Search Irongeek.com:
Affiliates:


Help Irongeek.com pay for bandwidth and research equipment:
|
Irongeek.com
Welcome to Irongeek.com, Adrian Crenshaw's Information
Security site (along with a bit about weightlifting and other things that strike
my fancy). As I write articles
and tutorials I will be posting them here. If you would like to republish one of
the articles from this site on your webpage or print journal please e-mail me. Enjoy
the site and write us if you have any good ideas for articles or links.
Adrian
|
News/Change Log
11/18/2019 |
Louisville Infosec 2019 Videos
Below are the videos from
the
Louisville Infosec 2019 conference.
Thanks to all the video volunteers for helping me record. Caleb, Richard, Harold
and Andre.
Opening
Preventing Mobile Cuberattacks
James Traxel
Real World Zero Trust Implementation
Mark Loveless
Surviving the Modern Compliance Minefield
Harlen R. Compton, CISSP, Attorney at Law
Digital Transformation Means Security Transformation
Allyn Crowe
Ransowmare Recovery
Edward McCabe
Understanding Why Breaches Occur
John Survant & Don Wolfe
Building Your IAM Program from Start to Finish
Jerod Brennen
Common Observations from a Security Assessor
Corey Shell
A Gentle Introduction to Hacking Mainframes
Dan Helton
Taking the Next Steps in Cyber Security
Connie Matthews Reynolds
Weaponizing Statistics
Jeremy Druin and Erich Jackson
Keeping Your Head in the Clouds, But Your Feet on the Ground
Carl Alexander
The Escape Map: Pivoting to a New Life of InfoSec
Erich Jackson
Data Loss Prevention Demystified
Micah K Brown
Improv Comedy for Social Engineering
Dave Mattingly
|
11/10/2019 |
BSidesCT 2019 Video
These are the videos of the presentations from
BSidesCT 2019. Thanks to Will Genovese, Tom
Barber and Bill Reyor
for having me out. Thanks to Greg Jurman, Spencer Smalley, Steven Swabby and
Daniel Robels.
Opening
Roman Simanovich
Keynote
Brian Kelly
Event Injections: Sending Evil to the Cloud
Tal Melamed
Blue-teaming & Incident Response for the "Win"!
Roy Wattanasin
Election hacking defined, and how to fight back
Andy Dennis
Rethinking Privileged Access Management for Agile Clouds & Data Center Environments
Brian Gladstein (Audio missing after 40:50)
Reversing and Bypassing DRM/HSM Dongles
Jeremy Mill
Extensible DevSecOps pipelines with Jenkins, Docker, Terraform, and a kitchen sink full of scanners
Richard Bullington-McGuire (No audio after 36 min)
Vigilante: Bringing a nail bat to a gun fight
nobletrout
Trust and Security: The Odd Couple Driving Your Business
Loren Dealy Mahler
Wrangle Your Defense Using Offensive Tactics
Matt Dunn
Most Vulnerable Product: Easy to implement security solutions and strategies for the modern web application stack
Jason Portnoy
The Unmanaged Device Tsunami: Surf or Suffer?
Ziv Dines
Building Castles in the Cloud: AWS Security and Self-Assessment
Rami McCarthy
Zoom 0-Day: How not to handle a vulnerability report
Jonathan Leitschuh
Securing Active Directory & PAM for ADDS
Rohit D'Souza
Prizes and closing remarks
Roman Simanovich
|
10/26/2019 |
GrrCON 2019 Videos
These are the videos of the presentations from GrrCON 2019. Big thanks to
P1nkN1ghtmare
and EggDropX for having me out, and my video crew (paint27,
LizardSlack,
BrettAHansen, and
ZTC1980) for recording.Keynote
Amanda 'Infosystir' Berlin
Baselining Behavior Tradecraft through Simulations
Dave Kenendy
I PWN thee, I PWN thee not!
Jayson Street
Automating Phishing Analysis
Kyle Eaton
Black Hats & White Collars : Bitcoin, Dark Nets and Insider Trading
Ken Westin
Ssshhhh
Atlas of Doom
How Nathan Crashed and Burned
Nathan Dragun
Reverse Engineering Malware for N00bs
GregB33f/James
Host-Hunting on a Budget
cyberGoatPsyOps
Keynote
Rachel "Soul Crusher86" G
Cons & Careers
SciaticNerd
Hacking the Boardroom: How to communicate effectively to get your budget
Ryan Wisniewski
The Science of Breaking and Entering
Alissa dnsprincess
Hashes; Smothered and Scattered: Modern Password Cracking as a Methodology
Lee Wangenheim & Joshua Platz
Big Plane, Little Plane: How common aviation attacks affect airlines and general aviation
Phil Polstra
PSD2, SCA, WTF?!
Kelley Robinson
Nerding out with machine data
Nick Maier
The Past, Present & Future of Cyber Threats
Chris Russell
Symbolically executing a fuzzy tyrant
Lojikil
A Theme of Fear: Hacking the Paradigm
Catherine Ullman
Q&A on our industry and other things that are top of mind
Chris Roberts
How to Make a Honeypot Stickier (SSH*)
Jose Hernandez
Data Access Rights Exploits under New Privacy Laws
Amber Welch
Data Security: How to avoid an embarrassing breach
Matt "mattrix" Hoy
MSSPs are great...and other lies I tell myself
Scott Thomas
Devaluing Cloud Breaches while Gaining Safe Harbor
Eric Wolff
Good Cyber Hygiene and using analytics to drive the need for it on Print
David Rose
Varna: Custom, robust AWS monitoring for cents a day using EQL
Adam Ringwood
A Day in the Life of a Security Operations Center: What do you get when you partner with cybersecurity experts?
Milan Patel
Malicious Cryptomining is Exploding: Are you at risk?
John Fatten
Dance, Fancybear, Dance: a study in macOS
Cat Self
The Spider Economy: Emotet, Dridex, and TrickBot, Oh My
Adam Hogan
Cloudy with a chance of SecOps
Ricardo Lafosse & Matthew Speakman
Destroy Everything
Tom Somerville
Surfing and Security - Ride the wave
Chris Burrows
The Importance of IT Asset Visibility
Brian Berk
From Idea to Badge: Getting Started & Finished with badge making
Dave Schwartzberg
CyberCrime Trends of 2019: A Look Into Cybercrime, Nation State and Ransomware Monetization Activities
Jared Phipps
Using Next Generation Fuzzing Tools: Fixing Bugs and Writing Memory Corruption Exploits
Dr. Jared DeMott & John Stigerwalt
What Are We Doing Here? Rethinking Security
Jeff Man
How Hackers Evade Your AI-enabled Endpoint Detection Tools
Dan Allen
Hillbilly Storytime - Pentest Fails
Adam Compton
Want to Play a Game..
John DeRyke
The Hacker Hippocampus: Meet your brain on games
Chloe Messdaghi
Departing Employees = Departing Data
Todd Thorsen
Beginner's Guide to Mobile Applications Penetration Testing
Whitney Phillips
Understanding how public places introduce additional risks to business travelers & how the tools used by hackers continue to evolve
Len Noe
Million Dollar Malware: Using the Viper Framework to Investigate and Track Ryuk's Success
Colin Cowie
The Importance of Relevant, Timely, and Qualitative Intelligence Analysis
Aamil AK
Deepfakes: If anything can be real then nothing is real
April C Wright
Network exploitation of IoT ecosystems
Fotios (ithilgore) Chantzis
|
09/22/2019 |
BSidesSTL 2019 Videos
These are the videos of the presentations from BSidesSTL 2019.
Big thanks to my video jockeys @Mayer302 and
@l00tation and the video crew Mike and Bob.
BSidesSTL 2019 Opening
Hacking is Dead - Long Live Hacking
Michael Collins
pyews: A cross platform python package to interact with Exchange Web Services
Josh Rickard
Don't Hate - Remediate
Brandon Wunderle
The 2019 Data Breach Investigations Report. From a DBIR author
Gabriel Bassett
Opening the door to InfoSec
Alexis Womble
Everything I Need to Know About Infosec I Learned from Gambling
Cliff Smith
Judo Threat Intelligence
Frank Angiolelli
Do You Live or Die? Explaining Machine Learning with Azure and the Titanic dataset
Beth Young
My Trudge Through IT Burnout & Keeping it at Bay
Eric Lee
Securtle (The Security Turtle)
Sanchari Das
BSidesSTL 2019 Closing
|
09/08/2019 |
DerbyCon
9 Videos
These are the videos of the presentations from Derbycon 2019.
Big thanks to my video jockeys
AlexGatti,
nightcarnage,
securid,
theglennbarrett,
LenIsham,
someninjamaster,
SciaticNerd,
CoryJ1983,
Skiboy941,
livebeef,
buccaneeris,
mjnbrn,
sfzombie13,
kandi3kan3,
ZTC1980,
soc_analyst,
m3l1e,
primestick,
dmmeurdebitcard, Mel and
TeaPartyTechie. |
07/13/2019 |
OISF 2019
Videos
These are the videos from the
OISF Anniversary Event
Introduction
Dr. John Carls/Paul Hankins
UBoot to Root
Deral Heiland
A Discussion of Secrets
Robert Stewart
Continuous Skills Improvement For Everyone
Matt Scheurer
DLP Demystified
Micah Brown
Pixel Tracking: How it’s used and abused
Barry Kimball |
06/22/2019 |
BSides Cleveland 2019 Videos
These are
the videos from the Bsides Cleveland
conference. Thanks to Rich, ninewires,
justinschmitt &
as the video team. Thanks to
twuntymcslore &
RockieBrockway for being con
mom & dad.
