A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Derbycon 2015 Videos (Hacking Illustrated Series InfoSec Tutorial Videos)

Derbycon 2015 Videos

These are the videos of the presentations from Derbycon 2015. Big thanks to my video jockeys Sabrina, Skydog, Some Ninja Master, Glenn Barret, Dave Lauer, Jordan Meurer, Brandon Grindatti, Joey, Fozy, nightcarnage, Evan Davison, Chris Bridwell, Rick Hayes, Tim Sayre, Lisa Philpott, Melanie Lecompte, Ben Pendygraft, Austin Hunter, Harold Weaver, Michael Shelburne (and maybe the speakers too I guess).

 

Track 1 - Track 4 Schedule on Friday, September 25th, 2015
Time Track 1 (Break Me) Track 2 (Fix Me) Track 3 (Teach Me) Track 4 (The 3-Way)
8:30 – 9:00 Welcome to the Family – Intro      
9:00 – 9:50 Jordan Harbinger Keynote      
10:00 – 10:50 Information Security Today and in the Future
HD Moore – Ed Skoudis – John Strand – Chris Nickerson – Kevin Johnson – Katie Moussouris hosted by David Kennedy
     
11:00 – 11:50 Lunch      
12:00 – 12:50 The M/o/Vfuscator – Turning 'mov' into a soul-crushing RE nightmare – Christopher Domas APT Cyber Cloud of the Internet of Things – Joey Maresca (@l0stkn0wledge) When A Powerful Platform Benefits Both Attackers And Defenders: Secure Enhancements To Scripting Hosts In Windows 10 – Lee Holmes How not to infosec – Viss (no audio)
1:00 – 1:50 AND YOU SHALL KNOW ME BY MY TRAIL OF DOCUMENTATION – Jason Scott Stealthier Attacks and Smarter Defending With TLS Fingerprinting – Lee Brotherston A deep look into a Chinese advanced attack. -Michael Gough – "HackerHurricane" Python for InfoSec – Bart 'd4ncind4n' Hopper (no audio in official recordings, Bart sent me a new video)
2:00 – 2:50 Gadgets Zoo: Bypassing Control Flow Guard in Windows 10 - Rafal Wojtczuk – Jared DeMott Honeypots for Active Defense – Greg Foss Pavlovian Security: How To Change the Way Your Users Respond When the Bell Rings – Magen Wu (@tottenkoph) – Ben Ten (@ben0xa) Dog The Freaking (OSINT) Bounty Hunter – Helping Law Enforcement Catch Criminals For (Mostly) Fun – And (Probably No) Profit – Dennis Kuntz (no audio)
3:00 – 3:50 Red vs. Blue: Modern Active Directory Attacks & Defense – Sean Metcalf "@PyroTek3" Manufactorum Terminatus – The attack and defense of industrial manufacturers – Noah Beddome – Eric Milam The State of Information Security Today – Jeff Man Current Trends in Computer Law – Matthew Perry (Mostly no audio)
4:00 – 4:50 Metasploit Town Hall – David Maloney "thelightcosine" – James Lee "egyp7" – Tod Beardsley "todb" – Brent Cook "busterbcook" High Stake Target: Lo-Tech Attack – Bill Gardner "oncee" – Kevin Cordle Learning through Mentorship – Michael Ortega "SecurityMoey" – Magen Wu "Tottenkoph" Spankng the Monkey (or how pentesters can do it better!) – Justin Whitehead "(at)3uckaro0" – Chester Bishop "@chet121"
5:00 – 5:50 Red Teaming Enemy of the State – Wayne
(Not being posted)
Operating in the Shadows – Carlos Perez "darkoperator" The Law of Drones – Michael "theprez98" Schearer On Defending Against Doxxing – Benjamin Brown Ajnachakra
6:00 – 6:50 $helling out (getting root) on a 'Smart Drone' – Kevin Finisterre – solo ape Getting Started with PowerShell – Michael Wharton "MyProjectExpert" The Phony Pony: Phreaks Blazed The Way – Patrick McNeil "Unregistered436" – Owen "Snide" Practical Windows Kernel Exploitation – Spencer McIntyre @zeroSteiner
