Keynotes (50 Minutes)
- Cliff Stoll - "TBA"
- Bio: Although best known for his academy award winning films, Cliff Stoll is also celebrated for his recent address to the United Nations, his Pulitzer prize for investigative reporting, and his fourth quarter touchdown pass in last January's Superbowl.
Dr. Stoll has published extensively on quantum mechanical electromagnetic relativistic gauge theories and his best selling books have been translated into seventeen languages including Esperanto. For the past three years his original Broadway musical has played to standing room only crowds.
While Ambassador at large, his negotiations were instrumental in the release of several hostages. Stoll's application of Markov-chain models to global circulation resulted in vastly more accurate climatic predictions. His Nobel prize acceptance speech emphasized the unity of all mankind; his competition at Wimbledon demonstrated singular sportsmanship; his recent discoveries in alpha-site keratanose promise to reduce certain tumors. He has worked successfully to balance the Federal Budget, insure the longevity of the social security system, and settle border disputes in Uzbekistan, Uganda, and Uranus. He placed into the public domain his patents for holographic user interfaces, already the standard for post-telekinetic computing.
Prof. Stoll has cracked a KGB spy ring, starred in three television documentaries, testified at numerous congressional hearings, received the Order of the Garter and the coveted Gold Star for Good Attendance at Buffalo Public School 61. His face is engraved on coins of several Asian countries.
When not teaching science to underprivileged inner city children, Senator Stoll can be found building zero volume borosilicate manifolds or squeezing lumps of bituminous coal into diamonds.
- Abstract: TBA
FULL Length (50 Minutes)
- ac0rn - "How to get RCE on a car"
- Bio: ac0rn spends her days figuring out how things work, bending systems to her will, teaching, and mentoring. In her past life she did developed and tested safety critical embedded systems. She enjoys helping others learn how systems work, can be attacked, and protected.
- Abstract: "How do you hack a car?" is a question ac0rn has been asked many times. She always answers, "it depends." What make and model is the car? What part of the car is being compromised? What method was used to gain entry to the car? And more importantly, what is the goal of the "hack?" A car isn't a single device that can be compromised, it is a rolling collection of highly specialized control devices which communicate on robust insecure networks. Hacking a car isn't like compromising a single computer. Hacking a car is multiple attacks: getting a foodhold on the vehicle network, then pivoting through the system until access to the target of the "hack" is achieved. It is likely that this process will require a hacker to learn how to move laterally on an unfamiliar network running proprietary software and RTOSes (Real Time Operating Systems) on unfamiliar processors. The initial entry point of such attacks are often devices such as the Telematics or Infotainment ECUs (Electronic Control Units). Such systems are typically run operating systems and software on processors that are all familiar to many hackers. Those systems are *not* the focus of this talk. This talk is about the next step: pivoting from one device to another on an internal vehicle control network. How to get your own code executing on a device running unfamiliar software over an unfamiliar network. There is no netcat where we are going. ac0rn will share background about embedded systems and the automotive protocols that she finds useful when attacking an ECU, explain the attack vector she finds most commonly available, and walk step by step through an example proof of concept to show everyone how it is done."
- Alex Holden - "Versus Killnet"
- Bio: Alex Holden is the founder and CISO of Hold Security, LLC. Under his leadership, Hold Security played a pivotal role in information security and threat intelligence, becoming one of the most recognizable names in its field.
- Abstract: The Russian infamous hacktivist group Killnet is more than meets the eye; it's a cyber army directed by a few to cause harm. With a checkered history and inconsistent behaviors, deciphering who is behind this group is challenging. Nevertheless, we will lift this veil and share a personal story of disrupting the group, unbalancing Killnet into chaos.
- Alex Trudeau - "The Pin Puller's Guide: A Hands-On Guide to Reverse Engineering iOS Applications"
- Bio: TBA
- Abstract: Certificate pinning is a common security measure in mobile apps, making it difficult for attackers to intercept traffic. This talk investigates alternative manual techniques to circumvent certificate pinning without relying on external tools like Frida. These methods offer a deeper understanding of mobile app architecture and security practices, and how those security practices are implemented and executed.
This presentation will delve into a practical approach to circumventing certificate pinning on iOS applications. We will explore the intricacies of reverse engineering techniques, including disassembly, debugging, and code analysis. By understanding the underlying mechanisms of reverse engineering and demonstrating methodologies to bypass a common security measure, attendees will gain the knowledge and skills to identify vulnerabilities and devise effective bypass strategies through the power of reversing iOS and beyond.