Keynote
David Kennedy
Operationalizing the MITRE ATT&CK Framework
Robert Olson
Markets for Malware
Adam Hogan
The TIP of the Stinger: Efficiently Using Threat Intelligence With TheHive
Matthew Gracie
Calls to Arms: US Elections Hacking
Damian Huising
The Overlooked Cyber-Security Risk: 3rd Party Risk Management
Rose Songer
The Politics of Cyber
Ian Thornton-Trump
Unix: the Other White Meat
Adam Len Compton & David Boyd
Hack for Show, Report for Dough
Brian King
Early Detection through Deception
Jason Nester
Eval Villain: Simplifying DOM XSS and JS Reversing
Dennis Goodlett
(Most Audio Missing)
Securing the DOM from the Bottom Up
Mike Samuel
(Missing Most Audio)
Data Access Rights Exploits under New Privacy Laws
Amber Welch
Public Partnership Panel for Security Response
Jeremy Mio and Others
Automating Windows Kernel Analysis With Symbolic Execution
Spencer McIntyre
Incident response on macOS
Thomas Reed
Getting youth interested in infosec from a youth's perspective.
Tristan Messner
Keynote
Joshua Corman
(Not Recorded) |
06/15/2019 |
ShowMeCon 2019 Videos
These are the videos ShowMeCon 2019.
Thanks to Renee & Dave Chronister (@bagomojo)
and others for having me out to record and speak. Also thanks to my video crew
@r3tr0_cod3x, James, Aaron, Jon,
@AlexTShell,
@Mayer302,
@MatthewRekos and some other
people I may have forgotten.
Welcome
A Practical Approach to Purple Teaming
Matt Thelen
Some assembly required, instructions not included
Dave Chronister
The Dark Side of Physical Access Control Systems
Valerie Thomas
The Art of Cyberwar: A Foundation and Framework for the Development of TTPs
Kevin L. Johnson
Human Centered Design and You: Hack Your Life
Hudson Harris
The rising geopolitical cyber power
Kurt Aubuchon
Cracking the Code - Hacking the Human Mind
Scott Holman
Confessions of Really Bad SysAdmins
Andy Thompson
Sync Your Sh*t: Why it's time you paid attention to time
John Clark
How to screw up your Incident Response investigation in 10 steps or less
Vadon Willis
Control of Unclassified Information in Non-Federal IT Systems - Or What You
Don't Know Can Cost You
Tim Grace
Why should your employees know how to phish
Mike Morris
Redesigning Password Authentication for the Modern Web
Cliff Smith
Penetration Testing: The Good, Bad, and the Ugly of Vendor Management, Reporting
and Risk Management (or lack thereof)
Justin L. Bauman
Why your red team shouldn't be snowflakes
Isaiah Sarju
0Day to HeroDay: Bringing a company from scorched earth to a modern security
organization
Ryan Wisniewski
The Great Explainer: Feynman and Standing on the Shoulders of Giants
Kevin Johnson
TLSv1.3: Minor Version, Major Changes
John Wagnon
I PWN thee, I PWN thee not!
Jayson Street
|
06/02/2019 |
Circle City Con 2019 Videos
These are the Circle City Con videos.
Thanks to the staff for inviting me
down to record. Big thanks to @irishjack,
@TheHomoHacker,
@Paint27,
@songsthatsaved,
@nogoodrobot,
@kitwessendorf,
@cxstephens,
@uncrustabl3 and others for helping set up AV and record.
Opening
Data Access Rights Exploits under New Privacy Laws
Amber Welch
How to reach and teach youth about Cybersecurity (if anybody will let you)
Jason Smith
More Tales from the Crypt...Analyst
Jeff Man
Could Static Code Analysis and Secure Coding have Saved the Death Star?
Mary Waddick
I’ll Complete My Threat Model Later Mom!: Infosec in Middle School.
Ashley Benitez Smith
Cons & Careers
Steven Bernstein
3D printing canister-launchable drones for city-scale wardriving
Glytch Tech
The Hunter Games: How to find the adversary with Event Query Language
Ross Wolf
Star Wars: How an ineffective Data Governance Program destroyed the Galactic Empire
Micah Brown
Security lessons from the Woofmutt… Chris Roberts
What The Frida Gave Me: A Novel Take on E-Ticket Forging and E-Ticket Stealing
Priyank Nigam
(Not Recorded)
It's Coming From Inside the House: An Inside-Out Approach to NodeJS Application Security
Yolonda Smith
Get off my lawn… or are we looking for the right people?
Mike (Shecky) Kavka
Endpoint Security, Swimming Through the Snake Oil
Dan Beavin
Do You Have What It Takes? How to Support Your Career From Community Involvement
Kathleen Smith
Catching the Guerrilla: Powershell Counterinsurgency
Aaron Sawyer
SigInt for the Masses: Building and Using a Signals Intelligence Platform for Less than $150
Josh Conway
InfoSuck: The Nasty Bits Of The Industry We Want To Tell Noobs But Aren't Allowed To In Polite Company.
Danny Akacki
Standardizer: a standardization framework for your security alerts
Christian Burrows
Call Of Duty, Modernest Browser Warfare v2
Dhiraj Mishra
(Did not happen)
Information Security Practice Principles a Rosetta Stone for information
security work
Susan Sons
What Can Data Science Do for Security?
Wendy Edwards
Deepfakes: If anything can be real then nothing is real
April Wright
(Not Recorded)
Evicting the Password from the Digital Estate
Alex Chalmers
A Theme of Fear: Hacking the Paradigm
Catherine Ullman
Beginning DFIR - How to get started with Cooties
Lisa Wallace
Of CORS it's Exploitable! What's Possible with Cross-Origin Resource Sharing?
Rebecca Deck
Nexus Zeta - How a newbie hacker managed to create a monster botnet
Adi Ikan
5G: Security Pitfalls and Considerations
Swapnil Deshmukh
(Did not happen)
Training and Education for the New Realities of Privacy and Security
Mitchell Parker
Container Security Deep Dive
Yashvier Kosaraju
Hacking Humans: Addressing Vulnerabilities in the Advancing Medical Device Landscape
Gabrielle Hempel
One Random Insecure Wep Application Please (ORIWAP)
Nancy Snoke
an Implantable Computer
Doug "c00p3r" Copeland
Modern AppSec Gotchas
Fletcher Heisler
A Few Things Right: Insights from Live and Simulated Incident Response
Chad Calease
The Resilient Reddit C2
Zach Zenner
Behind The Locked Door: we built an escape room for security awareness
Matthew Southworth Christian Bobadilla
F! Attribution
Xena Olsen Jared Peck
Inside Out Security - Building Castles not Warehouses
Alyssa Miller
Failure Is Not an Option: Developing Realistic Disaster Recovery Tests
Colin Campbell
Wibbly Wobbly: Designing Security for Systems that are Bigger on the Inside
Wolfgang Goerlich
Closing Ceremonies
|
05/19/2019 |
NolaCon
2019 Videos
Recorded at NolaCon 2019. Thanks to
@CurtisLaraque,
@mikearbrouet,
@openbayou,
@takanola,
@therealmacjeezy, Jason, Cole
& @klulue for the video recording help,
and @nola_con,
@erikburgess_,
@NolaConYvonne & Rob for having
me down to record.
One Random Insecure Wep Application Please (ORIWAP)
Nancy Snoke
Understanding XSS
Christina Mitchell
Social Engineering At Work - How to use positive influence to gain management
buy-in for anything
April C. Wright
DNS - Strategies for Reducing Data Leakage & Protecting Online Privacy
Jim Nitterauer
Automating Hashtopolis
Evil Mog
"It's Malware Time" - A Bar Crawl from Skunked Homebrew to Rotten Apples
Erika Noerenberg
Breaking into Cyber: How the hell are you supposed to get started?
Josh Millsap
After Mirai: Cyber Security Implications of IoT Botnet Proliferation Against
Critical Infrastructure
Paul W. Brager Jr M.Sci, CISSP, GICSP, CISM
Making an internal Let's Encrypt relay server
Josh Harvey
Keynote - I PWN thee, I PWN thee not!
Jayson E. Street
Breaking Into Your Building: A Hacker's Guide to Unauthorized Physical Access
Brent White. Tim Roberts
Formula for a Bug Bounty Program
Chris Holt
Forensics Phish Tank: Breaking Down Analysis of Advanced Phishing Emails
Joe Gray & Sophia Fadli
Baking Your Anomalous Cookies
Jim Allee
Waiter, there's a compiler in my shellcode!
Josh Stone
Empathy for the (Devel)oper: Lessons Learned Building An Application Security
Module
Yolonda Smith
MORE Tales From the Crypt...Analyst
Jeff Man
IR with Volatility Framework
Evan Wagner
Let's Talk About WAF (Bypass) Baby
Brett Gravois
Behavioral Security and Offensive Psychology at Scale
Josh Schwartz. Samantha Davison
My making of a Metasploit Module
Aaron Ringo
Don't Panic! A Beginner's Guide To Hardware Hacking
Phoenix Snoke
The Jazz Improv of Infosec
Damon J. Small
Elliptic Curve Cryptography: What it is and who needs it
Michele Bousquet |
04/28/2019 |
BSidesCharm 2019 Videos
These are the
videos BSidesCharm (Baltimore) 2019.
Thanks for inviting me down to record. Thanks to my video team Robert, Ethan,
Cory, Tim Steven, Trevor, Tom, Menachem and Josh.
