Category Archives: hackercons

ShmooCon 2015

Once again I made it to ShmooCon, and once again I didn’t make it to most of the talks I wanted to. Instead I valued talking with people. Caught up with some amazing friends/acquaintances to hear the fun things they’re working on. Also met some new people! A few of them whose first hacker-con was this very ShmooCon. It’s amazing what you can learn just by hanging out in the chill-out room, hotel-bar, lobby, and the various room-parties.

If I met you this past weekend at shmoo, and you want to follow up on anything we discussed please leave comment here or email me at (

Talks I did make:

httpscreenshot – A Tool for Both Teams – Steve Breen and Justin Kennedy

httpscreenshot is a tool developed internally over the past year and a half. It has become one of our go to tools for the reconnaissance phase of every penetration test. The tool itself takes a list of addresses, domains, URLs, and visits each in a browser, parses SSL certificates to add new hosts, and captures a screenshot/HTML of the browser instance. Similar tools exist but none met our needs with regards to speed (threaded), features (JavaScript support, SSL auto detection and certificate scraping), and reliability.

Check httpscreenshot out on github. This looks like a very useful project, might look into using it in the future.

No Budget Threat Intelligence: Tracking Malware Campaigns on the Cheap – Andrew Morris 

In this talk, I’ll be discussing my experience developing intelligence-gathering capabilities to track several different independent groups of threat actors on a very limited budget (read: virtually no budget whatsoever). I’ll discuss discovering the groups using open source intelligence gathering and honeypots, monitoring attacks, collecting and analyzing malware artifacts to figure out what their capabilities are, and reverse engineering their malware to develop the capability to track their targets in real time. Finally, I’ll chat about defensive strategies and provide recommendations for enterprise security analysts and other security researchers. I’ll also be releasing a suite of tools I created to help threat researchers perform tracking and attribution.

Andrew is someone who I first met at NovaHackers, and when I first met him I thought “This is someone to keep an eye on, he’s going to be doing some pretty awesome things”. Well Andrew, you have!
This talk had specific interest to me as one of my own projects is kinda about doing threat-Intel cheaply.


Firetalks an event put on by @grecs of NovaInfosec. It’s a great event and I highly recommend attending. They’re short talks on people neat-projects/ideas, right to the good info with out a bunch of unneeded filler talk. My thoughts on each in sub-bullets
Watch the talks on here

  • 6:30: “Opening” by @grecs
  • 6:35: “PlagueScanner: An Open Source Multiple AV Scanner Framework” by Robert Simmons (@MalwareUtkonos)
    • Really interesting project frame work to use multiple AV Scanners.
    • the plague scanner website is not showing anything atm
    • has a mostly empty git-hub page
    • But very worth to keep an eye on.
  • 6:55: “I Hunt Sys Admins” by Will Schroeder (@harmj0y)
    • Overview of a bunch of useful windows tools
    • and how he uses them
    • …I don’t do much windows stuff, but this talk is useful if you pop mircosoft things
  • 7:15: “Collaborative Scanning with Minions – Sharing is Caring” by Justin Warner (@sixdub)
    • this project is just awesome, and something i might look into for sshranking
    • check it out on github
    • scan all the things!
  • 7:35: “Chronicles of a Malware Hunter” by Tony Robinson (@da_667)
  • 7:55: “SSH-Ranking” by Justin Brand (@moo_pronto)
    • ….my talk *hides*  it’s about sshranking
    • I’ve not actually watched the recording yet…
    • I’ll be doing some research on how to give a better presentation
  • 8:15: “Resource Public Key Infrastructure” by Andrew Gallo (@akg1330)
    • Disclaimer, I was in a bit of a ‘oh god what just happened’ while watching this talk
      • …my talk was the first talk I’ve given
    • He brings up a LOT of really good points about how IP addressing is handled
    • If you’re at all interested in how the Internet works(and how it’s broken) watch this

Parties: this year I didn’t do the normal loud crazy parties, but instead went to ‘social gathering’ parties. I Was invited to REDLattice party, was promised good discussion and free beer. They delivered on both, if you get a chance to, go check them out in the future shmoocons to talk to some great people they invite. Also found myself at the #MexiCon party put on by ViciousData (they also sponsored shmoocon epilogue). Was also able to have some really fun and interesting conversations there.

People: Was able to put a lot of faces-to-names this year from irc/twitter folk, that’s always awesome. Though chances are if we meet again, you’ll have to remind me (I’m horrible at remembering names/faces, I remember things/events).
Unfortunately I also meant to meet up with a lot of people who were also there, but we missed each other :(   oh well, there’s always the next hackercon!

