2019 Talks

Classes

Talks

Classes

Amateur (Ham) Radio Examination

Speaker(s): Hackers for Charity (hackersforcharity.org)

Audience:

Anyone interested in getting/upgrading an Amateur Radio license

Description:

Want to get an Amateur Radio license or upgrade? Want to help others get licensed or teach using ham radio? Looking for public service training or serving as part of ARRL’s ARES field training team? You can even arrange an Amateur Radio contact for your students with the International Space Station! Before you go on air, you need to be licensed and know the rules. You can do all this and more by getting your license. Exam testing material is available for on various websites (e.g. http://www.arrl.org and https://www.w5yi.org), various apps for your phone (e.g. Ham Radio Exam – all levels), and great review books/PDFs (e.g. https://www.kb6nu.com/study-guides).

Bio: This event is sponsored by Hackers for Charity (https://www.hackersforcharity.org) with great support from Robbie McCray (W3RSM), volunteer examiner and Northern Delaware coordinator for the VE Testing Team. More info: http://ndvett.org

Let’s work together Zeekers!

Speaker(s): @fatemabw

Audience:

Everyone because it’s always cool to learn new tool and technology!
The 1st session (2hrs on Friday) will be an Introductory session and will also go over the major changes beside the name!
The second session (2hrs on Saturday) will be an advanced Zeek session where we will learn more about advance script writing and different frameworks used in Zeek.

Description:

Zeek and You shall find! BRO is now Zeek! it is an open source free tool that is used by many big and small organizations. It’s a great Network Security Monitoring tool and provide human digestible ASCII log files for the network activity, and seen as a portable full pcap solution by many. This talk/session is going to get attendees feet wet in Zeek-land, with what and how’s of Zeek, some hands on exercises to get familiar with the Zeek scripting language and signature creation, as well as some advance use-cases of Zeek which would help people get an idea of it’s powerful logging and scripting framework. And if time permits, could share some real world use-cases of Zeek to get the value right from the bat.

VM images of the system are already configured with the required tools, so students can prepare by bringing their laptops with either VMware Fusion (if macOS) or VMware workstation/ VMplayer.

Bio: Fatema Bannat Wala is a Security Engineer at the University of Delaware where her responsibilities include monitoring network traffic for intrusions and malicious activities. Fatema has held prior roles in security research and software engineering and she holds CISSP certification and GIAC security certifications in intrusion analysis, incident handling and penetration testing.

JHDigital Capture the Flag (JHDCTF)

Speaker(s): JHDigital (John Hammond)

Audience:

CTF players, hackers and friends! The game is geared towards both beginners and intermediate/advanced players. Everyone is welcome and encouraged to play!

Description:

Yet another Jeopardy-style Capture the Flag! Challenges for web exploitation,
reverse engineering, binary exploitation, steganography, forensics, cryptography and more! This competition is BYOD, “bring your own device.” Play to learn, and play to win! The game is geared towards both beginners and intermediate/advanced players. We will showcase and offer plenty of resources and learning material to get every player up to speed.

Bio: We are hacker friends are fellow CTF players, engaged in the cybersecurity community and presenters at local conferences. We are instructors, pentesters, and security professionals who train both civilian and military members across the Department of Defense and Department of Homeland Security. On YouTube, we showcase programming tutorials, CTF video walkthroughs, and cybersecurity guides. We offer challenges that have been incorporated in PicoCTF, CyberPatriot, and even DEFCON — all with the goal to sharpen your skills and foster a love of learning in cybersecurity!

Got a Con Tee….what to do with it?

Speaker(s): Jenny @tr0phywifehacks

Audience:

None technical or no experience in crafting

Description:

A hands on demo of what can be done with conference shirts. Little to no crafting experience needed. Many different way to use a shirt other then wearing them. Options for wall art, pet toys,shopping bags other options. Showing how to from start to finish a project. Demo how to use a sewing machine. Also demo no sew options. Would recomend attendee bring a shirt they would like to use.

Bio: Like to create things. love to show people how to repurpose and reuse all that is around them. I Take care @l0stknowledge and my furkids.

3, 2, 1, GO! From Noob to Pro with Golang

Speaker(s): @iDigitalFlame

Audience:

Students to InfoSec professionals with some programming and/or security background. Some programming knowledge is recommended.

Description:

Learning Golang is a great opportunity for everyone, from programmers to red teamers to increase their skills. From automation to potential exploitation, this class introduces you to the Golang programming language and dives into examples of how it could be used create cool utilities and potential offensive programming capabilities.

This condensed class with teach you how to build and compile Golang applications and will provide useful examples from simple to complex.

We will cover many of the basics of the Golang programming language and advance into more complex labs through the duration of the class. The class will be broken out into self-paced labs that will increase in complexity.

Knowledge of any programming language is a plus and it is recommended to read the “Effective Go” documentation (https://golang.org/doc/effective_go.html) although it is not necessary.

Class Requirements:
– Device that can run Visual Studio Code / VSCodium (recommended due to the Go plugin integration).
– Any OS is fine if you can run a Windows 10 VM with any virtualization software.
– RAM to run the required VM.
What to Expect:
– Learning!
– Coding!
– Fun!
What not to Expect:
– The Spanish Inquisition

Bio: iDigitalFlame works for Booz Allen’s Dark Labs team helping to find more creative ways to develop offensive techniques while assisting defenders in detecting it. While he’s never one to turn down an opportunity to annoy Blue teams, iDigitalFlame ensures that passing on knowledge is one of the primary goals and that players walk away with a greater understanding of what happened to their Windows servers.

Using his experience from over 7 years in the InfoSec field along with the knowledge gained from the community, iDigitalFlame helps solve the “weird” technical issues that make us want to throw computers out the window.

Talks

Words with Janitor

Speaker(s): @infojanitor

Audience:

This is intended for a general audience and can be applicable to any industry I just happen to see it from the point of view of ours.

Description:

What if I told you some of the words we use in infosec/computer security are all wrong? Would you believe me? How about the fact that we haven’t been able to make a significant change in the narrative of our industry even though we are the engine that drives it. Simply because what we say is not what the decision makers hear and we keep saying the same words no matter the technology. Also in many cases we are our own worst enemies when interacting with our fellow security professionals. I can tell you that all of those statements are fairly accurate and I can prove it. Come have words with me and I will tell in a way you can understand.

Bio: A senior security systems engineer with 25+ years’ experience currently employed at a fortune sixty company in the Washington DC area. He is responsible for world-wide evaluation, certification and integrity testing of a variety of current and emerging technologies, network architectures, and devices. Takes pleasure in monitor major trade shows like the Consumer Electronics Show (CES) in Las Vegas. But, not like most individuals looking for the cool factor or next generation technology. He is more into the train-wreck factor as new technology seems to be developed and deployed with existing vulnerabilities, bugs, and issues of today. Some of these issues dating back more than twenty years. Supports multiple security conferences (ShmooCon, DefCon, Bsides, etc). Active member of the Northern Virginia Hackers (NoVaH) association in good standing. NoVaH is a collective of security professionals, authors, makers, and tool developers.