Opening
Keynote
Matt Blaze
Embrace the Red: Enhancing detection capabilities with adversary simulation
Mauricio Velazco
I'lll Complete My Threat Model Later Mom!: Infosec in Middle School
Ashley Benitez Smith
Cleaning the Apple Orchard - Using Venator to Detect macOS Compromise
Richie Cyrus
More Tales From the Crypt...Analyst
Jeffrey Man
Anatomy & Evolution of a Fast Flux Malware Campaign
Emily Crose
COM Under The Radar: Circumventing Application Control Solutions
Jimmy Bayne
On The Line: What Phishing Really Impacts
Steven Becker
Automated Adversary Emulation
David Hunt
Comparing Malicious Files
Robert Simmons
How to Start a Cyber War: Lessons from Brussels
Chris Kubecka
You Moved to Office 365, Now What?
Sean Metcalf
You're Not as Safe as You Think: Clearing Up Common Security Misconceptions
Joshua Meyer
Keynote: The Declarative Future
Liam Randall
Exploring Community Volunteering Through a Career Development Lens
Kathleen Smith and Doug Munro
Defense in Depth Against DDoS Diminishes Dollars Destroyed
Daniel Gordon
Reasonable Rapid Recognition and Response to Rogues
Craig Bowser
BloodHound From Red to Blue
Mathieu Saulnier
A Code Pirate's Cutlass: Recovering Software Architecture from Embedded Binaries
evm
Technical Leadership: It's Not All Ones and Zeros
Timothy Schulz
Hunting for Threats in Industrial Environments and Other Scary Places
Nick Tsamis
It's Malware Time - A Bar Crawl from Skunked Homebrew to Rotten Apples
Erika Noerenberg
J-J-J-JEA Power
James Honeycutt
What did the SIEM Say?
JR Presmy and Shawn Thomas
Using Bashfuscator to Generate Bash Obfuscation
capnspacehook
Closing |
04/05/2019 |
Hacker/Infosec Con Types & Getting More Out Of Hacker/Infosec Conferences |
03/01/2019 |
BSides Columbus 2019 Video
These are the videos from the BSides Columbus Ohio conference. Thanks to Mitch &
Mike Spaulding for having me up and those who manned the video rigs such as
Cody, Matt, Dillon, Nick, Cole Chris and others whose name I can't seem to
remember in my old age..
Opening
Morning Keynote Featuring Runa Sandvik
Runa Sandvik
HACKERS, HOOLIGANS, HEISTS, & HISTORY
Brian Contos
Scrapping for Pennies: How to implement security without a budget
Ryan Wisniewski
Check Your Privilege (Escalation)
Kate Broussard
Wow, it really is always DNS! Becoming a Part of the DDoS Problem ( on purpose
).
Cody Smith
Unix: The Other White Meat
Adam Compton and David Boyd
Puppet Masters: How Social Engineers Continue to Pull Our Strings
Erich Kron
E-ZHack: An Update on SDR and Toll Booth Reverse Engineering
Kyle Westhaus
Mobile App Vulnerabilities - The Bad, The Worse And The Ugly
Ray Kelly
Mixing and Baking a New AppSec Person
Bill Sempf
(Some Missing Audio)
How Online Dating Made Me Better at Threat Modeling
Isaiah Sarju
What On Earth Is Quantum Computing?!? (And will it break all my encryption?)
Craig Stuntz
Battling Magecart: The Risks of Third-Party Scripts
Kevin Gennuso
Ship Hacking: Data on the Open Seas
Brian Olson
Common Developer Crypto Mistakes (with illustrations in Java)
Kevin Wall
The Overlooked Cyber Security Risk: 3rd Party Risk Management
Rose Songer
The Path to IAM Maturity
Jerod Brennan
Assumed Breach Testing
Brendan O'Connor
API Security: Tokens, Flows and the Big Bad Wolf
Ingy Youssef
Demystifying DMARC: A guide to preventing email spoofing
Sean Whalen
Afternoon Keynote Featuring Craig Hoffman
Craig Hoffman |
02/03/2019 |
BSides Tampa 2019 Videos
These are the videos from the
BSides Tampa conference. Thanks to
all of the BSides Crew for having me out to help record and render the videos.
Special thanks to my video crew: Matthew, Bridget, Patrick, Dan, Mike, Audrey and Chris
Opening
Doesn't It make You WannaCry: Mitigating Ransomware on a Windows Network
David Branscome
RegEx for Incident Response
Daniel Nutting
Bryan Turner
Intermediate Physical Security
Justin Wynn
Security Analytics in the Cloud
Marc Baker
How to use 400+M endpoints to build strong AI detection systems
Filip Chytry
20/20 Enterprise Security Monitoring: Seeing clearly with Security Onion
Wes Lambert
Beyond Lockpicking
Brian Etchieson
Social Forensication: A Multidisciplinary Approach to Successful Social Engineering
Joe Gray
Phishing U2F-Protected Accounts
Nikita Mazurov
Kenny Brown
Election Hacking: Getting Ready for the Russian Onslaught in 2020
Jeremy Rasmussen
Logging Pitfalls and How to Abuse Them
Kevin Kaminski
Michael Music
Personal security while on travel with additional pro-tips from seasoned travellers.
Derek Banks
Beau Bullock
Securing Shadow IT
Gene Cronk
Day When Quantum Computers Breaks Crypto
Roger Grimes
An Inside Look At Stopping Unauthorized Sellers & Counterfeiters On Amazon
Bruce Anderson
The Sound of Evil
Wes Widner
Serverless Security Top 10
Tal Melamed
Hacking IoT devices by chaining application security vulnerabilities
Rick Ramgattie
Becoming a Human nMAP! Cultivating a Renaissance Approach for the Social Engineer
Tigran Terpandjian
vCISO Is That the Right Answer Mike Brooks
|
12/02/2018 |
SecureWV/Hack3rcon 2018 Videos
These are the videos of the presentations from
Secure West Virginia 2018. Thanks to
Justin, Tim, Lacy, Dave, Katie, Kevin, Todd, Alice, Brian, Brandon & Jon for helping record.
Intro/Welcome to SecureWV / Hack3rCon
Keynote - Hackers, Hugs, & Drugs.... Part II
Amanda Berlin
Why The Legal System Needs Your Help
Brian Martin
Mobile devices and you.
Detective Jeremy M. Thompson
The New Age of Ransomware: Cybercriminals Adopt Nation State Techniques
Allan Liska
Outside the Box: How the Internet of Things Poses New Cybersecurity Risks and Challenges the Law
Evan Kime
Applying the principles of Dodgeball: A True Underdog Story to CTFs
Branden Miller
Gun Safety Class
Branden Miller
Python Scripting
Justin Rogosky
Red Hat Enterprise Linux Security Technologies Lab
Lucy Kerner and Roy Williams
Automating Security Operations - on a budget
Jeremy Mio
Security Automation for the Blue Team
Eric Waters
Home Alone: A Pentester Perspective
Craig Vincent & Derek Banks
Simplified Red Hat Enterprise Linux Identity, Authentication, and Authorization management with Microsoft Active Directory and Red Hat Identity Management Trust
Roy Williams
Simple Attribution in Social Media and Websites
Brian Martin
Offensive and Defensive Security with Ansible
Lucy Kerner
High School Competitive Robotics and why you should care.
Charleston Area Robotics Team (CART)
Guaranteed Failure - Awareness The Greatest Cyber Insanity
Joshua Crumbaugh
Developing a Cloud Based Cyber Security Simulation Portal
David Krovich
The Hybrid Home Lab: From Laptop to Cloud
Holden Fenner
Securing your networks with Ansible
Adam Vincent
A deep look at Stack Buffer Overflows and Format String Vulnerabilities
Philip Polstra
Advanced threat hunting with open-source tools and no budget
Joseph DePlato
What's in a Domain Name?
Collin Meadows
Monitoring your home LAN with Python
Zach Tackett
Left of Boom
Ted Corbeill
Your Dead! Now what. How to help your family after your gone.
Steven Truax
A Brief Introduction to Metasploit
Joey Maresca
SecureWV / Hack3rCon Closing / Awards
Benny Karnes
|
10/19/2018 |
BSidesRDU 2018 Videos
These are the videos of the presentations from BSidesRDU.
Thanks to Cyrus, Brian, James Carl and others for all the work.
Welcome & Opening Remarks
BsidesRDU Staff
Keynote from Shahid Buttar, EFF Director Of Grassroots Advocacy
Shahid Buttar
Approaching Parity: Considerations for adapting enterprise monitoring and incident response (IR) capabilities for efficacy in cloud environments, and how to operationalize these capabilities with a playbook.
Matt
Movement After Initial Compromise
SleepZ3R0 and HA12TL3Y
Our Docker app got hacked. Now what?
Joel Lathrop
Sky-high IR - IR at Cloud Scale
@aarondlancaster
When it rains it pours
Sam Granger
Rise of the Advisor
Neal Humphrey
No Network Needed?!?!
Ron Burkett
WarGames
Justin Hoeckle |
10/8/2018 |
Derbycon 2018 Videos
These are the videos of the presentations from Derbycon 2018.
Big thanks to my video jockeys
@nightcarnage,
@securid,
@theglennbarrett,
@LenIsham,
@curtisko,
@bsdbandit,
@someninjamaster,
@Simpo13,
@primestick,
@SciaticNerd,
@CoryJ1983,
@SDC_GodFix,
@Skiboy941,
@TeaPartyTechie,
@livebeef,
@buccaneeris,
@mjnbrn,
@sfzombie13,
@kandi3kan3,
@paint27,
@AlexGatti
Opening
How to influence security technology in kiwi underpants
Benjamin Delpy
Panel Discussion - At a Glance: Information Security
Ed Skoudis, John Strand, Lesley Carhart. Moderated by: Dave Kennedy
Red Teaming gaps and musings
Samuel Sayen
A Process is No One: Hunting for Token Manipulation
Jared Atkinson, Robby Winchester
Fuzz your smartphone from 4G base station side
Tso-Jen Liu
Clippy for the Dark Web: Looks Like You're Trying to Buy Some Dank Kush, Can I Help You With That?