- Avi Lumelsky - "0.0.0.0 Day: Exploiting Localhost APIs From The Browser"
- Bio: Avi has a relentless curiosity about business, AI, security - and the places where all three connect. An experienced software engineer and architect, Avi's cybersecurity skills were first honed in elite Israeli intelligence units. His work focuses on privacy in the age of AI.
- Abstract: In this live demo and attack simulation we'll unveil a zero-day vulnerability in Chrome and other browsers, and how we use the 0-day to attack developers behind firewalls. We will demonstrate remote code execution on a wildly popular open-source platform serving millions in the data engineering ecosystem, that seems to run on localhost. We'll demonstrate how through an inherited vulnerability in the Chrome browser it's possible to attack localhost services using arbitrary code execution, bypassing the latest security mechanisms.
- Brock Warner - "Beneath the Skin: Exploring Human-Tech Augmentation Myths"
- Bio: Cybersecurity Educator, Research, and Content Creator; Biohacking & Augmentation; Weird Coffee Person; Three Implanted Magnets, Two Implanted LEDs, and One Implanted RFID/NFC
- Abstract: The modern-day convergence of technology and biology has fueled the fires of misinformation about human augmentation, microchip implants, GPS tracking, "biohacking", 5G, and RFID/NFC technologies. The roots of these misconceptions run deep from biblical prophecies to recent vaccine fears. Let's unravel these myths, tracing their ancient origins to the current-day sensationalism that's being driven by pop culture and viral influencers. Explore how individuals embracing augmentation are often portrayed as fringe extremists, and revisit a defunct "anti-chipper" Web 1.0 site to unravel the evolution of the public's anxiety. By separating fact from fiction, we can better understand the true benefits and risks, address legitimate concerns, and dispel the myths that often overshadow the conversation. No prior technical expertise is required!
- Hardy/Shipley/Falken/McOmie" - "Grey is the New Black: Hackers Who've Seen It All"
- Bio0: G. Mark Hardy has been hacking, doing security work, and talking about it for over 40 years. His mission is to help the next generation of security professionals in their careers. He taught for SANS for a decade and now co-hosts the CISO Tradecraft podcast.
- Bio1: TBA
- Bio2: An old hacker.
- Bio3: TBA
- Abstract: In the rapid-fire world of cybersecurity, we often mistake velocity for vision. This panel brings together three veteran hackers - true digital archaeologists - who have watched attack patterns evolve from mainframe manipulations to cloud compromises. With over a century (!) of combined experience, these greybeards share a simple truth: while technology changes, human nature and attack fundamentals remain remarkably consistent. Through war stories, pattern analysis, and pointed commentary, our panel explores how yesterday's lessons illuminate tomorrow's threats. They'll demonstrate how modern ransomware echoes early extortion techniques, how supply chain attacks mirror trusted courier compromises of the past, and how social engineering tactics have merely gained new delivery mechanisms rather than new psychology. Drawing from their extensive careers in both offense and defense, these veterans will dissect several contemporary security incidents, revealing their historical antecedents and the overlooked warning signs that preceded them. The discussion weaves together seemingly disparate threads: how early BBS exploits predicted modern API vulnerabilities, how primitive spoofing attacks forewarned of deepfake challenges, and how time-tested principles of operational security remain relevant in an age of artificial intelligence and quantum computing. This isn't a nostalgia tour - it's a master class in pattern recognition. Attendees will gain practical insights into how historical knowledge can enhance threat modeling, improve security architecture decisions, and strengthen incident response strategies. In cybersecurity, as in life, those who cannot remember the past are condemned to repeat it - often at a much larger scale and with far greater consequences.
- Nick Roy && Martyn Williams - "Inside a Misconfigured North Korean Server: Uncovering Overseas IT Operations"
- Bio0: Nick Roy lives in Boston with his wife and two cats, enjoys solving math problems on college chalkboards at night, and runs a website dedicated to the city's best dive bars. He works at a security startup and maintains a blog focused on OSINT and North Korea.
- Bio1: Martyn Williams is a Senior Fellow at The Stimson Center in Washington, DC, where he works on the 38 North program that analyzes North Korea. He has researched North Korean IT for 20 years and founded the North Korea Tech website.
- Abstract: A misconfigured North Korean server discovered earlier this year provided unique insights into the operations of North Korean animators and IT workers stationed abroad. The server's data includes logs, documentation, and animation files for outsourced projects potentially linked to shows like The Octonauts, Iyanu, and Invincible. Beyond animation, it revealed video tours of factories, evidence of overseas shopping activities, new details about internet functionality in North Korea, and software that highlights the conditions under which these workers operate.