7:00 – 7:50 Phishing: Going from Recon to Creds – Adam Compton – Eric Gershman SETUP HackerQue – Michael Smith (DrBearSec) – Kyle Stone (Essobi) Hijacking Label Switched Networks in the Cloud – Paul Coggin (no audio)
Track 1 - Track 4 Schedule on Saturday, September 26th, 2015
Time Track 1 (Break Me) Track 2 (Fix Me) Track 3 (Teach Me) Track 4 (The 3-Way)
9:00 – 9:50 Pwning People Personally – Josh Schwartz "FuzzyNop" OSINT for AppSec: Recon-ng and Beyond – Tim Tomes "lanmaster53" Mobile Application Reverse Engineering: Under the Hood – Drew Branch – Billy McLaughlin Hacking for homeschoolers – Branden Miller
10:00 – 10:50 Stagefright: Scary Code in the Heart of Android – Joshua "jduck" Drake Hacking Virtual Appliances – Jeremy Brown Introducing the RITA VM: Hunting for bad guys on your network for free with math. – John Strand – Derek Banks – Joff Thyer – Brian Furham Going AUTH the Rails on a Crazy Train – Tomek Rabczak – Jeff Jarmoc
11:00 – 12:00 Lunch      
12:00 – 12:50 Dec0ding Humans Live – Chris Hadnagy @HumanHacker ISLET: An Attempt to Improve Linux-based Software Training – Jon Schipp Breaking in Bad (I'm the one who doesn't knock) – Jayson E. Street Bugspray – The 802.15.4 Attack Surface – Bryan "Crypt0s" Halfpap
1:00 – 1:50 Gray Hat PowerShell – Ben Ten (@ben0xa) CyberSecurity Alphabets – Hacker Edition – Reuben Paul Developers: Care and feeding – Bill Sempf Unbillable: Exploiting Android In App Purchases – Alfredo Ramirez
2:00 – 2:50 WhyMI so Sexy? WMI Attacks – Real-Time Defense – and Advanced Forensic Analysis – Matt Graeber – Willi Ballenthin – Claudiu Teodorescu Losing Battles – Winning Wars – Active Defense Rebooted – Rafal Los "Wh1t3Rabbit" Fingerprinting the modern digital footprint -  Arian Evans BYPASS SURGERY ABUSING CONTENT DELIVERY NETWORKS WITH SERVER-SIDE-REQUEST FORGERY (SSRF) FLASH AND DNS – Matthew Bryant (mandatory) – Michael Brooks (rook)
3:00 – 3:50 Hackers vs. Defenders: Can the defender ever stop playing catch up and win? – Mano Paul "dash4rk" Social Media Risk Metrics. When OMGWTFBBQ meets risk algorithms. – Ian Amit – Alex Hutton Surviving your Startup – Bruce Potter
(part of talk missing)
Dynamic Analysis of Flash Files – Jacob Thompson
4:00 – 4:50 Medical Devices: Pwnage and Honeypots – Scott Erven "windshield wipers" – Mark Collao Building a Brain for Infosec – Ryan Sevey – Jason Montgomery How to ruin your life by getting everything you ever wanted. – Chris Nickerson Attacking Packing: Captain Hook Beats Down on Peter Packer – Vadim Kotov – Nick Cano
5:00 – 5:50 State of the Metasploit Framework – James Lee "egypt" How to Build Your Own Covert SIGINT Vehicle – Drew Redshift Porter Using Windows diagnostics for system compromise – Nicholas Berthaume "aricon" Johnny Long and Henry Wanjala – HFC Update
6:00 – 6:50 Credential Assessment: Mapping Privilege Escalation at Scale – Matt Weeks "scriptjunkie1" SETUP InfoSec Big Picture and Some Quick Wins – Schuyler Dorsey HARdy HAR HAR HAR: HAR File Collection and Analysis for Malware – Robert Simmons "Utkonos"
Stable Talks on Saturday, September 26th, 2015
Time Stable Talks
9:00 – 9:25 Stacking the Virtual Deck: Attacks by Predicting RNGs – Adam Schwalm
