AI is ushering in a new era of sophisticated cyber-attacks and defence. In this session, we will explore AI from a hacker's perspective. The first half is about the security of AI and starts with a fast-paced introduction to AI tech. Building on this foundation, we survey the major AI vulnerability classes, attacks and defences, supported by examples. This section concludes with AI policy recommendations to help you influence the debate on AI within your organisation. The second half is about applying AI to cyber attacks and defence. Demos will cover practical use cases and includes prompts and patterns for penetration testers, developers, cloud security engineers, incident responders and policy writers. ## Agenda - AI overview: the bare essentials (10 mins) - Attacks against AI and countermeasures (10 mins): the what and the how - Applied AI for security practitioners (15 mins): what you can do with AI (demos and free prompts!) - Q&A (5 mins)

Remembering how it all started with older ones, funny things and lessons from the past for the younger generation. Starting with save game byte patching to increase lives/money. Getting online by dealing BBSes, identifying connection speed by modem noise and encountering DOS viruses. Getting on the internet, frustrated by dial-up costs, trying phreaking tricks, studying how the phone system works and realizing all that is obsolete. Network "wars" with WinNuke, Smurf, etc. Trying to understand how they work, getting on EFnet IRC. Shellz! Reading Phrack, Bugtraq. C, assembly, exploit development, x86/MISP/SPARC/HPPA/PPC. Understanding the value of exploitable bugs. Hacking scene, from "Free Kevin!" to the anti-security movement. PHC takeover of #phrack, Proj3kt M4yh3m, fake (better?) Phrack zines. ~el8 and Defcon10. Remote exploits (incl. fake/backdoored binaries and broken sources), high- and low-profile hacking. Operation "Get rich or die tryin". Diving into kernel rootkit development. Going back to reality. Those who didn't get busted moved on. Free Kevin now runs a security company.

During this presentation, we will take a look over how we can bypass most Anti-Virus detection using a payload embedded on a BadUSB device, resulting in a silver bullet for gaining initial access inside a victim network. Demo will be also included during the presentation.

This talk is a "Best of" my "Beyond the good ol' LaunchAgents" blogpost series. In this 40 minute long talk I will present my favorite 10 persistence methods I learned about or found myself in the past year. I will show some very unique, less known ideas, or some which are well known by sysadmins, but less used by the security community, red teams or malware. I will also share detection ideas for every technique, which is usually not covered in my blogposts.

Throughout 2022 and 2023 the Security Service of Ukraine (SBU) has disrupted several, so called, bot farms which were used for a variety of different operations in support of the conventional military activity. This is a quick overview of those bot farms, how they were set up, how they worked, together with some context.

If you were always interested in playing Minecraft but never had the chance/motivation/knowledge to hack it ... Or, if you were always interested in game hacking, but you never tried Minecraft, this presentation is for you! Scanning for Minecraft servers, network proxies, Fabric, and stealing showing content from LiveOverflow is all part of the fun.

How secure is an industrial system? And how difficult is it to be able to attack him? These are some of the questions I will try to answer in this talk. I will explain how to attack an OT system composed of PLC and SCADA by exploiting the vulnerabilities of the Modbus protocol, until generating a DoS of the control PLC. Physically I will have a simulator of a plant, a PLC and an HMI system: the demo consists in showing how with Python scripts it is possible to carry out a Man-in-the-Middle attack, data dumping, flooding attack on the plant and DoS of the PLC. All done live.

Anonymization and pseudonymization may look like very similar concepts, but according to GDPR, it is not the case. Pseudonymized data can be recovered using some secret information (e.g. a decryption key), anonymized data on the other hand cannot be recovered under any circumstances. In this talk, we will examine a hash-based anonymization protocol and a public key encryption-based pseudonymization protocol.

In this talk, we will explore the mysterious world of hackable synthesizers and music-focused development boards. We will discuss how these platforms differ from traditional instruments, and provide an overview of some of the most popular devices on the market. We will delve into the unique features of these platforms, how they work and what you can do with them. We will examine how these devices can be used to create your own sound processors and synthesizers to create unique sounds and instruments. Throughout the talk we will show you how to get started, what the most popular languages and platforms are. If you are a hacker who is passionate about music, hardware or coding, this talk is for you.

Parsing a message in a structured format sounds fairly straightforward, doesn’t it? This talk is about raising awareness about the hidden threat of parser differentials: when two (or more) different parsers interpret the very same input message differently. Such anomalies may have security consequences, even for well-understood and relatively simple formats such as JSON. As security researchers, we are interested in identifying pairs of parsers that behave inconsistently for the same input - or in short, finding the attack primitives. Fuzzing is indeed for the rescue once again - however, standard tools and techniques don’t apply here very well. This talk will be covering the various technical challenges: like how to fuzz multiple parsers in parallel effectively and how to classify the results with automation. Showcasing some interesting JSON differentials!

