BSidesLV 2015
took place Aug. 4, 2015 through Aug. 5, 2015 (9 years, 4 months ago) at Tuscany Suites and Casino in Las Vegas, Nevada, USA.
Presentations
Tuesday, Aug. 4, 2015
-
08:30 - Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open Source Tools
-
08:30 - Pentesting PLCs 101
-
11:00 - I Am The Cavalry Track Introduction and Overview
-
11:00 - Barely Legal: the Hacker’s Guide to Cybersecurity Legislation
-
11:00 - Speaking Metrics to Executives
-
11:00 - Underground Wi-Fi Hacking for Web Pentesters
-
11:00 - Injection on Steroids: Code-less Code Injections and 0-Day Techniques
-
11:00 - Practical Application Whitelisting Evasion
-
11:00 - A Security/Usability Review of Wordpress 2FA Plugins
-
11:00 - Verum - How Skynet Started as a Context Graph
-
11:30 - Hack the Future
-
11:30 - Dropping hell0days: Business Interaction for Security Professionals - Or Anyone Else
-
11:30 - Unspeakable Passwords: Pronounceable or Diceware
-
12:00 - Getting the data out using social media
-
12:00 - Leading in a "Do"-ocracy
-
12:00 - Practice Safe Cyber: The Miseducation of American Students on Internet Safety
-
12:00 - When steganography stops being cool
-
14:00 - Pentesting with Docker
-
14:00 - State of Medical Device Cyber Safety
-
14:00 - Pushing on String: Adventures in the 'Don't Care' Regions of Password Strength
-
14:00 - Check That Certificate
-
14:00 - The Internet of ... Mainframes?! WTF?
-
14:00 - Violent Python
-
14:00 - Exploit Kit Shenanigans: They’re Cheeky!
-
14:00 - Analogue Network Security
-
14:00 - An introduction of the Kobra, a client for the Badger version 2.0, providing tactical situational awareness, physical tampering protection, and automatic process mitigation
-
14:00 - #radBIOS: Wireless networking with audio
-
14:30 - How can we ensure safer Medical Devices?
-
14:30 - The Journey To ICS
-
15:00 - NSA Playset: Bridging the Airgap without Radios
-
15:00 - I Amateur Radio (And So Can You!)
-
15:00 - Catching Linux Post-Exploitation with Auditd
-
15:00 - What's New Pussycat: Recent Improvements to Powercat
-
15:00 - What would fix passwords? Some weekly password audits. Pretty graphs to prove it! (A Haiku)
-
15:00 - Don’t hate the Disclosure, Hate the Vulnerability: How the government is bringing researchers and vendors together to talk vulnerability disclosure.
-
15:30 - Adding +10 Security to Your Scrum Agile Environment
-
15:30 - Breachego
-
16:00 - How to WCTF
-
17:00 - State of Automotive Cyber Safety
-
17:00 - How Portal Can Change Your Security Forever
-
17:00 - Crema: A LangSec-inspired Language
-
17:00 - Tell Me Who You Are, and I Will Tell You Your Lock Pattern
-
17:00 - Fight back – raising awareness @infosec
-
17:00 - Hacking Our Way Into Hacking
-
17:30 - What the heck is this radio stuff, anyway?
-
17:30 - How can we ensure safer Automobiles?
-
17:30 - Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers
-
18:00 - Angler Lurking in the Domain Shadows
-
18:00 - Your Electronic Device, Please: Understanding the Border Search Exception & Electronic Devices
-
18:00 - Poppin' (Digital) Locks
-
18:00 - Stress, Burnout, Rinse, Repeat
-
18:00 - Making & Breaking Machine Learning Anomaly Detectors in Real Life
-
18:00 - SIEMple technology
-
18:30 - How I learnt hacking in highschool
-
18:30 - Privileges in the Real World: Securing Password Management
Wednesday, Aug. 5, 2015
-
08:30 - Radare2 an open source reverse engineering framework
-
08:30 - Registration Open
-
08:30 - You Hack, We Capture: Attack Analysis with Honeypots
-
10:00 - WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis
-
10:00 - A hackers guide to using the YubiKey - how to add inexpensive 2-factor authentication to your next project.
-
10:00 - Have I seen you before?
-
10:00 - Security Questions Considered Harmful
-
10:00 - ZOMG It's OSINT Heaven!