Emma Zaballos
Synfuzz: Building a Grammar Based Re-targetable Test Generation Framework
Joe Rozner
Escoteric Hashcat Attacks
Evilmog
RFID Luggage Tags, IATA vs Real Life
Daniel Lagos
#LOL They Placed Their DMZ in the Cloud: Easy Pwnage or Disruptive Protection
Carl Alexander
Maintaining post-exploitation opsec in a world with EDR
Michael Roberts, Martin Roberts
Hey! I found a vulnerability - now what?
Lisa Bradley, CRob
Foxtrot C2: A Journey of Payload Delivery
Dimitry Snezhkov
Ridesharks
Kaleb Brown
IRS, HR, Microsoft and your Grandma: What they all have in common
Christopher Hadnagy, Cat Murdock
#LOLBins - Nothing to LOL about!
Oddvar Moe
Everything Else I Learned About Security I Learned From Hip-Hop
Paul Asadoorian
Hackers, Hugs, & Drugs: Mental Health in Infosec
Amanda Berlin
Android App Penetration Testing 101
Joff Thyer, Derek Banks
Draw a Bigger Circle: InfoSec Evolves
Cheryl Biswas
I Can Be Apple, and So Can You
Josh Pitts
From Workstation to Domain Admin: Why Secure Administration Isn't Secure and How to Fix It
Sean Metcalf
MS17-010?
zerosum0x0
The Unintended Risks of Trusting Active Directory
Lee Christensen, Will Schroeder, Matt Nelson
Lessons Learned by the WordPress Security Team
Aaron D. Campbell
IronPython... omfg
Marcello Salvati
Invoke-EmpireHound - Merging BloodHound & Empire for Enhanced Red Team Workflow
Walter Legowski
When Macs Come Under ATT&CK
Richie Cyrus
Abusing IoT Medical Devices For Your Precious Health Records
Saurabh Harit, Nick Delewski
Detecting WMI exploitation
Michael Gough
Gryffindor | Pure JavaScript, Covert Exploitation
Matthew Toussain
Instant Response: Making IR faster than you thought possible!
Mick Douglas, Josh Johnson
The History of the Future of Cyber-Education
Winn Schwartau
State of Win32k Security: Revisiting Insecure design
Vishal Chauhan
Offensive Browser Extension Development
Michael Weber
Protect Your Payloads: Modern Keying Techniques
Leo Loobeek
Jump Into IOT Hacking with the Damn Vulnerable Habit Helper Device
Nancy Snoke, Phoenix Snoke
Tales From the Bug Mine - Highlights from the Android VRP
Brian Claire Young
Decision Analysis Applications in Threat Analysis Frameworks
Emily Shawgo
Threat Intel On The Fly
Tazz
Make Me Your Dark Web Personal Shopper!
Emma Zaballos
Driving Away Social Anxiety
Joey Maresca
Off-grid coms and power
Justin Herman
CTFs: Leveling Up Through Competition
Alex Flores
Extending Burp to Find Struts and XXE Vulnerabilities
Chris Elgee
Introduction to x86 Assembly
DazzleCatDuo
Pacu: Attack and Post-Exploitation in AWS
Spencer Gietzen
An Inconvenient Truth: Evading the Ransomware Protection in Windows 10
Soya Aoyama
Brutal Blogging - Go for the Jugular
Kate Brew
RID Hijacking: Maintaining Access on Windows Machines
Sebastian Castro
Your Training Data is Bad and You Should Feel Bad
Ryan J. O'Grady
So many pentesting tools from a $4 Arduino
Kevin Bong, Michael Vieau
Building an Empire with (Iron)Python
Jim Shaver
SAEDY: Subversion and Espionage Directed Against You
Judy Towers
OSX/Pirrit - Reverse engineering mac OSX malware and the legal department of the company who makes it
Amit Serper, Niv Yona, Yuval Chuddy
How to test Network Investigative Techniques(NITs) used by the FBI
Dr. Matthew Miller
Cloud Computing Therapy Session
Cara Marie, Andy Cooper
Silent Compromise: Social Engineering Fortune 500 Businesses
Joe Gray
Dexter: the friendly forensics expert on the Coinbase security team
Hayden Parker
Going on a Printer Safari - Hunting Zebra Printers
James Edge
Hardware Slashing, Smashing, and Reconstructing for Root access
Deral Heiland
App-o-Lockalypse now!
Oddvar Moe
Web App 101: Getting the lay of the land
Mike Saunders
Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation)
Daniel Bohannon
WE ARE THE ARTILLERY: Using Google Fu To Take Down The Grids
Chris Sistrunk, Krypt3ia, SynAckPwn
Just Let Yourself In
David Boyd
A "Crash" Course in Exploiting Buffer Overflows (Live Demos!)
Parker Garrison
Living in a Secure Container, Down by the River
Jack Mannino
VBA Stomping - Advanced Malware Techniques
Carrie Roberts, Kirk Sayre, Harold Ogden
Media hacks: an Infosec guide to dealing with journalists
Sean Gallagher, Steve Ragan, Paul Wagenseil
Deploying Deceptive Systems: Luring Attackers from the Shadows
Kevin Gennuso
The Money-Laundering Cannon: Real cash; Real Criminals; and Real Layoffs
Arian Evans
Perfect Storm: Taking the Helm of Kubernetes
Ian Coldwater
How to put on a Con for Fun and (Non) Profit
Benny Karnes, John Moore, Rick Hayes, Matt Perry, Bill Gardner, Justin Rogosky, Mike Fry, Steve Truax
Web app testing classroom in a box - the good, the bad and the ugly
Lee Neely, Chelle Clements, James McMurry
Metasploit Town Hall 0x4
Brent Cook, Aaron Soto, Adam Cammack, Cody Pierce
Community Based Career Development or How to Get More than a T-Shirt When Participating as part of the Community
Kathleen Smith, Magen Wu, Cindy Jones, Kathryn Seymour, Kirsten Renner
Disaster Strikes: A Hacker's Cook book
Jose Quinones, Carlos Perez
Ninja Looting Like a Pirate
Infojanitor
Hacking Mobile Applications with Frida
David Coursey
Victor or Victim? Strategies for Avoiding an InfoSec Cold War
Jason Lang, Stuart McIntosh
Ubiquitous Shells
Jon Gorenflo
99 Reasons Your Perimeter Is Leaking - Evolution of C&C
John Askew
Ship Hacking: a Primer for Today's Pirate
Brian Satira, Brian Olson
Code Execution with JDK Scripting Tools & Nashorn Javascript Engine
Brett Hawkins
PHONOPTICON - leveraging low-rent mobile ad services to achieve state-actor level mass surveillance on a shoestring budget
Mark Milhouse
Patching: Show me where it hurts
Cheryl Biswas
Advanced Deception Technology Through Behavioral Biometrics
Curt Barnard, Dawud Gordon
We are all on the spectrum: What my 10-year-old taught me about leading teams
Carla A Raisler
No Place Like Home: Real Estate OSINT and OPSec Fails
John Bullinger
The Layer2 Nightmare
Chris Mallz
Attacking Azure Environments with PowerShell
Karl Fosaaen
Blue Blood Injection: Transitioning Red to Purple
Lsly Ayyy
Mirai, Satori, OMG, and Owari - IoT Botnets Oh My
Peter Arzamendi
Comparing apples to Apple
Adam Mathis
How online dating made me better at threat modeling
Isaiah Sarju
Threat Hunting with a Raspberry Pi
Jamie Murdock
M&A Defense and Integration - All that Glitters is not Gold
Sara Leal, Jason Morrow
Social Engineering At Work - How to use positive influence to gain management buy-in for anything
April Wright
Ham Radio 4 Hackers
Eric Watkins, Devin Noel
Getting Control of Your Vendors Before They Take You Down
Dan Browder
Cyber Intelligence: There Are No Rules, and No Certainties
Coleman Kane
Getting Started in CCDC
Russell Nielsen
Changing Our Mindset From Technical To Psychological Defenses
Andrew Kalat
Red Mirror: Bringing Telemetry to Red Teaming
Zach Grace
Two-Factor, Too Furious: Evading (and Protecting) Evolving MFA Schemes
Austin Baker, Doug Bienstock
IoT: Not Even Your Bed Is Safe
Darby Mullen
Fingerprinting Encrypted Channels for Detection
John Althouse
On the Nose: Bypassing Huawei's Fingerprint authentication by exploiting the TrustZone
Nick Stephens
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010
Gabriel Ryan
Goodbye Obfuscation, Hello Invisi-Shell: Hiding Your Powershell Script in Plain Sight
Omer Yair
Cloud Forensics: Putting The Bits Back Together
Brandon Sherman
Killsuit: The Equation Group's Swiss Army knife for persistence, evasion, and data exfil
Francisco Donoso
The MS Office Magic Show
Stan Hegt, Pieter Ceelen
Living off the land: enterprise post-exploitation
Adam Reiser
Hillbilly Storytime: Pentest Fails
Adam Compton
Bug Hunting in RouterOS
Jacob Baines
Breaking Into Your Building: A Hackers Guide to Unauthorized Access
Tim Roberts, Brent White
The making of an iOS 11 jailbreak: Kiddie to kernel hacker in 14 sleepless nights.
