @alkalinered twitch @alkalinered
  • Track: RaiseMe Channel: Saturday 10/10 @ 1300-1355 PDT

Are you breaking out into the tech field and don’t know where to start? Discuss how you can get over your first obstacle - yourself! In this talk, university students share their journey into tech and discuss the often overlooked parts of the paths they took to get to where they are now. Explore with us on the topic of imposter syndrome and the difficulties many beginners and veterans alike face within the tech industry and how you can combat it.

Read More

As a current student of CalPoly Pomona studying the field of InfoSec, Jennifer has a very wide variety of experiences since high school, such as becoming an alum within Girls Who Code, a high school program aimed at empowering young women with computer science. Alongside this, Jennifer has also made her...

Read More

Starting his own home lab before college, Somar Dakak is an up-and-coming university student with a great interest in technology. As a senior at Cal Poly Pomona, Somar studies InfoSec as well as Business Intelligence, casting a wide net over the IT industry while participating in competitions and events for both...

Read More

Angela is currently a student at Cal Poly Pomona studying cybersecurity. She is very involved in student life and extracurricular activities, as she is on the executive board for two of the university’s CIS organizations – Students With An Interest In the Future of Technology (SWIFT), and the Management Information Systems...

Read More

linkedin Angela Lee
  • Track: RaiseMe Channel: Saturday 10/10 @ 1400-1425 PDT

In many technical communities (security included) there exist both proprietary and community software solutions to solve common problems. Frequently, experience solving such problems with community-developed open-source solutions can be sufficient to gain access to employment opportunities, however dedicating unpaid time to learning those tools can be a struggle.

Luckily (due mostly to coincidence) much popular open source security tooling for security works using the same or very similar platforms and technologies as modern open source IT infrastructure automation (aka DevOps). This means that, depending on project focus, it is possible to use DevOps roles as a paid training opportunity for learning certain blue team infosec skill sets (primarily patch/vuln management, scanning, digital supply chain security, and log management).

During this 30 minute talk Jason will detail tools, technologies, and platforms that are shared between the disciplines. Additionally, some time will be spent discussing ideal projects to participate in to build desirable security skills while being paid for performing DevOps responsibilities. Finally, we’ll touch on supplementary opportunities that might provide additional experience to people for whom this sort of a lateral career transition might be appealing.

Read More

Jason is a DevOps, Security, and IT Process Consultant currently based in Los Angeles. They like to go fast (🏍️) hit hard (🥋) make friends (😊) and have too many hobbies. Jason is also a founding board member of Reverse Shell Corporation (https://www.revshellcorp.org/), a local area non-profit with an objective of...

Read More

twitter @rtzq0 linkedin Jason Ritzke website pwn.nz email rtzq0@pwn.nz
  • Track: RaiseMe Channel: Saturday 10/10 @ 1430-1455 PDT

Many of us are working from home these days. It is possible that we will continue working from home – at least part time – even after the pandemic becomes a thing of the past. This begs the question of how we, as employees, and our organizations, are protecting our information assets in the COVID-19 world. Are those assets just as protected in the home office as they are when in an office building? We might also find ourselves looking for new work. This may involve increased online activity, including interviews that take place via video conferencing. What are some basic tenets that, when followed, will increase the candidate’s likelihood of success?

The speaker will explore these questions from the perspective of an information security professional that has worked from home full time for 5 years – well before COVID-19. The goal is to provide simple tips to remain secure while at home, and also tips related to avoiding pitfalls while searching for jobs and interviewing online during this new normal that we live in.

Read More

Damon Small began his career studying music at Louisiana State University. Leveraging computer skills learned in the LSU recording studio, he became a systems administrator in the mid 1990s. In 2005, he completed a Master of Science in Information Assurance degree from Norwich University. Small’s 25 years as a security professional...

Read More

twitter @damonsmall
  • Track: RaiseMe Channel: Saturday 10/10 @ 1500-1555 PDT

Non-Disclosure, IP Rights Assignment, and Non-Compete agreements are staples of the technology world. But do you understand what you’re signing? What makes these agreements good, bad, or ugly? In this talk, we look at why these agreements exist, and some common terms and conditions. We’ll show you how to evaluate them before you sign, defend against an exploitative agreement, and share some stories about agreements gone right…and wrong.

Read More

I do security things.

Read More

twitter @yaxisbot

Craic’d is a 201-year veteran of cybersecurity whose first love is PKI. And he’s Irish. He owns his own consulting firm, but regularly bounces back and forth between employment and contracting. He has seen some shite more than his fair share of stupid agreements.

Read More

  • Track: RaiseMe Channel: Saturday 10/10 @ 1600-1655 PDT

The military has something called the “Rank Structure” and as a service member gets promoted they typically move away from the technical or the doing of the work and start taking on leadership and strategic roles within their respective commands and services. In a lot of traditional Military Occupational Specialty (MOS) the processes and supporting technologies do not change all that quickly, however, the IT field does not operate that way. Military members within the IT MOS field traditionally find themselves in charge and thus lack the time and opportunity to keep up-to-date with the rapid changing pace of technology and can easily find their knowledge base out-dated and struggle to lead and advocate correctly for troops and their assigned mission. Information Security as we know it, changes extremely fast. It takes a lot of effort for senior military members to maintain their skills and knowledge in order to do what’s right for their troops. Taking those senior military members who are now retiring and desire a career in infosec can be challenging due to a perceived lack of skills and hands on experience. Compounding the barriers of entry when transitioning as an active duty military member with over 20...

