Technology
HACK IN PARIS 2019 - Cyber Security Conference
June 16th to 20th 2019, PARIS
HACK IN PARIS 2019 - Intro Winn SCHWARTAU (Source: © Ruby BIRD & Yasmina BEDDOU)
USPA NEWS -
Intrusion attempts are more and more frequent and sophisticated, regardless of their target (state or corporation). In this context, international hacking events are multiplying. A few events took place in France but until now, no one had covered hacking practices with a technical approach including both professional training and information aspects... Hack In Paris aims at filling this gap.
Intrusion attempts are more and more frequent and sophisticated, regardless of their target (state or corporation). In this context, international hacking events are multiplying. A few events took place in France but until now, no one had covered hacking practices with a technical approach including both professional training and information aspects... Hack In Paris aims at filling this gap.
This 5-day Corporate Event (exclusively in English) was held for the ninth time in France, at the La Maison de la Chimie. Hack In Paris attendees discovered / rediscover the Realities of Hacking, and its Consequences for Companies. The Program was including State of the Art IT Security, Industrial Espionage, Penetration Testing, Physical Security, Forensics, Malware Analysis Techniques and Countermeasures.
** Trainings : June 16th to 18th, three days of trainings by security officers (CISOs, CIOs) and technical experts.
** Talks : June 19th & 20th, two days of talks given by international speakers and technical experts.
** Trainings : June 16th to 18th, three days of trainings by security officers (CISOs, CIOs) and technical experts.
** Talks : June 19th & 20th, two days of talks given by international speakers and technical experts.
TALKS : Schedule
- Day 1 - June 19
* Welcoming speech (Winn Schwartau)
* Social Forensication: A Multidisciplinary Approach to Successful Social Engineering (Joe Gray)
* Cracking the Perimeter with SharpShooter (Dominic Chell)
* DPAPI and DPAPI-NG: Decrypting All Users´ Secrets and PFX Passwords (Paula Januszkiewicz)
* whoami /priv - show me your privileges and I will lead you to SYSTEM (andrea pierini)
* Introduction to IoT Reverse Engineering with an example on a home router (Valerio Di Giampietro)
* Who watches the watchmen? Adventures in red team infrastructure herding and blue team OPSEC failures (Mark Bergman , Marc Smeets)
* BMS is destroyed by "smart button" (Egor Litvinov)
* Hacker Jeopardy in Paris (Winn Schwartau)
- Day 1 - June 19
* Welcoming speech (Winn Schwartau)
* Social Forensication: A Multidisciplinary Approach to Successful Social Engineering (Joe Gray)
* Cracking the Perimeter with SharpShooter (Dominic Chell)
* DPAPI and DPAPI-NG: Decrypting All Users´ Secrets and PFX Passwords (Paula Januszkiewicz)
* whoami /priv - show me your privileges and I will lead you to SYSTEM (andrea pierini)
* Introduction to IoT Reverse Engineering with an example on a home router (Valerio Di Giampietro)
* Who watches the watchmen? Adventures in red team infrastructure herding and blue team OPSEC failures (Mark Bergman , Marc Smeets)
* BMS is destroyed by "smart button" (Egor Litvinov)
* Hacker Jeopardy in Paris (Winn Schwartau)
- Day 2 - June 20
* All your GPS Trackers belong to US (Chaouki Kasmi , Pierre Barre)
* Exploits in Wetware (Robert Sell)
* You « try » to detect mimikatz (Vincent Le Toux)
* IronPython... OMFG (Marcello Salvati)
* Sneaking Past Device Guard (Philip Tsukerman)
* Using Machines to exploit Machines - harnessing AI to accelerate exploitation (Guy Barnhart-Magen , Ezra Caltum)
* Abusing Google Play Billing for fun and unlimited credits! (Guillaume Lopes)
* RHme3: Hacking through failure (Ben Gardiner , Colin DeWinter , Jonathan Beverley)
* In NTDLL I Trust - Process Reimaging and Endpoint Security Solution Bypass (Eoin Carroll)
* All your GPS Trackers belong to US (Chaouki Kasmi , Pierre Barre)
* Exploits in Wetware (Robert Sell)
* You « try » to detect mimikatz (Vincent Le Toux)
* IronPython... OMFG (Marcello Salvati)
* Sneaking Past Device Guard (Philip Tsukerman)
* Using Machines to exploit Machines - harnessing AI to accelerate exploitation (Guy Barnhart-Magen , Ezra Caltum)
* Abusing Google Play Billing for fun and unlimited credits! (Guillaume Lopes)
* RHme3: Hacking through failure (Ben Gardiner , Colin DeWinter , Jonathan Beverley)
* In NTDLL I Trust - Process Reimaging and Endpoint Security Solution Bypass (Eoin Carroll)
WORKSHOPS
- Can signal extraction from openxc with radare2 (June 19 & June 20 am) with Ben Gardiner
- Document-based malware forensic and analysis (June 19 & June 20 am) with Ali Abdollahi
- Hacking AWS (June 19 & June 20 pm) with Pawel Rzepa
- Quickstart: RouterOS jailbreaking and security research (June 19 am & June 20 am) with Kirils Solovjovs
- A 45min practical introduction to Bluetooth Low Energy (June 19 am & June 20 pm) with Slawomir Jasek
