| 09:00 |
Bos,
Crenshaw,
Kennedy
|
Welcome to DerbyCon 2011 – Intro to the con and events |
| 10:00 |
Moore
|
Keynote - Acoustic Intrusions |
| 11:00 |
Long
|
Hackers for Charity Update |
| 12:00 |
Kennedy,
Mitnick
|
Adaptive Penetration Testing |
| 13:00 | The Penetration Testing Execution Standard (PTES) Panel |
|
| 14:00 |
Potter
|
The Details Don’t Matter |
| 15:00 |
Nickerson
|
Compliance: An Assault on Reason |
| 18:00 |
McCoy,
Silvers
|
Hook, Line and Syncer: The Liar for Hire’s Ultimate Tacklebox |
Atlas
|
sploit me if you can |
|
| 19:00 |
Scott
|
Jason Scott’s Shareware Calvacade |
Gostom,
Marpet
|
Smile for the Grenade! Camera go Bang! |
| 09:00 |
Kuntz
|
Mining Sensitive Information From Images Using Command-Line OCR |
Baskin
|
Walking the Green Mile: How to Get Fired After a Security Incident |
|
Weidman
|
Throw It in the River? Towards Real Live Actual Smartphone Security |
|
| 10:00 |
Arpaia
|
Beat to 1337: Creating A Successful University Cyber Defense Organization |
Schorr
|
Rule 1: Cardio (and 9 other rules to keep intruders out) |
|
Simon
|
Pentesting over Powerlines |
|
| 11:00 |
Perez
|
Tactical Post Exploitation |
Hoffecker
|
Exploiting PKI for Fun & Profit or The Next Yellow Padlock Icon? |
|
Pesce
|
You are the Smart Meter: Making (and hacking) of the 2011 MA-CCDC electronic badges |
|
| 12:00 |
Asadoorian,
Strand
|
Offensive Countermeasures: Still trying to bring sexy back |
Becker
|
73o7\/\/@\/\/Ki – Survival Hacking your way out of Armageddon |
|
Sempf
|
Is locksport a sport? |
|
| 13:00 |
Huffman
|
When Fuzzers Miss: The no Hanging Fruit. |
Hopper
|
Avoiding the Landmines in your own Backyard |
|
Infojanitor
|
Virtual trust, Virtual Permission and the Illusion of Security |
|
| 14:00 |
Los
|
You’re Going to Need a Bigger Shovel – A Critical Look at Software Security Assurance |
Fuller,
Gates
|
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class |
|
Feinstein,
Jarmoc
|
Get Off of My Cloud: Cloud Credential Compromise and Exposure |
|
| 15:00 |
Hayes,
Rangarajan
|
OSINT Beyond the Basics |
Sverdlik
|
Your perimeter sucks |
|
Shah
|
Mobile App Moolah: Profit taking with Mobile Malware |
|
| 16:00 |
int0x80
|
Anti-Forensics for the Louise |
Booth
|
Hide yo kids, hide yo wife: Residential security and monitoring the bottom line |
|
McCorkle,
Rios
|
100 bugs in 100 days: An analysis of ICS (SCADA) software |
|
| 17:00 |
Redman
|
Tomorrow you can patch that 0day – but your users will still get you p0wn3d |
Farina
|
Free Floating Hostility |
|
Buechler,
Ullrich
|
Open source firewalling with pfSense |
|
| 18:00 |
Thyer
|
Covert Channels using IP Packet Headers |
Daniel
|
Surviving a Teleporter Accident (It could happen to you) |
|
Spiky Geek
|
How I learned to roll my own: Building custom pen testing platforms on the fly |
|
| 19:00 |
Hughes
|
BioMining: Data Mining for (Neuro) hackers |
Crenshaw
|
Building a Svartkast: Cheap hardware to leave behind on someone else’s network |
| 09:00 |
Miller
|
Battery Firmware Hacking |
N00bz
|
Advanced Penetration Techniques for the non-technical n00b |
|
Roberts
|
A Tribute to Dr. Strangelove |
|
| 10:00 |
Cutright,
Van Eeckhoutte
|
Win32 Exploit Development With Mona and the Metasploit Framework |
Street
|
Steal Everything, Kill Everyone, Cause Total Financial Ruin! (Or How I Walked In And Misbehaved) |
|
Osborne
|
The Hidden XSS – Attacking the Desktop |
|
| 11:00 |
Linn
|
Collecting Underpants To Win Your Network |
Lee
|
State of the Framework Address |
|
Douglas
|
Blue team is sexy — refocusing on defense — Part II — All you baseline are belong to us |
|
| 12:00 |
Scheeres
|
Social Engineering is a Fraud |
Bowes
|
Advanced Nmap Scripting: Make Nmap work for you! |
|
Arlen
|
Why InfoSec Practitioners Are Failing |
|
| 13:00 |
Kelley
|
Infectious Media – Bypassing AutoRun once and for all |
Ollam
|
Distinguishing Lockpicks: Raking vs Lifting vs Jiggling and More |
|
d'Otreppe
|
OpenWIPS-ng |
|
| 14:00 |
Eston,
Johnson
|
Desktop Betrayal: Exploiting Clients through the Features They Demand |
Mudge
|
Dirty Red Team tricks |
|
Drake
|
Exploiting Java Memory Corruption Vulnerabilities |
|
| 15:00 | Closing Ceremony |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.