{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2025.2.2"}, "schedule": {"url": "https://cfp.hackfest.ca/hackfest-2020/schedule/", "version": "FINAL", "base_url": "https://cfp.hackfest.ca", "conference": {"acronym": "hackfest-2020", "title": "Hackfest 2020", "start": "2020-11-20", "end": "2020-11-21", "daysCount": 2, "timeslot_duration": "00:05", "time_zone_name": "Canada/Eastern", "colors": {"primary": "#4A6D91"}, "rooms": [{"name": "Hackfest - Sponsor room (and workshops)", "slug": "2-hackfest-sponsor-room-and-workshops", "guid": "d24f1b74-5fd8-5b71-a1b0-f6f4f50e2e17", "description": "Room with our sponsors talks (and workshops)", "capacity": null}, {"name": "Hackfest - Track 1", "slug": "1-hackfest-track-1", "guid": "f1e8d209-79fb-53f9-8392-661b04f78d81", "description": "Main room", "capacity": null}], "tracks": [{"name": "Offensive", "slug": "1-offensive", "color": "#FE0000"}, {"name": "Defensive", "slug": "2-defensive", "color": "#0019FB"}, {"name": "Sponsor", "slug": "4-sponsor", "color": "#AC984F"}, {"name": "Threat Intelligence / OSINT", "slug": "3-threat-intelligence-osint", "color": "#000000"}], "days": [{"index": 1, "date": "2020-11-20", "day_start": "2020-11-20T04:00:00-05:00", "day_end": "2020-11-21T03:59:00-05:00", "rooms": {"Hackfest - Track 1": [{"guid": "0144ce55-ddd1-5966-bead-f956e35d707f", "code": "HAC9SB", "id": 59, "logo": null, "date": "2020-11-20T08:50:00-05:00", "start": "08:50", "duration": "00:10", "room": "Hackfest - Track 1", "slug": "hackfest-2020-59-hackfest-opening", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/HAC9SB/", "title": "Hackfest Opening", "subtitle": "", "track": null, "type": "Speed Talk", "language": "en", "abstract": "Hackfest 2020 Opening\r\n\r\nAfter several months of analyzing the Covid-19 situation in Quebec, we are happy to announce that Hackfest 2020 will officially be in virtual / remote / Covid-19 mode and that we have adapted our partnership offers accordingly!", "description": "** Here\u2019s what you can expect from the 2020 event! **\r\n\r\nTechnologies used and adaptations\r\nPartnerships\r\nThey are adapted to formulas for a virtual event.\r\nTraining\r\n100% Virtual via GoToTraining the days preceding the event: https://hackfest.ca/en/trainings\r\nConferences and workshops\r\n2 days of virtual conferences via Hackfest Discord and Hackfest YouTube\r\nVillages\r\n100% Virtual via GoToWebinar\r\nAtmosphere and networking\r\nDiscord server with interaction and badge,goodies and more by level of participation, audio room, partner room and more!\r\nConference registration: Moderator ticket for registration ($10)", "recording_license": "", "do_not_record": false, "persons": [{"code": "N97AYA", "name": "Patrick", "avatar": "https://cfp.hackfest.ca/media/avatars/8eb0426d30d99270f5da888b3b81fbda_23ZWfVg.jpg", "biography": "- Cofondateur du Hackfest\r\n- Offensive Security Lead at LogMeIn", "public_name": "Patrick", "guid": "99f747e0-c80a-5867-98fc-ed3f403ff50d", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/N97AYA/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/HAC9SB/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/HAC9SB/", "attachments": []}, {"guid": "c9b80169-f896-5256-8733-68fa6381d955", "code": "MFVK7J", "id": 27, "logo": null, "date": "2020-11-20T09:00:00-05:00", "start": "09:00", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-27-you-shared-what-seriously", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/MFVK7J/", "title": "You Shared What? Seriously?!", "subtitle": "", "track": "Defensive", "type": "Regular talk", "language": "en", "abstract": "This is that conversation which needs to happen between a parent and their teenage child about the challenges of growing up in an increasingly connected world. We will discuss many privacy and security related decisions and experiences, and the differing perspectives on each. The reality is we don\u2019t know all we think we know - and neither do our teens.\u00a0\r\n\r\nThis is an opportunity to understand the perspective and impacts of the interplay between a privacy & security-aware parent and teenage daughter as they navigate the competing priorities of parents, schools, peers and teachers in a highly interconnected and data rich world. While news media and the echo chamber might suggest that these things are top of mind, our experience suggests this may not be accurate.", "description": "This is >that< conversation which needs to happen between a parent and their teenage child about the challenges of growing up in an increasingly connected world. We will discuss many privacy and security related decisions and experiences, and the differing perspectives on each. The reality is we don\u2019t know all we think we know - and neither do our teens.\r\n\r\nThis is an opportunity to understand the perspective and impacts of the interplay between a privacy & security-aware parent and teenage daughter as they navigate the competing priorities of parents, schools, peers and teachers in a highly interconnected and data rich world. While news media and the echo chamber might suggest that these things are top of mind, our experience suggests this may not be accurate.", "recording_license": "", "do_not_record": false, "persons": [{"code": "XCAVFF", "name": "Don Mallory", "avatar": "https://cfp.hackfest.ca/media/avatars/96CfQBlU_400x400_ydUqo3H.jpg", "biography": "Don Mallory has over 25 years of experience in enterprise IT, primarily in critical infrastructure, specializing in operations, data storage, disaster recovery and security for critical infrastructure. Professionally, Don is a Senior Security Analyst in the healthcare sector. He is also involved in various volunteer activities including C3X as a builder and mentor, co-organizer of Hak4Kidz Toronto and the Latow Photographer's Guild at the Art Gallery of Burlington, where he teaches traditional wet darkroom photography.\r\n\r\nBronwyn Mallory has over 15 years of experience with parents, teachers, siblings and peers. She is passionate about privacy, security, and dance. Bronwyn has performed artistically at the Hamilton Art Gallery, Hamilton Place and Dusk Dances, and war-walks her neighbourhood when not advising peers about their risky practices online.", "public_name": "Don Mallory", "guid": "4a433e14-e357-5a61-a5ab-36929f406572", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/XCAVFF/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/MFVK7J/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/MFVK7J/", "attachments": []}, {"guid": "721be272-cee5-5a85-a709-b54de9431a2c", "code": "78EAKP", "id": 16, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/78EAKP/CrowdSec-DEF_R1DCXcr.png", "date": "2020-11-20T10:00:00-05:00", "start": "10:00", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-16-behavior-reputation-based-filtering-reloaded", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/78EAKP/", "title": "Behavior & Reputation based filtering reloaded", "subtitle": "", "track": "Defensive", "type": "Regular talk", "language": "en", "abstract": "Did you know that, every day across the Internet, each IP address is scanned hundreds of times? Or that more than 2,000 attacks are perpetrated, stealing 1.4 million personal records? That\u2019s right, every single day! Today, there may be a way to rebalance the odds and protect our resources.", "description": "In 2020, our ways of living and working turned completely upside down in a matter of days. We all brought our companies home and our homes in our companies\u2019 systems. Staying connected to our colleagues, friends and family became a critical necessity, which opened the door for hackers to cause disruption and we saw a huge increase of attacks all around the world.\r\n\r\nEven though worldwide spending on cybersecurity is predicted to reach $1 trillion in 2021 according to Forbes, the game will still be asymmetrical and all companies will keep being hacked regardless of their security budgets. Expensive security doesn\u2019t mean better security. A new approach is needed.\r\n\r\nJoin us for this talk so we can explore why a collaborative approach to security could contribute to solve the problem and how we could make the Internet safer together.", "recording_license": "", "do_not_record": false, "persons": [{"code": "3FJCZK", "name": "Philippe Humeau & Thibault Koechlin", "avatar": "https://cfp.hackfest.ca/media/portrait_conf_transparent.png", "biography": "Philippe Humeau, the CEO of CrowdSec, graduated in 1999 as IT security engineer from EPITA (Paris, France).\r\nHe founded his first company at the same time and quickly oriented it towards penetration testing and high security hosting. He was also deeply involved in Magento\u2019s community creation & animation in France and versed into eCommerce (wrote 4 books on the topic). The company (NBS) was sold in 2016 and Philippe founded CrowdSec in 2019, gathering all his experience to create a new Open-source security engine, based on both Reputation & Behavior to tackle the mass scale hacking problem.\r\nLP or investor in several different companies, his crush is and will forever be IT security, SecOps and entrepreneurship.\r\n\r\nThibault, the CTO of CrowdSec, graduated from EPITECH, specializing in the security of IT systems & networks. He started his career at NBS in 2004, as an expert in penetration testing before being appointed Head of the offensive security team. He then became CISO by expanding his skills around defensive security before initiating the development of several open-source products and building teams with rare skills. He completed his ascent within the company through an operational partner role, leading the creation of the company's flagship product: Cerberhost. He took advantage of the takeover of NBS to reflect on what should be cybersecurity in the future, which led him to found CrowdSec in collaboration with Philippe Humeau.", "public_name": "Philippe Humeau & Thibault Koechlin", "guid": "12da59bf-932c-55cb-8752-3ef312896094", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/3FJCZK/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/78EAKP/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/78EAKP/", "attachments": []}, {"guid": "3cba9c4d-7627-5fc9-8e6d-8f88702e01f7", "code": "8UKRXP", "id": 51, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/8UKRXP/Screen_Shot_2020-11-02_at_6.04.08_PM_x3NLivT.jpg", "date": "2020-11-20T11:30:00-05:00", "start": "11:30", "duration": "00:20", "room": "Hackfest - Track 1", "slug": "hackfest-2020-51-urban-exploration-a-covid-friendly-hacker-hobby", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/8UKRXP/", "title": "Urban Exploration - A COVID-Friendly Hacker Hobby", "subtitle": "", "track": "Offensive", "type": "Speed Talk", "language": "en", "abstract": "With North America famously leading the way in industrial production and technological innovation in its extremely short modern life, it has blasted full-force through many huge economic eras, leaving swaths of forgotten times in its wake. From the Cotton Belt to the Rustbelt, there is an ocean of abandoned buildings to be explored and documented by those brave enough to accept the legal and life-threatening risks involved. \"Urban Exploration\" is itself becoming an abandoned hobby in a post-9/11 world, and this talk will seek to rectify that by serving as an introduction to the craft.", "description": "This is an \"Urban Exploration 101\" presentation, designed to get people back into this forgotten hobby that involves plenty of physical security bypassing and technological archeology. It will provide actionable, how-to information that will help the viewer get started. We will cover the basics of how to discover worthy locations for exploration, the resulting legal issues, a rundown of must-have gear (both safety and recording) as well as contextual recommendations for various situations which may arise", "recording_license": "", "do_not_record": false, "persons": [{"code": "F7W7YF", "name": "Johnny Xmas", "avatar": "https://cfp.hackfest.ca/media/avatars/Johnny_-0978_OPV48NH.jpg", "biography": "Johnny Xmas is a predominant personality in the Information Security community, most well-known for his work on the TSA Master Key leaks between 2014 and 2018. He has operated in nearly every realm of the Infosec vertical, from defensive engineering to penetration testing, industrial control security, and extensive personal research. He has been touring the world for nearly 20 years presenting and training on these as well as various other security and privacy concerns for nearly 20 years.", "public_name": "Johnny Xmas", "guid": "27c1d1f5-cf0a-57fa-a5de-d8bb853f6a02", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/F7W7YF/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/8UKRXP/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/8UKRXP/", "attachments": []}, {"guid": "6bff170b-4c45-555c-b2ff-ae8df9af0569", "code": "ULXKSJ", "id": 40, "logo": null, "date": "2020-11-20T12:00:00-05:00", "start": "12:00", "duration": "02:00", "room": "Hackfest - Track 1", "slug": "hackfest-2020-40-template-injection-in-action", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/ULXKSJ/", "title": "Template Injection in Action", "subtitle": "", "track": "Offensive", "type": "Workshop", "language": "en", "abstract": "Template engines are libraries mainly used to design views for web applications. Their use helps simplify common design tasks for developers. However, their use may introduce new risks when they are used in an improper way. Template injection is a vulnerability class that has emerged in 2016. The exploitation of this type of issue requires specific knowledge associated with the template library or programming language being used. Only knowing vulnerability basics is often insufficient to be effective. For these reasons, we are proposing a practical workshop with a special focus on template injection vulnerabilities.  