BSidesLV 2015

BSidesLV 2015 took place Aug. 4, 2015 through Aug. 5, 2015 (9 years, 10 months ago) at Tuscany Suites and Casino in Las Vegas, Nevada, USA.

Presentations

Tuesday, Aug. 4, 2015

08:30 - Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open Source Tools
08:30 - Pentesting PLCs 101
11:00 - I Am The Cavalry Track Introduction and Overview
11:00 - Barely Legal: the Hacker’s Guide to Cybersecurity Legislation
11:00 - Speaking Metrics to Executives
11:00 - Underground Wi-Fi Hacking for Web Pentesters
11:00 - Injection on Steroids: Code-less Code Injections and 0-Day Techniques
11:00 - Practical Application Whitelisting Evasion
11:00 - A Security/Usability Review of Wordpress 2FA Plugins
11:00 - Verum - How Skynet Started as a Context Graph
11:30 - Hack the Future
11:30 - Dropping hell0days: Business Interaction for Security Professionals - Or Anyone Else
11:30 - Unspeakable Passwords: Pronounceable or Diceware
12:00 - Getting the data out using social media
12:00 - Leading in a "Do"-ocracy
12:00 - Practice Safe Cyber: The Miseducation of American Students on Internet Safety
12:00 - When steganography stops being cool
14:00 - Pentesting with Docker
14:00 - State of Medical Device Cyber Safety
14:00 - Pushing on String: Adventures in the 'Don't Care' Regions of Password Strength
14:00 - Check That Certificate
14:00 - The Internet of ... Mainframes?! WTF?
14:00 - Violent Python
14:00 - Exploit Kit Shenanigans: They’re Cheeky!
14:00 - Analogue Network Security
14:00 - An introduction of the Kobra, a client for the Badger version 2.0, providing tactical situational awareness, physical tampering protection, and automatic process mitigation
14:00 - #radBIOS: Wireless networking with audio
14:30 - How can we ensure safer Medical Devices?
14:30 - The Journey To ICS
15:00 - NSA Playset: Bridging the Airgap without Radios
15:00 - I Amateur Radio (And So Can You!)
15:00 - Catching Linux Post-Exploitation with Auditd
15:00 - What's New Pussycat: Recent Improvements to Powercat
15:00 - What would fix passwords? Some weekly password audits. Pretty graphs to prove it! (A Haiku)
15:00 - Don’t hate the Disclosure, Hate the Vulnerability: How the government is bringing researchers and vendors together to talk vulnerability disclosure.
15:30 - Adding +10 Security to Your Scrum Agile Environment
15:30 - Breachego
16:00 - How to WCTF
17:00 - State of Automotive Cyber Safety
17:00 - How Portal Can Change Your Security Forever
17:00 - Crema: A LangSec-inspired Language
17:00 - Tell Me Who You Are, and I Will Tell You Your Lock Pattern
17:00 - Fight back – raising awareness @infosec
17:00 - Hacking Our Way Into Hacking
17:30 - What the heck is this radio stuff, anyway?
17:30 - How can we ensure safer Automobiles?
17:30 - Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers
18:00 - Angler Lurking in the Domain Shadows
18:00 - Your Electronic Device, Please: Understanding the Border Search Exception & Electronic Devices
18:00 - Poppin' (Digital) Locks
18:00 - Stress, Burnout, Rinse, Repeat
18:00 - Making & Breaking Machine Learning Anomaly Detectors in Real Life
18:00 - SIEMple technology
18:30 - How I learnt hacking in highschool
18:30 - Privileges in the Real World: Securing Password Management

Wednesday, Aug. 5, 2015

08:30 - Radare2 an open source reverse engineering framework
08:30 - Registration Open
08:30 - You Hack, We Capture: Attack Analysis with Honeypots
10:00 - WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis
10:00 - A hackers guide to using the YubiKey - how to add inexpensive 2-factor authentication to your next project.
10:00 - Have I seen you before?
10:00 - Security Questions Considered Harmful
10:00 - ZOMG It's OSINT Heaven!
10:00 - All You Need Is One: A ClickOnce Love Story
10:00 - Introduction to the Career Track
10:10 - Being the Paid Expert in the Room: Consulting for a Company or On Your Own
10:30 - It’s All Geek to Me
10:30 - I Forgot My Password
10:30 - WiFi Pineapple: Winning the WiFi Battlefield
10:30 - Classic Misdirection: Social Engineering to Counter Surveillance
11:00 - Bio-Hacking: Implantable chip attack vector
11:00 - Harvesting Passwords from Source Code, Scripts, and Code Repositories
11:00 - Haking the Next Generation
11:00 - TAPIOCA (TAPIOCA Automated Processing for IOC Analysis)
11:00 - Who Watches the Watchers? Metrics for Security Strategy
11:00 - Phishing: Going from Recon to Credentials
11:10 - Did you make a difference today?
11:30 - Better Spectrum Monitoring with Software Defined Radio
11:30 - Social Media in Incident Response Program
12:00 - Advancing Internet Security Research with Big Data and Graph Databases
12:00 - Towards Standardizing Comparisons of Password Guessability
12:00 - Backdooring MS Office documents with secret master keys
12:00 - Cats and Mice - Ever evolving attackers and other game changers
14:00 - FAA, FTC, FCC - FU: How Three F'ing Agencies are Shaping Info Sec
14:00 - Welcome back, Emcee sets tone for the afternoon
14:00 - Building an Empire with PowerShell
14:00 - Wi-Door - Bind/Rev Shells for your Wi-Fi
14:00 - Android App Security Auditing
14:00 - Open Up A Can of OSINT On 'Em
14:00 - Fishing To Phishing - It’s all about slimy creatures.
14:00 - Yes, you too can perform daring acts of Live Acquisition.
14:00 - Intro to Data Science for Security
14:00 - Stronger Password-Based Encryption Using I/O Hardness
14:15 - Interview Role Play
14:30 - Auth for Encrypted Services with Server Side APT
14:30 - +10 Knowledge: Sharing What You Learn For the Benefit of the Everyman.
15:00 - Blind Hashing
15:00 - Software-Defined Radio Signal Processing with a $5 Microcontroller.
15:00 - Insider Tricks for Bug Bounty Success
15:00 - Maximizing Bro Detection
15:00 - For love of country: 15 years of Security Clearance Decisions
15:30 - Embedding Web Apps in MITMProxy Scripts
15:30 - PBKDF2: Performance Matters
15:35 - Company Elevator Pitches
16:00 - All Your RFz Are Belong to Me – Software Defined Radio Exploits
16:20 - Life at a Startup, Tales From the Trenches: The Good, the Bad and the Ugly
16:40 - It’s Not Just Your Answer: Hacking Tech Interviews
17:00 - Actionable Threat Intelligence: ISIS, SuperBall, SuperFish, and your less magical 8-ball
17:00 - What Lurks in the Shadow
17:00 - Remote Access, the APT
17:00 - Password Alert by Google
17:00 - Infosec careers, myth vs. reality
17:00 - Rethink, Repurpose, Reuse... Rain Hell
17:00 - No More Fudge Factors and Made-up Shit: Performance Numbers That Mean Something
17:20 - Some things you just can’t find on Google.
17:30 - Out of Denial: A 12-Step Program for Recovering Admins
17:30 - No More Graphical Passwords
17:40 - Longevity in InfoSec – Turning Passion into Expertise & Respect
18:00 - Ask the EFF
18:00 - Crash The IoT Train Yourself: Intentionally Vulnerable WRT (IV-WRT)
18:00 - AI and CND - implications for security in the era of Artificial Intelligence
18:00 - How Secure Are Multi-Word Random Passphrases?
18:00 - Why We Can't Have Nice Things: Original Research on Conflict Resolution Styles in Information Security & Risk Management
18:00 - Common Mistakes that Engineers make while Interviewing in a “Hot” market
18:00 - Why does InfoSec play bass? And other observations about hacker culture.
18:30 - Are You Sure That You Still Need Passwords?
18:30 - Serial Box - Primer for dealing with Serial and JTAG for basic hardware hacking
18:45 - Closing remarks and thanks from our Emcee

Presenters