Difference between revisions of "OWASP EEE Russia Event 2015 Agenda"

From OWASP
Jump to: navigation, search
Line 23: Line 23:
  
 
| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://twitter.com/zackhimself Zakaria Rachid] <br>
 
| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://twitter.com/zackhimself Zakaria Rachid] <br>
| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | Description TBD.<br>
+
| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | This talk is about hacking connected kiosks and objects that populate our daily life. A previous version talk was presented in France at La Nuit Du hack 2k14 with limit diffusion in France. New attack vectors and critical infrastructures have made there appearance, and some of the old ones are more developed with of course new screenshots/video of the PoC. The defensive chapter is also more thick, thanks to some new runs i made around Europe. Finally, the talk will be more mature, depicting a semblance of methodology and filled with iamthecavalry material.<br>
 
 
 
|-
 
|-
 
| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 15:40 - 16:00<br>(20 mins)
 
| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 15:40 - 16:00<br>(20 mins)

Revision as of 06:37, 22 September 2015


Conference agenda

Time Title Speaker Description
13:30 - 14:00
(30 mins)
Registration
14:00 - 14:45
(45 mins)
One day at product security team Taras Ivaschenko Description TBD
14:50 - 15:35
(45 mins)
Give me a stable input and I'll p0wn the planet
Zakaria Rachid
This talk is about hacking connected kiosks and objects that populate our daily life. A previous version talk was presented in France at La Nuit Du hack 2k14 with limit diffusion in France. New attack vectors and critical infrastructures have made there appearance, and some of the old ones are more developed with of course new screenshots/video of the PoC. The defensive chapter is also more thick, thanks to some new runs i made around Europe. Finally, the talk will be more mature, depicting a semblance of methodology and filled with iamthecavalry material.
15:40 - 16:00
(20 mins)
Lunch/Coffee Break
16:00 - 16:45
(45 mins)
Bugs -> max; time <= T Omar Ganiev The talk will cover some tips, tricks and tools for rapid web application security assessment (black and white box). They are useful in various situtations: pentest with very limited time or huge scope, competition, bugbounty program, etc. We'll go through minimal set of tests, that should be performed, and shortest paths to pwning the app.
16:50 - 17:35
(45 mins)
Mysql OOB injection. Can I surprise you? Ivan Novikov Description TBD.