DerbyCon 7.0 Legacy (2017)

DerbyCon 7.0 Legacy took place Sept. 22, 2017 through Sept. 24, 2017 (1 year, 5 months ago) at Hyatt Regency Hotel, Louisville, Kentucky, USA.

https://web.archive.org/web/20171017222935/https://www.derbycon.com/ [Internet Archive]
https://infocon.org/cons/DerbyCon/DerbyCon 7 2017/

Presentations:

Friday, Sept. 22, 2017

08:30 - DerbyCon Team
09:00 - Subverting Trust in Windows - A Case Study of the "How" and "Why" of Engaging in Security Research
10:00 - I had my mom break into a prison, then we had pie.
12:00 - How to Measure Your Security: Holding Security Vendors Accountable
12:00 - So you want to be a Social Engineer
12:00 - Eye on the Prize
12:00 - Further Adventures in Smart Home Automation: Honey, Please Don't Burn Down Your Office
12:00 - When to Test, and How to Test It
12:30 - Building Better Backdoors with WMI
13:00 - Securing Windows with Group Policy
13:00 - Beyond xp_cmdshell
13:00 - A New Take at Payload Generation: Empty-Nest
13:00 - Here Be Dragons: The Unexplored Land of Active Directory ACLs
13:00 - How we accidentally created our own RAT/C2/Distributed Computing Network
13:30 - Bots, Trolls, and Warriors
14:00 - VMware Escapology: How to Houdini The Hypervisor
14:00 - Defending against PowerShell Attacks
14:00 - TBD
14:00 - DFIR Redefined
14:00 - Active Defense for web apps
14:30 - Building Google for Criminal Enterprises
15:00 - V!4GR4: Cyber-Crime, Enlarged
15:00 - CredDefense Toolkit
15:00 - Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@('Tech','niques') -Join'')
15:00 - 3rd Annual Metasploit Townhall
15:00 - IoT Security - Executing an Effective Security Testing Process
16:00 - Fileless Malware - The New "Cyber"
16:00 - The skills gap: how can we fix it?
16:00 - Steel Sharpens Steel: Using Red Teams to improve Blue Teams
16:00 - Purpose Driven Hunt: What do I do with all this data?
16:00 - PSAmsi - An offensive PowerShell module for interacting with the Anti-Malware Scan Interface in Windows 10
16:30 - Extending Burp
17:00 - Shellcode Via VBScript/JScript Implications
17:00 - An ACE in the Hole: Stealthy Host Persistence via Security Descriptors
17:00 - Lateral Movement for the Blue Team
17:00 - DanderSpritz: How the Equation Group's 2013 tools pwn in 2017
17:00 - Introducing DeepBlueCLI v2, now available in PowerShell and Python
17:30 - Retail Store/POS Penetration Testing
18:00 - Run your security program like a boss / practical governance advice
18:00 - Introducing Bruiser: A Small and Sneaky Backdoor for Windows
18:00 - Defending the Cloud: Lessons from Intrusion Detection in SharePoint Online
18:00 - Improv Comedy as a Social Engineering Tool
18:00 - (Mostly) Free Defenses Against the Phishing Kill Chain
18:30 - How to safely conduct shenanigans
19:00 - The .NET Inter-Operability Operation
19:00 - Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
19:00 - War Stories on Embedded Security: Pentesting, IoT, Building Managers, and how to do Better