The training covers various template engines in the context of different programming languages (PHP, Python and Java) and explores how to successfully exploit them.  \r\n\r\nThis workshop is a unique opportunity to have live access to vulnerable applications. The participants will receive a complete introduction to the template injection and step-by-step instructions on how to attack each exercise.", "description": "The workshop is divided in five parts. The first, part is an introduction to the vulnerability class. This segment is needed to get a good understanding of the attack patterns and to recognize potential vulnerabilities. \r\n\r\nNext, we investigate four different template engines with unique twists. Each template engine is accompanied by an exercise which consists of a web application with a template engine being exposed. \r\n\r\n- Introduction \r\n   - Template Injection \r\n   - Identifying Template Engine \r\n- Template Engines \r\n   - Twig (PHP) \r\n   - Jinja2 (Python) \r\n   - Tornado (Python) \r\n   - Velocity (Java) \r\n- Sandbox escape", "recording_license": "", "do_not_record": false, "persons": [{"code": "C38SSJ", "name": "Philippe Arteau", "avatar": null, "biography": "Philippe is a security researcher working for GoSecure. His research is focused on Web application security. His past work experience includes pentesting, secure code review and software development. He is the author of the widely used Java static analysis tool OWASP Find Security Bugs (FSB). He built many plugins for Burp and ZAP proxy tools: Retire.js, Reissue Request Scripter, CSP Auditor and many others. Philippe has presented at several conferences including Black Hat Arsenal, SecTor, AppSec USA, ATLSecCon, NorthSec, and 44CON.", "public_name": "Philippe Arteau", "guid": "938e59ee-a3cb-5a63-9bd9-73ea45439597", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/C38SSJ/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/ULXKSJ/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/ULXKSJ/", "attachments": []}, {"guid": "ba2cc93a-dec3-596a-bf7c-077050d7fe96", "code": "P3LN9A", "id": 17, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/P3LN9A/CedricThibault_Bleu-small_gh2mKpo.jpg", "date": "2020-11-20T15:00:00-05:00", "start": "15:00", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-17-automatisation-de-la-securite-dans-aws", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/P3LN9A/", "title": "Automatisation de la s\u00e9curit\u00e9 dans AWS", "subtitle": "", "track": "Defensive", "type": "Regular talk", "language": "fr", "abstract": "Alors que l'infrastructure se codifie de plus en plus dans les environnements Cloud, la s\u00e9curit\u00e9 amorce la m\u00eame tendance. L'automatisation et la s\u00e9curit\u00e9 \"as a code\" offrent aujourd'hui des moyens efficaces de compenser en partie le manque de ressources humaines sp\u00e9cialis\u00e9es et surtout d'am\u00e9liorer la capacit\u00e9 de d\u00e9tection des menaces et des \u00e9carts de conformit\u00e9 dans des environnements Cloud toujours de plus en plus complexes.", "description": "Durant cette conf\u00e9rence, un point de situation des capacit\u00e9s d'automatisation et de s\u00e9curit\u00e9 \"as a code\" dans AWS sera d'abord effectu\u00e9. A cette occasion, ces deux concepts seront expliqu\u00e9s en d\u00e9tail.\r\nAfin de mettre en perspective ces concepts, une d\u00e9monstration en pratique d'un sc\u00e9nario d'attaque ainsi que d'un comportement utilisateur \u00e0 risque, mitig\u00e9s de fa\u00e7on automatis\u00e9e sera ensuite effectu\u00e9e.\r\nEnfin, les b\u00e9n\u00e9fices ainsi que les risques associ\u00e9s \u00e0 cette automatisation de la s\u00e9curit\u00e9 seront abord\u00e9s \u00e0 l'issue des d\u00e9monstrations pratiques.", "recording_license": "", "do_not_record": false, "persons": [{"code": "CAPJ9J", "name": "C\u00e9dric Thibault", "avatar": "https://cfp.hackfest.ca/media/avatars/9645489c85f75671b2f605213655f8c2_kWtFvct.jpg", "biography": "Sp\u00e9cialiste en s\u00e9curit\u00e9 de l\u2019information, certifi\u00e9 CCSK, CISSP et AWS, je me suis focalis\u00e9 sur la s\u00e9curit\u00e9 infonuagique (AWS, Azure, GCP) mais garde un int\u00e9r\u00eat pour plusieurs domaines connexes : Threat Hunting, gestion des vuln\u00e9rabilit\u00e9s, CASB, DevSecOps. \r\nVice-pr\u00e9sident directeur chez KPMG-Egyde, j\u2019ai le plaisir d\u2019accompagner de nombreux clients au Qu\u00e9bec et au Canada dans la s\u00e9curit\u00e9 de leur \u201cJourney to the Cloud\u201d avec une large \u00e9quipe dynamique et multidisciplinaire.", "public_name": "C\u00e9dric Thibault", "guid": "2abc20b4-a5bf-584f-a644-0dae32ad8b32", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/CAPJ9J/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/P3LN9A/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/P3LN9A/", "attachments": []}, {"guid": "cda59bfc-fade-5da2-a6bf-a5caaac04eed", "code": "S7DW3B", "id": 22, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/S7DW3B/macmotorola_yJF6lct.jpg", "date": "2020-11-20T16:00:00-05:00", "start": "16:00", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-22-prevention-et-detection-de-fraude-en-telecom", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/S7DW3B/", "title": "Pr\u00e9vention et d\u00e9tection de fraude en T\u00e9l\u00e9com", "subtitle": "", "track": "Threat Intelligence / OSINT", "type": "Regular talk", "language": "fr", "abstract": "Pr\u00e9vention et d\u00e9tection de fraude en T\u00e9l\u00e9communications: un monde qui se rapproche de plus en plus des crimes informatiques. \r\nAper\u00e7u g\u00e9n\u00e9ral de la probl\u00e9matique, des types de fraude et de l'impact de la fraude en t\u00e9l\u00e9communications.\r\nQu'est-ce que la fraude en t\u00e9l\u00e9communications.\r\nQuelles sont les arnaques.\r\nLe profil de certains fraudeurs.\r\nLe d\u00e9placement de la fraude vers ce qu'est le crime informatique.\r\nLes impacts.", "description": "Pr\u00e9vention et d\u00e9tection de fraude en T\u00e9l\u00e9communications, un monde qui se rapproche de plus en plus des crimes informatiques. \r\nAper\u00e7u g\u00e9n\u00e9ral de la probl\u00e9matique et de l'impact de la fraude en t\u00e9l\u00e9communications.\r\nImpact pour les gens, impact pour les compagnies de t\u00e9l\u00e9coms, impact sur la l\u00e9gislation.\r\nFraude \u00e0 l'abonnement et/ou Vol d'identit\u00e9 pour commettre des arnaques (Amazon, Apple, IRS, Microsoft, SSA, etc.).\r\nFraude technique: pour faire des appels vers d'autres pays ou pour faire du \"traffic pumping\".", "recording_license": "", "do_not_record": true, "persons": [{"code": "KENYXR", "name": "V\u00e9ronique Meunier", "avatar": "https://cfp.hackfest.ca/media/VM.jpeg", "biography": "Plus de 20 ans d'exp\u00e9rience en pr\u00e9vention, d\u00e9tection et mitigation de la fraude dans le domaine des T\u00e9l\u00e9communications. Elle a travaill\u00e9 pour plusieurs types de transporteurs tels que Fonorola, T\u00e9l\u00e9globe (Tata Communications) et Vid\u00e9otron entre autres.  Elle est pr\u00e9sentement chez LogMeIn o\u00f9 elle d\u00e9veloppe son expertise du c\u00f4t\u00e9 de la VoIP (voix sur IP).", "public_name": "V\u00e9ronique Meunier", "guid": "21f03bc3-c174-5fba-b8e8-3338ebd0d419", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/KENYXR/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/S7DW3B/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/S7DW3B/", "attachments": []}, {"guid": "c24e4709-49cb-5bc7-972d-b585d8b41cb1", "code": "XDLZLU", "id": 47, "logo": null, "date": "2020-11-20T17:00:00-05:00", "start": "17:00", "duration": "00:20", "room": "Hackfest - Track 1", "slug": "hackfest-2020-47-chatty-documents-osint-data-from-document-mapping", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/XDLZLU/", "title": "Chatty documents: OSINT data from document mapping", "subtitle": "", "track": "Threat Intelligence / OSINT", "type": "Speed Talk", "language": "en", "abstract": "How difficult it is to acquire actionable intelligence if no active technique could be used? Our preliminary research aimed at finding relevant elements in the supply network of an entity, resulted in the discovery of hundreds of weak links and dozens of possible entry point. We found our technique to have a much smaller footprint compared to normal methods, and the use of passive techniques coupled with data correlation models to significantly reduce the time of analysis and increase the quality of gathered intelligence.", "description": "The practice of parsing documents and assembling knowledge maps out of them it is well known and widely used. Once a target has been defined, it is relatively easy to find and collect files that contain \"interesting\" bits of intelligence, and parsing would give us the information we want. \r\nWhat if we are not interested in one specific target, but we want to find the entities that are one step away from out main target? Can we find a way identify entities connected to our target and mount a supply chain attack on them? can we find the weakest links by using only passive techniques or offline data analysis and collect enough data to be able to predict where and how a targeted attack could be lunched?\r\nOur research aims at exploring tools and techniques that make use of common open-source tools that, when used together and in combination with machine learning techniques, can give significant advantages to threat analysts and/or defenders. \r\nWe will also provide some initial result on the results of a series of tests performed against more than 10.000 documents that resulted in the discovery of  hundreds of weak links and dozens of possible entry point to both government entities and companies alike.", "recording_license": "", "do_not_record": false, "persons": [{"code": "BBSMQA", "name": "Enrico Branca", "avatar": null, "biography": "Enrico Branca is an experienced researcher with specialist knowledge in Cyber security. He has been working in information security for over a decade with experience in software security, information security management, and cyber security R&D. He has been trained and worked in various roles during his career, including Senior Security Engineer, Security Architect, Disaster Recovery Specialist, Microsoft Security Specialist and others, and his current role as Independent Researcher in Cyber Intelligence.", "public_name": "Enrico Branca", "guid": "d704b224-4038-5e5c-b38e-aaeb0ad491b0", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/BBSMQA/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/XDLZLU/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/XDLZLU/", "attachments": []}, {"guid": "a9d25047-6f31-5b88-ac65-73feec922324", "code": "MXHWHJ", "id": 15, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/MXHWHJ/abhi_balakrishnan_hackfest_W9TM8X3.png", "date": "2020-11-20T17:30:00-05:00", "start": "17:30", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-15-introducing-owasp-timegap-theory", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/MXHWHJ/", "title": "Introducing OWASP TimeGap Theory", "subtitle": "", "track": "Offensive", "type": "Regular talk", "language": "en", "abstract": "Race conditions in web applications. They are hard to find and more challenging to exploit. OWASP TimeGap Theory is a free and open-source CTF for learning how-to-find and how-to-exploit race conditions.\r\n\r\nYou will get tools, tips, and tricks to find and exploit TOCTOU issues.", "description": "There are several security issues out there that everyone talks and knows about - cross-site scripting, SQL injection, clickjacking, XXE. Every organization out there has some sort of secure software lifecycle to identify these issues - it can be SAST scanners, DAST scanners, or the protesting.\r\n\r\nWhat I\u2019m going to do in this session is to introduce you to a security issue that most of these scanners can not detect. It\u2019s called Time-of-Check to Time-of-use, often abbreviated and pronounced as TOCTOU.\r\n\r\nForget scanners, a significant portion of pen testers out there also do not test the applications for this security issue.\r\n\r\nWe will be using the OWASP TimeGap Theory as our training platform for learning TOCTOU issues. Remember WebGoat? It\u2019s something like that but focusing only on TOCTOU issues. You can also call it a TOCTOU-Goat or a RaceCondition-Goat.