SAINTCON Speakers

Content Lineup

The following content has been confirmed but is not yet scheduled.

SHOW ALL KEYNOTES PRESENTATIONS TRAININGS


By: Kyle Feuz  kfeuz

Have you heard your friends or colleagues talk about "sniffing" network traffic? Do you want to know if that new "smart"-X device is actually just a way for companies to "steal" more of your private information. Find out what is really happening on your networks with this introduction to Wireshark, one of the most popular tools used in industry for network analysis. No prior knowledge is necessary. We will start with a brief introduction to Wireshark, its capabilities and uses. Next, we will discuss where and how to monitor your network with Wireshark and what factors affect those decisions. At this point we are now ready to start applying capture filters, display filters, and custom colorization rules to highlight the information we are interested in seeing. We will focus on understanding several popular network protocols including ARP, IP, ICMP, TCP, UDP, HTTP and others. We will also take a look at recently disclosed vulnerability such as the DNS rebinding attacks targeting Roku, Google Home and other devices. The entire workshop will be very hands on with many different sample captures to work from as we identify both normal and abnormal traffic. We will not be doing any live captures.

By: Chris Truncer and Jared Blatt  

With its rise in popularity over the past few years, attackers, both white hat and black hat, have embraced the functionality of WMI and are leveraging it to enumerate information, attack systems, and gather sensitive data. This will be a lab driven workshop where we will walk attendees from interacting with WMI, gathering data on remote systems, code execution, interacting with remote processes, manipulating services, and more. This workshop will require attendees to have a either a Windows computer, or Windows virtual machine, as we will be writing code throughout the workshop.

By: Seth Law and Justin Larsen   

Web Hacking and exploitation of vulnerabilities on the web have been around for years. From the first exposure to SQL injection to the hipster vulnerabilities like server-side request forgery, hands-on experience with any of these vulnerabilities is hard fought and haphazard. Experience with any of these issues and their related tools depends on your ability to either find an instance to play with or work through an intentionally vulnerable application. This Web Hacking Workshop will feature common vulnerabilities taken from the OWASP Top 10 and work through explanations and hands-on exploitation of each type using common tools. Attendees are welcome to attend the whole time or just during vulnerabilities they are interested in. Requirements: Attendees are required to bring their own system with Kali Linux installed.

By: Matthew Toth  Holliday

The chances are very high that hidden threats are already in your organization's networks. Prevention systems and tools help reduce opportunities for adversaries and enable analysts to operate more effectively. The key, however, is to constantly look for attacks that get past security systems and to catch intrusions in progress rather than after attackers have completed their objectives and done worse damage to the business. This process is referred to as "Threat Hunting". Armed with an understanding of the general methodologies that the attacker utilizes in modern Advanced Persistent Threats (APT), we can better equip ourselves to defend and disrupt this type of attack. The goal of this workshop is to help train analysts and defenders how to hunt for these threats. Defenders need to choose data sources wisely so that they can see across all of the phases of an attack to give them the best chance of detecting an adversary.

By: Clint Sorenson   Cisco Systems

The intention of this demonstration is to illustrate how quickly and easily you can get the system up and running, and starting connecting your users and devices. We'll go through the principles of securing wireless and discuss the benefits/challenges associated with the different approaches to secure your wireless. You'll go through scenarios showing you how to simply and quickly set up Guest, BYOD and Secure Access in as little as five minutes. We'll discuss how to configure common settings on ISE and the WLC. We'll also show how to customize this experience to best represent your company and kill off all PSK SSIDs!

By: Seth Johnson  sj

Some have suggested that privacy is dead or unimportant. I believe that privacy is a fundamental pillar of society (from ancient to modern). This workshop will cover the following material: * Privacy: what is it and why does it matter? * Lessons from history about privacy * Paradigms to make informed decisions about privacy-related matters * Strategies to apply informed privacy decisions * Datasets that present privacy vulnerabilities * Notable threats to privacy choices * Community resources available to maintain my privacy choices and how to contribute/help * Detractors that are the result of privacy choices * Tools to use to enact privacy choices * Actions to take to enact privacy choices while using common devices, operating systems, and other products

By: Michael Whiteley  compukidmike

This will be an intro to designing PCBs in KiCad. The goal of this workshop is to have everyone design a basic minibadge. We will cover schematic, board layout, and generating fabrication files. There will also be time for you to work on your own designs, ask questions, and get some one-on-one instruction.

By: Kevin Lustic  m0rris

Explore binaries to new depths with this beginner's introduction to Reverse Engineering (RE) in Linux! During this course tailored for beginners, we will introduce the core concepts of static and dynamic binary triage. These skills will help you answer the following questions, which have been burning inside you for all those years: - Is this suspicious binary malicious? - What does this binary do under the hood? - Does this binary that my "friend" gave me contain anything extra?

By: Aelon Porat  

Step up your information security practice in this concentrated training. Whether you're making your first steps or just need a technical refresher, this hands-on class will leave you with a practical, solid understanding of infosec fundamentals. Topics cover: networking and common protocols, AWS, application and database security, Windows and Active Directory, and scripting with Powershell. We'll also look at how companies monitor for suspicious events and SIEM. Attack strategies and data exfiltration techniques will be demonstrated and analyzed as well. Prerequisites: Come hungry! No prior experience required. This course is super hands-on, and students will need to bring their own laptop, capable of running a VM, to follow all exercises.

By: Aelon Porat  

This training takes place inside a dedicated network, simulating a production environment with a complete Windows/Active Directory deployment. Students will assume the roles of both an adversary and the defender, starting as a regular desktop user and gradually escalating privelges and moving laterally across the enterprise. We'll review reconnaisance techniques, discover blind spots, pivot and eventually compromise otherwise-segregated servers. Students will gain invaluable insight into how Active Directory attacks work, understanding the artifacts that they leave behind and practical preventative and monitoring controls. To reduce attack footprint and simulate a real adversary, the playbook is exclusively built on Windows scripts and tools. We will not use Metasploit, Cobalt Strike, etc. Prerequisites: As an introduction class, no previous red or blue-team experience is required. However, students are expected to be familiar with basic Windows and network infrastructure. Basic Powershell and command-line experience is recommended. Equipment: Please bring a laptop computer capable of running at least two Windows 10 VMs (VM image will be distributed prior to class).

By: Lance Buttars  NEmus801

Have you ever wanted to own a computer system in 60 seconds or less? Come out to our Backdoor training class to learn how. We will teach you the dark arts of backdooring operating systems. By the end of the class, we're going to test your skills by leaving a computer unattended for 2 minutes and see how well you can do. See if you can gain control of the system and walk away unnoticed before we return.

By: Barrett Sellers and Jason Brown  Arbor Networks

Have you ever had to defend against a DDoS attack taking down your connectivity and availability? Do you think it won’t happen to you? Come join the leaders in DDoS defense solutions for a session of learning today's critical DDoS defense skills. You’ll learn how DDoS countermeasures work, followed by a role playing session where you will get to be both the defender and the attacker during several rounds of wargames. Your takeaway will be the knowledge of how attackers make their moves and how to use many of the current best practices in DDoS defense today.