Bryce "soen" Bearchell
Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests
Tomasz Tuzel
Pwning in the Sandbox: OSX Macro Exploitation & Beyond
Adam Gold, Danny Chrastil
IOCs Today, Intelligence-Led Security Tomorrow
Katie Kusjanovic, Matthew Shelton
Closing Ceremonies
|
9/8/2018 |
GrrCON 2018 Videos
These are the videos of the presentations from GrrCON 2018. Big thanks to
EggDropX and Jaime for having me out, and my video crew (paint27, Erick, Jason, brettahansen, Angela,
Luke & others) for recording.Keynote
Dave Kennedy
An
Inconvenient Truth: Evading the Ransomware Protection in Windows
10
Soya Aoyama
The
Abyss is Waving Back - The four paths that human evolution is
charging down, and how we choose which one's right
Chris Roberts
Crypto
Gone Rogue: A Tale of Ransomware, Key Management and the
CryptoAPI
Pranshu Bajpai & Dr. Richard Enbody
You're
right, this talk isn't really about you!
Jayson E Street
Analyzing
Pwned Passwords with Apache Spark
Kelley Robinson
How to rob a bank over the phone
Joshua "Naga" Crumbaugh
(Posting Later Maybe)
Vibing
Your Way Through an Enterprise: How Attackers are Becoming More
Sneaky
Matthew Eidelberg
PwnBook:
Penetrating with Google's Chromebook
Corey Batiuk
Life,
Death + the Nematodes: Long live Cyber Resilience!
Chad Calease
Data
Data Everywhere but No One Stops to Think
Scott Thomas, Carl Hertz & Robert Wagner
Automation
and Open Source: Turning the Tide on Attackers
John Grigg
w.e
w.e Internet Explorer Does What It Wants
Aaron Heikkila
Pacu:
Attack and Post-Exploitation in AWS
Spencer Gietzen
Hacker
Tools, Compliments of Microsoft
David Fletcher & Sally Vandeven
How
to Conduct a Product Security Test: And How it Fits Into the
Larger Security Strategy
Dr. Jared DeMott
Over
the Phone Authentication
Spencer Brown
Designing
a Cloud Security Blueprint
Sarah Elie
To
Fail is Divine
Danny Akacki
Zero
to Owned in 1 Hour: Securing Privilege in Cloud, DevOps, On-Prem
Workflows
Brandon Traffanstedt
Malware
Mitigation Sample Detonation Intelligence Automation: Make Your
Binaries Work for You
Adam Hogan
emulacra
and emulation: an intro to emulating binary code with Vivisect
Atlas of D00m
SniffAir
- An Open-Source Framework for Wireless Security Assessments
Matthew Eidelberg & Steven Daracott
Threat
Hunting: the macOS edition
Megan Carney
The
Hybrid Analyst: How Phishing Created A New Type of Intel Analyst
Rachel Giacobozzi
Dragnet:
Your Social Engineering Sidekick
Truman Kain
Intelligence
Creating Intelligence: Leveraging what you know to improve
finding what you don,t
Tomasz Bania
Guaranteed
Failure: Awareness The Greatest Cyber Insanity
Joshua "Naga" Crumbaugh
Threat
Modeling: How to actually do it and make it useful
Derek Milroy
Structuring
your incident response could be one of the most important things
you do to bolster Security
Matt Reid
How
this 20 Year Old Changed the Security Industry
James O'Neill
Stop
Boiling The Ocean! How To Succeed With Small Gains
Joel Cardella
Do
I have a signature to detect that malware?
Ken Donze
2018
SIEM Trends: What is my Mean Time to Value?
Bill Lampe
Advanced
Attackers Hiding Inside Encrypted Traffic at the Endpoint
Jared Phipps
More
Tales from the Crypt-Analyst
Jeff Man
My
First year in Application Security
Whitney Phillips
Career
Risk Management: 10 tips to keep you employed
Chris Burrows
Red
vs Blue: The Untold Chapter
Aaron Herndon & Thomas Somerville
Saving
All the Money to Buy All the Booze: Learning to Hack All the
Things on a Budget
Michael Morgese
Analyzing
Multi-Dimensional Malware Dataset
Ankur Tyagi
Physicals,
Badges, and why it matters
Alex Fernandez-Gatti
InSpec:
Compliance as Code
Kent picat, Gruber
Bounty
Hunters
J Wolfgang Goerlich
|
8/9/2018 |
Patreon, Bitchute,
etc.
Hi all, I've set up a Patreon for those that want to help me increase the number of cons I
can record each year. As a reminder, the videos I record appear on
YouYube,
Archive.org and
BitChute for free, so
don't complain about what I put on my site if you can't figure out how to get to
the same content elsewhere. 😜 |
7/14/2018 |
OISF 2018 Videos
These are the videos from the
OISF Anniversary Event.
Introduction
Dr. John Carls
Catching the Social Engineer
Robert Stewart
Hacking Identity, A Pen Tester’s guide to IAM
Jerod Brennen
Active Defense: Helping the Threat Actors Hack Themselves
Matt Scheurer
Planning & Executing A Red Team Engagement
Tim Wright |
6/23/2018 |
BSides Cleveland 2018 Videos
These are the videos from the
Bsides Cleveland conference. Thanks
to
Rich, Nekko,
justinschmitt &
as the video team. Thanks to
twuntymcslore &
RockieBrockway for being con
mom & dad.
Hacking Your Happiness
Chris Gates
Active Defense - Helping threat actors hack themselves!
Matt Scheurer
Reflective PE Unloading
Spencer McIntyre
One Puzzle Piece at a Time: Logging Quick Wins
Celeste Hall
GO HACK YOURSELF: MOVING BEYOND ASSUMPTION-BASED SECURITY
Christine Stevenson
Using Technology to Defend Digital Privacy & Human Rights
Tom Eston
Code Execution with JDK Scripting Tools & Nashorn Javascript Engine
Brett Hawkins
Abandoned Spaces: Reconstructing APT Campaigns From Lapsed Domains
Daniel Nagy
What's Changed In The New OWASP Top 10?
Bill Sempf
Raindance: Raining Recon from the Microsoft Cloud
Michael Stringer
Tools and Procedures for Securing .Net Applications
Sam Nasr
Hacking Identity: A Pen Tester's Guide to IAM
Jerod Brennen
Phishing Forensics - Is it just suspicious or is it malicious?
Matt Scheurer
Securing Code - The Basics
Michael Mendez
The Marriage of Threat Intelligence and Incident Response or... Threat Hunting for the Rest of Us
Jamie Murdock
Wacky and Wild Security - Getting things under CIS Controls V7
Jeremy Mio
Interdisciplinary Infosec: Equifax, Individuation, and the Modern State
Thomas Pieragastini
Mobile Application Privacy and Analytics
Kevin Cody
Evolving the Teaching of Pen Testing in Higher Ed
Robert Olson
Go back to the basics with your processes: Improving operations without technology.
Mark Abrams
Anatomy of an Attack
John Fatten
Hackers, Hugs, & Drugs: Mental Health in Infosec
Amanda Berlin
|
6/14/2018 |
A Digital Handbook for the Recently Deceased
Article on dealing with a deceased person's financial and Internet accounts, and
making it easier for others to do so when you pass. |
6/8/2018 |
ShowMeCon 2018 Videos
These are the videos ShowMeCon 2018.
Thanks to Renee & Dave Chronister (@bagomojo) and others for having me out to record and speak. Also thanks to my video crew
@r3tr0_cod3x, James, Aaron, Jon and some other people I may have forgotten.Opening
The Insecure Software Development Lifecycle: How to find, fix, and manage deficiencies within an existing methodology.
April C. Wright
The Sky Isn't Falling, But the Earth May be Shifting: How GDPR Could Change the Face of InfoSec
Cliff Smith
Gulliver's Travels: Security Exploits and Vulnerabilities Around the Globe
Kevin Johnson
From DDoS to Mining: Chinese Cybercriminals Set Their Sights on Monero
David Liebenberg
ANTI-OSINT AF: How to become untouchable
Michael James
Who's Watching the Watchers?
Nathan Sweaney
We don't have to worry about that, It's in the cloud
Arnar Gunnarsson
SS7 for INFOSEC
Paul Coggin
Getting Newcomers into Infosec: The Tribulations of the Auburn University Hacking Club
Matthew Rogers
Exploring Information Security Q&A Panel
Timothy De Block
Securing Windows with Group Policy
Josh Rickard
ATAT: How to take on the entire rebellion with 2-3 stormtroopers
ll3nigmall
How Hyperbolic Discounting is keeping your security program from succeeding
Jon Clark
Hijacking the Boot Process - Ransomware Style
Raul Alvarez
Building a Cyber Training Range on a Budget
Robert Guiler
Lessons Learned from Development and Release of Blacksmith (The Meltdown Defense Tool For Linux)
Jared Phipps
How to Train Your Kraken - Creating a Monster Out of Necessity
Sean Peterson
PowerShell exploitation, PowerSploit, Bloodhound, PowerShellMafia, Obfuscation, PowerShell Empire, the Empire has fallen, you CAN detect PowerShell exploitation
Michael Gough
Offensive Cartography
Trenton Ivey
The Wrong Kind of DevOps Talk - Now with Extra Badness!
Bobby Kuzma
This Job is Making Me Fat!
Thomas Smith
You'll understand when you are older
Amanda Berlin & David Cybuck
Bitcoin - The generation of private keys based on public keys, a live demonstration
Richard Dennis
|
6/3/2018 |
Circle City Con 2018 Videos
These are the Circle City Con videos.