Added some stickers to my tablet case!

tabletstickers(anyone remember what that red bird is a logo for?)

Anyways, see you all next hackercon!

Shmoocon 2014 slides I’ve found

 Still being updated

Friday, January 17, 2014
Time One Track Mind
1230 Registration Opens
1430 Opening Remarks, Rumblings, and RantsBruce Potter
Attacker Ghost Stories: Mostly Free Defenses That Give Attackers Nightmares
Mubix “Rob” Fuller
The Evolution of Linux Kernel Module Signing
Rebecca “.bx” Shapiro
How Hackers for Charity (Possibly) Saved Me a Lot of Money
Branden Miller and Emily Miller
CCTV: Setup, Attack Vectors, and Laws
Joshua Schroeder and Spencer Brooks
Security Analytics: Less Hype, More Data
Aaron Gee-Clough
Dissipation of Hackers in the Enterprise
1830 Keynote AddressPrivacy Online: What Now?Ian Goldberg
1945 Fire Talks
Saturday, January 18, 2014
Time Build It! Belay It! Bring it On!
0930 Registration Opens
Genuinely “Trusted Computing:” Free and Open Hardware Security Modules
Ryan Lackey

Introducing DARPA’s Cyber Grand Challenge
Mike Walker

Technology Law Issues for Security Professionals
Shannon Brown
Malicious Threats, Vulnerabilities, and Defenses in WhatsApp and Mobile Instant Messaging Platforms
Jaime Sanchez and Pablo San Emeterio

Unambiguous Encapsulation – Separating Data and Signaling
Dominic Spill and Michael Ossmann

I Found a Thing and You Can (Should) Too: ISP’s Unauthenticated SOAP Service = Find (Almost) All The Things!
Nicholas Popovich
SafeCurves: Choosing Safe Curves for Elliptic-Curve Cryptography
Daniel J. Bernstein and Tanja Lange

A Critical Review of Spatial Analysis
David Giametta and Andrew Potter

Arms Race: The Story of (In)-Secure Bootloaders
Lee Harrison and Kang Li
1300 Lunch Break
Controlling USB Flash Drive Controllers: Expose of Hidden Features
Richard Harman

Data Whales and Troll Tears: Beat the Odds in InfoSec
Davi Ottenheimer and Allison Miller

Syncing Mentorship Between Winners And Beginners
Tarah Wheeler Van Vlack and Liz Dahlstrom
0wn the Con
The Shmoo Group

Operationalizing Threat Information Sharing: Beyond Policies and Platitudes
Sean Barnum and Aharon Chernin

The NSA: Capabilities and Countermeasures
Bruce Schneier
AV Evasion With the Veil Framework
Christopher Truncer, Will Schroeder, and Michael Wright

The “Science of Cyber” and the Next Generation of Security Tools
Paulo Shakarian

How to Train your Snapdragon: Exploring Power Frameworks on Android
Josh “m0nk” Thomas
ADD — Complicating Memory Forensics Through Memory Disarray
Jake Williams and Alissa Torres

Timing-Based Attestation: Sexy Defense, or the Sexiest?
Xeno Kovah, Corey Kallenberg, and John Butterworth

LTE vs. Darwin
Hendrik Schmidt and Brian Butterly
1815 Fire Talks
2015 Saturday Night Party @ The Hilton, International Center Ballroom
Paul and StormDJs: Keith Meyers, Zack Fasel, and Erin Jacobs
Sunday, January 19, 2014
Time Build It! Belay It! Bring it On!
0930 Registration Opens
An Open and Affordable USB Man in the Middle Device
Dominic Spill

“How I Met Your Mother” or The Brief and Secret History of Bletchley Park and How They Invented Cryptography and the Computer Age
Benjamin Gatti

Malicious Online Activities Related to the 2012 U.S. General Election
Joshua Franklin, Robert Tarlecki, Matthew Jablonski, and Dr. Damon McCoy
unROP: A Tool for In-Memory ROP Exploitation Detection and Traceback
Kang Li, Xiaoning Li, and Lee Harrison

Raising Costs for Your Attackers Instead of Your CFO
Aaron Beuhring and Kyle Salous

Vehicle Forensics – The Data Beyond the Dashboard
Courtney Lancaster
Introducing idb – Simplified Blackbox iOS App Pentesting
Daniel A. Mayer

Practical Applications of Data Science in Detection
Mike Sconzo and Brian Wylie

You Don’t Have the Evidence
Scott Moulton
1300 Room Split Break
1330 Closing PlenaryLarge Scale Network and Application ScanningBruce Potter (moderator), Robert David Graham, Paul McMillan, Dan Tentler, and Alejandro Caceres
1430 Closing Remarks