BSides Basingstoke 2022

Abstract TBC

—————————

Max is a senior vulnerability researcher at Interrupt Labs who focuses on targets such as browsers and virtualisation. He has also previously participated in the Pwn2Own hacking contest.

Ever wanted to know happens at a Security Operation Center (SOC) on a day-to-day basis? What does it take to be a Security Analyst? What is their career progression? Or even what a personified Emotet could look like? Join Danny Henderson, your Dungeon Master, as he shares the tale of a Security Analyst's life at a SOC. With the mixed aesthetics of Dungeons & Dragons and retro gaming, attendees will understand a demystified SOC Analyst's life and what adventures they typically encounter. There are even two Encounters, or cases, that the crowd can participate in.

—————————

After a 14-year career in U.S. public sector under various roles to include supporting Information Operations and Cyber Warfare, Danny now works at SecureWorks in Bucharest as an L3 SOC Analyst. His skillset includes digital forensics, threat intelligence, malware analysis, with small touch of Offensive Security. Outside of the Security field, Danny is working on a passion video game project as the Fearless Leader of the Sacred Star Team and is fond of fantasy tabletop games such as Dungeons and Dragons (D&D).

A method to find out a calling module names and function names (if exported) when hooking a PE in memory in order to weed out false positive hook hits. https://p4yl0ad.github.io/pages/a.html

—————————

A Security Consultant who likes all things Microsoft, enthusiasm for software development and software design.

My talk is on the basics of getting access to internal debug / TTY ports inside lumps of hardware. There will be a short overview of what it is and some ideas of how to find the ports and get useful data from them. No live demo for obvious reasons! Our target device is an old WiFi Access Point that runs Linux.

—————————

Paul has been hacking stuff since the mid 80's (yes the 8-bit days, 1200baud modem etc) – Asides from the day job as a pen-tester, Paul also enjoys mechanical engineering, hardware hacking, collecting 8-bit micros and craft beer / ale.

A practical hands on guided journey through the process of ethical hacking and security research. From picking a target, finding a vulnerability (live), developing the exploit, through to reporting the issues and gaining a CVE! Also covering the real work implications of how security research bleeds into working in a cyber security job.

—————————

My name is Thomas Cope and I am the Chief Product Security Officer at Qush Security. I've been working in the Cyber Security Space of about ~9 years with roles in SDLC, Pentesting, Cloud Security, DevSecops and Architecture. "Experienced Security Architect and Systems Engineer with a passion for designing, building and maintaining secure systems, processes and teams."

• MSc in Software and Systems Security (A Security Analysis of Computer Game Server Protocols)

• CISSP

• Part time Security Researcher (CVE-2020-5014 + CVE-2021-29707)

• https://tomcope.com/

• https://www.linkedin.com/in/copethomas

Google's SafetyNet root detection mechanism has been thought impossible to bypass since hardware attestation was implemented. Many apps refuse to execute on a rooted device, which makes a pentest's life difficult but also protects regular users. So what if this could be bypassed to make a device appear legitimate? This talk will discuss how SafetyNet works and demonstrate an attack vector inherent to the design of SafetyNet which (likely) cannot be patched. Sorry Google!

—————————

I am a security consultant specialising in mobile exploitation for both iOS and Android. You can always find me reverse engineering something, breaking another solution built to be 'impenetrable', or pushing the boundaries of what should be possible.

Using classic machine learning and malware analysis techniques we can build a machine learning classifier to identify malware off Android devices.

—————————

James Stevenson has been working in the programming and computer security industry for over 5 years. Most of that has been working as an Android software engineer and vulnerability researcher. Before this, James graduated with a BSc in computer security in 2017. James has previously published the book Android Software Internals Quick Reference, with Apress publishing in 2021. At the time of writing, James is a full-time security researcher, part-time Ph.D. student, and occasional conference speaker. Outside of Android internals, James’ research has also focused on offender profiling and cybercrime detection capabilities. For more information and contact details, visit https://JamesStevenson.me.

This talk is aimed at at both experienced red team operators, and those who are just looking to get their feet wet in the defense evasion space. In this talk I will cover everything from staged vs unstaged payloads and simple traffic encryption to userland unhooking and evading modern day solutions such as Sophos' Intercept X EDR, eventually popping the most l33t of shells, a meterpreter.

—————————

Jordan Jay, aka Legacyy, is a Cyber Security Consultant, HackTheBox moderator, and red team operator currently working at JUMPSEC. Alongside his professional experience in offensive security, he has placed competitively in many CTFs such as the Red Team Village CTF, HTB's Cyber Apocalypse, and Rapid7's Metasploit CTF.