Supported by additional research, we'll explore how North Korean software and cell phones enable these workers to communicate and manage projects under tight restrictions. Insights from separately obtained stealer logs offer further context on the tools and techniques North Korean IT workers use daily. Attendees will gain an understanding of how to identify similar activities and gain a detailed look at the discoveries from the server, providing a deeper understanding of North Korea's overseas workforce.
- Ryan Merritt - "From Black Market to Blue Team: Turning Malicious Playbooks into Defensive Strategies"
- Bio: Director of Security Research for Allure Security with over 20yrs of experience from Threat Hunting to Pentesting, to Reverse Engineering. Former craft brewer of 8yrs, current coffee roasting hobbyist, and Great Dane wrangler.
- Abstract: When it comes to criminal tutorials, fraud guides, phishing kits, or phishing-as-a-service offerings on the dark web, do higher prices really mean higher quality? While premium tools often promise up-to-date and effective capabilities, the real question is: do they deliver? Even more importantly, what can we as security professionals learn from them? In this session, we'll take you from the black market to the blue team - providing a behind the scenes look at analyzing dark web products to uncover actionable threat insights. As the Director of Security Research at Allure Security, I've led efforts to reverse-engineer phishing tools and fraud kits to improve detection and defense strategies for impersonation attacks targeting brands, employees, and customers. We will walk you through our detailed process for evaluating and deconstructing these tools, sharing concrete examples of the techniques, capabilities, and surprises lurking inside. You'll see how threat actors market, sell, and distribute these tools as well - often using strategies that could teach YOUR marketing team a trick or two. Whether you're red, blue, or the only security person at your organization, this talk will give you practical tips and strategies to identify and combat the latest phishing and impersonation threats. Expect to laugh, cringe, and walk away armed with knowledge you can immediately put to use."
- Zach Zenner - "I am The Weaver - Machine Learning Command and Control"
- Bio: Zach is an enterprise security architect who uses an offensive security perspective to secure businesses. He has previously talked about using Reddit for command and control and building a shell that evades macOS detections.
- Abstract: Like it or not, Machine Learning and Artificial Intelligence has become the central talking in technology and cyber security. Threat actors have started to use ML/AI to make ransomware more effective and their phishing attacks more believable. But what other ways can those technologies be used? How can they be effective when creating models takes time and a lot of computation to sustain? Using techniques I established in my previous Thotcon talk, ./senua -v, I will expand Senua with the use of Apple Silicon's built in ML functionality and look towards the future with Apple Intelligence.
TURBO Talks (25 Minutes)
- Charles Parker - "AI Isn't Always I"
- Bio: Charles Parker, II has been in the cybersecurity industry for over a decade working with medical, sales, labor, OEM and Tier 1 manufacturers, and other industries. He has worked in product testing. Presently, he is a Cybersecurity Architect and is heavily caffeinated.
- Abstract: Advances in technology have guided our culture and environment over the last few decades. We are at the point where technology is becoming smarter than us with the ability to analyze molecular permutations in a fraction of the time a human would, complex math problems, etc. As these advances have been published, the hype has expanded exponentially declaring AI the next tool for humanity's future. One area not explored as much as it should is if this is secure. Granted we have pentests for the traditional IT and products, however this set of tasks has not been explored with AI and we are trusting this is secure. The presentation will apply present pentesting techniques, review how AI processes, and apply new testing techniques to the processes. Examples of AI will be presented along with the testing procedure in the TARA format, consistent with ISO21434. The application of this on several chatbots and LLMs will be presented. Since "We can't rewind, we've gone too far", we need to ensure this is secure and not detrimental.
- Coleman Wolf - "The World of Side-Channel Attacks"
- Bio: Coleman is the cybersecurity consulting practice lead at an architecture, engineering and consulting firm. He is inquisitive and loves to explore, learn, improve, make stuff and break stuff. Besides security he enjoys house hacking and food hacking.
- Abstract: A talk about side-channel attacks is not for the paranoid. Many of us will generally recognize all the typical measures we should be doing to protect data, but side-channel attacks are more insidious. They exploit a variety of tactics to extract information via channels that were never intended to carry data. It can open your eyes to a much larger world of intelligence gathering. The challenge comes in finding and then making sense of the data being generated. In this talk I will explain a variety of approaches to side-channel attacks and describe the types of security measures used to mitigate the threat including the use of SCIFs to effectively create a shield to prevent unwanted signal emanation.