Thanks to the staff for inviting me
down to record. Big thanks to @irishjack, @0DDJ0BB,
@Ajediday, Jim,
@securesomething,
@AnarchistDalek,
@KitWessendorf,
@m3ch4n15m,
@Valacia,
@songsthatsaved,
@mchandleraz,
@christinemobes and other for helping set up AV and record.
Opening Ceremonies
Circle City Con Staff
Espionage In The Modern Age of Information Warfare
Scot Terban
The Never Ending Hack: Mental Health in InfoSec Community
Danny Akacki
The Network Night Watch
Eric Rand & Lesley Cahart
Held for Ransom with a Toy Gun
Brian Baskin
Dear Blue Team: Proactive Steps to Supercharge your IR
Joe Gray
CTF Tips and Tricks
Aaron Lintile
Classic Cons in Cryptocurrency
Wolfgang Goerlich & Zachary Sarakun
Enterprise Vulnerability Management (Assessing, Implementing, and Maintaining)
Derek Milroy
Security Beyond the Security Team: Getting Everyone Involved
Luka Trbojevic
The consequences of lack of security in the Healthcare and how to handle it
Jelena Milosevic
Stealing Cycles, Mining Coin: An introduction to Malicious Cryptomining
Edmund Brumaghin & Nick Biasini
Applying Thermodynamic Principles to Threat Intelligence
Kyle Ehmke
SAEDY: Subversion and Espionage Directed Against You
Judy Towers
How to Lie with Statistics, Information Security Edition
Tony Martin-Vegue
IoT 4n6: The Growing Impact of the Internet of Things on Digital Forensics
Jessica Hyde
A Very Particular Set of Skills: Geolocation Techniques For OSINT and Investigation
Chris Kindig
Rise of the Machines
Aamir Lakhani
Backdooring with Metadata
Itzik Kotler
Automahack - Automate going from zero to domain admin with 2 tools
Dan McInerney
Patching - It's Complicated
Cheryl Biswas
Containers: Exploits, Surprises and Security
Elissa Shevinsky
Playing Russian Troll Whack-a-Mole
Courtney Falk
The FaaS and the Curious - AWS Lambda Threat Modeling
Bryan McAninch
Deploying Deceptive Systems: Luring Attackers from the Shadows
Kevin Gennuso
Quick Retooling in .Net for Red Teams
Dimitry Snezhkov
(Re)Thinking Cyber Security Given the Spectre of a Meltdown: (Someone Hold My Beer)
Jeff Man
Carrot vs. Stick: Motivation, Metrics, and Awareness
Magen Wu
Securing without Slowing: DevOps
Wolfgang Goerlich
Operator: The Well-Rounded Hacker
Matthew Curtin
Abuse Case Testing in DevOps
Stephen Deck
GreatSCT: Gotta Catch 'Em AWL
Chris Spehn
|
5/20/2018 |
NolaCon 2018 Videos
Recorded at NolaCon 2018. Thanks to
@CurtisLaraque,
@mikearbrouet, @openbayou,
Cole & @klulue for the video recording
help, and @nola_con,
@erikburgess_,
@NolaConYvonne & Rob for having
me down to record.
Chasing the Adder... A Tale from the APT world
Stefano Maccaglia
Aww Ship! Navigating the vulnerabilities and attack surface of the maritime industry
John Sonnenschein
Hacking Dumberly, Just Like the Bad Guys
Tim Medin, Derek Banks
Automahack - Python toolchain for automated domain admin
Dan McInerney
Dear Blue Team: Proactive Steps to Supercharge your IR
Joe Gray
You'll Understand When You're Older
Amanda Berlin
Skills For A Red-Teamer
Brent White, Tim Roberts
Hacking Smart Contracts--A Methodology
Konstantinos Karagiannis
Fighting Child Exploitation with Oculum
Andrew Hay, Mikhail Sudakov
How to tell cajun doctors they have bad cyber-hygiene and live
Joshua Tannehill
What Infosec in Oil & Gas can Teach us About Infosec in Healthcare
Damon J. Small
On the Hunt: Hacking the Hunt Group
Chris Silvers, Taylor Banks
Your Mac Defenestrated. Post OSXploitation Elevated.
FuzzyNop & Noncetonic
Keynote: Follow The
Yellow Brick Road
Marcus J. Carey
We are the Enemy of the Good
Stephen Heath
Taking out the Power Grid's Middleman
Nathan Wallace, Luke Hebert
Privacy for Safety- How can we help vulnerable groups with privacy?
Stella
Cash in the aisles: How gift cards are easily exploited
Will Caput
Mind Games: Exploring Mental Health through Games
Todd Carr
Jump into IOT Hacking with Damn Vulnerable Habit Helper IOT Device
Nancy Snoke, Phoenix Snoke
The Future of Digital Forensics
Imani Palmer
Changing the Game: The Impact of TRISIS (TRITON) on Defending ICS/SCADA/IIoT
Paul W. Brager Jr M.Sci, CISSP, GICSP, CISM
Ducky-in-the-middle: Injecting keystrokes into plaintext protocols
Esteban Rodriguez
Gamifying Developer Education with CTFs
John Sonnenschein & Max Feldman
Active Directory Security: The Journey
Sean Metcalf
HTTP2 and You
Brett Gravois
|
5/12/2018 |
BSides Detroit 2018 Videos
These are the videos from the
BSides Detroit 2017 Conference.
Thanks to Ryan Harp (@th3b00st), Dan
Falk (@dnfalk), Wolfgang Goerlich (@jwgoerlich),
Matt Johnson (@mwjcomputing),
Kyle Andrus (@chaoticflaws), Kate
Vajda (@vajkat) and Chris Maddalena (@cmaddalena)
for having me out and Samuel Bradstreet (@TeaPartyTechie),
Leah Bradstreet, Xavier Johnson, Ali Faraj, Camilla Martins, Ben Valentine, James
Green, David Sornig, Steven Balagna, Nick Papa, Lucas Gorczyca, J Parker Galbraith and others I
may forget for helping to record.
Opening
Yes, You're an Impostor; now get back to work
Johnny Xmas
GRC
- "What Would You Say You Do Here?"
Brian Martinez
Protecting Phalanges from Processor Pressure Points
Matthew Clapham
A Reporter's Look at OSINT
Hilary Louise
(Sorry, mic was off, but
here is a longer version from GrrCon)
Nowhere to hide
Lucas Gorczyca
Know the Enemy - How to make threat intelligence work!
Nir Yosha
Hack like a Gohper
Kent Gruber
@taco_pirate's Art of Woo
Ben Carroll
Saving All the Money to Buy All the Booze: Learning to Hack All the Things on a Budget
Michael Morgese
Practical Incident Response in Heterogenous Environment
Kevin Murphy & Stefano Maccaglia
Security KPIs - Measuring Improvement in Your Security Program
Steven Aiello
|
5/11/2018 |
Converge 2018 Videos
These are the videos from the
Converge Information Security Conference.
Thanks to Ryan Harp (@th3b00st),
Dan Falk (@dnfalk),
Wolfgang Goerlich (@jwgoerlich),
Matt Johnson (@mwjcomputing),
Kyle Andrus (@chaoticflaws),
Kate Vajda (@vajkat) and
Chris Maddalena (@cmaddalena) for having me out and Samuel Bradstreet
(@TeaPartyTechie), Leah
Bradstreet, Xavier Johnson, Camilla Martins, Ben Valentine, James Green, David Sornig, Steven Balagna,
Nick Papa, J Parker Galbraith and others I may forget
for helping to record.Opening
Hackers, Hugs, & Drugs: Mental Health in Infosec
Amanda Berlin
Winning the cybers by measuring all the things
Jim Beechey
Social Engineering for the Blue Team
Timothy De Block
The Emerging Product Security Leader Discipline
Matthew Clapham
Server Message Block Worms: The gift that keeps on giving
Matthew Aubert
Don't Fear the Cloud: Secure Solutions at Lower Cost
Matt Newell
DevSecOps: Security Testing with CI/CD Automation Servers
Ed Arnold
Backdooring With Metadata
Itzik Kotler
How to Conduct a Product Security Test: And How it Fits Into the Larger Security Strategy
Nick Defoe
Securing ASP.NET Core Web Apps
Dustin Kingen
All the Bacon: How Lesley Knope and Ron Swanson encourage community growth
Kevin Johnson
ATT&CK Like an Adversary for Defense Hardening
Steve Motts & Christian Kopacsi
Unblockable Chains – Is Blockchain the ultimate malicious
infrastructure?
Omer Zohar
(may post later)
DADSEC 102
Richard Cassara
The Things You Should Be Doing Defensively Right Now
Joel Cardella
Held Hostage: A Ransomware Primer
Nick Hyatt
Prowling: Better Penetration Testing
J Wolfgang Goerlich
Automating Web App security in AWS
Luther Hill
Finding the Money to Run an Effective Security Program
Matt Topper
Cryptocurrency- The Internetwide Bug Bounty Program
Brian Laskowski
Hacking Identity: A Pen Tester,s Guide to IAM
Jerod Brennen |
4/29/2018 |
BSidesCharm 2018 Videos
These are the videos BSidesCharm
(Baltimore) 2018.
Thanks for inviting me down to record. Thanks to my video team Shawn Thomas,
Cory, Terry Holman, Thomas Moses, Jason Presmy and Martin Veloso.
