Loading…
SkyDogCon 2015 has ended
Track 1 [clear filter]
Friday, October 23
 

9:30am

Opening Remarks
Speakers

Friday October 23, 2015 9:30am - 10:00am
Track 1

10:00am

Multirotors for fun and hacking - Ron Foster
Have you ever wanted to build a multirotor? lets demystify it for you, it is not that hard and really fun. 

Speakers
RF

Ron Foster

With over 15 years of IT experience with various platforms and technologies, I have tested both large and small enterprise applications. Cutting my teeth as a UNIX instructor for Sun Microsystems. I then went on to make a career out of breaking things, and I have been doing it ever... Read More →


Friday October 23, 2015 10:00am - 11:00am
Track 1

11:00am

Keynote: From IT to Pentester - JP Dunning
Work in IT? Want to make a change? Pen-testing sound like a fun job? The key is to make your job work for you. Even outside of a technical job, your “hobbies” can be just as beneficial. Breaking into security as a professional can be a tough nut to crack. Luckily, we are just the type of people who love to break in.

This presentation will walk you through some of the advice I was given over the years. A lot of what works and what is not worth the stress, along with ways to work with you current positional to get into security as a professional. If you think this is an overwhelming task, your wrong. Everyone in infosec has their own story, and this presentation may help guide yours. 

Speakers
JD

JP Dunning - @r0wnin

JP Dunning “.ronin” is a security consultant and researcher. His main research interests include wireless, physical, and hardware security. He is the primary developer on Katana: Portable Multi-Boot Security Suite, SpoofTooph, BlueRanger, and other open projects. He also developed... Read More →


Friday October 23, 2015 11:00am - 12:00pm
Track 1

1:00pm

Vulns in Hunter Exploit Kit - Paul Burbage

The Hunter Exploit Kit is available for purchase in underground forums making it easily attainable for miscreants conducting cybercrime campaigns. This talk will cover info on previous campaigns including its dropped malware, usage of the exploit kit, and vulnerabilities found in the PHP admin panel.


Speakers
PB

Paul Burbage

Paul Burbage is an avid security network enthusiast with over 13 years of experience. He has a passion for breaking malware panels and disrupting the cybercrime ecosystem. Currently he works for PhishMe as a malware researcher.


Friday October 23, 2015 1:00pm - 2:00pm
Track 1

2:00pm

Hacking Grain! - Jim Manley
Ever wondered what the difference is between “whisky” and “whiskey?” Or what makes bourbon different than Scotch? Or why does this whisky give me a hangover and that one doesn’t? This talk is a whirlwind tour of what whisky is, the science and art of how it is made, and how whiskies differ. We will also cover organoleptic analysis techniques that will allow you to break a whisky down and uncover the complexities of the aroma and flavor profiles. By the end of the session you’ll be equipped to confidently answer the “What would you like to drink?” question at that important client dinner or meeting with the boss with an answer other than “Red Bull® and vodka.”

Speakers
JM

Jim Manley

Aged InfoSec practitioner who has spent 30+ years trying to keep bad people from stealing secrets. Part-time bourbon distillery worker who spends weekends educating the public on the wonders of whisky. Newly minted grad school professor shaping young minds by exposing them to life... Read More →


Friday October 23, 2015 2:00pm - 3:00pm
Track 1

3:00pm

Everything You Know About Security Is a Lie - Curtis Koenig
Have you ever considered what it means to be secure? Is the concept of security a mental construct or is it something that is equally quantifiable across people? Several recent studies have shown disparity in the way experts and non-experts act with regards to how they view and act when presented with security choices. This talk seeks to examine how "Mostly Hairless Monkeys (MHM)" or Humans perceive and act with regards to "security".

