Security conferences – Survival guide 2017 Q2

As we promised, the security conferences “Survival guide” for 2017 Q2 is here!
We have gathered the following information for you for each conference:

  • Dates
  • Place
  • Link to official conference website
  • Ticket price
  • Lectures
  • Workshops

So let’s get started:

Security conferences – Survival guide part 2

Infiltrate

  • Dates: 6-7 April 2017
  • Place: Fontainebleau Miami,Florida US
  • Link to official conference website: http://infiltratecon.com/
  • Ticket price: 2400$
  • Lectures:
    1. Logic Bug Hunting in Chrome on Android by Georgi Geshev and Robert Miller
    2. 802.11 Protocol Chaos by Andres Blanco
    3. Sierra Had a Little Lamb: A Userland Kit for MacOS by Stephanie Archibald
    4. Be a Binary Rockstar: Next-level Static Analysis For Vulnerability Research by Sophia d’Antoine, Peter LaFosse and Rusty Wagner
    5. Forget Enumerating a Network, Hack the SIEM and Win the War by John Grigg
    6. Did I hear a shell popping in your baseband? by Ralf-Phillip Weinmann
    7. COM in Sixty Seconds! (well minutes more likely) by James Forshaw
    8. BugID – Automated Bug Analysis by Berend-Jan Wever
    9. Remotely Compromising a Modern iOS Device by Marco Grassi and Liang Chen
    10. Cloud Post Exploitation Techniques by Andrew Johnson and Sacha Faust
    11. The Shadow Over Android: Heap Exploitation Assistance for Android’s libc allocator by Vasilis Tsaousoglou and Patroklos Argyroudis
    12. Hunting for Vulnerabilities in Signal by Jean-Philippe Aumasson and Markus Vervier
  • Workshops:
    1. Web Hacking Language Review (Taught Remotely via WebEx)
    2. Web Hacking
    3. Wide Open To Interpretation
    4. Click Here For Ring0
    5. Master Track: Applied Cryptanalysis
    6. Master Track: Kernel Exploitation

HITBSecConf

  • Dates: 10-14 April 2017
  • Place: NH Grand Krasnapolsky, Amsterdam
  • Link to official conference website: http://conference.hitb.org/hitbsecconf2017ams/
  • Ticket price: Starting at €1,199
  • Lectures:
    1. Redefining Defense by Saumil Shah
    2. Breaking the Fourth Wall: Hacking Customer Information Control System by Ayoub Elaassal
    3. Femtocell Hacking: From Zero to Zero Day by JeongHoon Shin
    4. HITB Lab: Introduction to Windows Logical Privilege Escalation by James Forshaw
    5. We Broke all CSPs and You Won’t Believe What Happened Next! by Michele Spagnuolo and Lukas Weichselbaum
    6. Can’t Touch This: Cloning Any Android HCE Contactless Card by Slawomir Jasek
    7. A New RISC by Don Bailey
    8. The Secret of ChakraCore: 10 Ways to Go Beyond the Edge by Linan Hao and Long Liu
    9. HITB Lab: Unbridled HIDIOcy by Steve Lord
    10. Drammer: The Making-Of by Victor van der Veen
    11. Using MBAE to Disable MBAE and Subvert ASLR/DEP by Abdulellah Alsaheel
    12. Harnessing Intel Processor Trace on Windows for Vulnerability Discovery by Richard Johnson
    13. ShadowBox: The Practical and Omnipotent Sandbox by Seunghun Han
    14. HITB Lab: Analyzing Malicious Office Documents by Didier Stevens
    15. I Got 99 Trends and a # is All of Them! How We Found Over 100 RCE Vulnerabilities in Trend Micro Software by Steven Seeley and Roberto Suggi Liverani
    16. Most Impressive: A Guide to Key Impressioning Attacks by Jos Weyers
    17. Everybody Wants SOME: Advance Same Origin Method Execution by Ben Hayak
    18. Chasing Cars: Keyless Entry System Attacks by Yingtao Zeng, Qing Yang and Jun Li
    19. HITB Lab: Practical Machine Learning in InfoSecurity by Clarence Chio and Anto Joseph
    20. Extracting All Your Secrets: Vulnerabilities in Android Password Managers by Stephan Huber, Steven Arzt and Siegfried Rasthofer
    21. The Best Laid Schemes: Attacking URL Schemes by Yu Hong
    22. Hunting For Vulnerabilities in Signal by Markus Vervier
    23. An Attack-in-Depth Analysis of Multicast DNS and DNS Service Discovery by Antonios Atlasis
    24. HITB Lab: Blue Picking: Hacking Bluetooth Smart Locks by Slawomir Jasek
    25. OverSight: Exposing Spies on macOS by Patrick Wardle
    26. Bypassing Memory Mitigations Using Data-Only Exploitation Techniques (Part II) by Bing Sun and Chong Xu
    27. Heads Up: Bootstrapping Systems with Open Source Firmware by Trammell Hudson
    28. Is There a Doctor in The House? Hacking Medical Devices and Healthcare Infrastructure by Anirudh Duggal
  • Workshops:
    1. ICS/SCADA Security
    2. The ARM Exploit Laboratory
    3. Mastering Burp Suite Pro: 100% Hands-On
    4. Advanced Malware Analysis: Combating Exploit Kits
    5. Threat Intelligence Using Maltego
    6. Practical IoT Hacking
    7. Linux Kernel Exploitation Techniques


