Jared Haight, Microsoft

Keynote: Giving back to infosec: A beginners guide to being helpful

“The infosec community is driven by passionate people who give back through software, talks, teaching, etc. Its one of the things that makes our community a “”community””, but a lot of people don’t feel like they have anything to offer. Those that are new to the industry don’t feel like they know enough and veterans don’t think they have anything original to contribute.
In this feel good talk of the year, we’ll cover how everyone is an awesome and valuable human being who can help make our industry even better. We’ll go over how to contribute to Open Source Projects, how to submit to CFPs, how to help with cons, as well as other ways to help. We’ll also talk about the benefits of not being a sponge and how giving back can advance your career, help you make friends, make you more attractive, increase your APMs, and lead you true happiness.”

Jose Fernandez, CompSec Direct

Talk: Frony Fronius – Exploring Zigbee signals from Solar City

Solar equipment is becoming more readily used in homes and businesses due to cost savings, eco-friendly conservationism and current tax incentives. Companies like SolarCity use Power Inverters/Meters from 3rd parties in order to provide it’s services while making the solution affordable for customers. This research will focus on understanding the communication between the Inverter, Internet Gateway and web portal used to view electrical consumption of subscriber.


Brad Duncan, Palo Alto Networks – Unit 42

Keynote: Malware Distribution Trends

Criminals distribute malware using both wide-scale methods and targeted attacks. In this presentation, Brad discusses malware distribution trends noted during his day-to-day research as of January 2018. This talk examines three distribution methods: email, social media, and the web. This presentation contains several up-to-date examples of malware through mass-distribution including ransomware, information stealers, and cryptocurrency miners. Brad also covers a recent rise in tech support scams through popup browser windows with phone numbers to criminals posing as Microsoft support personnel.



Killan Ditch, Coalfire

Talk: Desist with Demanding Domain (aka, Stop Skipping the Strays)

Many penetration testers will hop into a network and single-mindedly chase Domain Administrator (DA) privileges. Having achieved that singular goal, some even call it quits and chalk up the test as a win. Various tools and strategies leveraging Active Directory, such as PowerShell Empire, BloodHound, and CrackMapExec, have emerged to assist and even automate the process of initial compromise through pivoting and privilege escalation. However, such tunnel vision on exploiting Windows Active Directory frequently leads to outright dismissal of the impact that the compromise of machines or accounts outside of a domain can have. This talk will explore assorted reasons why testers should consider stray non-member machines worth attacking and stop skipping them in the headlong pursuit of DA. Such consideration will include infrastructure hosts, rogue machines, and forgotten servers.

Esteban Rodriguez, Coalfire

Talk: Do more with less: Combining small findings to make a big impact

In this talk I will go through the process of evaluating an informational finding to find an additional attack surface via a discovered web app. By enumerating virtual hosts on a web server, an attacker can reach applications that were previously undiscovered by a network scan. By exploiting a persistent XSS flaw, I will show how you can gain full control of the application. After gaining control of the application, I will show how to perform post exploitation actions within the application to penetrate further into the target environment.  The focus of the talk will be on the WordPress Content Management System. I will explain how to turn any XSS flaw in any plugin into RCE on the WordPress server. I will introduce my toolset, WPForce, which can be used to backdoor core WordPress functionality to log plaintext passwords, dump hashes, inject malicious JavaScript, and pivot to other exploitation frameworks.


Price McDonald

Talk: Insecure Obsolte and Trivial: The Real IOT

Over the last few years Hardware Hacking has become a much more prevalent testing and attack avenue, however it is often misunderstood. This talk is meant to give a basic understanding of Hardware Hacking techniques, tips and tricks. In addition to real world examples and demos using budget oriented software and hardware.

Pedro Ortiz, Evertec

Talk: Blue Team Journal

Throughout time we have had to defend ourselves somehow. Nowadays, all around the world, 24/7, there are groups of people trying to defend the computers and networks in different companies. This talk is just a peek of the situations that a computer/network defender has to deal with in a day to day basis.


Carlos Perez, Tenable Security

Keynote:  Reinventing Self

Looks at the hacker mentality and how it sets those with it, the ability to reinvent themselves by applying the same TTPs to their environment .