- Farzon Lotfi - "Binary Obfuscation that doesn't kill LTO: Making Function Layout Randomization Possible for the Switch"
- Bio: Farzon is a security professional with a Bachelor's and Master's from Georgia Tech, His work at Microsoft and Blizzard, had him mitigated zero-day vulnerabilities and developed anti-cheat technologies, ensuring fair play for millions of gamers.
- Abstract: In this talk, I'll introduce a novel solution: apartment-level randomization. This technique allows for function layout randomization while preserving most of the performance benefits of Link Time Optimization (LTO). By limiting randomization to small, localized "apartments" of code, we can reduce the impact on cache locality and minimize paging issues, maintaining a fast and efficient execution. This approach strikes a balance between security and performance, making it especially well-suited for resource-constrained platforms like the Switch.
- George Joseph Hamilton - "Don't Let Me Get In My Intranet-Zone: Foothold to Full Compromise with WebDAV"
- Bio: George holds MS and BS degrees in cybersecurity and formerly performed Web Application and AD focused penetration tests for a large consulting company, Crowe LLP. Lifelong breaker of things.
- Abstract: Our favorite attack vectors are often rooted in non-secure default configurations, fundamentally insecure technologies, and flaws of the 'Microsoft Will Not Fix' variety, *cough* AD CS, MCM, MSSQL... In this talk I'll walk through how pentesters can abuse Windows implementations of WebDAV related technologies to gain a foothold, summon a tidal wave of relay-friendly authentication, start the WebClient service on a large number of workstations and take them over through shadow credentials abuse, and hijack privileged sessions without dumping LSASS. Most attacks are living off the land friendly, and a new tool is unveiled to scale and target the tactics identified in large environments.
- Hari Shanmugam - "Breaking the Vault: Exploiting flaws in Credential Management System"
- Bio: I am a Lead Red Teamer with extensive experience in adversary simulation, advanced tradecraft, and stealthy attack techniques. With a deep focus on evasion tactics, Windows and macOS exploitation, and red team operations.
- Abstract: Credential vaulting systems are often considered the backbone of enterprise security, ensuring sensitive credentials are stored and managed securely. However, what happens when the very systems designed to protect your organization become the weakest link? This presentation unveils a critical security flaw in a popular password vaulting solution, demonstrating how active sessions initiated with outdated credentials can bypass password rotation policies. Attendees will gain insights into the techniques used to exploit this vulnerability, including session persistence and privilege escalation. We'll walk through the discovery process, demonstrate real-world implications through practical examples, and discuss mitigation strategies to strengthen vault security. Whether you're a penetration tester, red teamer, or security professional, this talk will provide you with actionable knowledge to evaluate and secure your organization's credential management systems against similar threats.
- IntelCorgi - "OSINT Wins: A Celebration of Poor Threat Actor OPSEC"
- Bio: Ryan (aka IntelCorgi) is a cyber threat intelligence analyst at a financial services company in Chicago, and specializes in OSINT investigations. When he is not lint-rolling corgi hair off his clothes, Ryan enjoys playing tennis and scaling crossfit workouts.
- Abstract: OSINT is challenging. Analysts frequently run into frustrating dead-ends over the course of months-long investigations into organizations or individuals. But sometimes the subject will slip up and reveal a piece of information that lets the analyst connect the remaining dots or open up a new avenue of investigation. During this presentation, we will thoroughly dissect a social-media scam and explore how the threat actor's lackluster operational security (OPSEC) allow us to piece together the multiple scams the actor has been running throughout the years. Attendees will learn examples of OPSEC mistakes to look for during investigations and see first hand how exploiting threat actor OPSEC mistakes can lead to a wealth of OSINT wins.
- Josh Kamdjou - "EHLO World: Living Off The Land in the Email Domain"
- Bio: Josh has been doing offensive security-related things for the past 12 years. He's spent most of his professional career breaking into networks via spear-phishing and other methods, and building software for both the public (Department of Defense) and private sectors.