x33fcon

  • Dates: 27-28 April 2017
  • Place: Pomeranian Science and Technology Park, Gdynia, Poland
  • Link to official conference website: https://www.x33fcon.com/
  • Ticket price: starting at 190 EUR +
  • Lectures:
    1. Dirty Little Secrets They Didn’t Teach You In Purple Team Class by Rob Fuller (aka mubix)
    2. Billions and Billions of Logs; Oh My by Jack Crook
    3. PowerShell for Practical Purple Teaming by Nikhil Mittal
    4. Upping your Bug hunting skills using symbolic virtual machines! by Anto Joseph
    5. In Cyber trenches, stories from firing range by Maciej Kotowicz (aka mak)
    6. Toppling the Stack: Outlier Detection for Threat Hunters by David J. Bianco
    7. Red teaming in Poland – test cases by Borys Łącki
    8. The Covert Cupid Under .11 Veil by Rushikesh D. Nandedkar
    9. Where Cypherpunk Meets Organized Crime by Benjamin Brown
    10. Enhancing your threat Simulation: How to look less like a pentester and more like a threat actor – A Defender’s perspective by Aaron Wade
    11. Invoke-CradleCrafter: Moar PowerShell obFUsk8tion & Detection (@(‘Tech’,’niques’) -Join ‘’) by Daniel Bohannon
    12. Weaponizing the USB Armory by Yashin Mehaboobe
  • Workshops:
    1. Mobile Application Exploitation (iOS & Android) by Prateek Gianchandani
    2. Offensive PowerShell for Red and Blue Teams by Nikhil Mittal
    3. Metasploit Basics – Extended Edition by mubix & carnal0wnage
    4. Web Application Security – Attack and Defence by LogicalTrust
    5. Windows Kernel Exploitation by Ashfaq Ansari
    6. Ghost in Networks (network forensics) by Himanshu Anand
    7. POWER Class by Mikkel Gudsøe & Klaus Hoffbeck

CODEGATE

  • Dates: 11-13 April 2017
  • Place: Dongdaemun Design Plaza(DDP), Seoul, South Korea
  • Link to official conference website: http://www.codegate.org/en/
  • Ticket price: unpublished
  • Lectures: unpublished
  • Workshops: unpublished

Atlantic Security Conference (ATLSECCON)

