Schedule
Please find details for all talks here.
Two Days of Trainings (8./9. November)
| Workshop 01 | Workshop 02 | Workshop 03 | Workshop 04 | Workshop 05 |
|---|---|---|---|---|
| Hacking Web Applications: Case Studies of Award-winning Bugs in Google, Yahoo, Mozilla and more Dawid Czagan (Silesia Security Lab) |
Do-It-Yourself Patching: Writing Your Own Micropatch (closed) Mitja Kolsek (ACROS d.o.o.) |
Deploying Secure Applications with TLS (closed) Juraj Somorovsky (Hackmanit GmbH / Ruhr University Bochum) |
Offensive iOS Exploitation Marco Lancini (MWR InfoSecurity) |
IoT Hacking: Linux Embedded, Bluetooth Smart, KNX Home Automation Slawomir Jasek (SecuRing) |
| Workshop 06 | Workshop 07 | Workshop 08 | Workshop 09 | Workshop 10 |
|---|---|---|---|---|
| Hands on Hacking with the WiFi Pineapple, USB Rubber Ducky and LAN Turtle (closed) Darren Kitchen, Sebastian Kinne, Robin Wood (Hak5 LLC, Digininja) |
Offensive PowerShell for Red and Blue Teams (closed) Nikhil Mittal (Independent) |
Fundamentals of Routing and Switching from a Blue and Red Team Perspective (sold out) Paul Coggin (Representing self) |
Penetration Testing Humans (closed) Bethany Ward & Cyni Winegard (TraceSecurity) |
Secure Web Development (closed) Marcus Niemietz (Hackmanit) |
All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.
Two Days of Conference (10./11. November)
Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.
Conference, day 1 - Thu, 10 Nov
| Left Pirouette | Right Pirouette | |
|---|---|---|
| 08:00 | Registration opens | |
| 09:00 | Opening Michael 'MiKa' Kafka & René 'Lynx' Pfeiffer (DeepSec Conference) |
|
| 09:10 | Keynote: Security in my Rear-View Mirror Marcus J. Ranum (Tenable Security Inc.) |
|
| 10:00 | Advanced Concepts for SMM Malware Sebastian Schrittwieser / Julian Rauchberger (St. Poelten University of Applied Sciences) |
When your Firewall turns against you René Freingruber & Raschin Tavakoli (SEC Consult Unternehmensberatung GmbH) |
| 10:50 | Coffee Break | |
| 11:10 | Brace Yourselves - Exploit Automation is Coming! Andreas Follner (TU Darmstadt / CRISP) |
Why Companies Must Control Their Data in the Era of IoT - and How To Kurt Kammerer (regify GmbH) |
| 12:00 | Go Hack Yourself…Or Someone Else Will Frans Rosén (Detectify) |
HSTS and Cookie Side-Channels: Stealing Browser History Adrian Dabrowski (SBA Research) |
| 12:50 | Lunch | |
| 14:00 | Systematic Fuzzing and Testing of TLS Libraries Juraj Somorovsky (Hackmanit GmbH / Ruhr University Bochum) |
Of Mice and Keyboards: On the Security of Modern Wireless Desktop Sets Gerhard Klostermeier (SySS GmbH) |
| 14:50 | Fuzzing Remote Interfaces for System Services in Android Alexandru Blanda (Intel Corporation) |
I Thought I Saw a |-|4><0.- Thomas Fischer (Digital Guardian) |
| 15:40 | Coffee Break | |
| 16:00 | badGPO - Using GPOs for Persistence and Lateral Movement Yves Kraft & Immanuel Willi (Oneconsult AG, Switzerland) |
Security and Privacy in the Current E-Mobility Charging Infrastructure Achim Friedland (GraphDefined GmbH) |
| 16:50 | DROWN: Breaking TLS using SSLv2 Nimrod Aviram (Tel Aviv University) |
Human vs Artificial intelligence – Battle of Trust Hemil Shah (ExtendedITArms Solutions Pvt Ltd) |
| 17:40 | Inside Stegosploit Saumil Shah (Net-Square) |
Malicious Hypervisor Threat – Phase Two: How to Catch the Hypervisor Mikhail A. Utin (Rubos, Inc.) |
| 20:00 | Speaker's Dinner | |
Conference, day 2 - Fri, 11 Nov
| Left Pirouette | Right Pirouette | |
|---|---|---|
| 09:00 | Java Deserialization Vulnerabilities - The Forgotten Bug Class Matthias Kaiser (Code White) |
TLS 1.3: Lessons Learned from Implementing and Deploying the Latest Protocol Nick Sullivan (CloudFlare Inc.) |
| 09:50 | The Perfect Door and The Ideal Padlock Deviant Ollam (The CORE Group) |
Obfuscated Financial Fraud Android Malware: Detection And Behavior Tracking Inseung Yang (KrCERT/CC, KISA) |
| 10:40 | Coffee Break | |
| 11:00 | Machine Duping: Pwning Deep Learning Systems Clarence Chio (Shape Security) |
Exploiting First Hop Protocols to Own the Network Paul Coggin (Representing self - No employer / affiliation to disclose) |
| 11:50 | AMSI: How Windows 10 Plans To Stop Script Based Attacks and How Good It Does That Nikhil Mittal (Independent) |
CSP Is Dead, Long Live Strict CSP! Lukas Weichselbaum (Google) |
| 12:40 | Lunch | |
| 14:00 | 802.11 Complexity. An Introduction to 802.11 Protocol Chaos Andrés Blanco (Independent Researcher) |
Behavioral Analysis from DNS and Network Traffic Josh Pyorre (OpenDNS/Cisco) |
| 14:50 | Advanced SSH Leyrer & MacLemon (Both C3W; @Leyrer (IBM Admin & Dev), @MacLemon (Self employed Sysadmin, Trainer)) |
Smart Sheriff, Dumb Idea: The Wild West of Government Assisted Parenting Abraham Aranguren & Fabian Fäßler (Cure53) |
| 15:40 | Coffee Break | |
| 16:00 | Protecting Against Tomorrow's Adversaries - Post-Quantum Cryptography Hanno Böck (Freelance Journalist) |
Social Engineering The Most Underestimated APT – Hacking the Human Operating System Dominique C. Brack (Reputelligence, Social Engineering Engagement Framework (SEEF)) |
| 16:50 | Where Should I Host My Malware? Attila Marosi (Sophos) |
Assessing the Hacking Capabilities of Institutional and Non-institutional Players Stefan Schumacher (Magdeburg Institute for Security Research) |
| 17:40 | COVER YOUR SAAS: Protecting Your Cloud With Analytics and Machine Learning Ian Thornton-Trump (SolarWindsMSP) |
Abusing LUKS to Hack the System Ismael Ripoll & Hector Marco (Universidad Politécnica de Valencia & University of the West of Scotland) |
| 18:20 | Closing Ceremony | |
| 21:00 - ∞ | .:. | |
| 22:30 - ∞ | Party & Networking at Metalab, Rathausstrasse 6, 1010 Wien | |