\r\n\r\nBy the end of this session, you will have some of the best tools and techniques to find and exploitTOCTOU issues. You will also learn how to identify TOCTOU issues early in the development lifecycle (threat modeling sessions).", "recording_license": "", "do_not_record": false, "persons": [{"code": "HNY8ZC", "name": "Abhi M Balakrishnan", "avatar": null, "biography": "Abhi M Balakrishnan is a security engineer from Silicon Valley. You must have heard about Abhi\u2019s other free and open-source projects like OWASP Mantra, Matriux, ExploitMe REST, Alert Labs, OWASP Bricks, Snow, Brick Town, TinyBird CTF, and \u2018web app security testing with browsers.\u2019", "public_name": "Abhi M Balakrishnan", "guid": "d205268e-6929-5dd6-b354-803f5d26b742", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/HNY8ZC/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/MXHWHJ/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/MXHWHJ/", "attachments": []}, {"guid": "70ebbd9c-3950-5bf0-8d0c-4afbef7b5044", "code": "KBRKXV", "id": 41, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/KBRKXV/DualUsePic_GPPIxNO.png", "date": "2020-11-20T18:30:00-05:00", "start": "18:30", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-41-talos-threats-and-dual-use-tools-in-the-landscape", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/KBRKXV/", "title": "Talos: Threats and Dual-Use Tools in the Landscape", "subtitle": "", "track": "Threat Intelligence / OSINT", "type": "Regular talk", "language": "en", "abstract": "Cisco's Talos team specializes in early-warning intelligence and threat analysis necessary for defending networks against the ever-changing threat landscape. In this talk we will cover how our team is built, look at some interesting threats and exploits -- take a look at the methods and techniques that both the attackers and defenders use to exploit these attacks, taking a deep dive into dual-use tools and see how they are being leveraged by threat actors to exploit, move laterally, and deepen the attackers reach into your network.", "description": "Dual-use tools are developed to assist administrators in managing their systems or assist during security testing or red-teaming activities. Unfortunately, many of these same tools are often co-opted by threat actors attempting to compromise systems, attack organizational networks, or otherwise adversely affect companies around the world. This talk will dive into the topic of dual-use tools and how they have historically been used in various attacks. It will also provide case studies that walk through how native system functionality and dual-use tools are often used in real-world attacks to evade detection at various stages of the attack lifecycle.", "recording_license": "", "do_not_record": false, "persons": [{"code": "YK9HY8", "name": "William Largent", "avatar": "https://cfp.hackfest.ca/media/LargentCiscoBlog.jpg", "biography": "William Largent is a threat researcher for Cisco Talos. William has over 19 years of experience in information security having previously worked for the Cisco IPS Signature team where he researched vulnerabilities and wrote signatures for Cisco security products. Previous to the Cisco IPS Signature team William worked for Cisco Remote Managed Services. William has three awesome kids and the world\u2019s most patient wife.", "public_name": "William Largent", "guid": "ae982fbf-31a2-5a47-978f-ea098c1ca6d3", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/YK9HY8/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/KBRKXV/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/KBRKXV/", "attachments": []}, {"guid": "70e58d7d-c291-53e1-9058-eb29491ffdd1", "code": "KM8M3W", "id": 21, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/KM8M3W/Screenshot_2020-09-24_110549_qdQrzly.png", "date": "2020-11-20T20:00:00-05:00", "start": "20:00", "duration": "04:00", "room": "Hackfest - Track 1", "slug": "hackfest-2020-21-how-crypto-gets-broken-by-you", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/KM8M3W/", "title": "How Crypto Gets Broken (by you)", "subtitle": "", "track": "Offensive", "type": "Workshop", "language": "en", "abstract": "This is an introduction to crypto: building blocks, protocols and attacks on them. We cover: encoding vs encryption, hashes, \u2018classic\u2019 crypto, stream ciphers, block ciphers, symmetric crypto, asymmetric crypto, has attacks, classic crypto attacks, stream cipher attack, block cipher attack models, ECB attacks, crypto protocols, digital signatures, message authentication code, nonces, simple authentication, challenge response, simple authentication attacks (key collisions, key extraction and extension, replay, valet, bad counter resync), MAC attacks, digital signature attacks, pubkey substitution, challenge response attacks (middleperson attack, UDS style seed-key predictions), WPA2 password cracking, WPA2 key reinstallation, WPA2 key nulling, TLS/SSL middleperson attacks, SWEET32, DROWN, logjam, POODLE, UDS seed-key exchange attacks (reverse key algorithm, lift key algorithm, solve for unknowns, retry-retry-retry, brute force, glitch past).\r\n\r\nTools covered include: rumkin.com, hashcat, john the ripper, binwalk, radare2, binvis.io, Veles, airocrack-ng, mitmproxy, MITMf.\r\n\r\nThe workshop is a \u2018101\u2019 level: geared for people good at computers but maybe no knowledge of cryptography. There will be minimal math (I promise). We\u2019ll talk mostly about how to break bad crypto and bad crypto algorithms with 10-15min hands-on sessions integrated into 4 hours of workshop: Decrypt \u2018Crypto\u2019, Break Hashes, Break Crypto, Visualize Crypto.\r\n\r\nWe will explore three applications of the building blocks and attacks also. Towards the end we tie-in the building blocks and attacks into how the following crypto protocols get broken: WPA2, TLS and UDS Seed-Key exchange (from automotive). Please join us for an intro-level exploration of cryptography building blocks, protocols and how to attack them. And, as always, crypto means cryptography.", "description": "Slides are available here https://drive.google.com/file/d/1xiY2B00GimSaXuFPR-1U9EKV2Vlf44GW/view?usp=sharing", "recording_license": "", "do_not_record": true, "persons": [{"code": "BRTLVC", "name": "Ben Gardiner", "avatar": null, "biography": "Mr. Gardiner is a Cybersecurity Research Engineer at Yellow Flag Security, Inc. specializing in hardware and low-level software security. With more than ten years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. Prior to joining the YFS team in 2019, Mr. Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He holds a Masters of Engineering in Applied Math & Stats from Queen\u2019s University. He is a DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV) volunteer. He is GIAC GPEN certified and a GIAC advisory board member, he is also chair of the SAE TEVEES18A1 Cybersecurity Assurance Testing TF (drafting J3061-2), and a voting member of the SAE Vehicle Electronic Systems Security Committee. Mr. Gardiner has delivered workshops and presentations at several world cybersecurity events including GENIVI security sessions, Hack in Paris, HackFest and DEF CON.", "public_name": "Ben Gardiner", "guid": "37aa1a15-0e92-5541-8bc3-2ba2a9a8adaa", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/BRTLVC/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/KM8M3W/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/KM8M3W/", "attachments": []}], "Hackfest - Sponsor room (and workshops)": [{"guid": "d7788bd7-ffa8-5b8a-a70e-51cd1bb7f4d1", "code": "NENLKB", "id": 58, "logo": null, "date": "2020-11-20T08:50:00-05:00", "start": "08:50", "duration": "00:10", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-58-hackfest-ouverture", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/NENLKB/", "title": "Hackfest Ouverture", "subtitle": "", "track": null, "type": "Speed Talk", "language": "fr", "abstract": "Ouverture du Hackfest 2020\r\n\r\nApr\u00e8s plusieurs mois \u00e0 analyser la situation du Covid-19 au Qu\u00e9bec, nous sommes heureux d\u2019annoncer que le Hackfest 2020 sera officiellement en mode virtuel/remote/Covid-19 et que nous avons adapt\u00e9s nos offres de partenariat en cons\u00e9quence!", "description": "Voici ce \u00e0 quoi vous pouvez vous attendre de l\u2019\u00e9v\u00e9nement 2020!\r\n\r\nTechnologies utilis\u00e9es et adaptations\r\nLes partenariats\r\nIls sont adapt\u00e9s \u00e0 des formules pour un \u00e9v\u00e9nement virtuel.\r\nFormations\r\n100% Virtuelles via GoToTraining les jours pr\u00e9c\u00e9dant l\u2019\u00e9v\u00e9nement : https://hackfest.ca/fr/formations\r\nConf\u00e9rences et workshops\r\n2 journ\u00e9es de conf\u00e9rences virtuelles via GoToWebinar\r\nVillages\r\n100% Virtuels via le  Hackfest Discord et Hackfest YouTube\r\nAmbiance et r\u00e9seautage\r\nServeur Discord avec interaction et badge par niveau de participation, salle audios, salle de partenaires et plus encore!\r\nInscription conf\u00e9rence: Ticket mod\u00e9rateur pour inscription (10$)", "recording_license": "", "do_not_record": false, "persons": [{"code": "N97AYA", "name": "Patrick", "avatar": "https://cfp.hackfest.ca/media/avatars/8eb0426d30d99270f5da888b3b81fbda_23ZWfVg.jpg", "biography": "- Cofondateur du Hackfest\r\n- Offensive Security Lead at LogMeIn", "public_name": "Patrick", "guid": "99f747e0-c80a-5867-98fc-ed3f403ff50d", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/N97AYA/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/NENLKB/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/NENLKB/", "attachments": []}, {"guid": "dd61ac5d-402d-5120-9d45-aba72cfc014a", "code": "GAJSAY", "id": 56, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/GAJSAY/Logo_Lambda_Fond_Blanc_Small_53iMnKR.png", "date": "2020-11-20T09:00:00-05:00", "start": "09:00", "duration": "00:50", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-56-l-insecurite-de-l-internet-des-objets", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/GAJSAY/", "title": "L'Ins\u00e9curit\u00e9 de l'Internet des objets", "subtitle": "", "track": "Sponsor", "type": "Regular talk", "language": "fr", "abstract": "Cette pr\u00e9sentation d\u00e9bute avec une introduction de notre entreprise La Soci\u00e9t\u00e9-conseil Lambda suivie d\u2019une br\u00e8ve d\u00e9finition de l\u2019Internet des objets et des diff\u00e9rents composants d\u2019un objet connect\u00e9 avant de rentrer dans le vif du sujet : L\u2019Ins\u00e9curit\u00e9 de l\u2019Internet des objets. Nous soul\u00e8verons les probl\u00e9matiques de s\u00e9curit\u00e9 de l\u2019Internet des objets et discuterons de la tr\u00e8s grande vuln\u00e9rabilit\u00e9 des objets connect\u00e9s, les raisons de ces vuln\u00e9rabilit\u00e9s ainsi que des outils permettant de faire l\u2019audit des vuln\u00e9rabilit\u00e9s et les tests d\u2019intrusions sur les objets connect\u00e9s. La pr\u00e9sentation va se conclure sur une d\u00e9monstration \u00ab NightClub Bulb \u00bb d\u2019exploitation d\u2019une ampoule connect\u00e9e suivie d\u2019une r\u00e9flexion sur les enjeux de l\u2019Ins\u00e9curit\u00e9 de l\u2019IoT.", "description": "\ud83d\udc7d Whoami : \r\n\r\nComme le titre l\u2019indique, nous allons pr\u00e9senter bri\u00e8vement l\u2019entreprise soit les diff\u00e9rents services offerts par La Soci\u00e9t\u00e9-conseil Lambda ainsi que les intervenants de la conf\u00e9rence : Martin M Samson, R\u00e9mikya Hellal et Denys Desfosses. Maintenant que nous nous sommes pr\u00e9sent\u00e9s\u2026 passons \u00e0 table \ud83c\udf7d\ufe0f!\r\n\r\n----\r\n\r\n\ud83e\udd42Pour l\u2019ap\u00e9ro : La d\u00e9finition simplifi\u00e9e de l\u2019Internet des objets \r\n\r\nLe World Wide Web propose plusieurs d\u00e9finitions (souvent compliqu\u00e9es) de l\u2019Internet des objets, mais ne s\u2019entend toujours pas sur la question. C\u2019est pourquoi nous pr\u00e9sentons une d\u00e9finition simplifi\u00e9e et gentille ou l\u2019on mentionne les 3 caract\u00e9ristiques principales (Connexion, autonomie et action dans le monde r\u00e9el) d\u2019IoT pour ouvrir l\u2019app\u00e9tit !\r\n\r\n----\r\n\r\n\ud83e\udd68 En Entr\u00e9e : Les composants d\u2019un objet connect\u00e9 \r\n\r\nL\u2019IoT maintenant d\u00e9finit, nous allons bri\u00e8vement aborder les diff\u00e9rents composants d\u2019un objet connect\u00e9 soit : les capteurs, les actionneurs, les modules de communication, l\u2019alimentation, la carte m\u00e8re et le CPU\u2026 Ainsi que le r\u00f4le occup\u00e9 par chacun de ces composants dans le fonctionnement de l\u2019objet. En gros nous partagerons la recette d\u2019un objet connect\u00e9 !\r\n\r\n----\r\n\r\n\ud83c\udf5d Le plat de r\u00e9sistance : Les probl\u00e9matiques de s\u00e9curit\u00e9 de l\u2019Internet des objets \r\n\r\nMaintenant que nous avant pris un avant-go\u00fbt de ce qu\u2019est l\u2019Internet des objets et quels sont les composants un objet connect\u00e9 nous allons passer au plat de r\u00e9sistance. La question des probl\u00e9matiques de s\u00e9curit\u00e9 sera soulev\u00e9e ainsi que le pourquoi de la tr\u00e8s grande vuln\u00e9rabilit\u00e9 de l\u2019Internet des objets. Les sujets abord\u00e9s seront : la chaine d\u2019approvisionnement, l\u2019environnement restreint, l\u2019OWASP top 10 des vuln\u00e9rabilit\u00e9s IoT suivi de plusieurs exemples d\u2019hacking\u2026 \r\n\r\n----\r\n\r\n\ud83e\uddc0 Le plateau de fromages : Audit des vuln\u00e9rabilit\u00e9s et tests d\u2019intrusions sur les objets connect\u00e9s\r\n\r\nNous proposons ensuite le plateau de fromages\u2026 Ou plut\u00f4t notre plateau d\u2019outils d\u2019audit des vuln\u00e9rabilit\u00e9s et de test d\u2019intrusions sur les objets connect\u00e9s. Nous en avons 4 grandes vari\u00e9t\u00e9s qui d\u00e9signent les 4 cibles principales de l\u2019audit des vuln\u00e9rabilit\u00e9s et des tests d\u2019intrusions soit : le hardware, le firmware, les communications et les applications. Nous pr\u00e9senterons aussi quel genre d\u2019informations peut-on tirer de chacune de ces 4 vari\u00e9t\u00e9s.  \r\n\r\n----\r\n\r\n\ud83c\udf70 Le dessert : Une d\u00e9monstration color\u00e9e \r\n\r\nPour finir sur une note plus COOL, nous allons faire la d\u00e9monstration de l\u2019une des exploitations r\u00e9alis\u00e9es lors de nos laboratoires \u00ab The NightClub Bulb \u00bb. La d\u00e9mo consiste en l\u2019exploitation d\u2019une ampoule connect\u00e9e via Bluetooth et des \u00e9tapes r\u00e9alis\u00e9es : La reconnaissance, le reverse engineering, l\u2019exploitation et l\u2019automatisation de l\u2019attaque avec un script ! Selon le temps qui reste, la d\u00e9monstration sera plus ou moins live, mais une chose est s\u00fbre, nous allons voir de toutes les couleurs ! \r\n\r\n----\r\n\r\n\ud83e\udd43 Le digestif : L\u2019offre de service cybers\u00e9curit\u00e9 IoT de Lambda\r\n\r\nApr\u00e8s un repas assez charg\u00e9, nous pr\u00e9senterons en digestif l\u2019offre de service de Lambda pour adresser l\u2019Ins\u00e9curit\u00e9 de l\u2019Internet des objets ainsi que les diff\u00e9rents points importants de l\u2019offre. Nous discuterons aussi de l\u2019importance du contexte d\u2019affaire dans nos interventions  ainsi que de l'aspect dynamique de l'offre nous permettant de r\u00e9pondre aux diff\u00e9rents besoins du march\u00e9.", "recording_license": "", "do_not_record": false, "persons": [{"code": "NFX3DW", "name": "R\u00e9mikya Hellal", "avatar": "https://cfp.hackfest.ca/media/pinkhat_small.png", "biography": "R\u00e9mikya Hellal: une jeune fille enjou\u00e9e, rieuse, sympathique et enthousiaste. Sous le couvert d'une fille tranquille se cache une dompteuse de lion, curieuse et int\u00e9ress\u00e9e par tout ce qui touche la cybers\u00e9curit\u00e9 et l'IoT, soucieuse de remettre un travail de qualit\u00e9, dure au travail et poss\u00e9dant un c\u0153ur de dragon. Ne vous y trompez pas, vous trouverez un adversaire f\u00e9roce. Mais cette fougue porte aussi un souci d'aider les gens, de transmettre les connaissances qu'elle r\u00e9colte ch\u00e8rement. C'est pourquoi aujourd'hui, c'est une pr\u00e9sentatrice toute rose qui partagera ses connaissances. C'est notre Pink-Hat.\r\n\r\n \r\nMa\u00eetre Yoda. (DD)", "public_name": "R\u00e9mikya Hellal", "guid": "94950597-4571-541a-aa72-d8ee35e1ff4c", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/NFX3DW/"}, {"code": "7QNYEJ", "name": "Denys Desfosses", "avatar": null, "biography": null, "public_name": "Denys Desfosses", "guid": "90fa8ff5-c1cb-5bee-a770-75bdb0a4b7bd", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/7QNYEJ/"}, {"code": "XKBHSF", "name": "Martin Samson", "avatar": "https://cfp.hackfest.ca/media/Samson_Martin-1_2.jpg", "biography": "Professionnel en s\u00e9curit\u00e9 de l\u2019information, CGEIT, CISM et CRISC, monsieur Samson poss\u00e8de une vaste exp\u00e9rience dans les projets li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l\u2019information et en gestion de ressources, tant humaines que mat\u00e9rielles.\r\n\r\nMonsieur Samson a collabor\u00e9 \u00e0 l\u2019\u00e9laboration de programmes de s\u00e9curit\u00e9 de l\u2019information num\u00e9rique et cybers\u00e9curit\u00e9 chez diff\u00e9rents clients. Il a particip\u00e9, \u00e0 titre de charg\u00e9 de projet et d\u2019architecte, \u00e0 la gestion des risques en s\u00e9curit\u00e9 de l\u2019information, bas\u00e9e sur les normes internationales telles que NIST Cyber Security Framework (CSF), NIST SP800-53, ISO 27001, 27002, 27005, PCI, et le cadre de r\u00e9f\u00e9rence COBIT. Il poss\u00e8de une exp\u00e9rience pratique en lien avec les exigences des lois applicables en s\u00e9curit\u00e9.\r\n\r\nMonsieur Samson est, depuis 2019, CISO et directeur principal, Cybers\u00e9curit\u00e9, chez Lambda. En ce sens, il chapeaute l\u2019ensemble de l\u2019\u00e9quipe cybers\u00e9curit\u00e9 Lambda, g\u00e8re le d\u00e9veloppement et la relation d\u2019affaires avec les clients en ce domaine, et g\u00e8re la conduite des contrats confi\u00e9s \u00e0 Lambda.", "public_name": "Martin Samson", "guid": "6b2456a8-5bfd-5e9a-9a1b-765326a82156", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/XKBHSF/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/GAJSAY/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/GAJSAY/", "attachments": []}, {"guid": "918e2722-2fb9-560f-b1ac-ee62d840c926", "code": "HQM7UF", "id": 53, "logo": null, "date": "2020-11-20T10:30:00-05:00", "start": "10:30", "duration": "00:20", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-53-red-team-results-to-tangible-risk-management", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/HQM7UF/", "title": "Red Team Results to Tangible Risk Management", "subtitle": "", "track": "Sponsor", "type": "Speed Talk", "language": "en", "abstract": "As much as red teams love to believe that every vulnerability they uncover poses an immediate and urgent high risk \u2013 it is often not the case. Furthermore, it is seen that red teams are great at providing technical solutions, but often also fail to consider the size, scale, and scope of their target\u2019s operations. \r\n\r\nAt times, framing every successfully executed MITRE ATT&CK technique does not equate to, or presents, a tangible risk to an organization. And presenting them as such ends up exacerbating the disconnect between technical teams and management - where a dire landscape fraught with risks around every corner is presented, with unrealistic goals and targets being proposed for remediation that just does not lend itself to actual implementation, especially within the small-to-medium enterprise landscape. \r\n\r\nHopefully, this speed talk can help red teams think about how to practically evaluate, translate, and present their findings to management. Helping red teams to share their knowledge and engaging in constructive dialogue around the risks an organization faces.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"code": "QKPALP", "name": "Rohan Shanbhag", "avatar": null, "biography": "Cyber security consultant with over five years of information technology experience working with clients in energy, education, government, and financial services sectors.", "public_name": "Rohan Shanbhag", "guid": "fd7ace23-3dc6-5881-b2e1-32f32f42168f", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/QKPALP/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/HQM7UF/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/HQM7UF/", "attachments": []}, {"guid": "905ea206-8297-5454-88c0-0e4a599947e8", "code": "QBXER7", "id": 36, "logo": null, "date": "2020-11-20T11:25:00-05:00", "start": "11:25", "duration": "00:50", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-36-peek-a-boo-a-game-with-threat-actors-researchers", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/QBXER7/", "title": "Peek-a-Boo: A Game with Threat Actors&Researchers", "subtitle": "", "track": "Sponsor", "type": "Regular talk", "language": "en", "abstract": "Threat actors have always played the game of emotions. Fear is the emotion they are using right now to lure users to click on an email or manipulate them to install an application. In the last four months, cyber criminals have used fear as their main weapon to compromise users by using pandemic-related themes to deliver malware. The dropped malwares are deadlier and stealthier and are hybrid in nature. There is a need for advanced investigation techniques, like memory forensics that are raiding energy/power sectors and entropy-based detection for new-age trojan exfiltrations. The talk discusses how we use traditional methods to identify these threats, how we cracked some emotet epoch's stealthy nature and also how we added a pinch of new-age forensics tricks to do some big reveals.", "description": "Threat actors have always played the game of emotions. Fear is the emotion they are using right now to lure users to click on an email or manipulate them to install an application. In the last four months, cyber criminals have used fear as their main weapon to compromise users by using pandemic-related themes to deliver malware. The dropped malwares are deadlier and stealthier and are hybrid in nature.\r\n\r\nHere is how the talk will progress:\r\n\r\n1. Pandemic Threat Landscape\r\n\r\n2.  New stealthy methods : Hiding macros inside hidden excel sheet and hiding macros inside form elements in VBA\r\n\r\n3. How  popular tools failed to detect these threats ?\r\n\r\n4.  Azerbaijan Targets and Energy Sectors hit : RAT trojans that are upgraded \r\n\r\n5.  Evasion of Agent Tesla and how they have defeated sandboxes.  \r\n\r\n6. Rise of False positives with Sodinobki ransomware spraying legit domains in config files.\r\n\r\n7.  Using Entropy to solve image exfiltration by malwares. \r\n\r\n8. How can we convict the extracted domains and IP from malware config files, C2 communication using Cisco Umbrella and crack the malware infra.", "recording_license": "", "do_not_record": false, "persons": [{"code": "TL9WY3", "name": "Shyam Sundar Ramaswami", "avatar": "https://cfp.hackfest.ca/media/Shyam1.jpg", "biography": "Shyam Sundar Ramaswami is a Lead Threat Researcher with Cisco Umbrella. Shyam is a two-time TEDx speaker, GREM certified malware analyst, Cisco Security Ninja black belt and a teacher of cyber security. Shyam has delivered talks for several conferences such as Black Hat (Las Vegas), Qubit Forensics (Serbia), Nullcon 2020 (Goa), Cisco Live (Barcelona), and for several universities and IEEE forums in India. Shyam has also taught \u201cAdvanced malware attacks and defenses\u201d class in Stanford University\u2019s cyber security program and runs a mentoring program called \u201cBeing Robin\u201d where he mentors students all over the globe on cyber security. Shyam\u2019s interviews have been published in leading websites like Zdnet and CISO MAG.", "public_name": "Shyam Sundar Ramaswami", "guid": "f5693feb-4600-5683-8230-a24372d9b22e", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/TL9WY3/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/QBXER7/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/QBXER7/", "attachments": []}, {"guid": "1585b459-54d4-515b-9487-af85fea425e9", "code": "ZLN8QM", "id": 55, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/ZLN8QM/Hackfest-Vote-electronique_emQk1QM.JPG", "date": "2020-11-20T13:00:00-05:00", "start": "13:00", "duration": "00:50", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-55-securisation-des-systemes-de-vote-electronique", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/ZLN8QM/", "title": "S\u00e9curisation des syst\u00e8mes de vote \u00e9lectronique", "subtitle": "", "track": "Sponsor", "type": "Regular talk", "language": "fr", "abstract": "Dans le contexte de la COVID-19, les gouvernements, les partis politiques, les entreprises priv\u00e9es et les OSBL d\u00e9sirent mettre en place le vote \u00e9lectronique rapidement. In\u00e9vitablement, des erreurs ont \u00e9t\u00e9 commises o\u00f9 le seront bient\u00f4t... et les pirates n'attendent que \u00e7a!\r\n\r\nEn parall\u00e8le, que ce soit dans le cadre du vote \u00e0 la chefferie du Parti conservateur du Canada ou encore aux \u00e9lections pr\u00e9sidentielles du c\u00f4t\u00e9 des \u00c9tats-Unis, des cafouillages majeurs viennent mettre un pied de nez au vote par correspondance!\r\n\r\nCette conf\u00e9rence portera un regard Blue Team et Red Team sur les emb\u00fbches \u00e0 pr\u00e9voir dans le d\u00e9ploiement et l'utilisation d'un syst\u00e8me de vote \u00e9lectronique, tout en portant un regard critique sur les alternatives possibles.", "description": "Nous ferons un retour sur les r\u00e9cents cafouillages li\u00e9s au vote par la poste (Partie conservateur et \u00e9lections pr\u00e9sidentielles du c\u00f4t\u00e9 des \u00c9tats-Unis) afin de mettre en perspective le niveau de s\u00e9curit\u00e9 associ\u00e9 \u00e0 ce type de vote. Nous ferons \u00e9galement un retour du vote plus traditionnel (urne). Par la suite, bien que nous ferons allusion aux urnes \u00e9lectroniques pouvant \u00eatre utilis\u00e9es en remplacement des urnes traditionnelles, nous mettrons davantage l\u2019emphase sur le vote \u00e9lectronique dans le cadre de la conf\u00e9rence.\r\n\r\nAvant d\u2019aller dans le volet plus technique, nous mettrons en perspective suite les diff\u00e9rents niveaux de confiances attendus d\u2019un syst\u00e8me de vote \u00e9lectronique en fonction des enjeux relative \u00e0 l\u2019issue du vote. Par exemple, devons-nous mettre autant d\u2019effort \u00e0 prot\u00e9ger un vote pour un OSBL, un vote pour un ordre professionnel, celui d\u2019un  syndicat, un vote au niveau municipal, un Parti politique, un vote provincial ou national?\r\n\r\nPar la suite, nous \u00e9tudierons chacune des \u00e9tapes cl\u00e9s d\u2019un vote \u00e9lectronique et \u00e9tudierons la vue Blue Team et Red Team \u00e0 chacune d\u2019elle :\r\n1.