Jun 28, 2016

BruCON 0x08 Trainings information

We are proud to present to you our program for the 2016 BruCON 0x08 Training (24-26 October)

The line-up! : 

  • Offensive PowerShell for Red and Blue Teams by Nikhil Mittal (3-day training) - In this course, you'll learn how to attack Windows network using PowerShell, based on real world penetration tests. The course runs on a lab network to which attendees will have Free access for one month after the training. The class consists of hands-on, challenges and demonstrations.
  • Windows Kernel Exploitation by Ashfaq Ansari (3-day training) - In this 3-day training course, you'll learn to fuzz Windows Kernel Mode driver and find vulnerabilities. You'll be taken from basics of Windows Architecture, it's Kernel and introduction to different software vulnerabilities along with their exploitation in Kernel mode. These 3 days will be full of hands-on, kernel debugging and WinDbg-Fu.
  • Assessing and Exploiting Control Systems by Justin Searle (3-day training) - This is not your traditional SCADA/ICS/IoT security course! How many courses send you home with your own PLC and a set of hardware/RF hacking tools?!? In this 3-day version of the course, you will receive all six days worth of slides.
  • Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more by Dawid Czagan (2-day training) - Have you ever thought of hacking web applications for fun and profit? How about playing with authentic, award-winning security bugs identified in some of the greatest companies? If that sounds interesting, join this unique two-day hands-on training!
  • Attacking with Excel by Didier Stevens (2-day training) - In this training, our resident trainer Didier will teach you how to use Microsoft Office for offensive security. Performing a port scan, injecting and execute shellcode or even loading your own DLL's without touching the disk, only by using the Excel process !
  • Hardware hacking training with Hardsploit by Julien Moinard (2-day training) - Tired of watching hardware products getting hacked every day without having your part of fun ? Don't worry it will not be the case anymore! This training teaches you hardware hacking in its most pragmatic aspects by using both theory and practice (hands-on). It follows a simple (but efficient) training methodology based on a "Discover / Analyze / Attack & Protect" guideline that can be applied to any kind of hardware product (Internet of Insecure Things included). Each student will receive a Hardsploit hardware hacking tool, with a value of 250 euros.

Registrations will be opened on the 1st of July. Early-bird registration till the 1st of August!
The training location will be Novotel Ghent Centrum.

All training details and registration links can be found on the BruCON training pages (link)

your BruCON team.

Jun 21, 2016

Brucon 0x08 Talks and Workshops

It's taken us a bit of time and some hard deliberation, but here are your talks and workshops for Brucon 0x08 !!

Firstly we'd like to thank everyone who took the time to submit. We had some truly awesome talks and workshops submitted and it was difficult to whittle it down to the final list.

So without further ado...


  • "Building a Successful Internal Adversarial Simulation Team" - Chris Nickerson and Chris Gates
  • "What Does the Perfect Door or Padlock Look Like?" - Deviant Ollam
  • "New Adventures in Active Defense, Offensive Countermeasures and Hacking Back" - John Strand
  • "NO EASY BREACH:Challenges and Lessons Learned from an Epic Investigation" - Matthew Dunwoody and Nicholas Carr
  • "Decepticon The Rise and Evolution of an Intelligent Evil Twin…!!!" - Rushikesh Nandedkar, Amrita Iyer and Krishnakant Patil
  • "Hello to the Dark Side: Understanding YOUR Adversaries without All Those Expensive Threat Intel Tools" - L. Grecs
  • "Security through design - Making security better by designing for people" - Jelle Niemantsverdriet
  • "Esoteric Web Application Vulnerabilities" - Andres Riancho
  • "Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To) D""e`Tec`T 'Th'+'em'" - Daniel Bohannon
  • "Virtual Terminals, POS Security and becoming a billionaire overnight" - Grigorios Fragkos
  • "Hacking KPN: Lessons from the trenches" - Jeremy Goldstein and Bouke van Laethem
  • "Scraping leaky browsers for fun and passwords" - Stefaan Truijen, Adrian Toma and Arne Swinnen
  • "Smart Sheriff, Dumb Idea. The wild west of government assisted parenting" - Abraham Aranguren, Fabian Fäßler and Abraham Aranguren
  • Talk title incoming...listen to "Last Writes" at full volume in the mean time - Dual Core


  • "The Control Things Workshop" - Justin Searle
  • "Hacking The Enterprise" - Eden Froemming and Wim Remes
  • "Hello Friend: Creating a Threat Intelligence Capability" - Rebekah Brown and Scott J Roberts
  • "Brewcon" - Chris Lytle
  • "Hunting Malware with osquery at scale" - Nick Anderson, Sereyvathana Ty and Javier Marcos
  • "Analyzing Malicious Office Documents" - Didier Stevens
  • "Incident Response Workshop" - Maxim Deweerdt and Erik Van Buggenhout
  • "Crowdsourced Malware Triage: Making Sense of Malware With a Browser and a Notepad" - Sergei Frankoff and Sean Wilson
  • "How to securely build your own IoT enabling embedded systems: from design to execution and assessment" - Jens Devloo, Jean-Georges Valle and Vito Rallo
  • "802.11 Leakage: How passive interception leads to active exploitation: I now know where you live, work, and play, and oh btw, I have also MiTM'd your smart phone and laptop" - Solomon Sonya and Solomon Sonya
  • "Putting a lock around your containers with Docker Security Primitives" - Nils De Moor
  • "Visual Network and File Forensics using Rudra" - Ankur Tyagi

We will be publishing more detailed information on each of the talks in the coming weeks.
The training program will be announced soon ! 

In the mean time, we will be working on getting tickets ready for purchase.

Looking forward to seeing everyone in Ghent in October !!

BruCON Crew