  • Dates: 27-28 April 2017
  • Place: Halifax, Nova Scotia, Canada
  • Link to official conference website: https://atlseccon.com/
  • Ticket price: ~130$
  • Lectures: unpublished
  • Workshops: unpublished

VXCON

  • Dates: 28-30 April 2017
  • Place: TheHUB, Hong Kong
  • Link to official conference website: http://www.vxcon.hk/
  • Ticket price: unpublished
  • Lectures: unpublished
  • Workshops: unpublished

OPCDE_2017

  • Dates: 26-27 April 2017
  • Place: The Emirates Towers, Dubai
  • Link to official conference website: http://www.opcde.com/
  • Ticket price: ~400$
  • Lectures:
    1. BugId – automated bug analysis by Berend-Jan “SkyLined” Wever
    2. The Blackbox of DPAPI: the gift that keeps on giving by Bartosz Inglot
    3. Transforming Open Source to Open Access in Closed Applications: Finding Vulnerabilities in Adobe Reader’s XSLT Engine by Brian Gorence, Jasiel Spelman and Abdul-Aziz Hariri
    4. From mimikatz to kekeo, passing by new Microsoft security technologies by Benjamin “gentilkiwi” Delpy
    5. Agentless Post Exploitation on Device Guarded Systems by Christopher Truncer
    6. Security Research and Development with LLVM by Andrew Reiter
    7. Supply Chainsaw: Practical software supply chain attacks by Matt Weeks
    8. Hacking wireless SCADA systems by Elena Feldman
    9. Exploring Your System Deeper by Oleksandr Bazhaniuk
  • Workshops: unpublished

Wahckon

  • Dates: 6-7 May 2017
  • Place: State Library of Western Australia, Northbridge, Perth, Australia
  • Link to official conference website: https://www.wahckon.org.au/
  • Ticket price: ~60$
  • Lectures: unpublished
  • Workshops: unpublished

Positive Hack Days

  • Dates: 23-24 May 2017
  • Place: Krasnopresnenskaya nab., 12, Centr Mezhdunarodnoy Torgovli, Moscow, Russia
  • Link to official conference website: http://www.phdays.com/
  • Ticket price: ~130$
  • Lectures: unpublished
  • Workshops: unpublished

THOTCON

  • Dates: 4-5 May 2017
  • Place: Chicago, Illinois, USA
  • Link to official conference website: http://thotcon.org/
  • Ticket price: Sold Out
  • Lectures: unpublished

North Sec

  • Dates: 18-19 May 2017
  • Place: Montreal, QC, Canada
  • Link to official conference website: https://www.nsec.io/
  • Ticket price: starting at ~270$
  • Lectures:
    1. KEYNOTE: Playing Through the Pain: The Impact of Dark Knowledge and Secrets on Security and Intelligence Professionals by Richard Thieme
    2. Hack Microsoft Using Microsoft Signed Binaries by Pierre-Alexandre Braeken
    3. Attacking Linux/Moose Unraveled an Ego Market by Masarah Paquet-Clouston and Olivier Bilodeau
    4. BearSSL: SSL For all Things by Thomas Pornin
    5. Hacking POS PoS Systems by Jackson Thuraisamy and Jason Tran
    6. Backslash Powered Scanning: Implementing Human Intuition by James Kettle
    7. Don’t Kill My Cat by Charles F. Hamilton
    8. Stupid RedTeamer Tricks by Laurent Desaulniers
    9. Murder Mystery – How Vulnerability Intelligence is Poisoning your Information Security Program by Gordon MacKay
  • Workshops:
    1. Introduction to Assembly Language and Shellcoding by Charles F. Hamilton
    2. Automating Detection, Investigation and Mitigation with LimaCharlie by Maxime Lamothe-Brassard
    3. Script Engine Hacking For Fun And Profit by Jean-Marc Le Blanc and Israël Hallé
    4. Cracking Custom Encryption – An Intuitive Approach to Uncovering Malware’s Protected Data by Pavel Asinovsky and Magal Baz
    5. Building and Breaking Windows Device Guard by Matt Graeber and Casey Smith