\tLa pr\u00e9paration de l\u2019\u00e9lection\r\n2.\tL\u2019inscription de votants \r\n3.\tL\u2019envoi des bulletins de vote\r\n4.\tLa tenue du vote\r\n5.\tLa cl\u00f4ture du vote\r\n6.\tLe d\u00e9pouillement du vote\r\n7.\tLa destruction des votes\r\n\r\n\u00c0 chacune des \u00e9tapes, nous d\u00e9montrerons les diff\u00e9rents risques et/ou erreurs qui peuvent survenir et pouvant avoir un impact sur le secret du vote ou encore sur l\u2019int\u00e9grit\u00e9 du vote.", "recording_license": "", "do_not_record": false, "persons": [{"code": "BPXSAD", "name": "Jean-Philippe Racine", "avatar": null, "biography": "Gr\u00e2ce \u00e0 ses 19 ann\u00e9es d\u2019exp\u00e9rience dans le secteur des TI et \u00e0 ses nombreuses certifications et formations, M. Racine poss\u00e8de plus de 15 ans d\u2019exp\u00e9rience d\u00e9di\u00e9e \u00e0 la cybers\u00e9curit\u00e9. Ayant commenc\u00e9 sa carri\u00e8re du c\u00f4t\u00e9 technique de la s\u00e9curit\u00e9 informatique, il a rapidement \u00e9volu\u00e9 dans les volets tactiques et strat\u00e9giques de la s\u00e9curit\u00e9. Entrepreneur depuis 2009, Jean Philippe Racine est d\u00e9sormais propri\u00e9taire de l'entreprise Groupe Cyberswat, qui contribue, ann\u00e9e apr\u00e8s ann\u00e9e, \u00e0 prot\u00e9ger l'information la plus critique des entreprises. Finalement, M. Racine d\u00e9tient une ma\u00eetrise en administration, option gouvernance, audit et s\u00e9curit\u00e9 des TI. Il s\u2019est \u00e9galement sp\u00e9cialis\u00e9 en obtenant plusieurs certifications, dont celle de CISA, de CISSP ainsi que le CCSK de Cloud Security Alliance.", "public_name": "Jean-Philippe Racine", "guid": "7cc0dbd8-fe77-52af-b8f4-73e5ef8c5b67", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/BPXSAD/"}, {"code": "ZSF7WG", "name": "Nicholas Milot", "avatar": "https://cfp.hackfest.ca/media/Nicholas-1.png", "biography": "Consultant en s\u00e9curit\u00e9 des informations chez Groupe CyberSwat", "public_name": "Nicholas Milot", "guid": "6d8034c4-0cf6-565c-ae3e-eb6c560bf657", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/ZSF7WG/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/ZLN8QM/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/ZLN8QM/", "attachments": []}, {"guid": "ca65731a-3bd9-5a3b-be18-c7df22c5561a", "code": "R8D8PF", "id": 50, "logo": null, "date": "2020-11-20T14:00:00-05:00", "start": "14:00", "duration": "00:50", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-50-demystifying-zero-trust-architecture", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/R8D8PF/", "title": "Demystifying Zero Trust Architecture", "subtitle": "", "track": "Sponsor", "type": "Regular talk", "language": "en", "abstract": "The buzz is there\u2026 Zero Trust, Gartner\u2019s CARTA, Forrester\u2019s Zero Trust Extended, Vendor X\u2019s magical zero trust unicorn, etc; but what does any of this really mean to the security practitioner? In this session, I will provide clarity to all this noise, and discuss how a pure Zero Trust model was always intended to be, why and how that model provides for efficient security; the way it changes the paradigm of the problem we face securing our data and our workforce, and how ZT is completely complimentary to a threat-centric approach to security that we have been following for many years. Many approaches to ZT are focused only on situations where a user can interactively authenticate. However, ZT does not end with just strong authentication of users. Machine-to-machine connections have grown to nearly 50% of all connections, and many ZT architectures can often ignore these headless devices and workloads.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"code": "AVK3PQ", "name": "Jamie Sanbower", "avatar": null, "biography": "Jamie Sanbower, is a Global Principal Security Architect @ Cisco. Jamie is currently a technical leader and member of numerous advisory and working groups focused on Zero Trust, Secure Access Services Edge(SASE) and multidomain security architectures. He has been with Cisco since 2010 and has developed, designed, implemented and operated enterprise network and security solutions for a wide variety of large clients. Jamie is a distinguished speaker and is the author of many technical publications, including Integrated Security Technologies and Solutions Volume I and II. Jamie hold various industry certifications, including CCIE #13637 in Security, Enterprise Infrastructure, and Enterprise Wireless. Prior to Cisco, Jamie had various roles including: director of the cyber security practice, senior security consultant and senior network engineer.", "public_name": "Jamie Sanbower", "guid": "b4f9ee18-b382-5bdc-9b13-2d6878606f1a", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/AVK3PQ/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/R8D8PF/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/R8D8PF/", "attachments": []}]}}, {"index": 2, "date": "2020-11-21", "day_start": "2020-11-21T04:00:00-05:00", "day_end": "2020-11-22T03:59:00-05:00", "rooms": {"Hackfest - Track 1": [{"guid": "4aa8d71d-3676-5e25-b4e7-3c8bd2216aaf", "code": "7J8ZEW", "id": 31, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/7J8ZEW/Cloud_Shadow_Admins_6As8Yc4.jpg", "date": "2020-11-21T09:00:00-05:00", "start": "09:00", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-31-fantastic-cloud-shadow-admins-and-where-to-find", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/7J8ZEW/", "title": "Fantastic Cloud Shadow Admins and where to find", "subtitle": "", "track": "Defensive", "type": "Regular talk", "language": "en", "abstract": "Cloud adoption is on the rise and so is the risk of having Shadow Admins. In this session, we will explore Azure\u2019s IAM and the dark permissions and roles, where Cloud Shadow Admins hide. We will demonstrate how an attacker can escalate privileges using those unintended admin users and how you can discover them before with a new scanning module of the open-source tool SkyArk.", "description": "Session's objectives\r\n1. Understand Azure better \u2013 its IAM and permissions architecture\r\n2. Learn on the new threat of Azure and AWS Shadow Admins\r\n3. Get recommendations and a free open-source tool for mitigation\r\n\r\nNowadays, cloud technologies are everywhere, and specifically, Microsoft\u2019s Azure cloud is gaining more and more popularity. Many companies use the different Azure services and rely on the Azure AD as part of their Office 365 solution. With that increasing adoption, the risk of having Shadow Admins grows as well. We at CyberArk Labs researched Azure cloud and its permission architecture and discovered 10 specific privilege escalation techniques. In the session, we will present the research and how users that seem to have limited privileges at first glance, can actually impersonate and take control of other users that have full Azure admin rights. We called those kinds of unintended privileged users, Shadow Admins. They aren\u2019t full admins at first, but they control other existing admins and can take action on their behalf. The session will also include two demos to present Shadow Admins abuse and actionable mitigation takeaways. In addition we will present a previous research we did on Shadow Admins in AWS environment.\r\nExamples for Shadow Admins are:\r\nAzure applications can have dedicated Azure permissions. Users who manage the applications can be assigned with the Application Administrator Role in Azure AD. This role is considered to be \u201climited\u201d and has only the permissions to manage applications. But in fact, it can be used to escalate privileges by taking control over a more permissive application or by registering a new malicious application with privileged permissions that the user didn\u2019t have initially.\r\nAnother example is a user with only one single permission: \u201cMicrosoft.Authorization/roleAssignments/write\u201d. With this sole permission, a user can assign itself the all 5,000 available permissions in Azure RBAC mechanism.\r\nAnd what about a user who is the OWNER (not a member) of privileged AAD group? It\u2019s also a privileged user as well. It doesn\u2019t matter if this user has other permissions at all or if it\u2019s currently a member in this group. Because at any moment, this user can add itself to that admins group and become an admin.\r\nAttackers can also create their own Shadow Admins as part of their persistence efforts.\r\nIn the past, we researched Shadow Admins in on-premises domain networks, and at RSA USA 2018 we presented Shadow Admins in AWS.\r\nThe research we did on AD Domain Shadow Admins included a blog post and a tool \u201cACLight\u201d:\r\nhttps://www.cyberark.com/threat-research-blog/shadow-admins-stealthy-accounts-fear/\r\nhttps://github.com/cyberark/ACLight\r\nThe research we did on AWS Shadow Admins also included a summary post and a new scanning tool \u201cSkyArk\u201d:\r\nhttps://www.cyberark.com/threat-research-blog/cloud-shadow-admin-threat-10-permissions-protect/\r\nhttps://github.com/cyberark/SkyArk\r\nAs part of this Azure research, we\u2019re going to add a new scanning module for targeting this risk of Azure Shadow Admins. The scan is called AzureStealth, and it\u2019s part of the free open-source SkyArk.\r\nOrganizations worldwide should discover, identify those admins, and make sure they are well secured. \r\nWe published our last Azure research here:\r\nhttps://www.cyberark.com/resources/threat-research-blog/diy-hunting-azure-shadow-admins-like-never-before-2", "recording_license": "", "do_not_record": false, "persons": [{"code": "HMQUZS", "name": "Asaf Hecht", "avatar": "https://cfp.hackfest.ca/media/Asaf_Hecht_-_profile_photo.jpg", "biography": "Asaf Hecht is a team leader of one of CyberArk Labs research teams. He focuses on researching and discovering the latest attack techniques, and applying lessons learned to improve cyber-defenses. Hecht\u2019s primary research areas are network defense, cloud security and application of machine learning. Prior to CyberArk, Hecht served eight years in the Israeli Army. He was the Team Leader for the advanced cyber-hunting team, an elite force that protects military top-secret networks and reveals APTs. In addition, Hecht is also a skilled helicopter pilot.", "public_name": "Asaf Hecht", "guid": "7333eab2-2e0e-50b4-88fc-990e8eb24db8", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/HMQUZS/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/7J8ZEW/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/7J8ZEW/", "attachments": []}, {"guid": "5a84926a-4ec9-5052-8962-2ddc63b1bbc3", "code": "RWHK3G", "id": 42, "logo": null, "date": "2020-11-21T10:00:00-05:00", "start": "10:00", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-42-making-a-high-performing-pentest-team-from-scratch", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/RWHK3G/", "title": "Making a High Performing Pentest Team From Scratch", "subtitle": "", "track": "Offensive", "type": "Regular talk", "language": "en", "abstract": "Starting with a single highly motivated co-op intern, Darren has spent the past number of years forming and developing the Cyber Security team for CDW\u2019s Risk Advisory Services practice. He is passionate about Security and making the world a safer place, as well as, for those that he has had the privilege of working with while doing so. He will share some of the strategies and his insights used to develop a high performing team which now delivers on assessments ranging from traditional network and web application pentests to complex Red Team and Adversarial Simulation engagements. \r\n\r\nHere\u2019s a peek at his recipe for building a high performing pentest team:\r\n\r\nStep 1. Start with a passion and singular vision to achieve something great. \r\n\r\nStep 2. Hand-pick both fresh and seasoned, gifted individuals as the key ingredients \r\n\r\nStep 3. Season with progressive training and experience with leading-edge tools, methodologies and effective processes.\r\n\r\nStep 4. Blend carefully together in a challenging, innovative, collaborative environment\r\n\r\nStep 5. Allow time for each ingredient to develop to their full potential. Check regularly; always reflecting on Step 1\r\n\r\nStep 6. Refine by promoting leadership.\r\n\r\nStep 7.  Volia! Stop and enjoy the fruit of the labor!\r\n\r\nJoin Darren as he candidly shares on the process that went into building the Cyber Security team at CDW Canada from the ground up.