Read More

Retired United States Marine after 21 years of service with 17 being in the Information Technology field. It was challenging yet a fulfilling career. The 17 years was a blessing having had multiple assignments which has contributed to my personal and professional growth. My last assignment provided me the opportunity to...

Read More

linkedin Paul Navarro
  • Track: RaiseMe Channel: Saturday 10/10 @ 1700-1755 PDT

Many candidates have come to us frustrated by the number of interviews they’ve attended without getting any job offers. Sometimes they need help getting over interview anxiety. Also, some candidates don’t realize that when they receive an offer, they are expected to negotiate. A well-understood negotiation is essential in order to settle on a set of compensation parameters and working conditions that will make them happy, and commit to the company for the long run. This training is in a group environment to offer maximum support and feedback.

This is a ShellCon U class taught by the RaiseMe instructor team.

Read More

The industry professionals on our team volunteer their time and expertise to help make your dreams come true.

RaiseMe Events was born at ShellCon here in Southern California, and our biggest event every year is the RaiseMe Career Hall. We also contribute to other technology events around the country. We will...

Read More

Workshops

All times are in Pacific Daylight Time (UTC-0700).

  • Track: Workshop: Friday 10/09 @ 0800-1200 PDT

If you are the kind of person who enjoys workshops with practical information that you can immediately apply when you go back to work, this workshop is for you, all action, no fluff :)

Attendants will be provided with training portal access to practice some attack vectors, including multiple mobile app attack surface attacks, deeplinks and mobile app data exfiltration with XSS. This includes: Lifetime access to a training VM, vulnerable apps to practice, guided exercise PDFs and video recording explaining how to solve the exercises.

This workshop is a comprehensive review of interesting security flaws that we have discovered over the years in many Android and iOS mobile apps: An entirely practical walkthrough that covers anonymized juicy findings from reports that we could not make public, interesting vulnerabilities in open source apps with strong security requirements such as password vaults and privacy browsers, security issues in government-mandated apps with considerable media coverage such as Smart Sheriff, apps that report human right abuse where a security flaw could get somebody killed in the real world, and more.

Read More

After 13 years in itsec and 20 in IT Abraham is now the CEO of 7ASecurity, a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other events.

Read More

twitter @7asecurity linkedin Abraham Aranguren github 7a
  • Track: Workshop: Friday 10/09 @ 1300-1700 PDT

Michael Wylie brings to you an introductory hands-on fundamental malware analysis workshop. IT and Cybersecurity professionals will learn the basic skills necessary to safely analyze the characteristics and behavior of malware. Students will walk away with practical techniques and methodologies that can be immediately applied to statically and dynamically analyzing software with an emphasis on malicious software. Gone are the days where incident responders reformat infected systems destroying valuable evidence. Preserving and analyzing malware artifacts will give attendees the skills to understand, at a high level, the techniques and malicious intents of malware that defeated their security controls. Once the threat is understood, additional detective and preventive controls can be put in place resulting in faster response. Throughout this workshop, students will learn about and how to work on labs involving both static and dynamic software analysis. Before diving in, students will be given an overview of malware analysis and be educated on safe responsible malware detonation to minimize the risk of spreading malware. Tools students will explore include: Strings, Wireshark, PEstudio, ProcMon, HxD, Process Hacker, Process Explorer, and more.

Read More

Michael Wylie, MBA, CISSP is the Sr. Manager of a threat hunting team. In his role, Michael is responsible for managing a global team of analysts hunting for hands-on keyboards activity within customer environments.

Read More

twitter @TheMikeWylie
  • Track: Workshop: Saturday 10/10 @ 0800-1200 PDT

This will be a workshop that allows students and professionals to understand both pentesting and AWS by setting up various systems in AWS. Attendees will engage by setting up an attacker host, a couple of victim machines, and a couple of other AWS services. Once the environment is set up, attendees can expect to learn basic pentesting concepts as well as some more intermediate and advanced topics.

Read More

Security engineer and educator who has been working in engineering, security, and information technology for 10 years. Specializations in Penetration Testing, Threat and Adversarial Assessments, Vulnerability Management, Cloud Technology (AWS), and experience as a Technical Educator and University Level Professor.

Read More

twitter @Moos1e_Moose linkedin Jon Helmus
  • Track: Workshop: Saturday 10/10 @ 1300-1700 PDT

There are far too many pieces to the information security puzzle for one person to know them all. That’s OK, but there are still quite a few topics which warrant at least some basic level of understanding. One such topic is the typical malware kill chain. Those interested in different aspects of security may find they know nothing about this. They may also find the desire to learn.

If the best way to learn is by doing then let’s “do” some malware.

Students of this workshop will learn how to:

  • Build (harmless) pluggable implants for Windows in C
  • Run simple command-and-control and related services
  • Tie these pieces together into a usable kill chain

Please note we will not cover evasive or persistence techniques. The instructor is not a malware expert and has no intentions (yet) of arming the populace.

This workshop aims to provide a bit of fun and understanding around botnets and the kill chains used to build them. Students will take away a basic but (hopefully) new perspective on something they may have only read about in passing, but more importantly a spark to encourage continued research and experimentation at home.

Prerequisites

Attendance Requirements

...</p> Read More

StudlyBeefyMcBeefyStudly is many things — DEF CON Goon, Chaotic Neutral Troublemaking Aficionado, Fornax Coversapien, Principal Systems Engineer, Raging Alcoholic, Firestarter… The list goes on. They have spent nearly 20 years bringing the fruits of their exploits to the techomancing world. Originally starting out with desktop software and then web application development,...

Read More

twitter @bad2beef

© 2024 ShellCon