RuhrSec

  • Dates: 4-5 May 2017
  • Place: Bochum University, Bochum, Germany
  • Link to official conference website: https://www.ruhrsec.de/2017/
  • Ticket price: Starting at ~330$
  • Lectures:
    1. Keynote: How to Build Hardware Trojansby Prof. Dr. Christof Paar
    2. Rowhammer Attacks: A Walkthrough Guide by Dr. Clémentine Maurice and Daniel Gruss
    3. Using microarchitectural design to break KASLR and more by Anders Fogh
    4. Teach a man to phish and you feed him for a lifetime by Armin Buescher
    5. Five years of Android security research: The good, the bad, the ugly by Dr. Sven Bugiel
    6. A new categorization system for Side-channel attacks on mobile devices & more by Dr. Veelasha Moonsamy
    7. The (In)Security of Autmotive Remote Keyless Entry Systems (revisited) by Dr. David Oswald
    8. Keynote 2: Applied Crypto by Prof Dr. Kenny Paterson
    9. Breaking PPTP VPNs via RADIUS Encryption by Prof. Dr. Tibor Jager
    10. Breaking and Fixing a Cryptocurrency by Martin Grothe
    11. Black-box security analysis of state machine implementations by Dr. Joeri de Ruiter
    12. Advanced SSL/TLS Deployment Strategies by Frederik Braun
    13. Secrets of the Google Vulnerability Reward Program by Krzysztof Kotowicz
    14. How to Hack Your Printer by Jens Müller
  • Workshops: unpublished

CARO 2017

  • Dates: 11-12 May 2017
  • Place: Qubus Hotel Kraków, Krakow, Poland
  • Link to official conference website: https://2017.caro.org/
  • Ticket price: Starting at ~650$
  • Lectures: unpublished
  • Workshops: unpublished

You Sh0t The Sheriff

  • Dates: 22 May 2017
  • Place: Sao Paulo, Brazil
  • Link to official conference website: https://www.ysts.org/
  • Ticket price: unpublished
  • Lectures: unpublished
  • Workshops: unpublished

Syscan360

  • Dates: 30-31 May 2017
  • Place: Four Seasons Hotel Seattle, USA
  • Link to official conference website: https://www.syscan360.org/
  • Ticket price: unpublished
  • Lectures: unpublished
  • Workshops: unpublished

NOPcon

  • Dates: 11 May 2017
  • Place: İstanbul Sanayi Odası Vakfı – Sakıp Sabancı Konferans Salonu, Istanbul, Turkey
  • Link to official conference website: http://www.nopcon.org/
  • Ticket price: unpublished
  • Lectures: unpublished
  • Workshops: unpublished

Confidence

  • Dates: 18-19 May 2017
  • Place: Forum Hotel, Krakow, Poland
  • Link to official conference website: http://2017.confidence.org.pl/
  • Ticket price: ~180$
  • Lectures: unpublished
  • Workshops: unpublished

WARCON

  • Dates: 2-3 June 2017
  • Place: Warsaw, Poland
  • Link to official conference website: http://warcon.pl/
  • Ticket price: unpublished
  • Lectures: unpublished
  • Workshops: unpublished

HACK IN PARIS

  • Dates: 19-23 June 2017
  • Place: Disney’s Newport Bay Club Convention Center, Paris, France
  • Link to official conference website: https://www.hackinparis.com/
  • Ticket price: unpublished
  • Lectures: unpublished
  • Workshops: unpublished

REcon

  • Dates: 16-18 June 2017
  • Place: Hyatt Regency Montreal, Canada
  • Link to official conference website: https://recon.cx/2017/montreal/
  • Ticket price: unpublished
  • Lectures: unpublished
  • Workshops: unpublished

That’s it guys – and “May the odds be ever in your favor”!
If you know any other security conferences – contact us via ssd[]beyondsecurity.com and we will update the list.