Keynote
Jessica Payne
To AI or Not to AI? What the US Military Needs for Fighting Cyber Wars
Ernest Wong
Preparing for Incident Handling and Response within Industrial Control Networks
Mark Stacey
FailTime: Failing towards Success
Sean Metcalf
Getting Saucy with APFS! - The State of Apple’s New File System
Sarah Edwards
Basic Offensive Application of MOF Files in WMI Scripting
Devon Bordonaro
An Open Source Malware Classifier and Dataset
Phil Roth
Counting Down to Skynet
Nolan Hedglin
How we reverse engineered OSX/Pirrit, got legal threats and survived
Amit Serper
Threat Activity Attribution: Diferentiatinn the Who from the How
Joe Slowik
Quantify your hunt: not your parents’ red teaming
Devon Kerr
Internet Anarchy & The Global March toward Data Localization
Andrea Little Limbago
Powershell Deobfuscation: Putting the toothpaste back in the tube
Daniel Grant
Effective Monitoring for Operational Security
Russell Mosley
Ryan St. Germain
Plight at the end of the Tunnel
Anjum Ahuja
Rise of the Miners
Josh Grunzweig
Malware Analysis and Automation using Binary Ninja
Erika Noerenberg
Between a SOC and a Hard Place
Shawn Thomas
Andrew Marini
James Callahan
Dustin Shirley
Using Atomic Red Team to Test Endpoint Solutions
Adam Mathis
Exercise Your SOC: How to run an effective SOC response simulation
Brian Andrzejewski
Adding Simulated Users to Your Pentesting Lab with PowerShell
Chris Myers
Barrett Adams
Building a Predictive Pipeline to Rapidly Detect Phishing Domains
Wes Connell
Closing Ceremonies
|
4/14/2018 |
BSides Nashville 2018 Videos
These are
the videos BSides Nashville 2018. Thanks to
@lil_lost for inviting me down to
record and being my bodyguard while in Nashville. Big thanks to Gabe Basset,
Geoff Collins, Cameron and others for helping set up AV and record.
Intro
Know Your Why
Oladipupo (Ladi) Adefala
Deploying Microsoft Advanced Threat Analytics in the Real World
Russell Butturini
An Oral History of Bug Bounty Programs
Dustin Childs
Blue Cloud of Death: Red Teaming Azure
Bryce Kunz
SECURITY INSTRUMENTATION: BE THE HERO GETTING VALUE FROM SECURITY
Brian Contos
Changing Who Writes the Queries: High-Leverage IR with Visual Playbooks & Visual
Graph Analysis
Leo Meyerovich
Learning to Hack the IOT with the Damn Vulnerable Habit Helper IOT Device
Nancy Snoke, Phoenix Snoke
Hacking the Users: Developing the Human Sensor and Firewall
Erich Kron
Community Based Career Activities or How Having Fun Can Help You with Your
Career
Kathleen Smith, Cindy Jones,Doug Munro, Magen Wu
Hillbilly Storytime - Pentest Fails
Adam Compton
See the ID Rules Before Us: FAL IAL AAL eh? Aaaagh!!! How, How, How, How?
Bruce Wilson
SAEDY: Subversion and Espionage Directed Against You
Judy Towers
Growing Up to be a Infosec Policy Driven Organization
Frank Rietta
Adding Simulated Users to Your Pentesting Lab with PowerShell
Chris Myers, Barrett Adams
Hacking VDI 101
Patrick Coble
Evaluating Injection Attack Tools Through Quasi-Natural Experimentation
John O'Keefe-Odom
Social Engineering for the Blue Team
Timothy De Block
|
4/6/2018 |
AIDE 2018
Videos
Recorded at AIDE 2018. Big thanks to Bill
Gardner (@oncee) for having me out to
record.
On Business Etiquette and Professionalism in the Workplace
Tess Schrodinger
InfoSec by the Numbers
Bill Gardner
Practical OSINT - Tools of the trade
Tom Moore
Potentially unnecessary and unwanted programs (a.k.a. PUPs)
Josh Brunty
How To Test A Security Awareness Program
Matt Perry
Disrupting the Killchain
Amanda Berlin
I have this piece of paper, now what?
Brandon Miller
Statistics Lie...Except About Passwords
Jeremy Druin |
3/24/2018 |
BSides Chattanooga 2018 Videos
These are
the videos from the BSides Chattanooga
conference. Thanks to Ron and Kevin for having me out, and John for helping
record.
Intro
Red vs Blue and why We are doing it wrong
Chris Roberts
The Semi-Comprehensive Guide to Setting Up a Home Lab
Andrew Williams
Lessons learned from a OWASP Top 10 Datacall
Brian Glas
Attacker vs. Defender: Observations on the Human Side of Security
Todd O'Boyle
The Gilligan Phenomenon: Fixing The Holes In the Ransomware And Phishing Boats
Eric Kron
Machine Learning and Cyber Security: How Smart is Can it Be?
Shayne Champion
Closing |
3/10/2018 |
BSides Indy 2018 Videos
These are the videos from the
BSides Indy conference. Thanks to Frank,
MzBat for having me up, and Nate for helping with AC.Intro
Lessons Learned - A 15 year Retrospective
Price McDonald
Phishing Forensics - Is it just suspicious or is it malicious?
Matt Scheurer
Presenting P@cketR@quet: An Auditory IDS
Killian Ditch
The Pillars of Continuous Incident Response
Brad Garnett
Zero to Owned in 1 Hour: Securing Privilege in Cloud and DevOps Workflow
Brandon Traffanstedt
Social Engineering for the Blue Team
Timothy De Block
Leveraging DevSecOps to Escape the Hamster Wheel of Never-ending Security Fail
Chris Reed
Creating a Cyber Volunteer Department
Ray Davidson
Closing
Frank Diaz |
3/2/2018 |
BSides Columbus 2018 Videos
These are the videos from the BSides Columbus Ohio conference. Thanks to Mitch &
Michael Spaulding for having me up and those who manned the video rigs.
Keynote
Dave Kennedy
Automating Security Testing with the OWTF
Jerod Brennen
Looks Like Rain Again: Secure Development in the Cloud
Bill Sempf
How Stuxnet Ruined My Life For 6 Months (But I Got To Fly 1st Class A Lot)
Chris Raiter, Jeremy Smith
Emotet - Banking Malware With A Bite
Bradley Duncan
Keynote
Kevin Burkart
Cryptology: It’s a Scalpel, not a Hammer
Mikhail Sudakov
Pass the Apple Sauce: Mac OS X Security Automation for Windows-focused Blue
Teams
Brian Satira
Why People Suck at Delivery: How to get your security projects off the ground
and into production!
Nick d'Amato
Zero to Owned in 1 Hour: Securing Privilege in Cloud and DevOps Workflow
Brandon Traffanstedt
Are you ready for my call? Security researcher insights into Responsible
Disclosure.
Jason Kent
Everything you always wanted to ask a hiring manager, but were afraid to ask!
Mike Spaulding
Deep Learning for Enterprise: Solving Business Problems with AI
Christian Nicholson
Building Jarvis
Stephen Hosom
Active Defense - Helping threat actors hack themselves!
Matt Scheurer
Shifting Application Security Left
Craig Stuntz
Presenting P@cketR@quet: An Auditory IDS
Killian Ditch
Security and Networking: Dual Purpose Tools
Cody Smith
Cybereason's Jim VanDeRyt - Fileless Malware Breakout Session
Jim VanDeRyt
The Quieter You Become, the More You’re Able to (H)ELK
Nate Guagenti, Roberto Rodriquez |
2/24/2018 |
BSides NOVA 2018 Videos
These are the videos from BSides NOVA 2018.
Thanks to those who manned the video rigs and helped set u
AM Keynote
Matt Devos
Deep Dive in the Dark Web (OSINT Style)
Kirby Plessas
PM Keynote
Jack Daniel
Adding Pentest Sauce to your Vulnerability Management Recipe
Luke Hudson, Andrew McNicol
The Value of Design in Cyber Threat Intelligence
Devon Rollins
DNC Hacked Data in the Hands of a Trained Intelligence Professional
Wally Prather, Dave Marcus
Your Facts Are Not Safe With Us: Russian Information Operations as Social
Engineering
Meagan Keim
DECEPTICON: Deceptive Techniques to Derail OSINT attempts
Joe Gray
I Thought Renewing the Domain Name Was Your Job?
Allan Liska
Automating Unstructured Data Classification
Malek Ben Salem
Vulnerability Patched in Democratic Donor Database
Josh Lospinoso
Living in a world with insecure Internet of Things (IoT)
Marc Schneider
Vulnerability Accountability Levers and How You Can Use Them
Amelie Koran
Cyber Mutual Assistance - A New Model for Preparing and Responding to Cyber
Attack
David Batz
Rethinking Threat Intelligence
Tim Gallo
What Color Is Your Cyber Parachute?
Cliff Neve, Candace King, Kazi Islam, Trey Maxam, Amelie Koran
Feds Meet Hackers
Ariel Robinson, Alyssa, Feola, Gray Loftin, Beau Woods, Amélie E. Koran
Recruiting in Cyber
Dan Waddel, Kathleen Smith, Suzie Grieco, Sabrina Iacarus, Kirsten Renner, Karen
Stied
How to get started in Cybersecurity
John Stoner
Improving Technical Interviewing
Forgotten Sec
Ask An Expert: Cyber Career Guidance and Advice
Micah Hoffman, Bob Gourley, John TerBush, Chris Gates, Kirby Plessas, Lea
Hurley, Neal Mcloughlin, Ovie Carroll, Sarah Edwards, Tigran Terpandjian, Willie
Lumpkin |
2/17/2018 |
BSides Tampa 2018
These are the videos from the
BSides Tampa conference. Thanks to
all of the BSides Crew for having me out to help record and render the videos.