- Abstract: Email-based attacks remain at the forefront of the cybersecurity threat landscape, ever-evolving to circumvent defenses and trick unsuspecting users. In this presentation, we delve into the strategies attackers use to manipulate high-reputation infrastructure and services to deliver attacks that reach end user inboxes. We'll show real, in-the-wild examples of how attackers abuse trusted platforms like DocuSign, SalesForce, Google Drive, PayPal, and Box, how they abuse free subdomain hosts, mass mailers, open redirects, compromised WordPress sites, and more. We'll then explore how attackers persist in the inbox through the creation of malicious mail forwarding rules to siphon data without having to leave repeated access logs. Finally, we'll discuss detection and hunting methodologies and other defense-in-depth techniques to mitigate these attack vectors. Attendees will leave the talk with practical knowledge on novel email attack techniques and how to defend against them.
- John Maushammer - "Writing PAC-MAN for a vintage 600kHz computer"
- Bio: Low level development and reversing is my jam. Hacked three generations of disposable digital cameras, made a pong- and asteroids-playing watch. Professionally, I do embedded systems for medical and aerospace, including a major one flying on NASA's Dragonfly mission to Titan.
- Abstract: The HP87 computer was mostly used to control lab equipment, but it existed smack in the middle of the PAC-MAN era. It never got a proper video game, and we fix that. This is a detailed technical tour of its unique hardware architecture, a comparison to its 1980s contemporaries and modern CPUs, some clever lost CISC concepts, and reverse-engineering the video system... all the necessary low level optimizations to bring wakka-wakka to its beautiful CRT display.
- JP Glab - "Overemployed: How to catch an ITW"
- Bio: JP Glab has worked in infosec since 2012, is currently an incident responder at Mandiant, and can grep himself out of just about anything.
- Abstract: Did you send that new hire's laptop to their house? Or is it sitting in a stateside North Korean funded laptop farm? Do you really need to background check everyone? Even references from your highest performers!? Most everyone has the basics down. Log aggregation, email filtering, threat intelligence feeds, a few endpoint agents, and a team of folks to make it all work in harmony. With the recent rise in detecting the DPRK's IT worker (ITW) initiatives, organizations need to monitor their candidates and new hires as closely as their VPN. Working remotely is here to stay and it allows human threats to walk in the front door. This talk will outline the DPRK's ITW strategies, tell the story of a real infiltration, and discuss what organizations can do to better monitor for and prevent hiring highly skilled insider threats.
- Olivia Gallucci - "Elements of Cross-Platform Exploitation - A Guide"
- Bio: Olivia Gallucci is an offensive security engineer, freelance penetration tester, and blogger: oliviagallucci.com. She is a student at the Rochester Institute of Technology. Outside of cybersecurity, Olivia enjoys competitive sailing, fitness, and books on famous nerds.
- Abstract: Having trouble applying your Linux hacks to other OS-es? This presentation explores how an OS's architecture influences binary exploitation. It delves into how the System V application binary interface (ABI), POSIX standards, and the UNIX philosophy shape the mechanics of binary exploitation. The talk highlights stack management, system calls, and security mechanisms, including address space layout randomization (ASLR), Write XOR Execute (W^X), and stack canaries. By comparing System V and BSD-derived systems, this presentation illustrates nuances of exploiting binaries across different, yet often similar platforms.
- Randall Wyatt - "You Can Be Neurodivergent and Thrive In InfoSec"
- Bio: I am currently an App Sec, Vuln & Asset Mgmt engineer on the ProdSec Team at CoverMyMeds. I am an avid champion for neurodivergence, developing the active defender mindset, & a security first culture. In my free time, I enjoy video games, reading, & spending time w/ my partner.
- Abstract: This talk discusses the challenges faced by neurodivergent (ND) individuals in advancing their careers in the field of InfoSec. This talk emphasizes the need to change the perception that being a manager is the only way to advance in one's career and suggests that a collective approach to leadership, focused on advancing peers, can be a viable alternative. I will also highlight the importance of providing constructive feedback and support for ND individuals, who often crave feedback and need reassurance in their roles. This talk provides practical tips for ND individuals in navigating the job search process, including strategies for organizing job applications and interviews. I will emphasize the importance of advocating for oneself and making requests for accommodations in the workplace. Finally, this talk challenges the notion that certifications are the only way to demonstrate knowledge and skills, suggesting that expanding skills through practical experience, reading, and following industry experts can be equally valuable. Overall, I aim to empower ND individuals in their pursuit of a successful career in InfoSec and encourage them to embrace their unique strengths and abilities.
- Ryan Grunsten - "kvPWN: UNIX Shell to AD Foothold"
- Bio: Ryan "thiefadjacent" Grunsten is a Chicago-based penetration tester and security researcher. Ryan has spent inordinate time researching Windows authentication protocols and writes at https://thievi.sh, which currently boasts the most detailed coverage of NTLM auth available.