-
10:00 - All You Need Is One: A ClickOnce Love Story
-
10:00 - Introduction to the Career Track
-
10:10 - Being the Paid Expert in the Room: Consulting for a Company or On Your Own
-
10:30 - It’s All Geek to Me
-
10:30 - I Forgot My Password
-
10:30 - WiFi Pineapple: Winning the WiFi Battlefield
-
10:30 - Classic Misdirection: Social Engineering to Counter Surveillance
-
11:00 - Bio-Hacking: Implantable chip attack vector
-
11:00 - Harvesting Passwords from Source Code, Scripts, and Code Repositories
-
11:00 - Haking the Next Generation
-
11:00 - TAPIOCA (TAPIOCA Automated Processing for IOC Analysis)
-
11:00 - Who Watches the Watchers? Metrics for Security Strategy
-
11:00 - Phishing: Going from Recon to Credentials
-
11:10 - Did you make a difference today?
-
11:30 - Better Spectrum Monitoring with Software Defined Radio
-
11:30 - Social Media in Incident Response Program
-
12:00 - Advancing Internet Security Research with Big Data and Graph Databases
-
12:00 - Towards Standardizing Comparisons of Password Guessability
-
12:00 - Backdooring MS Office documents with secret master keys
-
12:00 - Cats and Mice - Ever evolving attackers and other game changers
-
14:00 - FAA, FTC, FCC - FU: How Three F'ing Agencies are Shaping Info Sec
-
14:00 - Welcome back, Emcee sets tone for the afternoon
-
14:00 - Building an Empire with PowerShell
-
14:00 - Wi-Door - Bind/Rev Shells for your Wi-Fi
-
14:00 - Android App Security Auditing
-
14:00 - Open Up A Can of OSINT On 'Em
-
14:00 - Fishing To Phishing - It’s all about slimy creatures.
-
14:00 - Yes, you too can perform daring acts of Live Acquisition.
-
14:00 - Intro to Data Science for Security
-
14:00 - Stronger Password-Based Encryption Using I/O Hardness
-
14:15 - Interview Role Play
-
14:30 - Auth for Encrypted Services with Server Side APT
-
14:30 - +10 Knowledge: Sharing What You Learn For the Benefit of the Everyman.
-
15:00 - Blind Hashing
-
15:00 - Software-Defined Radio Signal Processing with a $5 Microcontroller.
-
15:00 - Insider Tricks for Bug Bounty Success
-
15:00 - Maximizing Bro Detection
-
15:00 - For love of country: 15 years of Security Clearance Decisions
-
15:30 - Embedding Web Apps in MITMProxy Scripts
-
15:30 - PBKDF2: Performance Matters
-
15:35 - Company Elevator Pitches
-
16:00 - All Your RFz Are Belong to Me – Software Defined Radio Exploits
-
16:20 - Life at a Startup, Tales From the Trenches: The Good, the Bad and the Ugly
-
16:40 - It’s Not Just Your Answer: Hacking Tech Interviews
-
17:00 - Actionable Threat Intelligence: ISIS, SuperBall, SuperFish, and your less magical 8-ball
-
17:00 - What Lurks in the Shadow
-
17:00 - Remote Access, the APT
-
17:00 - Password Alert by Google
-
17:00 - Infosec careers, myth vs. reality
-
17:00 - Rethink, Repurpose, Reuse... Rain Hell
-
17:00 - No More Fudge Factors and Made-up Shit: Performance Numbers That Mean Something
-
17:20 - Some things you just can’t find on Google.
-
17:30 - Out of Denial: A 12-Step Program for Recovering Admins
-
17:30 - No More Graphical Passwords
-
17:40 - Longevity in InfoSec – Turning Passion into Expertise & Respect
-
18:00 - Ask the EFF
-
18:00 - Crash The IoT Train Yourself: Intentionally Vulnerable WRT (IV-WRT)
-
18:00 - AI and CND - implications for security in the era of Artificial Intelligence
-
18:00 - How Secure Are Multi-Word Random Passphrases?
-
18:00 - Why We Can't Have Nice Things: Original Research on Conflict Resolution Styles in Information Security & Risk Management
-
18:00 - Common Mistakes that Engineers make while Interviewing in a “Hot” market
-
18:00 - Why does InfoSec play bass? And other observations about hacker culture.
-
18:30 - Are You Sure That You Still Need Passwords?
-
18:30 - Serial Box - Primer for dealing with Serial and JTAG for basic hardware hacking
-
18:45 - Closing remarks and thanks from our Emcee