Special thanks to my video crew: Julian, Andrew Schiro, Austin Ford, John Mejia,
Michael Iglesias, Micheal Milford, Mike Ziolkowski, Patty Morris, Robin
Noyes
Cyber Assurance - Testing for Success
Col. John Burger
You Can Run..but you cant hide!
Bruce Anderson
Red Team Apocalypse
Beau Bullock and Derek Banks
Advanced Persistent Security
Ira Winkler
Adding Simulated Users to Your Pentesting Lab with PowerShell
Chris Myers and Barrett Adams
The Shoulders of InfoSec
Jack Daniels
Blockchain: The New Digital Swiss Army Knife?
G. Mark Hardy
Modern Day Vandals and Thieves: Wireless Edition
David Switzer and Jonathan Echavarria
Fraud; Should you worry?
Greg Hanis
A Security Look at Voice-Based Assistants
David Vargas
Hackers Interrupted
Alex Holden
Insane in the Mainframe: Taking Control of Azure Security
Jeremy Rassmusen
MiFare lady Teaching an old RFID new tricks
Daniel Reilly
Medical Device Security: State of the Art in 2018
Shawn Merdinger
(not recorded)
Weaponizing IoT - NOT!
Kat Fitzgerald
(not recorded)
Blue Team's tool dump. Stop using them term NeXt-Gen this isn't XX_Call of Duty_XX.
Alex Kot
Exploiting Zillow "Zestimate" for Reckless Profit
Robert "RJ" Burney
Self Healing Cyber Weapons
Logan Hicks
Ransomware: A Declining Force in Today's Threat Landscape
Brad Duncan
Modern web application security
Julien Vehent
Advanced Social Engineering and OSINT for Penetration Testing
Joe Gray
Critical Infrastructure & SCADA Security 101 for Cybersecurity Professionals
Juan Lopez
Exothermic Data Destruction: Defeating Drive Recovery Forensics
Nikita Mazurov and Kenneth Brown
Derrick's Thank Yous |
12/08/2017 |
BSidesPhilly 2017 Videos
These are the videos from BSides Philadelphia 2017.
Thanks to Mark, Mike, Austin, John, David and others I'm forgetting for helping with
the video.
Innovating for 21st Century Warfare
Ernest "Cozy Panda" Wong
MFA, It's 2017 and You're Still Doing Wrong
Presented by Dan Astor and Chris Salerno.
Out With the Old, In With the GNU
Lsly
IoT devices are one of the biggest challenges
Charles @libertyunix Sgrillo
Evading C2 Detection with Asymmetry
By Brandon Arvanaghi and Andrew Johnston
Abusing Normality: Data Exfiltration in Plain Site
Aelon Porat
Smarter ways to gain skills, or as the DoD puts it
Dr. P. Shane Gallagher, Institute for Defense Analyses, and Evan Dornbush, co-founder, Point3 Security, Inc.
Game of the SE: Improv comedy as a tool in Social Engineering
Danny Akacki - Security Monkey
File Polyglottery; or, This Proof of Concept is Also a Picture of Cats
Evan Sultanik
Your Facts Are Not Safe With Us: Russian Information Operations As Social Engineering
Meagan Dunham Keim
Supercharge Your SOC with Sysmon
Chris Lee & Matthew Giannetto
Threat Hunting: Defining the Process While Circumventing Corporate Obstacles
Kevin Foster, Matt Schneck, Ryan Andress
Put up a CryptoWall and Locky the Key - Stopping the Explosion of Ransomware
Erich Kron, CISSP-ISSAP
Web Hacking 101 Hands-on with Burp Suite
David Rhoades of MavenSecurity.com
Hacker Mindset
David Brown: CISSP, CISM, IAM
|
11/29/2017 |
SecureWV/Hack3rcon2017
These are the videos of the presentations from
Secure West Virginia 2017. Thanks to
Justine, Tim, Morgan, Kevin, Todd & Roy for helping record.
Intro
Benny Karnes
Fighting Advanced Persistent Threats with Advanced Persistent Security
Ira Winkler
Coming Up with the Next Wave of Cyber Innovations-Start by Thinking 1ns1d3 th3 B0x
Ernest Wong
I survived Ransomeware.... Twice
Matt Perry
Value of threat intelligence
Stealthcare
SDR & RF Hacking Primer
Andrew Bindner
Digital Forensic Analysis: Planning and Execution
John Sammons
Intro to WireShark
Josh Brunty
Secrets of Superspies
Ira Winkler
Total Recall: Using Implicit Memory as a Cryptographic Primitive
Tess Schrodinger
IoT Panel
RCBI
Hillbilly Storytime - Pentest Fails
Adam Compton
Hackers, Hugs and Drugs
Amanda Berlin
FLDigi - E-mail over Packet Radio
Aaron West and Rob West
From junk to jewels: Destruction is the key to building
Branden Miller & Audrey Miller
SCAP: A Primer and Customization
Scott Keener
Security Through Ansible Automation
Adam Vincent
Vehicle Forensics: An Emerging Source of Evidence
John Sammons
Network Forensics using Kali Linux and/or SANS Sift
Josh Brunty
911 DDOS
Dianiel Efaw
Pi's, Pi's and wifi
Steve Truax
Technical Testimony: Doing the Heavy Lifting for the Jury
John Sammons
Emergent Gameplay
Ron Moyer
Closing
|
10/28/2017 |
GrrCON 2017 Videos
These are the videos of the presentations from GrrCON 2017.
Big thanks to EggDropX and Jaime for having me out, and my video crew
(paint27, Erick, & brettahansen) for
recording.
Ghast
STRATEGIES ON SECURING YOU BANKS & ENTERPRISES. (FROM SOMEONE WHO ROBS BANKS & ENTERPRISES FOR A LIVING!)
Jayson E Street
Population Control Through The Advances In Technology…
Chris Roberts
(sorry for the music in back ground)
You Got Your SQL Attacks In My Honeypot
Andrew Brandt
3rd Party Data Burns
Arron "Finux" Finnon
Morphing to Legitimate Behavior Attack Patterns
Dave Kennedy
Stealing Domain Admin (or How I Learned to Stop Worrying and Love the CSSF
Jerod Brennen
Oops! Was that your pacemaker?
Charles Parker, II
10 Cent Beer Night: The World we now Live In
Johnny Xmas
Realizing Software Security Maturity: The Growing Pains & Gains
Mark Stanislav & Kelby Ludwig
Cyber, Cyber, Cyber - Using the killchain to accomplish something
Amanda Berlin
An Employee, their Laptop and a Hacker walk into a Bar
Shannon Fritz
Eye on the Prize - a Proposal for Legalizing Hacking Back
Adam Hogan
I've got a (Pocket) Bone to pick with you
Dr Phil Postra
Gig
Topic depends on number of federal agents in audience
Atlas of Doom
Embedding Security in Embedded Systems
Dr. Jared DeMott
National Guard for Cyber? How about a Volunteer Cyber Department?
Ray Davidson
Red Team Yourself
Thomas Richards
An Attack Pathway Into Your Organization? Reducing risk without reducing operational efficiency
David Adamczyk
Pen Test War Stories - Why my job is so easy, and how you can make it harder
Aaron Herndon
Skills For A Red-Teamer
Brent White & Tim Roberts
ProbeSpy: Tracking your past, predicting your future
stumblebot
vAp0r and the Blooming Onion
Justin Whitehead & Jim Allee
A GRReat New Way of Thinking about Innovating for Cyber Defense (and even Cyber Offense)
Ernest "Cozy Panda" Wong
Threat Intelligence: Zero to Basics in presentation
Chris J
Learning from InfoSec Fails
Derek Milroy
A Reporter's Look at Open Source Intelligence
Hilary Louise
Hidden Treasure: Detecting Intrusions with ETW
Zac Brown
The Black Art of Wireless Post-Exploitation
Gabriel "solstice" Ryan
Mi Go
Change is Simply an Act of Survival: Predicting the future while shackled to the past
Bil Harmer
Dissecting Destructive Malware and Recovering from Catastrophe
Bryan York
Infosec State of Affairs: Too much Kim Kardashian - not enough Malcolm Gladwel
Jim Wojno & Dan Kieta
How do you POC? Are you really testing a product
Ken Donze
Tales From The Trenches: Practical Information Security Lessons
Michael Belton
Securing the Internet of Things (IoT) -Through Security Research and Vulnerability Analysis
Deral Heiland
The Future of Cyber Security
Anthony Sabaj
Building a Usable Mobile Data Protection Strategy
David "Heal" Schwartzberg
Software Defined Segmentation
Matt Hendrickson
The Shuttle Columbia Disaster: Lessons That Were Not Learned
Joel "I love it when they call me Big Poppa" Cardella
Infrastructure Based Security
Chris Barnes
Defending The De-funded
Keith Wilson
Real-World Red Teaming
spartan
We got it wrong
Wolfgang Goerlich
Critical Incident: Surviving my first layoff by applying BCP/DRP Principles
Tom Mead |
9/25/2017 |
Derbycon
7 Videos
I still have a lot of work to do, but here are the Derbycon 2017
videos. Working on fixing major audio sync issues as I can.
Big thanks to my video jockeys Some Ninja Master, Glenn Barret, Dave Lauer,
Jordan Meurer, Brandon Grindatti, Joey, nightcarnage, Evan Davison, Tim Sayre,
Morgan, Ben Pendygraft, Steven (SciaticNerd), Cory Hurst, Sam Bradstreet,
MadMex, Curtis Koenig, Jonathan Zentgraf, James Hurst, Paint27, Chris, Lenard. |
9/21/2017 |
Derbycon Streams
This page links to the streams for the different tracks when we start streaming
Friday from Derbycon. |
More.........
15 most recent posts on Irongeek.com:
|