- Abstract: This talk will debut a never-before-seen lateral movement technique for domain-joined Linux machines. This talk is the first time this technique has been publicly disclosed. By leveraging an esoteric, forgotten utility bundled within the Kerberos suite, and by abusing fundamental properties of Kerberos, attackers can bypass root restrictions on KCM-protected credentials, all while quietly living-off-the-land. Once exfiltrated, these credentials can be used seamlessly with Impacket, NetExec, BloodHound, and other industry standard tools.
- Sam Fox - "From Unregistered CNAME to Owning a Defunct Registrar"
- Bio: Sam Fox created Black Lantern Security's ASM services and functions as the Operations Manager for the team. Previous experience roles in incident response, forensic analysis, internal red teaming, red team consulting, and internal audit.
- Abstract: Subdomain takeover may not be as popular as other web vulnerabilities but it can result in fascinating data collection opportunities. What happens when a former domain registrar's domain goes up for sale? During routine attack surface management activities for a client, the BLS ASMOC identified an unregistered CNAME in a target's DNS configuration. That unregistered domain ended up being a small registrar itself.
- TheDingo8MyBaby - "Driving Range Vulnerability - MIFARE Classic Exploited"
- Bio: Cybersecurity Enthusiast | Data Analyst | Process Improvement Leader | Ad-hoc Reporting Specialist. Just a Cyber Enthusiast, trying to break into the field.
- Abstract: In this paper, I will be going over an investigation of NFC (Near Field Communication) Cards at a Driving Range (A facility where golfers can practice their different golf swings) where I explored their operational intricacies, security considerations and data handling procedures. This write-up aims to provide a comprehensive understanding for a diverse readership, by offering explanations that cover both conceptual and technical aspects. There will be two parts to this paper. My initial investigation which started over a year ago, and then a follow-up visit, one year later.
- Uri Aronovici - "How to hack a cloud production environment with external Terraform manipulation"
- Bio: TBA
- Abstract: Terraform by HashiCorp is a leading Infrastructure as Code (IaC) tool that enables DevOps to define and provision cloud infrastructure. At the heart of Terraform's functionality are many external modules, services and third-party components that are used for planning and deployment. In this session, Uri will cover how widely-used Terraform providers and modules can be exploited to gain full control of a cloud production environment. We will examine two attack paths that have high probability as they leverage commonly-used external Terraform functionalities that are often not properly vetted or even visible. Uri will walk attendees through the complete attack flow, discuss the potential impact and provide best practices and Secure by Design concepts for mitigation and remediation. Moreover, Uri will share his experience with improving SDLC processes to detect these types of risks before they reach production.
Track X - Mini Workshops (120 Minutes)
- Ken Smith && David McDuffie - "Breaking the Bot: GenAI Web App Attack Surface & Exploitation"
- Bio0: Ken Smith, Director of Offensive Security L&D at Praetorian, brings 15 years of security leadership experience. He taught infosec at the University of Mount Union for ten years and previously served as a Signals Intelligence Operator with 5th Special Forces Group (Airborne).
- Bio1: David is a Lead Security Engineer at Praetorian. His primary duties involve conducting enterprise network penetration tests and assessing the security and safety of generative AI applications.
- Abstract: GenAI is changing the game for web applications. In this hands-on, 2-hour workshop, dive into the fascinating world of GenAI exploitation as we break and bypass these emerging applications. After an architectural review and in depth exploration of GenAI web application threat modeling, participants will learn how to transform innocent chatbots into data-spilling security nightmares. Moving beyond traditional web vulnerabilities, you'll gain hands-on experience with prompt injection, model manipulation, and GenAI-specific attack chains. Using a deliberately vulnerable GenAI application, participants will explore the OWASP Top 10 for LLM Applications through practical exercises and live exploitation. The workshop is capped off with a comprehensive discussion and exploration of mitigation strategies.
- Mike Connor && Jacob Kravitz - "Capture the Flag Workshop"
- Bio0: TBA
- Bio1: TBA
- Abstract: This workshop highlights what goes into creating a Capture the Flag (CTF) Competition. This workshop will cover the basics of what a CTF is This workshop then dives into designing and planning for the infrastructure used to support the competition. The workshop then moves into understanding design principles behind what makes a good CTF challenge providing examples from positive experiences. The workshop concludes with discussing what is needed to run an actual competition, tying everything together to explain why CTFs are a great information security training tool that your organization should be utilizing.
|