Mar 1, 2018

BruCON 0x0A CFP/CFT Announcement

This is the Call for Papers (CFP) for talks and workshops and Call for Training (CFT) for the 10th edition of BruCON. We are celebrating our 10th anniversary and are therefore adding an additional conference day!

On the off chance you don't know BruCON (where have you been?). This year we host a 3-day Security and Hacking Conference full of interesting presentations, workshops and security challenges for about 600 attendees. BruCON is an open-minded gathering of people discussing computer security, privacy, and information technology. The conference tries to build bridges between the various actors active in the computer security world including (but not limited to) hackers, security professionals, security communities, non-profit organisations, CERTs, students, law enforcement agencies, and many more. Next to the conference we offer several world-class, deep-dive mostly offensive technical training courses given by the most recognised experts with huge industry experience in their domain! These training sessions take place twice a year, Spring Training takes places on 18, 19 and 20th of April 2018 (Registration and line-up here) and conference training tracks are on 1, 2 and 3rd October 2018. Our slogan is "Hacking for Beer" of which you'll find plenty during and after the conference.

The conference will be held in Ghent on 3, 4 and 5th of October 2018. The training sessions will be held from 1st until 3rd of October 2018 (all courses start on the 1st!).

[CONFERENCE]
Topics of interest for the conference include, but are not limited to :
  • Electronic/Digital Privacy
  • IoT Security
  • Wireless Network and Security
  • Attacks on Information Systems and/or Digital Information Storage
  • Web Application and Web Services Security
  • Lockpicking & physical security
  • Honeypots/Honeynets
  • Spyware, Phishing and Botnets (Distributed attacks)
  • Hardware hacking, embedded systems and other electronic devices
  • Mobile devices exploitation, Symbian, P2K and bluetooth technologies
  • Electronic Voting
  • Vulnerability research and disclosure
  • Free Software and Security
  • Legal and Social Aspect of Information Security
  • Software Engineering and Security
  • Security in Information Retrieval
  • Security aspects in SCADA, industrial environments and "obscure" networks
  • Forensics and Anti-Forensics
  • Mobile communications security and vulnerabilities
  • Information warfare and industrial espionage
  • Social Engineering
  • Virtualisation Security
  • ...
[ICS/IOT Village]
The ICS/IOT Village is a dedicated area where attendees with a relative "safe" environment to learn more about the (in)security of technologies that you are less likely to encounter on a day-to-day basis such as industrial control systems, electronic voting devices, etc.

Just like previous years we host the Village in a dedicated area where you can immersive yourself in technologies related to: 
  • Automotive security
  • Electronic voting
  • Embedded circuits
  • Hardware hacking
  • Industrial control systems or simply buzzword "SCADA"
  • Radio frequency and other wireless networks
  • (Industrial) IoT
  • etc. 
[Submission formats]
Possible formats are:
  • 1hr talk
  • 2hr workshop (preferably hands on)
  • 4hr workshop (preferably hands on)
If you want to get an idea about the atmosphere at BruCON, check out the previous talks on our Youtube channel

[TRAINING]
Please take into account the following guidelines : 
  • BruCON hosts predominantly offensive technical security training sessions. We don't have any specific focus areas for now, so please submit any training you deem interesting !
  • Training should be either 2 or 3 days.
  • You are allowed to submit multiple training suggestions, however please specify if they can be hosted simultaneously.
  • If you have additional hardware that need to be taken into account, please specify including the additional costs.
If you submit a training, please include, at minimum, the following information : 
  • Description
  • Course content
  • Target audience
  • Level (Beginner, Advanced, Expert)
  • Trainer(s) Biography
  • Hosted before? If so, where and when
Possible formats are:
  • 2-day training (1100 € Early-bird / 1200 € Regular)
  • 3-day training (1400 € Early-bird / 1500 € Regular)

[SUBMISSION GUIDELINES]
Submissions will contain as much detail as possible and will be written in English.
We use EasyChair to collect and review talk, workshop and training proposals.
You will submit your proposal online: https://www.easychair.org/conferences/?conf=brucon0x0a
Your submission will contain at least the following details:
  • Your name
  • Where do you live (country)
  • How to reach you
  • The title of your talk/workshop/training, including type [talk|2h workshop|4h workshop|2 day training|3 day training]
  • General Track or ICS/IOT Village Track
  • An abstract of your talk/workshop/training, including a brief biography
  • A number of keywords to characterise your submission
  • Whether you submitted and/or presented this proposal at other conferences, and which
  • Additionally you are encouraged to include, in plain text or PDF format, supporting materials such as slide decks, white papers, curriculum, prerequisites for talk/workshop/training, outline,...
Our speaker treatment hasn't changed since the first year. You're our guest and we will do anything to make your stay and experience as enjoyable as possible. This includes helping you with travel and accommodation and providing ample opportunities to sample the best of whatever Belgium has to offer. You know what we're talking about so ... submit now!

