BSidesLV 2015
took place Aug. 4, 2015 through Aug. 5, 2015 (9 years, 10 months ago) at Tuscany Suites and Casino in Las Vegas, Nevada, USA.
Presentations
Tuesday, Aug. 4, 2015
-
08:30 - Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open Source Tools
-
08:30 - Pentesting PLCs 101
-
11:00 - I Am The Cavalry Track Introduction and Overview
-
11:00 - Barely Legal: the Hacker’s Guide to Cybersecurity Legislation
-
11:00 - Speaking Metrics to Executives
-
11:00 - Underground Wi-Fi Hacking for Web Pentesters
-
11:00 - Injection on Steroids: Code-less Code Injections and 0-Day Techniques
-
11:00 - Practical Application Whitelisting Evasion
-
11:00 - A Security/Usability Review of Wordpress 2FA Plugins
-
11:00 - Verum - How Skynet Started as a Context Graph
-
11:30 - Hack the Future
-
11:30 - Dropping hell0days: Business Interaction for Security Professionals - Or Anyone Else
-
11:30 - Unspeakable Passwords: Pronounceable or Diceware
-
12:00 - Getting the data out using social media
-
12:00 - Leading in a "Do"-ocracy
-
12:00 - Practice Safe Cyber: The Miseducation of American Students on Internet Safety
-
12:00 - When steganography stops being cool
-
14:00 - Pentesting with Docker
-
14:00 - State of Medical Device Cyber Safety
-
14:00 - Pushing on String: Adventures in the 'Don't Care' Regions of Password Strength
-
14:00 - Check That Certificate
-
14:00 - The Internet of ... Mainframes?! WTF?
-
14:00 - Violent Python
-
14:00 - Exploit Kit Shenanigans: They’re Cheeky!
-
14:00 - Analogue Network Security
-
14:00 - An introduction of the Kobra, a client for the Badger version 2.0, providing tactical situational awareness, physical tampering protection, and automatic process mitigation
-
14:00 - #radBIOS: Wireless networking with audio
-
14:30 - How can we ensure safer Medical Devices?
-
14:30 - The Journey To ICS
-
15:00 - NSA Playset: Bridging the Airgap without Radios
-
15:00 - I Amateur Radio (And So Can You!)
-
15:00 - Catching Linux Post-Exploitation with Auditd
-
15:00 - What's New Pussycat: Recent Improvements to Powercat
-
15:00 - What would fix passwords? Some weekly password audits. Pretty graphs to prove it! (A Haiku)
-
15:00 - Don’t hate the Disclosure, Hate the Vulnerability: How the government is bringing researchers and vendors together to talk vulnerability disclosure.
-
15:30 - Adding +10 Security to Your Scrum Agile Environment
-
15:30 - Breachego
-
16:00 - How to WCTF
-
17:00 - State of Automotive Cyber Safety
-
17:00 - How Portal Can Change Your Security Forever
-
17:00 - Crema: A LangSec-inspired Language
-
17:00 - Tell Me Who You Are, and I Will Tell You Your Lock Pattern
-
17:00 - Fight back – raising awareness @infosec
-
17:00 - Hacking Our Way Into Hacking
-
17:30 - What the heck is this radio stuff, anyway?
-
17:30 - How can we ensure safer Automobiles?
-
17:30 - Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers
-
18:00 - Angler Lurking in the Domain Shadows
-
18:00 - Your Electronic Device, Please: Understanding the Border Search Exception & Electronic Devices
-
18:00 - Poppin' (Digital) Locks
-
18:00 - Stress, Burnout, Rinse, Repeat
-
18:00 - Making & Breaking Machine Learning Anomaly Detectors in Real Life
-
18:00 - SIEMple technology
-
18:30 - How I learnt hacking in highschool
-
18:30 - Privileges in the Real World: Securing Password Management
Wednesday, Aug. 5, 2015
-
08:30 - Radare2 an open source reverse engineering framework
-
08:30 - Registration Open
-
08:30 - You Hack, We Capture: Attack Analysis with Honeypots
-
10:00 - WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis
-
10:00 - A hackers guide to using the YubiKey - how to add inexpensive 2-factor authentication to your next project.
-
10:00 - Have I seen you before?
-
10:00 - Security Questions Considered Harmful
-
10:00 - ZOMG It's OSINT Heaven!