Have you ever heard someone say, "that's not part of my threat model" and wondered what it means? A threat model is simply identifying and evaluating potential dangers to a system, process, or even a person. However, creating a threat model can be daunting, especially when it comes to personal security. Most people don't think about it outside of work, and even professionals can find the formal methodologies overwhelming. It’s easy to get disillusioned as soon as you try to map having a dog to STRIDE. This is where Benedek comes in. He faced the same challenges when trying to improve his own security and help his friends and family do the same. In his presentation, he will walk you through the process of building your own personal "Pocket Threat Model", which will help you identify and reduce potential risks. He'll show you how to start with the basics, such as identifying your assets (e.g., your devices, accounts, and personal information) and assessing their value and importance to you. Then, he'll guide you through expanding your scope to consider potential threats, assess exposure and find countermeasures.

Power system application is core of the entire power station eco-system. With this application anyone (with desired access) can modify stations parameters, can add station, can shut down stations or power itself etc. With this application we can control devices connected, automated baseline monitoring, remote access control, and automatic scheduled password changes, ultimately entire device management for most of the Scada. What if this application gets pwned? What if the application has bunch of vulnerabilities? What if attacker gets hold on the application and can shut down power stations? What if attacker can mess with the sub-stations and devices? We’re going to talk about – how attacker can intrude into environment and mainly pwn the power system application which ultimately will lead to take control of the devices, stations, entire power system etc. We’re going to discuss about our recent Red Team engagement in which we’ve hacked into the power system application and were able to do plenty of malicious activities. We’ll talk about several vulnerabilities which we found in one of the well-known Power System Application and they’ve compatibility with almost every manufacture and this is used in various SCADA organizations to connect the OT devices, centralized monitoring, management / administration of OT platforms. Final notes, we’ll talk about industry standard best practices, approach towards having zero trust and defense in depth

This workshop is aiming to provide analysts, blue teamers, and curious knowledge seekers with the ability to kickstart their learning career in memory forensics. I will be providing the basics of memory forensics in these 2 hours of a workshop session, and then incite participants to take part in a small Jeopardy-style CTF to solve small tasks that will help you build the foundations. The workshop will touch on the following topics: Why do we need memory forensics? What can be retrieved from memory? What malware artifacts can we grab? Windows memory structure. Best practices and tools. Memory acquisition and chain of custody. Participants will be provided with the presentation slides, a prerequisite tools list, access to the CTF platform, and an infected VM image that they need to work on. The format of the workshop will be interactive: the first part is about having theoretical knowledge, then participants can work on the CTF platform to gain points and advance their knowledge.

During this workshop we would like to focus on some web attacks gaining bigger popularity nowdays. Mainly we will focus to Json Web Token (JWT) and Paraméter Pollution. These attacks are not so wildely known as the classical SQL injection, XSS, LFI, and other well known attacks. The new web application development techniques are rendering some of the well known techniques less usable, but remains vulnerable to these new type of attack vectors. The workshop is an introduction to these techniques, we do not want to go deep into one technique, but overview the possibilities.

This workshop will cover the use of OSINT (Open-Source Intelligence) techniques for investigating and tracing email addresses and phone numbers. Participants will learn advanced methods for analyzing and cross-referencing different sources of data, including social media profiles, and public records, to uncover hidden connections and gain insights into individuals and organizations. The workshop will also explore various OSINT tools and techniques for verifying and validating email and phone data, as well as best practices for privacy and ethical considerations.

The workshop will begin with a brief explanation of what HackTheBox is, which is a platform where people can practice their cybersecurity skills by solving challenges and attacking vulnerable machines. After the introduction, attendees will be given a specific machine to solve, which has vulnerabilities related to Active Directory (AD) misconfiguration. Active Directory is a technology developed by Microsoft that manages users, computers, and other resources in a networked environment. Misconfigurations in AD can leave a system vulnerability to attack, and this machine has intentionally been set up with such vulnerabilities for the purpose of this workshop. As a guided walkthrough, this workshop will provide a valuable opportunity for those interested in starting a career in cybersecurity to gain hands-on experience solving real-world problems. Additionally, defenders, or those working to protect networks from attacks, can gain experience using a tool called Bloodhound, which helps identify AD misconfigurations and potential attack paths.