2017-09-22

08:30

• Opening Ceremonies

09:00

• Subverting Trust in Windows - A Case Study of the "How" and "Why" of Engaging in Security Research

10:00

• I had my mom break into a prison, then we had pie.

12:00

• So you want to be a Social Engineer

• Further Adventures in Smart Home Automation: Honey, Please Don’t Burn Down Your Office

• When to Test, and How to Test It

• How to Measure Your Security: Holding Security Vendors Accountable

• Eye on the Prize

12:30

• Building Better Backdoors with WMI

13:00

• Here Be Dragons: The Unexplored Land of Active Directory ACLs

• Securing Windows with Group Policy

• A New Take at Payload Generation: Empty-Nest

• How we accidentally created our own RAT/C2/Distributed Computing Network

• Beyond xp_cmdshell

13:30

• Bots, Trolls, and Warriors

14:00

• TBD

• Defending against PowerShell Attacks

• VMware Escapology: How to Houdini The Hypervisor

• Active Defense for web apps

14:30

• Building Google for Criminal Enterprises

15:00

• Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@('Tech','niques') -Join'')

• CredDefense Toolkit

• 3rd Annual Metasploit Townhall

• IoT Security – Executing an Effective Security Testing Process

• V!4GR4: Cyber-Crime, Enlarged

16:00

• PSAmsi - An offensive PowerShell module for interacting with the Anti-Malware Scan Interface in Windows 10

• Steel Sharpens Steel: Using Red Teams to improve Blue Teams

• Purpose Driven Hunt: What do I do with all this data?

• Fileless Malware - The New “Cyber”

• The skills gap: how can we fix it?

16:30

• Extending Burp

17:00

• An ACE in the Hole: Stealthy Host Persistence via Security Descriptors

• Introducing DeepBlueCLI v2, now available in PowerShell and Python

• DanderSpritz: How the Equation Group's 2013 tools pwn in 2017

• Hunting Lateral Movement for Fun and Profit

• Shellcode Via VBScript/JScript Implications

17:30

• Retail Store/POS Penetration Testing

18:00

• War Stories on Embedded Security: Pentesting, IoT, Building Managers, and how to do Better

• Run your security program like a boss / practical governance advice

• Defending the Cloud: Lessons from Intrusion Detection in SharePoint Online

• (Mostly) Free Defenses Against the Phishing Kill Chain

• Improv Comedy as a Social Engineering Tool

18:30

• How to safely conduct shenanigans

19:00

• Digital Vengeance: Exploiting the Most Notorious C&C Toolkits

• The .NET Inter-Operability Operation

19:30

• A presentation or presentations because...