- Cracking Mifare Classic on the cheap (June 19 am & June 20 pm) with Slawomir Jasek
- Advanced XXE Exploitation (June 19 pm & June 20 pm) with Philippe Arteau
- IoT & Operational Technology Devices Hacks through RF (June 19 pm & June 20 pm) with Himanshu Mehta, Harshit Agrawal
- Break into a digitally protected house (June 19 & June 20) with Sysdream Team
- Introduction to the basic tools and techniques of intrusion testing (June 20) with Sysdream Team
- Can signal extraction from openxc with radare2 (June 19 & June 20 am) with Ben Gardiner
- Document-based malware forensic and analysis (June 19 & June 20 am) with Ali Abdollahi
- Hacking AWS (June 19 & June 20 pm) with Pawel Rzepa
- Quickstart: RouterOS jailbreaking and security research (June 19 am & June 20 am) with Kirils Solovjovs
- A 45min practical introduction to Bluetooth Low Energy (June 19 am & June 20 pm) with Slawomir Jasek
- Cracking Mifare Classic on the cheap (June 19 am & June 20 pm) with Slawomir Jasek
- Advanced XXE Exploitation (June 19 pm & June 20 pm) with Philippe Arteau
- IoT & Operational Technology Devices Hacks through RF (June 19 pm & June 20 pm) with Himanshu Mehta, Harshit Agrawal
- Break into a digitally protected house (June 19 & June 20) with Sysdream Team
- Introduction to the basic tools and techniques of intrusion testing (June 20) with Sysdream Team
Computer intrusions occur when someone tries to gain access to any part of your computer system. Computer intruders or hackers typically use automated computer programs when they try to compromise a computer´s security. There are several ways an intruder can try to gain access to your computer. They can: Access your computer to view, change, or delete information on your computer - Crash or slow down your computer - Access your private data by examining the files on your system - Use your computer to access other computers on the Internet. Intrusion prevention is a preemptive approach to network security used to identify potential threats and respond to them swiftly. Like an intrusion detection system (IDS), an intrusion prevention system (IPS) monitors network traffic. However, because an exploit may be carried out very quickly after the attacker gains access, intrusion prevention systems also have the ability to take immediate action, based on a set of rules established by the network administrator.
TRAINING : June 16 - June 18, 2019
- Pentesting Industrial Control Systems (3 days) with Arnaud Soullié
- Corelan “ADVANCED“ (3 days) with Peter Van Eeckhoutte
- Masterclass: Hacking and Securing Windows Infrastructure (3 days) with Mike Jankowski-Lorek
- Masterclass: System Forensics and Incident Handling (3 days) with Paula Januszkiewicz
- Hacking IPv6 Networks v5.0 (3 days) with Fernando Gont
- Practical IoT Hacking (3 days) with Arun Magesh, Aseem Jakhar
- Advanced Web Hacking (3 days) with NotSoSecure
- RCE and analysis-aware techniques in Windows programs (2 days) with Ricardo J. Rodríguez
- Attacking and securing BLE and NFC/RFID devices based on smart locks and access control systems (2 days) with Slawomir Jasek
- Windows Post-Exploitation Subverting the Core (2 days) with Ruben Boonen
- Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation (2 days) with Dawid Czagan
- Mobile Hacking Training (2 days) with Guillaume Lopes, Davy Douhine
- Pentesting Industrial Control Systems (3 days) with Arnaud Soullié
- Corelan “ADVANCED“ (3 days) with Peter Van Eeckhoutte
- Masterclass: Hacking and Securing Windows Infrastructure (3 days) with Mike Jankowski-Lorek
- Masterclass: System Forensics and Incident Handling (3 days) with Paula Januszkiewicz
- Hacking IPv6 Networks v5.0 (3 days) with Fernando Gont
- Practical IoT Hacking (3 days) with Arun Magesh, Aseem Jakhar
- Advanced Web Hacking (3 days) with NotSoSecure
- RCE and analysis-aware techniques in Windows programs (2 days) with Ricardo J. Rodríguez
- Attacking and securing BLE and NFC/RFID devices based on smart locks and access control systems (2 days) with Slawomir Jasek
- Windows Post-Exploitation Subverting the Core (2 days) with Ruben Boonen
- Bug Hunting Millionaire: Mastering Web Attacks with Full-Stack Exploitation (2 days) with Dawid Czagan
- Mobile Hacking Training (2 days) with Guillaume Lopes, Davy Douhine
Source : Hack in Paris 2019 - Cyber Security Conference @ Maison de la Chimie (Paris-France) - June 16th to 20th 2019
Ruby BIRD
http://www.portfolio.uspa24.com/
Yasmina BEDDOU
http://www.yasmina-beddou.uspa24.com/
Ruby BIRD
http://www.portfolio.uspa24.com/
Yasmina BEDDOU
http://www.yasmina-beddou.uspa24.com/
Ruby Bird Yasmina Beddou Hack In Paris 2019 Conference Intrusion Target State Corporation June 16th To 20th 2019 Hacking Practices Technical Approach
Liability for this article lies with the author, who also holds the copyright. Editorial content from USPA may be quoted on other websites as long as the quote comprises no more than 5% of the entire text, is marked as such and the source is named (via hyperlink).