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"code": "SZSAKL", "name": "Darren Chin", "avatar": "https://cfp.hackfest.ca/media/Headshot_1_cropped.jpg", "biography": "Darren is the Principal Consultant responsible for the Cyber Security team of CDW Canada\u2019s Risk Advisory Services practice. He is a seasoned Management Consultant and Information Security professional with over 20 years\u2019 experience in Information Technology operations, architecture, design, audit, and security management. During his tenure at CDW Canada/Scalar Decisions/eosensa, he has formed world-class cybersecurity testing and vulnerability management teams; servicing clients in the Financial, Health Care, and Technology sectors. Darren graduated from the University of Waterloo with a Bachelor of Applied Science in Electrical Engineering. He holds CCISO, CISSP, CISA, CIPP/C, ISO27001 LA certifications.", "public_name": "Darren Chin", "guid": "363af3d7-598a-5f23-8948-2d1ddde027ac", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/SZSAKL/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/RWHK3G/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/RWHK3G/", "attachments": []}, {"guid": "196a5b3a-61a8-5fd0-8174-133a78c1c0c6", "code": "WTYMFQ", "id": 34, "logo": null, "date": "2020-11-21T11:00:00-05:00", "start": "11:00", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-34-xfs-the-protocol-behind-atm-jackpotting", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/WTYMFQ/", "title": "XFS: The Protocol behind ATM Jackpotting", "subtitle": "", "track": "Offensive", "type": "Regular talk", "language": "en", "abstract": "10 years ago, Barnaby Jack famously showed the world that ATMs could be jackpotted. Has the ATM security landscape changed since? Is this type of attack still possible? How difficult is it really to perform? As it turns out, all that is required in 2020 to successfully jackpot an ATM is intermediate C programming and physical access to the cabinet, and the C programming part is about to become optional!", "description": "At the core of modern ATM attacks is a specification known as Extended Financial Services (XFS) which has been put together by industry experts as a solution to the multiple-vendor multiple-hardware interoperability woes. The documentation is freely available and provides an interface for financial software to interact uniformly across compatible hardware regardless of vendor and implementation details.\r\n \r\nIn this talk we give a quick overview of a realistic threat model for attacks against ATMs and focus on the software-hardware interface. We begin with a cursory introduction to the XFS protocol, how it works, and provide a security analysis of some of the features included in the foundational structure of the protocol. Some of the major risks that we have uncovered will be presented in detail and sample implementation code will be shown. We also open-source the tool that we developed to explore the XFS protocol and issue commands directly to ATM hardware, bypassing any business logic and software protections. We show that the XFS protocol has major security flaws which lead to any type of code execution achieved on an ATM being enough to perform various attacks, such as arbitrary unauthenticated withdrawals (jackpotting), in-software sniffing of card readers and PIN readers. We conclude by providing mitigation strategies that can be implemented immediately by operators and discuss the long-term changes that must happen to make XFS safer.", "recording_license": "", "do_not_record": false, "persons": [{"code": "ZWMAEQ", "name": "Alexandre Beaulieu", "avatar": null, "biography": "Alexandre is a security researcher working for GoSecure. His areas of expertise are reverse engineering, binary exploitation and tool development. His previous experience as a software developer covers a broad spectrum of topics ranging from low-level systems and binary protocols to web applications. Prior to joining the research team, Alexandre spent time as an Ethical Hacker honing his offensive security skills. His areas of interests include binary analysis, compiler theory and systems programming. Alexandre gives back to the Montr\u00e9al infosec community by volunteering his time, contributing workshops and designing application security challenges for events like Montr\u00e9Hack and REcon.", "public_name": "Alexandre Beaulieu", "guid": "578becd3-3b67-534e-913d-264ddab2fad1", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/ZWMAEQ/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/WTYMFQ/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/WTYMFQ/", "attachments": []}, {"guid": "50fa3efa-86af-5b71-bfd1-aaef2e52a234", "code": "HUMKYU", "id": 60, "logo": null, "date": "2020-11-21T11:55:00-05:00", "start": "11:55", "duration": "00:30", "room": "Hackfest - Track 1", "slug": "hackfest-2020-60-conference-sur-les-perspectives-d-emploi-en-cybersecurite", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/HUMKYU/", "title": "Conf\u00e9rence sur les perspectives d'emploi en cybers\u00e9curit\u00e9", "subtitle": "", "track": "Defensive", "type": "Speed Talk", "language": "fr", "abstract": "Lors de cette conf\u00e9rence, nous discuterons des perspectives d'emploi en s\u00e9curit\u00e9 de l'information et nous aborderons les profils de RSI, OSSI, CISO et les chemins pour s'y rendre. Il y a de longs chemins, de courts chemins ainsi nous verrons comment nous pouvons nous y prendre pour y arriver?", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"code": "NZMKHG", "name": "Steve Waterhouse", "avatar": "https://cfp.hackfest.ca/media/Steve-Bus-Dec2018-smallsize.jpeg", "biography": "C\u2019est au cours de sa carri\u00e8re militaire avec le Royal 22e R\u00e9giment que le Capt(ret) Waterhouse a troqu\u00e9 le fusil au clavier pour devenir un des premiers cyber-soldat au pays. Apr\u00e8s avoir travaill\u00e9 \u00e0 former soldats et officiers dans les armes de combat, il se voue \u00e0 g\u00e9rer les r\u00e9seaux informatique du QGSQFT, puis le r\u00e9seau M\u00e9tropolitain de la base de Montr\u00e9al. Par la suite, il devient premier Officier de S\u00e9curit\u00e9 des Syst\u00e8mes d\u2019Information de la base de Montr\u00e9al, et par la suite du Coll\u00e8ge Militaire Royal de Saint-Jean o\u00f9 il refait l\u2019architecture informatique. M. Waterhouse a poursuivi sa qu\u00eate du savoir avec l\u2019entreprise priv\u00e9e tout en partageant son exp\u00e9rience militaire et d\u2019art oratoire avec le mouvement jeunesse des cadets du Canada \u00e0 titre d\u2019officier CIC et d\u00e9marre son entreprise de service conseil: INFOSECSW. Il continue \u00e0 partager sa passion et son exp\u00e9rience \u00e0 titre de charg\u00e9 de cours avec l\u2019Universit\u00e9 de Sherbrooke au microprogramme de 2e cycle en s\u00e9curit\u00e9 informatique - volet pr\u00e9vention et est invit\u00e9 \u00e0 contribuer son exp\u00e9rience et expertise avec les comit\u00e9s de la Chambre des Communes du Canada et de l\u2019Assembl\u00e9e nationale \u00e0 Qu\u00e9bec (membre du conseil consultatif en cybers\u00e9curit\u00e9) et est fr\u00e9quemment sollicit\u00e9 par les m\u00e9dias d\u2019information au pays afin de commenter les sujets de cybers\u00e9curit\u00e9. Il d\u00e9tient plusieurs certifications technologique professionnelles et est un instructeur avec Cisco, CompTIA et CWNP. Il est aussi un Ma\u00eetre de plong\u00e9e PADI", "public_name": "Steve Waterhouse", "guid": "6a043e73-b774-575f-bacd-1c83a228062a", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/NZMKHG/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/HUMKYU/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/HUMKYU/", "attachments": []}, {"guid": "5e2810f5-be06-5dc9-8f19-7619c3798c09", "code": "QJSHJ9", "id": 33, "logo": null, "date": "2020-11-21T12:30:00-05:00", "start": "12:30", "duration": "02:00", "room": "Hackfest - Track 1", "slug": "hackfest-2020-33-workshop-on-radio-frequency-signals-security", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/QJSHJ9/", "title": "Workshop on Radio Frequency Signals Security", "subtitle": "", "track": "Offensive", "type": "Workshop", "language": "en", "abstract": "The session will introduce audiences to the world of RF analysis,  As we introduce each new attack, we will draw parallels to similar wired exploits, and highlight attack primitives that are unique to RF. During the session, we'll walk through wireless sniffing, spoofing, cloning, replay, and DoS attacks. These offensive exercises will give one brief idea of how to analyze the devices' security, and the best practice guidelines will help to design them properly.", "description": "**Session Outline:-** </br>\r\n\r\n**Part A:** Overview, Ideas, and Prospectus of the attack and defense in the field of RF Security (Objective is to ensure everyone has clarity of Radio Hacking and How is it Different?)\r\n  - Joys of the Past: History of Attack\r\n  - Current State of Industry & Sutra for Mitigation:\r\n  - A glimpse of the Future\r\n\r\n**Part B:** The learned theory will be reinforced through the use of practical examples and exercises where they can put the tools and techniques into practice.  \r\n  - What is a Software Defined Radio (SDR)\r\n  - SDR Architecture, DSP, Sampling\r\n  -  Breadth and Depth of DSP\r\n  - Phases of SDR Hacking \u2014 This will explain how an RF attack takes place, and how to gather information and plan, including initial profiling of our device\u2026 beginning with 3 foundation questions before any hacks, i) What does our device do in normal operation ii) How do they connect? iii) Determining the Frequency.\r\n  - Setting up and using RTL-SDR, HackRF\r\n  - Decode Digital Data\r\n  - Customizing and Retransmitting Radio Signals \u2014 Next, this will go over to discuss how RF signals are captured and transmitted with a Hands-on demo with HackRF-One, RTL-SDR, and USRP to demonstrate replay attack on keyfobs, door locks, alarms.\r\n  - Capturing Signals and Analyzing a Waterfall Plot\r\n  - Reverse Engineering Transmissions\r\n  - Analyzing Data Formats and Injecting Wireless Packets\r\n  - Hands-on Practice with Tools: GNUradio, GQRX, SDR#\r\n  - Case Study and Demos", "recording_license": "", "do_not_record": false, "persons": [{"code": "FVQM9F", "name": "Harshit Agrawal", "avatar": "https://cfp.hackfest.ca/media/Harshit_Agrawal.jpg", "biography": "Harshit Agrawal (@harshitnic) is currently working as a Radio and Telecom Security Researcher. He is enthusiastic about Signal Intelligence, Electronic Warfare, and Telecom Security. He presented his research paper at International conferences like RSAC USA, HITB Cyberweek, ICS Security Singapore, Hack In Paris, HITB Amsterdam, Securityfest Sweden, Nanosec Malaysia, CISO Platform Virtual Summit, Sacon Conference Bangalore, and DakotaCon USA. Previously he was President of the CSI Chapter and Vice President for Entrepreneurship cell at MIT, where he also headed the team of security enthusiasts which gave him a good insight into cyber-security and increased his thirst to explore more in this field. He is a Programmer, Researcher, and Believer! He believes in providing something out of the box!", "public_name": "Harshit Agrawal", "guid": "23f2c5d0-937d-57f7-9a9d-aabc4b9df47d", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/FVQM9F/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/QJSHJ9/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/QJSHJ9/", "attachments": []}, {"guid": "fb94fc35-49db-539a-806a-2fae0afffbd5", "code": "UMTWUX", "id": 49, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/UMTWUX/122847179_1084993991974250_1827147300141690222_n_ceVxhmO.png", "date": "2020-11-21T14:30:00-05:00", "start": "14:30", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-49-de-la-cybervictimisation-a-la-resilience-12-cles", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/UMTWUX/", "title": "De la cybervictimisation \u00e0 la r\u00e9silience : 12 cl\u00e9s", "subtitle": "", "track": "Threat Intelligence / OSINT", "type": "Regular talk", "language": "fr", "abstract": "\u00c0 13 ans et alors qu'il vivait les premiers instants du World Wide Web mainstream qu\u00e9b\u00e9cois, Micha\u00ebl G. a \u00e9t\u00e9 la cible de cyberpr\u00e9dateurs. Son parcours, de la cybervictimisation \u00e0 la r\u00e9silience, en passant par le syst\u00e8me de justice, l\u2019initiera \u00e0 ce qui deviendra plus tard son nouveau domaine professionnel.\r\n\r\n22 ans apr\u00e8s les faits, alors que les d\u00e9nonciations de crimes d\u2019exploitation sexuelle des enfants sur le web explosent, que peut-on apprendre de l\u2019exp\u00e9rience de la premi\u00e8re g\u00e9n\u00e9ration de survivants de cybercrimes contre la personne?\r\n\r\nDans sa pr\u00e9sentation, Micha\u00ebl propose un survol - en 12 cl\u00e9s - construit \u00e0 partir de son exp\u00e9rience personnelle, vous permettant de voir un tableau sommaire de l\u2019exp\u00e9rience de la cybervictimisation telle qu\u2019il l\u2019a v\u00e9cue de l\u2019int\u00e9rieur. Vous d\u00e9couvrirez un champ de mines que survivant.e.s d\u2019actes cybercriminels doivent mais peuvent traverser, en luttant quotidiennement contre les multiples pi\u00e8ges cognitifs et illusions cr\u00e9\u00e9s et nourris par la cybervictimisation. \r\n\r\nBien s\u00fbr, gardez en t\u00eate qu'il s'agit d'un parcours parmi tant d'autres et que chaque parcours est diff\u00e9rent pour chacun.e.\r\n\r\nEnfin, dans ces 12 cl\u00e9s, peut-\u00eatre trouverez-vous un d\u00e9but de r\u00e9ponse pour comprendre l\u2019exp\u00e9rience d\u2019un proche radicalis\u00e9, d\u2019un ami dans le d\u00e9ni, d\u2019une cliente ambivalente, d\u2019un enfant ou d\u2019une ado cyberd\u00e9pendant.e? Peut-\u00eatre y trouverez-vous un \u00e9cho \u00e0 votre propre exp\u00e9rience? Ou peut-\u00eatre pas. Mais au moins, vous saurez! \r\n\r\n***\r\n\r\nLa pr\u00e9sentation sera suivi d\u2019une discussion o\u00f9 tous seront invit\u00e9s \u00e0 poser leurs questions par rapports aux points pr\u00e9c\u00e9demment expos\u00e9s.