9:30 – 9:55 Homebrewing for Hackers – Benjamin Holland – Amber Aldrich
10:00 – 10:25 Stealthy and Persistent Back Door for Z-Wave Gateways – Jonathan Fuller and Ben Ramsey
10:30 – 10:55 Building a Better Honeypot Network – Josh Pyorre
11:00 – 11:25 Lunch
11:30 – 11:55 Lunch
12:00 – 12:25 Surveillance using spare stuff – Matt Scheurer "Cerkah"
12:30 – 12:55 Crypto 101: An Intro To Real-World Crypto – Adam Caudill
1:00 – 1:25 Practical Attacks Against Multifactor – Josh Stone
1:30 – 1:55 Hacking the Next Generation – David Schwartzberg
2:00 – 2:25 The Human Interface Device Attack Vector: Research and Development – Alexander Livingston Segal
2:30 – 2:55 A survey of Powershell enabled malware – Tyler Halfpop
3:00 – 3:25 Tool Drop: Free as in Beer – Scot Berner – Jason Lang
3:30 – 3:55 Tactical Diversion-Driven Defense – Greg Foss – Thomas Hegel
4:00 – 4:25 Windows 10 Defense in Depth – Eddie David
4:30 – 4:55 Latest Tools in Automotive Hacking – Craig Smith
5:00 – 5:25 Ansible. And why it works for me. – Charles Yost
5:30 – 5:55 Learning Mainframe Hacking: Where the hell did all my free time go? – Chad Rikansrud "Bigendian Smalls (BeS)""
6:00 – 6:25 Intercepting USB Traffic for Attack and Defense – Brandon Wilson
6:30 – 6:55 Geeks Need Basements! – Kathleen Veach
7:00 – 7:25 Intro to x86 – Stephanie Preston
7:30 – 7:55 Spy Vs. Spy: How to Use Breakable Dependencies to Your Advantage – Stacey Banks – Anne Henmi
Track 1 - Track 4 Schedule on Sunday, September 27th, 2015
Time Track 1 (Break Me) Track 2 (Fix Me) Track 3 (Teach Me) Track 4 (The 3-Way)
9:00 – 9:50 Is That a Router in Your Pocket or are You Trying to P0wn Me? – Michael Vieau – Kevin Bong Beyond Bad IP Addresses Hashes and Domains - Ed McCabe How I Stopped Worrying and Learned To Love InfraOps – Karthik Rangarajan (krangarajan) – Daniel Tobin (dant24) PHaaS – Phishing as a Service – Raymond Gabler
10:00 – 10:50 The little-known horrors of web application session management – Matthew Sullivan DNS Miner – A semi-automatic Incident response and threat intelligence tool for small – over worked security teams – Doug Leece – AJ Leece Blue Team Army – It's *your* network – defend it! – Mick Douglas – Jamie Murdock Circles & Boxes – Drawing SecArch into your program – Chris Robinson
11:00 – 11:50 Practical hardware attacks against SOHO Routers & the Internet of Things – Chase Schultz "f47h3r" Martin Bos and Eric Milam
(did not happen)
LongTail SSH Attack Analysis – Eric Wedaa Disecting Wassenaar – Tyler Pitchford
12:00 – 12:30 Quick lunch break
12:30 – 1:20 Stretching the Sandbox with Malware Feature Vectors – Mike Schladt Larry Pesce – My password cracking brings all the hashes to the yard.. Hunting Unicorns and Jerks – Irrational – Defensible – or Necessary? – Steve Werby Five Hardware Hacking Projects Under $30 – Kevin Bong – Michael Vieau
1:30 – 2:20 Gnuradio demystifying rf black magic – Matthew O'Gorman "mog" Intrusion Hunting for the Masses – A Practical Guide – David Sharpe The problems with JNI obfuscation in the Android Operating System – Rick Ramgattie Confessions of a crypto cluster operator – Dustin Heywood "EvilMog"
2:30 – 3:30 Closing Ceremonies      

Downloads
https://archive.org/details/DerbyCon2015

 

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast