$RU$

 #RU#

 @RU@

0x7DC

0x7DD

0x7DE

0x7DF

25-26.11.15

 $RU$

 #RU#

 @RU@

0x7DC

0x7DD

0x7DE

0x7DF

25-26.11.15

Speakers

 


Rodrigo Rubira Branco

Rodrigo Rubira Branco (BSDaemon) works as Principal Security Researcher at Intel Corporation and is the Founder of the Dissect || PE Malware Analysis Project. Held positions as Director of Vulnerability & Malware Research at Qualys and as Chief Security Research at Check Point where he founded the Vulnerability Discovery Team (VDT) and released dozens of vulnerabilities in many important software. In 2011 he was honored as one of the top contributors to Adobe Vulnerabilities in the past 12 months. Previous to that, he worked as Senior Vulnerability Researcher in COSEINC, as Principal Security Researcher at Scanit and as Staff Software Engineer in the IBM Advanced Linux Response Team (ALRT) also working in the IBM Toolchain (Debugging) Team for PowerPC Architecture. He is a member of the RISE Security Group and is the organizer of Hackers to Hackers Conference (H2HC), the oldest and biggest security research conference in Latin America. He is an active contributor to open-source projects (like ebizzy, linux kernel, others). Accepted speaker in lots of security and open-source related events as H2HC, Black Hat, Hack in The Box, XCon, VNSecurity, OLS, Defcon, Hackito, Ekoparty, Troopers and others.

A praise for hackers (keynote)

Jeremy Brown

Jeremy Brown is a security researcher focused on application security, largely involved in vulnerability research and development. He has gained extensive software security experience working at a large software company for several years on various projects including exploit mitigations, scalable fuzzing and kernel security. Other interests include static analysis, penetration testing and all things fascinating in the field of computer security.

Hacking virtual appliances

Browser Fuzzing with a Twist (and a Shake)


Matteo Beccaro

  • Matteo Beccaro is a young security researcher.
  • His interest focus on WiFi networks, networking and NFC implementations.
  • He finished high school studies in July 2013 and actually he is a student at Politecnico di Torino in Computer Engineering course.
  • He has been selected as speaker at DEFCON21, 30C3, BlackHat US Arsenal, DEFCON22's Skytalks and BlackHat EU 2014 and Tetcon, for his research in vulnerabilities of NFC transport systems.
  • Since 2013 he is also an external security consultant at Secure Network s.r.l.
  • Since 2015 he is also technical leader of the Security Research Team of OPFOR, a physical security firm.
Matteo Collura

Matteo Collura is a student of Electronics Engineering at Politecnico di Torino. He has been studying Wireless networks and in the last few years he focused on NFC and Bluetooth. He presented the results of a progressive work of research at several conferences: DEFCON 21 (Las Vegas, 2013), 30C3 (Hamburg 2013), DEFCON Skytalks (Las Vegas, 2014), BlackHat USA 2014 Arsenal (Las Vegas), DEFCON23 (Las Vegas, 2015). Currently he is studying Bluetooth protocols and their implementations. He is focusing also on NLP and social skills.

Extracting the painful (Blue)tooth

George Nosenko

Works as a vulnerability researcher and reverse engineer at Digital Security.
Interested in computer security and low-level Assembler programming since school. Was around for the good old clean DOS and is still in love with it.
Graduated from Petersburg State Transport University where he studied Automated Systems Information Security. Worked as a system programmer to develop unauthorized access prevention systems, with varying results.
After spending several hundred hours debugging kernel mode code, George was mentally traumatized enough to proclaim himself the universal master of debugging and to stop trusting his own brain. This is his favorite excuse for his commitment to precise mathematical methods, including SMT.

Cisco IOS shellcode – all-in-one

Nikolaj Schlej

28 y. o., meddling with UEFI since 2011, known as CodeRush on the Net, author of UEFITool, M. Sc. Computer Science.

Fix it yourself: resolving UEFI vulnerabilities single-handedly

Jakub Kaluzny

Jakub is a Senior IT Security Consultant at SecuRing and performs penetration tests of high-risk applications, systems and devices. He was a speaker at many international conferences: OWASP AppSec EU, PHdays, CONFidence, HackInTheBox AMS, BlackHat Asia as well at local security events. Previously working for European Space Agency and internet payments intermediary. Apart from testing applications, he digs into proprietary network protocols, embedded devices and other enterprise solutions.