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"code": "NNZVLF", "name": "Micha\u00ebl Gigu\u00e8re", "avatar": "https://cfp.hackfest.ca/media/mick_hf2022.jpeg", "biography": "Micha\u00ebl Gigu\u00e8re \u00e9tudie depuis 2017 au baccalaur\u00e9at en cybers\u00e9curit\u00e9 \u00e0 l\u2019\u00e9cole Polytechnique de Montr\u00e9al, o\u00f9 il consolide son parcours de victime et de survivant de cybercrimes avec sa passion de longue date pour l\u2019informatique. En prenant parole dans les m\u00e9dias pour briser le tabou des hommes abus\u00e9s sexuellement dans l\u2019enfance, d\u00e8s 2018, son chemin croise celui d\u2019acteurs publics ayant \u00e0 c\u0153ur la pr\u00e9vention de l\u2019exploitation sexuelle des enfants sur Internet. C\u2019est ainsi qu\u2019il sera invit\u00e9 \u00e0 pr\u00e9senter pour la premi\u00e8re fois, en 2019, la conf\u00e9rence \u00ab <i>De la cybervictimisation \u00e0 la r\u00e9silience</i> \u00bb devant un public d\u2019enqu\u00eateurs qui deviendront ses coll\u00e8gues le temps d\u2019un stage \u00e0 la Division des Enqu\u00eates sur la Cybercriminalit\u00e9 de la S\u00fbret\u00e9 du Qu\u00e9bec. Fier d\u2019un parcours dont il a longtemps eu honte, les int\u00e9r\u00eats, les connaissances et l\u2019exp\u00e9rience de la cybervictimisation que d\u00e9tient Micha\u00ebl lui permettent aujourd\u2019hui de jeter un regard tr\u00e8s personnel et exp\u00e9rientiel sur la question des cyberviolences et de la survivance propres aux cybercrimes.\r\n<p>\u27a1\ufe0f Site web : <a href=\"www.michaelgiguere.com\">www.michaelgiguere.com</a><br>\r\n\u27a1\ufe0f Courriel : <a href=\"mailto:cyber@michaelgiguere.com\">cyber@michaelgiguere.com</a></p>", "public_name": "Micha\u00ebl Gigu\u00e8re", "guid": "dddf8d90-44fa-5d49-a5d5-d15aef8ff239", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/NNZVLF/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/UMTWUX/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/UMTWUX/", "attachments": []}, {"guid": "d03430e8-d995-51f8-b1e6-41edae3a5eb3", "code": "RBZSBT", "id": 38, "logo": null, "date": "2020-11-21T15:30:00-05:00", "start": "15:30", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-38-all-software-is-open-source-an-introduction-to-re", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/RBZSBT/", "title": "All Software is Open Source: An Introduction to RE", "subtitle": "", "track": "Offensive", "type": "Regular talk", "language": "en", "abstract": "Commercial software is full of dark secrets - embedded keys and passwords, hidden backdoors, security vulnerabilities... But with companies guarding proprietary source code, is there any hope of discovering and rectifying them? \r\n\r\nEnter Reverse Engineering. With its powerful tools and techniques, you can analyze any closed-source software, and have fun doing it!", "description": "Reverse engineering of a piece of software may seem like a daunting and mysterious task, but it does not have to be. When approached with the right attitude and the right tools it can be a lot of fun and a very intellectually-stimulating experience. \r\n\r\nIf you don't know much about reverse engineering but are curious about it, then this presentation is for you.\r\n\r\nWe will touch on:\r\n\r\n- What is it and why do it?\r\n- Legality of reverse engineering\r\n- Different type of technologies that you can reverse\r\n- What are the knowledge pre-requisites?\r\n- How to get started?\r\n- What tools to use?\r\n- How and where to practice?\r\n- ...and more!", "recording_license": "", "do_not_record": false, "persons": [{"code": "CKSUDS", "name": "Dmitriy Beryoza", "avatar": "https://cfp.hackfest.ca/media/avatars/head-shot-small_Roiu5kO.jpg", "biography": "Dmitriy is a Senior Security Researcher at Vectra AI. He spent over 25 years of his life building software before realizing that breaking it is much more fun. \r\n\r\nDmitriy is passionate about all things security, with particular interest in reverse engineering, binary exploitation, secure software development, cloud and network threat detection, and CTF competitions.", "public_name": "Dmitriy Beryoza", "guid": "e8393275-3318-5d8c-bd37-b63f57cdb53b", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/CKSUDS/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/RBZSBT/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/RBZSBT/", "attachments": []}, {"guid": "0459355c-403d-5aec-995a-0b85dadabb19", "code": "HNG8CQ", "id": 28, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/HNG8CQ/Screen_Shot_2020-10-01_at_7.25.52_AM_eXxX4ug.png", "date": "2020-11-21T16:30:00-05:00", "start": "16:30", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-28-trust-but-verify-maintaining-democracy-in-spite", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/HNG8CQ/", "title": "Trust, but Verify: Maintaining Democracy In Spite", "subtitle": "", "track": "Offensive", "type": "Regular talk", "language": "en", "abstract": "In this session, we\u2019ll discuss how Russia has influenced worldwide elections using cyberwarfare and how countries have fought back. We\u2019ll understand the natural asymmetry between how countries are able to respond, and how they have changed their approach since 2016.", "description": "There are many important elections this year. As you read this, Russia is already disrupting them.\r\n\r\nWhen we talk about election security, most people think of hacking voting machines. But what about other cyber methods and means of disrupting an election? What can nation state threat actors do today, tomorrow, the day of the election, and after to sow chaos and erode our faith in democracy?\r\n\r\nIn this session, we\u2019ll discuss how Russia has influenced worldwide elections using cyberwarfare and how we have fought back. We\u2019ll understand the natural asymmetry between how Russia and other countries are able to respond, and how we have changed our approach since 2016.\r\n\r\nBy the end, we will be brainstorming all of the ways to disrupt an election that countries aren\u2019t prepared for.\r\n\r\nGet ready to put your nation state threat actor hat on and disrupt some elections - and maybe even earn some \u0438\u0440\u0438\u0441\u043a\u0438-\u0442\u044f\u043d\u0443\u0447\u043a\u0438.", "recording_license": "", "do_not_record": false, "persons": [{"code": "VLKVLU", "name": "Allie Mellen", "avatar": "https://cfp.hackfest.ca/media/allie-mellen-headshot_1_copy.jpeg", "biography": "Allie Mellen has spent the past decade in engineering, development, and technical consulting roles at multiple venture-backed startups, as well as research roles at MIT and Boston University. Her passion is combining technology and entrepreneurship, having run her own successful iOS development company out of college and been an investment partner at a venture fund investing in student-run startups. She has worked with multiple nonprofits to teach engineering to students and minorities, including the Global App Initiative and WISP, and has mentored business students at Hult Business School. She received her B.S. degree in Computer Engineering, and has been recognized worldwide for her security research at conferences like Black Hat USA, DEFCON, HOPE, and others. She is now a security strategist in the Office of the CSO at Cybereason, where she is a frequent speaker at security conferences globally teaching about security and pushing the boundaries of the industry.", "public_name": "Allie Mellen", "guid": "d107a186-e27a-59e5-8ff2-097bfba539ab", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/VLKVLU/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/HNG8CQ/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/HNG8CQ/", "attachments": []}, {"guid": "46d7934a-d981-5824-afd2-de2bec8c8903", "code": "NSUM8E", "id": 23, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/NSUM8E/LightSpeedSQLInjections_cDXtDDu.png", "date": "2020-11-21T17:30:00-05:00", "start": "17:30", "duration": "00:50", "room": "Hackfest - Track 1", "slug": "hackfest-2020-23-lightspeed-sql-injections", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/NSUM8E/", "title": "Lightspeed SQL Injections", "subtitle": "", "track": "Offensive", "type": "Regular talk", "language": "en", "abstract": "This presentation will focus on private and new optimized SQL injection exploitation methods.\r\n\r\nNew private tools that exploit Blind SQL Injection vulnerabilities will be released. These ones are much more faster than the existing free and commercial tools\r\nout there because the private ones use modern attack vectors (created by myself) which perform clever injections designed to hack databases in more efficient methods.\r\n\r\nTo explain this, graphs and tables will be used to show the differences between the best tools out there and the 3 private tools introduced in the talk.\r\n\r\nAll the techniques used by the tools, which are the result of original private research, will be exposed in high detail.\r\n\r\nThe most popular free tool to exploit SQL Injections, sqlmap, needs to make a maximum of 7 requests to retrieve a single character and it also has threading\r\nlimitations. There is a notable gap between sqlmap and my new tools because they only require a maximum of 3 requests to retrieve a character. They\r\nare also finer not only because of the number of requests they require nor due to the threading capabilities they have, but also because the SQL injection itself runs much faster faster due to the instruction set they use.\r\n\r\nUnderground methods (some discovered by a fellow 1337 researcher and others by me) to test for SQL Injection and XSS vulnerabilities will be shown. These will transform pen-testing into an easier and more optimized task.", "description": "Vous pouvez voir toute la presentation ici:\r\nhttps://docs.google.com/presentation/d/1lQ18wjfqL9xkbKi_6PcQ71EfrCrr6s9Xm6sZHOiCeqk/edit?usp=sharing\r\n\r\nLa presentation et finit e presque. Je vais publiquer aussi des noveux outils pour fair des injections SQL. Ces outils sont les plus rapids dans tout le monde. Le method que ces outils utilize est un peux plus complique en comparation avec les methods tranditionels pour fair des attaques. Je vais expliquer clairement comment est-ce que ces travail.\r\n\r\nExcusez mon francais, je peux parler un peu mais la presentation va etre fait en anglais, parce que il y a 15 ans que je n'avais pas parler en votre langue.", "recording_license": "", "do_not_record": false, "persons": [{"code": "C3H9UL", "name": "Ruben Ventura", "avatar": "https://cfp.hackfest.ca/media/mesky.jpg", "biography": "Ruben Ventura [tr3w] got involved in the field of hacking and info-sec for around 17 years. He has worked performing pen-tests and security assessments for many international firms, governments and law-enforcement agencies from all around the world (also a bank). He has been presented as a speaker and trainer at many different conferences in his country of origin.\r\n\r\nHis interests include hacking, reverse engineering, meditation, music production, theoretical physics, psychology, lifting weights and coffee (lots).", "public_name": "Ruben Ventura", "guid": "3cb754bd-3c0f-56ea-a537-7f9775248f61", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/C3H9UL/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/NSUM8E/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/NSUM8E/", "attachments": []}, {"guid": "a21e6b10-8409-55d9-a50e-82afaaa11ca0", "code": "JDMXS3", "id": 61, "logo": null, "date": "2020-11-21T18:30:00-05:00", "start": "18:30", "duration": "01:00", "room": "Hackfest - Track 1", "slug": "hackfest-2020-61-the-spoon-problem-with-life-hacking-infosec", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/JDMXS3/", "title": "The Spoon Problem with: Life, Hacking & InfoSec", "subtitle": "", "track": "Offensive", "type": "Regular talk", "language": "en", "abstract": "It's the start of a new decade (please no arguing about that let's just say it is.) The best way to start it off right is with a delightful educational rant. One of the most asked questions I receive is, \"How do I become a Hacker?\" I've been asked this so many times I literally created a webpage, iR0nin.com, on this very topic. Spoiler alert that hasn't helped with people asking the question. So Let's not only address that topic for the next year with help from people in the industry, but there are some other things I would like to get off my chest as well, so why not lump them all together and get this party/decade started right! I promise there will be no war stories, but hopefully, some will be started with it! So prepare for some insights as well as information being delivered more loudly and probably more passionately than usual. The main objective is not to watch Jayson burn everything down to the ground, though it may appear that way, but to hear some unvarnished truth and knowledge shared for the benefit of the community we all are a part of.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"code": "SDWCXQ", "name": "Jayson E. Street", "avatar": "https://cfp.hackfest.ca/media/JES1.jpg", "biography": "Jayson E. Street is an author of the \"Dissecting the hack: Series\". Also the DEF CON Groups Global Ambassador. Plus the VP of InfoSec for SphereNY. He has also spoken at DEF CON, DerbyCon, GRRCon and at several other 'CONs and colleges on a variety of Information Security subjects.