BSidesLV 2015
took place Aug. 4, 2015 through Aug. 5, 2015 (8 years, 11 months ago) at Tuscany Suites and Casino in Las Vegas, Nevada, USA.
Presentations
Tuesday, Aug. 4, 2015
-
08:30 - Deploying, Managing, and Leveraging Honeypots in the Enterprise using Open Source Tools
-
08:30 - Pentesting PLCs 101
-
11:00 - Injection on Steroids: Code-less Code Injections and 0-Day Techniques
-
11:00 - Speaking Metrics to Executives
-
11:00 - Barely Legal: the Hacker’s Guide to Cybersecurity Legislation
-
11:00 - Verum - How Skynet Started as a Context Graph
-
11:00 - Practical Application Whitelisting Evasion
-
11:00 - A Security/Usability Review of Wordpress 2FA Plugins
-
11:00 - I Am The Cavalry Track Introduction and Overview
-
11:00 - Underground Wi-Fi Hacking for Web Pentesters
-
11:30 - Dropping hell0days: Business Interaction for Security Professionals - Or Anyone Else
-
11:30 - Hack the Future
-
11:30 - Unspeakable Passwords: Pronounceable or Diceware
-
12:00 - Getting the data out using social media
-
12:00 - Leading in a "Do"-ocracy
-
12:00 - When steganography stops being cool
-
12:00 - Practice Safe Cyber: The Miseducation of American Students on Internet Safety
-
14:00 - Pushing on String: Adventures in the 'Don't Care' Regions of Password Strength
-
14:00 - #radBIOS: Wireless networking with audio
-
14:00 - The Internet of ... Mainframes?! WTF?
-
14:00 - An introduction of the Kobra, a client for the Badger version 2.0, providing tactical situational awareness, physical tampering protection, and automatic process mitigation
-
14:00 - Pentesting with Docker
-
14:00 - Violent Python
-
14:00 - Exploit Kit Shenanigans: They’re Cheeky!
-
14:00 - Analogue Network Security
-
14:00 - State of Medical Device Cyber Safety
-
14:00 - Check That Certificate
-
14:30 - The Journey To ICS
-
14:30 - How can we ensure safer Medical Devices?
-
15:00 - What would fix passwords? Some weekly password audits. Pretty graphs to prove it! (A Haiku)
-
15:00 - What's New Pussycat: Recent Improvements to Powercat
-
15:00 - Don’t hate the Disclosure, Hate the Vulnerability: How the government is bringing researchers and vendors together to talk vulnerability disclosure.
-
15:00 - NSA Playset: Bridging the Airgap without Radios
-
15:00 - I Amateur Radio (And So Can You!)
-
15:00 - Catching Linux Post-Exploitation with Auditd
-
15:30 - Breachego
-
15:30 - Adding +10 Security to Your Scrum Agile Environment
-
16:00 - How to WCTF
-
17:00 - State of Automotive Cyber Safety
-
17:00 - Hacking Our Way Into Hacking
-
17:00 - Fight back – raising awareness @infosec
-
17:00 - How Portal Can Change Your Security Forever
-
17:00 - Tell Me Who You Are, and I Will Tell You Your Lock Pattern
-
17:00 - Crema: A LangSec-inspired Language
-
17:30 - How can we ensure safer Automobiles?
-
17:30 - Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers
-
17:30 - What the heck is this radio stuff, anyway?
-
18:00 - Stress, Burnout, Rinse, Repeat
-
18:00 - Angler Lurking in the Domain Shadows
-
18:00 - Making & Breaking Machine Learning Anomaly Detectors in Real Life
-
18:00 - Poppin' (Digital) Locks
-
18:00 - SIEMple technology
-
18:00 - Your Electronic Device, Please: Understanding the Border Search Exception & Electronic Devices
-
18:30 - Privileges in the Real World: Securing Password Management
-
18:30 - How I learnt hacking in highschool
Wednesday, Aug. 5, 2015
-
08:30 - You Hack, We Capture: Attack Analysis with Honeypots
-
08:30 - Registration Open
-
08:30 - Radare2 an open source reverse engineering framework
-
10:00 - Security Questions Considered Harmful
-
10:00 - ZOMG It's OSINT Heaven!
-
10:00 - WhyMI so Sexy? WMI Attacks, Real-Time Defense, and Advanced Forensic Analysis
-
10:00 - Introduction to the Career Track
-
10:00 - All You Need Is One: A ClickOnce Love Story
-
10:00 - A hackers guide to using the YubiKey - how to add inexpensive 2-factor authentication to your next project.