Speakers
CK

Curtis Koenig

Curtis has done security work for higher education, high tech, insurance and banking industries over the last 20 years. His experience spans network, physical, logical and software level activities. His favorite though is the mental and psychological aspects that affect not only security... Read More →


Friday October 23, 2015 3:00pm - 4:00pm
Track 1

4:00pm

Scotty Moulton - Title TBD
Speakers

Friday October 23, 2015 4:00pm - 5:00pm
Track 1

5:00pm

Programmers, Players and Pain - Dr Scott
Dr. Scott, from the Weird Medicine Show, returns for a second time to discuss some of the common ailments affecting computer "over-users".  He will discuss warning signs, prevention ideas, diagnostic exams and treatment options from an Integrative perspective.  Dr. Scott has been practicing medicine for 14 years, and Dr. Steve's side kick for 7 years, lot's of experience and lots of great stories!  If you have any specific questions you would like addressed but don't want to ask in public, send him an email prior to the conference.

Speakers

Friday October 23, 2015 5:00pm - 6:00pm
Track 1

6:00pm

Keynote: Why are you here? - Jayson Street
TBD

Speakers
JS

Jayson Street

Jayson E. Street is an author of “Dissecting the hack: The F0rb1dd3n Network” from Syngress. Also creator of http://dissectingthehack.com He has also spoken at DEFCON, DerbyCon, UCON and at several other ‘CONs and colleges on a variety of Information Security subjects. His life... Read More →


Friday October 23, 2015 6:00pm - 7:00pm
Track 1
 
Saturday, October 24
 

10:00am

How to Not Cheat on Your Spouse: What Ashley Madison Can Teach Us About OpSec - l0stkn0wledge
Embarrassed spouses everywhere are scurrying for excuses about their infidelity. This refresher will look at some lessons we can all take away on how to not get caught up in embarrassing situations.

Simple steps could have prevented lots of embarrassment and if you need to do something unavoidable you should take lessons from the mistakes of these unfortunate souls.

Speakers
J

Joey

Ten year security professional whose worked in certifications to penetration testing across a variety of industries, l0stkn0wledge provides his own skewed view of the world to any others who would bother to listen. 


Saturday October 24, 2015 10:00am - 11:00am
Track 1

11:00am

Hacking the Job Market: Socially Engineering Hiring - Josh More
There is a lot more skill in the security community than is reflected in the jobs we can get. Most people are limited not by technical skills or even soft skills necessary to do well in a new job, but because landing a job is a different skillset than keeping one. Thus, good people are stuck in dead end jobs while unethical incompetents bounce from job to job, increasing their profile and salary with each hop. It's time to change that.

Fortunately, while we live in a world where personal data is out of control, that applies to prospective employers as well as ourselves. It's time to turn the world's proliferation of data to our advantage. This presentation explains the job hunting process through a hacker's lens. It discusses why the most commonly followed models fail and how to better approach the search. It covers deciding to leave your current job, researching new possible job opportunities, targeting your new boss, controlling the job interview process and negotiating your new compensation and the departure from your current job.

Speakers
avatar for Josh More

Josh More

https://www.eyrasecurity.com, Eyra Security
Josh has more than eighteen years of experience in security, IT, development and system and network administration. Currently, he runs Eyra Security, a security and business improvement consulting firm based in Minneapolis, MN. Josh holds several security and technical certifications and has served in a leadership position on several security-focused groups. He has written several books on I.T. and Information Security, with... Read More →


Saturday October 24, 2015 11:00am - 12:00pm
Track 1

1:00pm

x = x + 1; # Except when it doesn't - Redvers Davies
Remember the "good 'ol days" when rendering video took up 100% of your one CPU? Remember the "bad 'ol days" when the rendering took 100% of _one_ of your four CPUs?

The Laws of Physics have finally eaten Moore's law. In 10 years expect thousands of slower cores. As the number of cores scale, how do we build software that scales with it?