This CFP closes on April 30th 2018 at midnight CET -- CFP feedback will be sent before May 30th 2018. All accepted talks and workshops will be published before June 15th 2018.

Small print: We do not accept product or vendor related pitches. If your presentation involves an advertisement for a new product or service your company is offering, please do not submit. Also, we do not accept presentations submitted by a third party including (but not limited to) company representatives, management bureau's, etc. BruCON presentations should be focused on topics that are of interest to security and technology professionals who are paying attention to current trends and issues. We want BruCON to be educational and entertaining to the attendees and the community. 

Dec 15, 2017

BruCON 0x0A Spring Training open for registration

Right on time for your Christmas shopping, we bring you the BruCON 0x0A Spring training track (18-20 April 2018). Early-bird registration till the 12th of January ! 

The line-up! : 
  • Corelan Bootcamp by Peter Van Eeckhoutte (3-day training) - Once again we bring you Corelan ! One of the best exploit development courses available, now in our spring training track. Prepare yourself for 3 long days (+10 hours/day) of intensive exploit development ! Lunch and dinner are included and, as always enough coffee to keep you going!
  • Active Directory attacks for Red and Blue Teams by Nikhil Mittal (3-day training) - This training is aimed towards attacking modern AD Environment using built-in tools like PowerShell and other trusted OS resources. The training is based on real world penetration tests and Red Team engagements for highly secured environments.
  • Assessing and Exploiting Control Systems and IIoT by Justin Searle (3-day training) - This is not your traditional SCADA/ICS/IIoT security course! How many courses send you home with a $500 kit including your own PLC and a set of hardware/RF hacking tools?!?
  • Open Source Defensive Security Training by Leszek Miś (3-day training) - Open Source Defensive Security Training is an Open Source IT Security laboratory dedicated for professionals who need close the gaps in Linux & Open Source Security knowledge.
  • Wireshark and Lua programming by Didier Stevens (2-day training) - Our regular trainer Didier Stevens will host again this class to master to teach you to Wireshark and Lua programming !
  • Xtreme MobileApp Exploitation by Anto Joseph (3-day training) - Xtreme MobileApp Exploitation training is a 3 days fast paced training in which attendees will get to work on real world vulnerable applications with no - source code and learn to finding high severity bugs .

The training location will be Novotel Ghent Centrum.

All training details and registration links can be found on the BruCON training pages (link)

your BruCON team.

Oct 30, 2017

BruCON 0x0A Spring Training - Call For Training

BruCON 0x09 is over and we had a great time hosting the training, workshops and conference and we are working hard on making our 10th edition even better! The 0x0A Spring Training edition will take place on 18, 19 and 20th of April 2018 and we are once again looking for some great training courses. 

We have the following guidelines for you: 
  • BruCON hosts predominantly offensive technical security training sessions. We don't have any specific focus areas for now, so please submit any training you deem interesting !
  • Training should be either 2 or 3 days with a preference for the latter.
  • You are allowed to submit multiple training suggestions, however please specify if they can be hosted simultaneously.
  • If you have additional hardware that need to be taken into account, please specify including the additional costs.
If you submit a training, please include, at minimum, the following information : 
  • Description
  • Course content
  • Target audience
  • Trainer biography
  • Hosted before ? If so, where and when
Our prices for training courses are :
  • 2-day trainings - 1100€ (Early-bird) / 1200€ (Regular) *
  • 3-day trainings - 1400€ (Early-bird) / 1500€ (Regular) *
* Not taking into account any additional hardware which might be included.
We have a 50% profit split in place between the trainer and us. If you have any particular question or you would like us to work out a concrete example, don't hesitate to reach out!