Saturday, Sept. 23, 2017

09:00 - To Catch a Spy
09:00 - Advanced Threat Hunting
09:00 - Return From The Underworld - The Future Of Red Team Kerberos
09:00 - Personalities disorders in the infosec community
09:00 - JReFrameworker: One Year Later
09:30 - Purple team FAIL!
10:00 - Architecture at Scale - Save time. Reduce spend. Increase security.
10:00 - Rapid Incident Response with PowerShell
10:00 - Memory-Based Library Loading: Someone Did That Already.
10:00 - CHIRON - Home based ML IDS
10:00 - Hidden Treasure: Detecting Intrusions with ETW
10:30 - Building a full size CNC for under $500
12:00 - How to Hunt for Lateral Movement on Your Network
12:00 - Building the DeathStar: getting Domain Admin with a push of a button (a.k.a. how I almost automated myself out of a job)
12:00 - Python Static Analysis
12:00 - Windows Rootkit Development: Python prototyping to kernel level C2
12:00 - Blue Team Keeping Tempo with Offense
12:30 - The Trap House
13:00 - Data Mining Wireless Survey Data with ELK
13:00 - Modern Evasion Techniques
13:00 - Kali Linux?
13:00 - Peekaboo! I Own You. Owning Hundreds of Thousands Vulnerable Devices with only two HTTP packets
13:00 - Hunting for Memory-Resident Malware
13:30 - C2 Channels - Creative Evasion
14:00 - Reaching Across the Isle: Improving Security Through Partnership
14:00 - FM, and Bluetooth, and Wifi... Oh My!
14:00 - Scrumy Security: Getting stuff done
14:00 - Common Assessment Mistakes Pen Testers and Clients Should Avoid
14:00 - Burping for Joy and Financial Gain
14:30 - Out With the Old, In With the GNU
15:00 - Web Application testing - approach and cheating to win
15:00 - Everything I Need To Know About Security I Learned From Watching Kung Fu Movies
15:00 - POP POP RETN ; An Introduction to Writing Win32 Shellcode
15:00 - Tracing Adversaries: Detecting Attacks with ETW
15:00 - Detect Me If You Can
15:30 - The Current State of Security, an Improv-spection
16:00 - I Survived Ransomware . . . TWICE
16:00 - Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
16:00 - When IoT Research Matters
16:00 - What A Long Strange Trip It's Been
16:00 - Full-Contact Recon
16:30 - Drone Delivered Attack Platform (DDAP)
17:00 - Mobile APTs: A look at nation-state attacks and techniques
17:00 - Not a Security Boundary: Bypassing User Account Control
17:00 - I want my EIP
17:00 - Reverse Engineering Hardware via the HRES
17:00 - Game On! Using Red Team to Rapidly Evolve Your Defenses
17:30 - MacOS host monitoring - the open source way
18:00 - Victim Machine has joined #general: Using Third Party APIs as C&C Infrastructure.
18:00 - Anatomy of a Medical Device Hack- Doctors vs. Hackers in a Clinical Simulation Cage Match
18:00 - Statistics on 100 million secrets: A look at recent password dumps
18:30 - Hacking VDI, Recon and Attack Methods
19:00 - Smart toys ain't that Smart, when Insecure!

Sunday, Sept. 24, 2017

10:00 - Windows Event Logs -- Zero 2 Hero
10:00 - Aiding Static Analysis: Discovering Vulnerabilities in Binary Targets through Knowledge Graph Inferences
10:00 - IDAPython: The Wonder Woman of Embedded Device Reversing
10:00 - Atombombing and Other Obfuscation - Your EDR may be broken
10:00 - Introducing SpyDir - a BurpSuite Extension
10:30 - Phishing for You and Your Grandma!
11:00 - Kinetic to Digital: Terrorism in the Digital Age
11:00 - Evading Autoruns
11:00 - Love is in the Air - DFIR and IDS for WiFi Networks
11:00 - Regular Expressions (Regex) Overview
11:00 - Gone In 59 Seconds - High Speed Backdoor Injection via Bootable USB
11:30 - Securing Your Network
12:00 - Diary of a Security Noob
12:00 - Going Deep and Empowering Users - PCAP Utilities and Combating Phishing in a new way
12:00 - SniffAir - An Open-Source Framework for Wireless Security Assessments
12:00 - Hacking Blockchains
12:00 - MitM Digital Subscriber Lines
12:30 - Spy vs. Spy - Tip from the trenches for red and blue teams
13:00 - changeme: A better tool for hunting default creds
13:00 - We're going on a Threat Hunt, Gonna find a bad-guy.
13:00 - Become the Puppet Master - the battle of cognition between man and machine
13:00 - Jumping the Fence: Comparison and Improvements for Existing Jump Oriented Programming Tools
13:00 - Winning (and Quitting) the Privacy Game: What it REALLY takes to have True Privacy in the 21st Century; or How I learned to give in and embrace EXIF tags

Presenters: