BSidesLV 2015

BSidesLV 2015 took place Aug. 4, 2015 through Aug. 5, 2015 (8 years, 8 months ago) at Tuscany Suites and Casino in Las Vegas, Nevada, USA.

Presentations

Tuesday, Aug. 4, 2015

08:30 - Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open Source Tools
08:30 - Pentesting PLCs 101
11:00 - Injection on Steroids: Code-less Code Injections and 0-Day Techniques
11:00 - Speaking Metrics to Executives
11:00 - Barely Legal: the Hacker’s Guide to Cybersecurity Legislation
11:00 - Verum - How Skynet Started as a Context Graph
11:00 - Practical Application Whitelisting Evasion
11:00 - A Security/Usability Review of Wordpress 2FA Plugins
11:00 - I Am The Cavalry Track Introduction and Overview
11:00 - Underground Wi-Fi Hacking for Web Pentesters
11:30 - Dropping hell0days: Business Interaction for Security Professionals - Or Anyone Else
11:30 - Hack the Future
11:30 - Unspeakable Passwords: Pronounceable or Diceware
12:00 - Getting the data out using social media
12:00 - Leading in a "Do"-ocracy
12:00 - When steganography stops being cool
12:00 - Practice Safe Cyber: The Miseducation of American Students on Internet Safety
14:00 - Pushing on String: Adventures in the 'Don't Care' Regions of Password Strength
14:00 - #radBIOS: Wireless networking with audio
14:00 - The Internet of ... Mainframes?! WTF?
14:00 - An introduction of the Kobra, a client for the Badger version 2.0, providing tactical situational awareness, physical tampering protection, and automatic process mitigation
14:00 - Pentesting with Docker
14:00 - Violent Python
14:00 - Exploit Kit Shenanigans: They’re Cheeky!
14:00 - Analogue Network Security
14:00 - State of Medical Device Cyber Safety
14:00 - Check That Certificate
14:30 - The Journey To ICS
14:30 - How can we ensure safer Medical Devices?
15:00 - What would fix passwords? Some weekly password audits. Pretty graphs to prove it! (A Haiku)
15:00 - What's New Pussycat: Recent Improvements to Powercat
15:00 - Don’t hate the Disclosure, Hate the Vulnerability: How the government is bringing researchers and vendors together to talk vulnerability disclosure.
15:00 - NSA Playset: Bridging the Airgap without Radios
15:00 - I Amateur Radio (And So Can You!)
15:00 - Catching Linux Post-Exploitation with Auditd
15:30 - Breachego
15:30 - Adding +10 Security to Your Scrum Agile Environment
16:00 - How to WCTF
17:00 - State of Automotive Cyber Safety
17:00 - Hacking Our Way Into Hacking
17:00 - Fight back – raising awareness @infosec
17:00 - How Portal Can Change Your Security Forever
17:00 - Tell Me Who You Are, and I Will Tell You Your Lock Pattern
17:00 - Crema: A LangSec-inspired Language
17:30 - How can we ensure safer Automobiles?
17:30 - Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers
17:30 - What the heck is this radio stuff, anyway?
18:00 - Stress, Burnout, Rinse, Repeat
18:00 - Angler Lurking in the Domain Shadows
18:00 - Making & Breaking Machine Learning Anomaly Detectors in Real Life
18:00 - Poppin' (Digital) Locks
18:00 - SIEMple technology
18:00 - Your Electronic Device, Please: Understanding the Border Search Exception & Electronic Devices
18:30 - Privileges in the Real World: Securing Password Management
18:30 - How I learnt hacking in highschool

Wednesday, Aug. 5, 2015

08:30 - You Hack, We Capture: Attack Analysis with Honeypots
08:30 - Registration Open
08:30 - Radare2 an open source reverse engineering framework
10:00 - Security Questions Considered Harmful
10:00 - ZOMG It's OSINT Heaven!
10:00 - WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis
10:00 - Introduction to the Career Track
10:00 - All You Need Is One: A ClickOnce Love Story
10:00 - A hackers guide to using the YubiKey - how to add inexpensive 2-factor authentication to your next project.
10:00 - Have I seen you before?
10:10 - Being the Paid Expert in the Room: Consulting for a Company or On Your Own
10:30 - WiFi Pineapple: Winning the WiFi Battlefield
10:30 - Classic Misdirection: Social Engineering to Counter Surveillance
10:30 - I Forgot My Password
10:30 - It’s All Geek to Me
11:00 - TAPIOCA (TAPIOCA Automated Processing for IOC Analysis)
11:00 - Haking the Next Generation
11:00 - Bio-Hacking: Implantable chip attack vector
11:00 - Harvesting Passwords from Source Code, Scripts, and Code Repositories
11:00 - Who Watches the Watchers? Metrics for Security Strategy
11:00 - Phishing: Going from Recon to Credentials
11:10 - Did you make a difference today?
11:30 - Social Media in Incident Response Program
11:30 - Better Spectrum Monitoring with Software Defined Radio
12:00 - Advancing Internet Security Research with Big Data and Graph Databases
12:00 - Towards Standardizing Comparisons of Password Guessability
12:00 - Backdooring MS Office documents with secret master keys
12:00 - Cats and Mice - Ever evolving attackers and other game changers
14:00 - Stronger Password-Based Encryption Using I/O Hardness
14:00 - Yes, you too can perform daring acts of Live Acquisition.
14:00 - Intro to Data Science for Security
14:00 - Android App Security Auditing
14:00 - Welcome back, Emcee sets tone for the afternoon
14:00 - Fishing To Phishing - It’s all about slimy creatures.
14:00 - Open Up A Can of OSINT On 'Em
14:00 - FAA, FTC, FCC - FU: How Three F'ing Agencies are Shaping Info Sec
14:00 - Wi-Door - Bind/Rev Shells for your Wi-Fi
14:00 - Building an Empire with PowerShell
14:15 - Interview Role Play
14:30 - Auth for Encrypted Services with Server Side APT
14:30 - +10 Knowledge: Sharing What You Learn For the Benefit of the Everyman.
15:00 - Blind Hashing
15:00 - Maximizing Bro Detection
15:00 - Insider Tricks for Bug Bounty Success
15:00 - Software-Defined Radio Signal Processing with a $5 Microcontroller.
15:00 - For love of country: 15 years of Security Clearance Decisions
15:30 - PBKDF2: Performance Matters
15:30 - Embedding Web Apps in MITMProxy Scripts
15:35 - Company Elevator Pitches
16:00 - All Your RFz Are Belong to Me – Software Defined Radio Exploits
16:20 - Life at a Startup, Tales From the Trenches: The Good, the Bad and the Ugly
16:40 - It’s Not Just Your Answer: Hacking Tech Interviews
17:00 - Password Alert by Google
17:00 - What Lurks in the Shadow
17:00 - Actionable Threat Intelligence: ISIS, SuperBall, SuperFish, and your less magical 8-ball
17:00 - Remote Access, the APT
17:00 - Infosec careers, myth vs. reality
17:00 - Rethink, Repurpose, Reuse... Rain Hell
17:00 - No More Fudge Factors and Made-up Shit: Performance Numbers That Mean Something
17:20 - Some things you just can’t find on Google.
17:30 - Out of Denial: A 12-Step Program for Recovering Admins
17:30 - No More Graphical Passwords
17:40 - Longevity in InfoSec – Turning Passion into Expertise & Respect
18:00 - Why We Can't Have Nice Things: Original Research on Conflict Resolution Styles in Information Security & Risk Management
18:00 - Common Mistakes that Engineers make while Interviewing in a “Hot” market
18:00 - Crash The IoT Train Yourself: Intentionally Vulnerable WRT (IV-WRT)
18:00 - Why does InfoSec play bass? And other observations about hacker culture.
18:00 - AI and CND - implications for security in the era of Artificial Intelligence
18:00 - How Secure Are Multi-Word Random Passphrases?
18:00 - Ask the EFF
18:30 - Are You Sure That You Still Need Passwords?
18:30 - Serial Box - Primer for dealing with Serial and JTAG for basic hardware hacking
18:45 - Closing remarks and thanks from our Emcee

Presenters