-
10:00 - All You Need Is One: A ClickOnce Love Story
-
10:00 - Introduction to the Career Track
-
10:10 - Being the Paid Expert in the Room: Consulting for a Company or On Your Own
-
10:30 - It’s All Geek to Me
-
10:30 - I Forgot My Password
-
10:30 - WiFi Pineapple: Winning the WiFi Battlefield
-
10:30 - Classic Misdirection: Social Engineering to Counter Surveillance
-
11:00 - Bio-Hacking: Implantable chip attack vector
-
11:00 - Harvesting Passwords from Source Code, Scripts, and Code Repositories
-
11:00 - Haking the Next Generation
-
11:00 - TAPIOCA (TAPIOCA Automated Processing for IOC Analysis)
-
11:00 - Who Watches the Watchers? Metrics for Security Strategy
-
11:00 - Phishing: Going from Recon to Credentials
-
11:10 - Did you make a difference today?
-
11:30 - Better Spectrum Monitoring with Software Defined Radio
-
11:30 - Social Media in Incident Response Program
-
12:00 - Advancing Internet Security Research with Big Data and Graph Databases
-
12:00 - Towards Standardizing Comparisons of Password Guessability
-
12:00 - Backdooring MS Office documents with secret master keys
-
12:00 - Cats and Mice - Ever evolving attackers and other game changers
-
14:00 - FAA, FTC, FCC - FU: How Three F'ing Agencies are Shaping Info Sec
-
14:00 - Welcome back, Emcee sets tone for the afternoon
-
14:00 - Building an Empire with PowerShell
-
14:00 - Wi-Door - Bind/Rev Shells for your Wi-Fi
-
14:00 - Android App Security Auditing
-
14:00 - Open Up A Can of OSINT On 'Em
-
14:00 - Fishing To Phishing - It’s all about slimy creatures.
-
14:00 - Yes, you too can perform daring acts of Live Acquisition.
-
14:00 - Intro to Data Science for Security
-
14:00 - Stronger Password-Based Encryption Using I/O Hardness
-
14:15 - Interview Role Play
-
14:30 - Auth for Encrypted Services with Server Side APT
-
14:30 - +10 Knowledge: Sharing What You Learn For the Benefit of the Everyman.
-
15:00 - Blind Hashing
-
15:00 - Software-Defined Radio Signal Processing with a $5 Microcontroller.
-
15:00 - Insider Tricks for Bug Bounty Success
-
15:00 - Maximizing Bro Detection
-
15:00 - For love of country: 15 years of Security Clearance Decisions
-
15:30 - Embedding Web Apps in MITMProxy Scripts
-
15:30 - PBKDF2: Performance Matters
-
15:35 - Company Elevator Pitches
-
16:00 - All Your RFz Are Belong to Me – Software Defined Radio Exploits
-
16:20 - Life at a Startup, Tales From the Trenches: The Good, the Bad and the Ugly
-
16:40 - It’s Not Just Your Answer: Hacking Tech Interviews
-
17:00 - Actionable Threat Intelligence: ISIS, SuperBall, SuperFish, and your less magical 8-ball
-
17:00 - What Lurks in the Shadow
-
17:00 - Remote Access, the APT
-
17:00 - Password Alert by Google
-
17:00 - Infosec careers, myth vs. reality
-
17:00 - Rethink, Repurpose, Reuse... Rain Hell
-
17:00 - No More Fudge Factors and Made-up Shit: Performance Numbers That Mean Something
-
17:20 - Some things you just can’t find on Google.
-
17:30 - Out of Denial: A 12-Step Program for Recovering Admins
-
17:30 - No More Graphical Passwords
-
17:40 - Longevity in InfoSec – Turning Passion into Expertise & Respect
-
18:00 - Ask the EFF
-
18:00 - Crash The IoT Train Yourself: Intentionally Vulnerable WRT (IV-WRT)
-
18:00 - AI and CND - implications for security in the era of Artificial Intelligence
-
18:00 - How Secure Are Multi-Word Random Passphrases?
-
18:00 - Why We Can't Have Nice Things: Original Research on Conflict Resolution Styles in Information Security & Risk Management
-
18:00 - Common Mistakes that Engineers make while Interviewing in a “Hot” market
-
18:00 - Why does InfoSec play bass? And other observations about hacker culture.
-
18:30 - Are You Sure That You Still Need Passwords?
-
18:30 - Serial Box - Primer for dealing with Serial and JTAG for basic hardware hacking
-
18:45 - Closing remarks and thanks from our Emcee