Big problems with big data – Hadoop interfaces security

Alfonso De Gregorio

Alfonso De Gregorio is a security technologist, founder of BeeWise, the first information security prediction market, and Principal Consultant at secYOUre. He started his career in information security in the late 1990s. Since then he never stopped contributing his little share to the discussion and practice of security engineering. Among the positions held, he served as Chief Security Architect at an HSM vendor, Expert at European Commission, and Visiting Scholar at the Computer Security and Industrial Cryptography (COSIC) research group, K.U. Leuven. In his career as a public speaker, Alfonso addressed a wide range of audiences across the globe, including industry executives, academics, security practitioners, and hackers, speaking about security economics, software security, intelligence support systems, cryptography engineering, cryptographic backdooring. Alfonso researches solutions for building cybersecurity incentives, tweets @secYOUre, and generally does not speak of himself in the third person.

illusoryTLS: Nobody But Us Impersonate, Tamper, and Exploit

Marina Krotofil

Marina is Senior Security Consultant at European Network for CyberSecurity. She has a vast hands-on engineering experience in several fields. Most recently she completed her doctoral degree in ICS security at Hamburg University of Technology, Germany. Marina has maintained her practical and industry-oriented research focus through collaborations with several industrial partners, white-hat hackers and participation in EU projects. She is the author of the Damn Vulnerable Chemical Process framework – an open-source platform for cyber-physical security experimentation based on the realistic models of chemical plants. Marina has written more than a dozen of papers on cyber-physical exploitation and defense and fundamentals of secure control. She gives workshops on cyber-physical exploitation and is a frequent speaker at the leading ICS security venues. She holds an MBA in Technology Management, MSc in Telecommunications, MSc in Information and Communication Systems.

Hack like a movie star: Step-by-step guide to crafting SCADA payloads for physical attacks with catastrophic consequences

Ole André Vadla Ravnås

Creator of Frida. Security Researcher at NowSecure. Polyglot hacker passionate about reverse-engineering and dynamic instrumentation. Once upon a time a die-hard Linux user who found himself reverse-engineering the proprietary video codec used by Windows Live Messenger for webcam conversations. The result was released as libmimic back in 2005, and this was his gateway drug to the world of reversing.

Cross-platform reversing with Frida

Alexander Bolshev

Infosec auditor at Digital Security, Ph. D. “Another man in a dubious-color hat”. Hates web hacking. Primarily engaged in the research of distributed systems security; also does hardware hacking, ICS, and a little of everything else.
Boris Ryutin

Boris (@dukebarman) graduated from the Baltic State Technical University "Voenmeh", faculty of rocket and space technology, and is currently a postgraduate student there. Engineering analyst at Esage Lab. Recurring writer for the ][akep magazine, contributor and developer in several open-source information security projects. Was awarded in the Yandex bug bounty.

Practical exploitation of AVR MC-based devices

Alexander Ermolov

Researcher, reverser, infosec specialist, Digital Security employee. I dig low-level design, embedded subsystems security analysis, reversing BIOS (UEFI) and other firmwares. Delving into undocumented details is my favorite pastime.

Modifying the firmwares of industrial switches

Nikita Tarakanov

I am an independent information security researcher. I have worked as an IS researcher in Positive Technologies, Vupen Security, CISS. I like writing exploits, especially for Windows NT Kernel. I won the PHDays Hack2Own contest in 2011 and 2012. I tried to hack Google Chrome during Pwnium 2 but failed. I have published a few papers about kernel mode drivers and their exploitation. I am currently, engaged in reverse engineering research and vulnerability search automation.

Direct X – direct way to Microsoft Windows kernel

Ivan Yolkin

A technical expert in Application Security at Qiwi, a researcher of web and mobile technologies, and a full-stack developer who claims to write clean, comprehensible, and secure code.
Igor Bulatenko

Head of Application Security at Qiwi Group, formerly a developer of information security systems. Participated in several CTFs, both as a player and as a developer, with the Technopandas team. Fond of database security and automating everything.

Enlarge your Burp, or How to stop fearing Javadocs

Kirill Ermakov

Kirill (@isox_xx, “isox”) is the CISO of QIWI Group.
Started as common information security researcher of *nix, virtualization technologies and iOS in Positive Technologies.
Accidentally mutated to web application security expert and enterprise security architect. Permanent resident of multiple #bugbounty programs as a researcher.
Hacked ECU with Dmitry Sklyarov before it was mainstream.

Let’s play the game: One more way to perform a penetration test

Andrey Kovalev

Andrey Kovalev is a security analyst in Yandex LLC.
A postgraduate of Bauman Moscow State Technical University at Information security's faculty.
He researches the malicious code and it's detection methods. 
Likes reverse engineering, IDA Pro and asm.
Konstantin Otrashkevich

TBA
Evgeny Sidorov

Evgeny Sidorov graduated from the Institute of Cryptography, Telecommunications and Computer Science. Now he is a Product Security Engineer at Yandex Security Team. 

Fighting against a Flash 0-day: a hunt for a tainted vector

Alexander Matrosov

Alexander Matrosov has more than ten years of experience with malware analysis, reverse engineering, and advanced exploitation techniques. He is currently a senior security researcher in the Advanced Threat Research team at Intel Security Group. Prior to this role, he spent four years focused on advanced malware research at ESET. He is co-author of the numerous research papers, including Stuxnet Under the Microscope, The Evolution of TDL: Conquering x64, and 'Mind the Gapz: The Most Complex Bootkit Ever Analyzed?' Alexander is frequently invited to speak at security conferences, such as REcon, Ekoparty, ZeroNights, AVAR, CARO, and Virus Bulletin. Nowadays, he specializes in the comprehensive analysis of advanced threats, modern vectors of exploitation, and hardware security research.

Attacking hypervisors using firmware and hardware

Practical object-oriented code reverse engineering

Distributing the reconstruction of high-level intermediate representation for large scale malware analysis

Eugene Rodionov

Eugene Rodionov graduated with honours from the Information Security faculty of the Moscow Engineer-Physics Institute (State University) in 2009 and successfully defended his PhD thesis in 2012. He has worked over the past eight years for several companies, performing software development and malware analysis. He currently works at ESET, where he is involved into internal research projects and also performs in-depth analysis of complex threats. His interests include kernel-mode programming, anti-rootkit technologies and reverse engineering. Eugene has spoken at security conferences such as Black Hat, REcon, Zeronights and has co-authored numerous research papers.


Practical object-oriented code reverse engineering

Distributing the reconstruction of high-level intermediate representation for large scale malware analysis

Nikolaos Naziridis

Nick currently works in CENSUS S.A R&D department as an IT security researcher. His main interests are fuzzing, exploit development and vulnerability analysis. In his free time, he enjoys delving into the Linux kernel and coding.
Zisis Sialveras

Zisis is an IT security researcher from Greece. He works at CENSUS S.A. since 2013. His interests are memory allocators, reverse engineering and all things low-level. He has been involved in vulnerability research and exploit development during his studies as an electrical engineer.

Introducing Choronzon: an approach to knowledge-based evolutionary fuzzing

Georgi Geshev

Georgi is a security researcher for MWR InfoSecurity in the UK. Born in the Eastern Bloc, a true wannabe Aussie now, he appreciates roo steaks and golden ales. His main areas of interest include bug hunting, reverse engineering and network protocols. It is a well known fact that Georgi only knows about MQ technology.​

Warranty void if label removed – attacking MPLS networks

Sergey Shekyan

Sergey Shekyan is a Principal Engineer at Shape Security, where he focuses on the development of a new generation web security product. Prior to Shape Security, he spent 4 years at Qualys developing their on-demand web application vulnerability scanning service. Sergey has presented research at security conferences such as Hack in the Box, H2HC, PHDays, Black Hat, and AppSec USA, covering various information security topics. Sergey holds both a Master’s and Bachelor’s Degree in Computer Engineering from the State Engineering University of Armenia.

Getting the most out of CSP: a deep dive

Daniel (Jin Long 金龙)

Keen team security researcher, 5 years programming experience, 3 years security experience. Former TrendMicro employee, now focused on Windows security research at Keen Team.
Azure (Yang Jietao 杨杰韬)

Senior student at China University of Petroleum. Love pwning programs and devices. Currently intern at Keen Team focused mainly on sandbox bypasses.

Did you get your token?

Anton Kochkov

Anton Kochkov (xvilka) is a reverse-engineer and senior developer at Security Code. He is a participant of a great number of projects including radare2, coreboot, MEre, etc.
Anton's main area of interests lies in general concepts of reverse engineering: its automation and application against various devices firmware – from classical x86 UEFI to IOT and embedded.

ESIL – universal IL (Intermediate Language) for Radare2

Daniil Svetlov

Head of the information security department at Defence Industrial Bank.
Graduated from the National Research University – Higher School of Economics with bachelor's degree in Computer Engineering; currently continues education for Master’s degree programme at the same school, with focus on Information Security management. Daniil started his career as a Windows administrator, later on his interests moved to the field of security, networks and Linux.
Currently found himself in Linux and OpenSource projects in regard of information security.

Analyze it – assembling modern SIEM based on Open Source components for large-scale logs analysis

Alexandr Asimov

Graduated from Moscow State University, since 2010 is engaged in the research and development activities at Qrator Labs, focusing mainly on modeling the Internet topology and autonomous systems intercommunications.

The [Real] State of BGP Security

Artyom Gavrichenkov

Graduated from Moscow State University. Worked at MSU and HP, since 2010 is doing R&D in the area of traffic analysis and filtering at Qrator Labs.

The [Real] State of BGP Security

Ivan Novikov

Lead information security expert in Wallarm, CEO. Engaged in web application security since 2004, author of multiple researches. Awarded for finding vulnerabilities in Google, Facebook, Twitter, Nokia, and Yandex several times. Spoke at international conferences, such as BlackHat US, HITB AMS, ZeroNights, PHDays. Currently, actively develops the web application attack detection algorithms which are used in Wallarm WAF to protect complex highload projects.

Mathematical model of input validation vulnerabilities and attacks

Sergey Belov

Pentester at Digital Security, has been a speaker at numerous foreign and Russian conferences: ZeroNights, OWASP, BlackHat, HiP are among them.

Samsung SmartTV: how-to to creating insecure device in today’s world

Nikolai Klendar

Head of information security methodology department at Home Credit Finance Bank. In 2008 graduated from Bauman Moscow State Technical University with a degree in Technical Intelligence Countermeasures. Has interests in kitesurfing, snowboarding, machine learning and data analysis. Awarded with a certifecate Offensive Security Certified Expert.

Correlating security events with Esper

Eldar Zaitov

Lives in Saint-Petersburg, Application Security Engineer in Yandex.

Automation of web applications scanning: experience of Yandex

Alexey Levin

Leading information security specialist at BIFIT. He is into malicious applications researching, web- and mobile applications security, coding with Java and C++. At work he tells programmers how to write secure code and tries to write it himself. At home he loves to search for vulnerabilities in other client banks and writes exploits.

Banking Trojans: a look from the new perspective

Yuri Shabalin

Senior expert of information and business systems security department at Alfa-Bank. Formerly an engineer of corporate systems security at the research center of Positive Technologies.

Do-it-yourself banking SDL

Timur Yunusov

Senior expert at banking systems security department in Positive Technologies. Author of multiple researches in the field of application security. Has delivered talks at BlackHat EU, NoSuchCon, HackInParis, CanSecWest, Zero Nights and Positive Hack Days.

How to build your own Echelon system? Attacks at 3G modems.

Yegor Litvinov

Information security expert at Digital Security. Focuses on ICS and embedded devices security. For a long time have been working with ICS controllers, participated in smart house building projects.

KNX security or how to steal a skyscraper

Andrey Plastunov

Pentester at Digital Security. Enjoys breaking software and automating everything that gets into his hands.

S[c]rum is all around. How to stop continuous integration

Denis Kolegov

PhD in Technical Sciences, Assistant Professor of Information Protection and Cryptography department, Tomsk State University.

Hooked browser network based on BeEF and Google Drive

Oleg Broslavsky

4th year student of Information Protection and Cryptography department, Tomsk State University. CTF participant from SiBears team.

Hooked browser network based on BeEF and Google Drive

Nikita Oleksov

4th year student of Information Protection and Cryptography department, Tomsk State University. CTF participant from SiBears team.

Hooked browser network based on BeEF and Google Drive

Sergey Ignatov



Knowledge based approach for fast Internet resource discovery or Data Mining in the service of nmap.

Omar Ganiev



Knowledge based approach for fast Internet resource discovery or Data Mining in the service of nmap.

Mikhail Egorov

In 2009 graduated from Bauman Moscow State Technical University with a Masters Degree in Information Security. Is an independent researcher of information security and a programmer in Java and Python languages. He is focusing in vulnerability detection, fussing, reverse engineering, cryptography, web application and network security. Worked as information security consultant and software developer in different organizations, now works in Odin and has OSCP and CISSP certificates.

ORM2Pwn: exploiting injections in Hibernate


What should a hacker know about WebDav? Vulnerability review in WebDav implementations.


Sergey Soldatov

Bauman Moscow State Technical University graduate. For more than 10 years he is into paper and hands on information security, codes software in C and Pearl. Was a speaker at several technical and non-technical conferences, including Hack in the Box, Positive Hack Days, ZeroNights. Has OSCP and CISSP certificates.

ORM2Pwn: exploiting injections in Hibernate

Andrei Efimjuk

Founder and CEO at Tao Defense. Application Security Engineer in Wild Apricot. Has OSCP and CISSP certificates. Researches web application security, corporate networks and more. Worked with such organizations as Mail.ru, Kabest, Wimm-Bill-Dann.. Has considerable experience in pentesting and security analysis of various web applications, services and networks.

What should a hacker know about WebDav? Vulnerability review in WebDav implementations.

Michael Firstov

Since 11-12 years old he is interested in information security, first he spent time on major forums, and in 2012 he was employed at Positive Technologies. At ZeroNights 2012 he delivered a speech about mongodb bugs and vulnerabilities. He is currently working at HeadLight Security as a consulting and auditing department specialist.

Vulnerabilities in the software of Yota telecommunication equipment.

ValdikSS

Used to work with binary reversing, now deals mainly with web in Digital Security. His interests are networks and data transferring in general.

On the way to (wrong) anonymity. Basic techniques of digital contraception and private data hygiene.

Stay tuned for updates!