\r\n*He was a highly carbonated speaker who has partaken of Pizza from Beijing to Brazil. He does not expect anybody to still be reading this far but if they are please note he was chosen as one of Time's persons of the year for 2006.", "public_name": "Jayson E. Street", "guid": "635d7c09-c42b-5e57-95f2-a4d6f6faccc0", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/SDWCXQ/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/JDMXS3/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/JDMXS3/", "attachments": []}], "Hackfest - Sponsor room (and workshops)": [{"guid": "f1353d6a-99fb-5fbc-8285-26fe8409cf59", "code": "W9KVWZ", "id": 11, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/W9KVWZ/hack_fest_propo_conference_damien_V6r9SIR.jpg", "date": "2020-11-21T11:30:00-05:00", "start": "11:30", "duration": "00:20", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-11-ransomware-la-plaie-de-2020", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/W9KVWZ/", "title": "Ransomware : la plaie de 2020", "subtitle": "", "track": "Threat Intelligence / OSINT", "type": "Speed Talk", "language": "fr", "abstract": "Avec des milliers d'entreprises pi\u00e9g\u00e9es par un ransomware en 2020, les cyberattaques \u00e0 l'encontre de petites et grandes entreprises auront impact\u00e9 le business des victimes... mais pas que ! Les employ\u00e9s, clients, familles se retrouvent, dans la grande majorit\u00e9 des cas, dans les mains de pirates.", "description": "Plus de 300 attaques pour Maze ; plus de 150 pour Sodinokibi ; plus de 500 en additionnant Ragnar, Doppel, Conti, Pysa, XxX, \u2026 Les cyberattaques de type ransomware auront \u00e9t\u00e9 la plaie de cette ann\u00e9e 2020. Nous allons d\u00e9couvrir dans cette conf\u00e9rence, 365 jours de la vie de ces pirates, des entreprises impact\u00e9es ; celles qui ont pay\u00e9 et qui se retrouvent quand m\u00eame avec leurs donn\u00e9es vol\u00e9es dans le black market. Plus de 40 groupes sous surveillance affichant plusieurs milliers d\u2019entreprises victimes, petites et grandes, dont plusieurs dizaines de Canadiennes. Vous d\u00e9couvrirez comment derri\u00e8re ces chiffrements de fichiers, de machines, de cloud \u2026 les pirates se jettent sur la moindre donn\u00e9e qu\u2019ils r\u00e9utilisent, vendent, diffusent sans aucun respect de l\u2019\u00eatre humain. Comment les donn\u00e9es de Donald Trump, Madonna, Lady Gaga ont \u00e9t\u00e9 vendus ; comment, peut-\u00eatre, vos propres informations personnelles, celles de votre famille, coll\u00e8gues, \u2026 ont \u00e9t\u00e9 vol\u00e9s puis revendus.", "recording_license": "", "do_not_record": false, "persons": [{"code": "37ZG99", "name": "Damien Bancal", "avatar": "https://cfp.hackfest.ca/media/avatars/logo_H6xIVPf.png", "biography": "Damien Bancal - Journaliste Europ\u00e9en. Directeur du P\u00f4le Cyber Intelligence pour la soci\u00e9t\u00e9 Montr\u00e9alaise 8Brains.ca. Fondateur de ZATAZ.COM (25 ans) / DataSecurityBreach.fr (10 ans). Travaille sur les sujets High-tech/Cybercriminalit\u00e9/Cybers\u00e9curit\u00e9 depuis 1989. \r\nGendarme commandant r\u00e9serviste Cyberd\u00e9fense Hauts-de-France. \r\nEn savoir plus : https://www.damienbancal.fr", "public_name": "Damien Bancal", "guid": "93e2c1fc-8732-50ad-88be-ea3801076a84", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/37ZG99/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/W9KVWZ/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/W9KVWZ/", "attachments": []}, {"guid": "dc6d29d9-70d8-55ae-80b9-c349392b4000", "code": "A8MWCN", "id": 18, "logo": null, "date": "2020-11-21T13:30:00-05:00", "start": "13:30", "duration": "00:50", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-18-fireside-talk-cheating-in-games", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/A8MWCN/", "title": "Fireside Talk: Cheating in games", "subtitle": "", "track": "Offensive", "type": "Regular talk", "language": "en", "abstract": "This fireside talk will propose an open discussion from both an offensive and defensive perspective on the topic of Game Cheating. When i joined back the Entertainment industry from the Financial one, i found there's alot of similarities in both the motivation and techniques used.\r\n\r\nMarc-Andr\u00e9 B\u00e9langer will be joined by Manfred, a long term hacker of games, to discuss multiple aspect of cheating in games. From motivation to industrialisation of cheats. \r\n\r\nA Vice article is available at: https://www.vice.com/en_us/article/59p7qd/this-man-has-survived-by-hacking-mmo-online-games\r\nAlso his latest Blackhat talk: https://www.youtube.com/watch?v=QOfroRgBgo0", "description": "I've selected offensive track, but this is both an offensive and defensive perspective on the issue.\r\n\r\nAgain this is a FireSide chat, we'll exchange on a series of topics as it relates to cheating. \r\n\r\nManfred made alot of money exploiting games over the years, his experience is really valuable to develop attacker profiles.\r\n\r\nMarc-Andr\u00e9 is a long term security professional that worked in retail, banking and in the Entertainment industry. Also been a long term Hackfest attendee and speaker.\r\n\r\nWe all looking forward to this interesting Blue vs Red discussion", "recording_license": "", "do_not_record": false, "persons": [{"code": "RYNKKT", "name": "Marc-Andr\u00e9 B\u00e9langer", "avatar": null, "biography": "Long term Hackfest attendee and speaker. Security professional since the gold rush of 2000. I've worked in the reatil, banking and entertainment industries.", "public_name": "Marc-Andr\u00e9 B\u00e9langer", "guid": "f9435859-8c0a-5ef0-8b3b-d579b8dd13d2", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/RYNKKT/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/A8MWCN/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/A8MWCN/", "attachments": []}, {"guid": "b28a9435-e36f-5bf5-b98b-4f7f4637500a", "code": "BYPLNE", "id": 30, "logo": null, "date": "2020-11-21T14:30:00-05:00", "start": "14:30", "duration": "02:00", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-30-advanced-fuzzing-workshop", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/BYPLNE/", "title": "Advanced fuzzing workshop", "subtitle": "", "track": "Offensive", "type": "Workshop", "language": "en", "abstract": "In this workshop, I will cover some advanced fuzzing techniques and tricks for finding bugs in real modern software. I will show you how to improve your fuzzing workflow, using a methodology that can be easily applied to your software projects.\r\n\r\nThe workshop has a practical orientation so that attendees get a chance to learn by themselves and use their acquired knowledge. The format of the workshop will be a CTF (Capture-the-flag).\r\n\r\nI will also show real vulnerabilities that I have found during the last year, as well as how I've used fuzzing to find them. Such bugs will serve as starting point for the rest of the workshop.\r\n\r\nThe CFT phase will be divided into **3 challenges**:\r\n\r\n- **Challenge 1**: a review of the basic concepts\r\n- **Challenge 2**: focused on Network fuzzing\r\n- **Challenge 3**: focused on Custom mutators\r\n\r\nI will give participants some hints and tips before and during each challenge. After each challenge, I will give participants a possible solution and I will explain it to them. In this way, participants will go through a learning-by-doing process\r\n\r\nIt's a medium-advanced level workshop, so previously knowledge about fuzzing and bug hunting is required.", "description": "### WorkShop URL\r\nhttps://github.com/antonio-morales/Hackfest_Advanced_Fuzzing_Workshop\r\n\r\n### Telegram Group\r\nIf you haven't already joined, it's time to do it: https://t.me/joinchat/CdbD2UVzGlW2j6yQizL5Yw\r\n\r\nYou will need it to use it to send me your questions & solutions\r\n\r\n\r\n### Prerequisites\r\n- Basic knowledge of fuzzing\r\n- Working knowledge of C programming\r\n- Command-line basics\r\n- Bug hunting experience is desirable\r\n\r\n### Agenda\r\nI will cover different fuzzing topics, including the following:\r\n\r\n- Sanitizers (ASAN, UBSAN, MSAN, etc.)\r\n- Custom coverage and efficient instrumentation\r\n- Dictionaries optimization\r\n- Dealing with checksums, ciphers, and other monsters\r\n- Structure-aware fuzzing & Custom Mutators\r\n- Domain-specific feedback (FuzzFactory)\r\n- Parallel fuzzing and Mutation scheduling\r\n\r\n### Who should attend?\r\n- Bug hunters who don't make ends meet\r\n- Pentesters tired of using Burp and Nessus\r\n- Developers that want to know more about the dark side\r\n- Anyone wishing to improve their skills of fuzzing or with an interest in how to find vulnerabilities in real software projects.\r\n\r\n### Technical Requirements\r\nA laptop capable of connecting to the internet\r\n\r\n### Tools required\r\nNothing special. A virtual machine image will be provided a few days before the workshop\r\n\r\n### Level\r\nMedium-advanced\r\n\r\n### Why this workshop?\r\nI think there are not many free workshops about finding vulnerabilities and fuzzing (almost all out there are expensive paid workshops)\r\nI will also cover some fuzzing topics that are novel (such as Domain-specific feedback and External event monitoring).\r\n\r\n### Bio\r\nAntonio Morales works as a security researcher at GitHub, whose primary mission is to help improve Open Source project's security. Antonio's interests include fuzzing, code analysis, exploit development and C/C++ security.", "recording_license": "", "do_not_record": false, "persons": [{"code": "ADA7S7", "name": "Antonio Morales", "avatar": "https://cfp.hackfest.ca/media/MiFoto.png", "biography": "Antonio Morales works as a security researcher at GitHub Security Lab, whose primary mission is to help improve Open Source project's security. Antonio's interests include fuzzing, code analysis, exploit development and C/C++ security.\r\n\r\nTwitter: @Nosoynadiemas", "public_name": "Antonio Morales", "guid": "3bff8d3b-1aad-57f0-a3a0-5a61dbce5999", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/ADA7S7/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/BYPLNE/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/BYPLNE/", "attachments": []}, {"guid": "98a87d2d-1000-5b42-9edb-ee2951197f84", "code": "V7K8P3", "id": 62, "logo": null, "date": "2020-11-21T17:40:00-05:00", "start": "17:40", "duration": "00:50", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-62-ctf-ceremony", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/V7K8P3/", "title": "CTF Ceremony", "subtitle": "", "track": "Offensive", "type": "Regular talk", "language": "fr", "abstract": "CTFs Winners will be announced\r\nLes gagnants CTFs seront annonc\u00e9s", "description": "Discussion is in French, but slides will be in English!", "recording_license": "", "do_not_record": false, "persons": [{"code": "9DU9EQ", "name": "Franck - CTF Lead", "avatar": null, "biography": null, "public_name": "Franck - CTF Lead", "guid": "2108ab70-7ca3-59ea-958c-5dc10546a767", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/9DU9EQ/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/V7K8P3/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/V7K8P3/", "attachments": []}, {"guid": "5bbc2836-6ab8-5b8c-8499-cc94a4975459", "code": "SVHMJD", "id": 57, "logo": "https://cfp.hackfest.ca/media/hackfest-2020/images/SVHMJD/logo-360x360_3Qep6mO.png", "date": "2020-11-21T19:00:00-05:00", "start": "19:00", "duration": "02:00", "room": "Hackfest - Sponsor room (and workshops)", "slug": "hackfest-2020-57-podcast-la-french-connection-live", "url": "https://cfp.hackfest.ca/hackfest-2020/talk/SVHMJD/", "title": "Podcast - La French Connection - LIVE", "subtitle": "", "track": null, "type": "Workshop", "language": "fr", "abstract": "Joignez-vous \u00e0 nous pour cette tradition annuel du Podcast en direct lors de la 2e soir\u00e9e du Hackfest! \r\nOpinions, actualit\u00e9s, poutine et assur\u00e9ment quelques d\u00e9rapages seront au rendez-vous pour discuter de tout ce qui entour la s\u00e9curit\u00e9 de l'information!", "description": "La French Connetion (https://securite.fm)\r\n\r\nRejoignez-nous ici en direct le samedi 21 novembre \u00e0 19h00 EST\r\nYouTube URL: [https://www.youtube.com/watch?v=QjtgbFGYr10](https://www.youtube.com/watch?v=QjtgbFGYr10)\r\n\r\nSujets couverts:\r\n- Retour sur le Hackfest 2020\r\n- Retour 2020: Covid - Attaques - Cyber + g\u00e9o/politique - ...\r\n- Give me ransomware, loads of ransomware\r\n- Politique de cybers\u00e9curit\u00e9 du gouvernement du Qu\u00e9bec\r\n- Nouvelles infosec\r\n- Recrutement en s\u00e9curit\u00e9 informatique\r\n- Comment d\u00e9buter en s\u00e9curit\u00e9 informatique\r\n- Et plus encore!", "recording_license": "", "do_not_record": false, "persons": [{"code": "N97AYA", "name": "Patrick", "avatar": "https://cfp.hackfest.ca/media/avatars/8eb0426d30d99270f5da888b3b81fbda_23ZWfVg.jpg", "biography": "- Cofondateur du Hackfest\r\n- Offensive Security Lead at LogMeIn", "public_name": "Patrick", "guid": "99f747e0-c80a-5867-98fc-ed3f403ff50d", "url": "https://cfp.hackfest.ca/hackfest-2020/speaker/N97AYA/"}], "links": [], "feedback_url": "https://cfp.hackfest.ca/hackfest-2020/talk/SVHMJD/feedback/", "origin_url": "https://cfp.hackfest.ca/hackfest-2020/talk/SVHMJD/", "attachments": []}]}}]}}}