-
10:00 - Have I seen you before?
-
10:10 - Being the Paid Expert in the Room: Consulting for a Company or On Your Own
-
10:30 - WiFi Pineapple: Winning the WiFi Battlefield
-
10:30 - Classic Misdirection: Social Engineering to Counter Surveillance
-
10:30 - I Forgot My Password
-
10:30 - It’s All Geek to Me
-
11:00 - TAPIOCA (TAPIOCA Automated Processing for IOC Analysis)
-
11:00 - Haking the Next Generation
-
11:00 - Bio-Hacking: Implantable chip attack vector
-
11:00 - Harvesting Passwords from Source Code, Scripts, and Code Repositories
-
11:00 - Who Watches the Watchers? Metrics for Security Strategy
-
11:00 - Phishing: Going from Recon to Credentials
-
11:10 - Did you make a difference today?
-
11:30 - Social Media in Incident Response Program
-
11:30 - Better Spectrum Monitoring with Software Defined Radio
-
12:00 - Advancing Internet Security Research with Big Data and Graph Databases
-
12:00 - Towards Standardizing Comparisons of Password Guessability
-
12:00 - Backdooring MS Office documents with secret master keys
-
12:00 - Cats and Mice - Ever evolving attackers and other game changers
-
14:00 - Stronger Password-Based Encryption Using I/O Hardness
-
14:00 - Yes, you too can perform daring acts of Live Acquisition.
-
14:00 - Intro to Data Science for Security
-
14:00 - Android App Security Auditing
-
14:00 - Welcome back, Emcee sets tone for the afternoon
-
14:00 - Fishing To Phishing - It’s all about slimy creatures.
-
14:00 - Open Up A Can of OSINT On 'Em
-
14:00 - FAA, FTC, FCC - FU: How Three F'ing Agencies are Shaping Info Sec
-
14:00 - Wi-Door - Bind/Rev Shells for your Wi-Fi
-
14:00 - Building an Empire with PowerShell
-
14:15 - Interview Role Play
-
14:30 - Auth for Encrypted Services with Server Side APT
-
14:30 - +10 Knowledge: Sharing What You Learn For the Benefit of the Everyman.
-
15:00 - Blind Hashing
-
15:00 - Maximizing Bro Detection
-
15:00 - Insider Tricks for Bug Bounty Success
-
15:00 - Software-Defined Radio Signal Processing with a $5 Microcontroller.
-
15:00 - For love of country: 15 years of Security Clearance Decisions
-
15:30 - PBKDF2: Performance Matters
-
15:30 - Embedding Web Apps in MITMProxy Scripts
-
15:35 - Company Elevator Pitches
-
16:00 - All Your RFz Are Belong to Me – Software Defined Radio Exploits
-
16:20 - Life at a Startup, Tales From the Trenches: The Good, the Bad and the Ugly
-
16:40 - It’s Not Just Your Answer: Hacking Tech Interviews
-
17:00 - Password Alert by Google
-
17:00 - What Lurks in the Shadow
-
17:00 - Actionable Threat Intelligence: ISIS, SuperBall, SuperFish, and your less magical 8-ball
-
17:00 - Remote Access, the APT
-
17:00 - Infosec careers, myth vs. reality
-
17:00 - Rethink, Repurpose, Reuse... Rain Hell
-
17:00 - No More Fudge Factors and Made-up Shit: Performance Numbers That Mean Something
-
17:20 - Some things you just can’t find on Google.
-
17:30 - Out of Denial: A 12-Step Program for Recovering Admins
-
17:30 - No More Graphical Passwords
-
17:40 - Longevity in InfoSec – Turning Passion into Expertise & Respect
-
18:00 - Why We Can't Have Nice Things: Original Research on Conflict Resolution Styles in Information Security & Risk Management
-
18:00 - Common Mistakes that Engineers make while Interviewing in a “Hot” market
-
18:00 - Crash The IoT Train Yourself: Intentionally Vulnerable WRT (IV-WRT)
-
18:00 - Why does InfoSec play bass? And other observations about hacker culture.
-
18:00 - AI and CND - implications for security in the era of Artificial Intelligence
-
18:00 - How Secure Are Multi-Word Random Passphrases?
-
18:00 - Ask the EFF
-
18:30 - Are You Sure That You Still Need Passwords?
-
18:30 - Serial Box - Primer for dealing with Serial and JTAG for basic hardware hacking
-
18:45 - Closing remarks and thanks from our Emcee