Speakers
RD

Redvers Davies

Team Periwinkle during the day, code junkie at night.Happy when neck deep in massive data-streams looking for the shiny / indicators of compromise.Happier when learning new languages and finding new problems to solve.Happiest when reminiscing over a Pimm's No. 1 about being the prettier... Read More →


Saturday October 24, 2015 1:00pm - 2:00pm
Track 1

2:00pm

TSA Luggage Locks: Details, Flaws & Making The Best Of A Bad Lock - IronGeek
Every lock picker knows that the TSA approved Travel Sentry/Safe Skies locks are garbage, but if you don’t want your normal checked bags to have its locks cut off, there are only so many options. While this knowledge is common to lock sport folks, the average traveler is mostly unaware of it. This talk will cover the 7 master keys used by the TSA, non-destructive attack methods to open the locks, efforts to reproduce the master keys by reverse engineering the locks, and what TSA approved locks are the best of a bad situation.

Speakers
avatar for Adrian Crenshaw

Adrian Crenshaw

Irongeek
Adrian Crenshaw has worked in the IT industry for the last fifteen years. He runs the information security website Irongeek.com, which specializes in videos and articles that illustrate how to use various pen-testing and security tools. He did the cert chase for awhile (MCSE NT 4... Read More →


Saturday October 24, 2015 2:00pm - 3:00pm
Track 1

3:00pm

Meaningful Measurement: Feeding the Cyber FUD Monster - Phat Hobbit
Fear, Uncertainty and Doubt (FUD) has become a staple in the cyber-attack measurement and reporting diet. Be it sensationalist and hyperbole-filled language, or the lack of any meaningful and consistent measurement methodology, the end result is the same: zero clarity concerning an already complex subject matter which serves to continue rather than counter the cyber-crime threat. The public discussion (via media reports) and business insight (through myriad methodologies of mis-measurement) need to be better framed if we as an industry are to truly confront the growing and increasingly expensive problem of cyber-crime. Who the criminals were is of less import than how they got in; compromise indicators are more valuable to other businesses than the financial cost to that particular victim. The measurement metric dial has moved too far towards attribution and needs to be reset to prevention and a business-based analysis of risk once more.

Speakers
IT

Ian Trump

Ian Trump, CD, CPM, BA is an ITIL certified Information Technology (IT) consultant with 20 years of experience in IT security and information technology. As a project and operational resource, Ian has functioned as an IT business analyst, project coordinator and as a senior technical... Read More →


Saturday October 24, 2015 3:00pm - 4:00pm
Track 1

4:00pm

Hacking Web Apps - Brent White
Assessing the security posture of a web application is a common project for a penetration tester and a good skill for developers to know. In this talk, I'll go over the different stages of a web application pen test, from start to finish. We'll start with tools used during the discovery phase to utilize OSINT sources such as search engines, sub-domain brute-forcing and other methods to help you get a good idea of targets "footprint", all the way to tools used for fuzzing parameters to find potential SQL injection vulnerabilities. I'll also discuss pro-tips and tricks that I use while conducting a full application penetration assessment. After this talk, you should have a good understanding of what is needed as well as where to start on your journey to hacking web apps.

Speakers
BW

Brent White

Brent is an Offensive Security Consultant at Solutionary--An NTT Group Security Company and has spoken at numerous security conferences, including ISSA International, B-Sides Nashville, CircleCityCon and DEF CON 22 & 23 and DerbyCon. He has held the role of Web/Project Manager and... Read More →


Saturday October 24, 2015 4:00pm - 5:00pm
Track 1

5:00pm

6:00pm

Staring Into the Light - Josh Ruppe
When you think of someone performing a standard man in the middle attack, what do you picture in your head? A network tap on copper cables? Someone using a WiFi Pineapple? Well what if the data being intercepted is leaving your home or coffee shop? Would you feel safer if your data was inside an optical fiber? You shouldn't. Fiber optics are just as susceptible to tapping as any other method of communication. In my demo lab, I will show you how fiber optic tapping works, how to conceal a tapping setup and how to defend against such an attack.

Speakers
JR

Josh Ruppe

Josh Ruppe has been working in information security for a little over a decade, and is currently working as a Security Engineer in Atlanta, GA. Josh's primary focus is on penetration testing, but also dabbles in web application security, cryptography and reverse engineering.


Saturday October 24, 2015 6:00pm - 7:00pm
Track 1