The deadline for you submissions is Wednesday 22nd November COB (GMT+1). You can submit per mail to training@brucon.org. You will receive an acknowledgement that your submission has been well received. 

Please also use this address if you have any questions.

Kind regards

The BruCON Training crew

Oct 6, 2017

BruCON 0x0A - Who do you want to see at the 10th edition of BruCON ?

Next year (2018), the 10th edition of BruCON takes place and to celebrate this, we want to do something special. In honour of this edition, we will let you select which talks of the last 9 editions you liked the most.

We will invite the top 7 speakers to present their original talk (with some additional slides showing what has changed since) on the first day of the 3-day 10th edition of BruCON (First week of October 2018).

But what is in it for you? Next to picking your preferred talks and seeing the evolution of the last 9 years, you can also win some awesome prizes! After specifying your choices on the survey website, you can provide your email address. Out of the people who responded to the survey (and who specified their contact details obviously), we will randomly select 5 people who can win one of the following prizes: 
  1. All expenses paid trip to BruCON 0x0A (Travel and accommodation) for two persons (VIP Package)
  2. One free training for one of the courses hosted at BruCON 0x0A
  3. Free admission to BruCON 0x0A including all goodies AND a free drinks bracelet for conference and party
  4. Free admission to BruCON 0x0A including all goodies
  5. - 10. Free admission to BruCON 0x0A

You can find an overview of all talks, the slides and recordings (if available) here
The slides can be found here

The survey itself can be found here

We will close this survey November 30th 2017 !

Oct 4, 2017

Mentor/Mentee initiative

On Thursday October 5th 2017 we are launching the Mentor/Mentee initiative, sponsored by Google.
With this initiative we want to provide a stepping stone for people who are new to the infosec community. 
During this event you can choose to be a Mentor or a Mentee or even both.

Mentors are typically seasoned professionals, having done quite some miles on the professional infosec road, and are willing to provide advice to the Mentees. 
This advice can vary from Mentee to Mentee, but could include: which training should I follow, what are key messages you can give based on personal experience, how do I get to know new people, whom to follow on Twitter, general advice to survive in this industry, to help with presenations and much more.
Mentees, can be people who are fairly new to the security scene, or a willing to receive advice from more seasoned professionals.

We all started at some point in time within this industry, and we have all had our challenges. With this programme we want to close this gap and create a stronger bond between 
seasoned professionals and people new to the industry. The Mentor/Mentee programme is a initiative that can vary in duration. For some this might be a one-off event, but for others this
might create a bond with a mentor that will last. 

Please join us from 19 (7 PM) until 21 (9 PM) at the Novotel Bar. Be sure to use the mentor / mentee stickers to indicate the role you want to play.

Aug 16, 2017

Introducing "The Legends of Ghent" - BruCON 2017 CTF

For our 9th edition, we bring you a very special CTF. Hosted by Wim Remes, Chris Nickerson, Deviant Ollam and DualCore !

The CTF takes you on a historic trip through the rich history of one of the most beautiful cities in Belgium. The LoG CTF can be played by individuals, or teams of all proficiency levels and will contain a mix of technical, logical, and physical challenges. While the challenges during the day will test your limits, you will have to stay on your toes as you solve challenge after challenge. When the conference ends, we will take you on a 60 minute real life physical and technical challenge course somewhere in Ghent where you will leverage all the clues you gathered during the day.

Players are expected to have access to a laptop computer with internet access. In order to solve logical and physical challenges, all necessary basic tools will be provided but players are encouraged to be creative in order to find other solutions to the challenges.

Day : Thursday, October 5th
Start : After the first keynote

Aug 10, 2017

Workshop registration procedure

BruCONers,

We would like to inform you that the workshop registrations will open on the 1st of September 2017. (2017-09-01) at 13:00 UTC+2 (Europe/Brussels time).


Please note:
- The registrations are a first come first serve
- You will not be able to register before the opening date (2017-09-01)
-- Any registration made before the opening date (2017-09-01), will be removed :)
- To register, follow this link: http://sched.brucon.org
- You might see that all the workshops appear as full. This is normal, the registration will open on the 1st of September (2017-09-01)
- To preview how to register to the workshop, follow this link: http://2017.brucon.org/index.php/Workshop_Registration

We're looking forward to seeing you there!

BruCON