HackMiami XMay 19 - 20, 2023

TICKETS ON SALE NOW

HackMiami X

Talk Schedule Posted

Scroll down for Conference Schedule

Event Location

Marenas Beach Resort
18683 Collins Avenue
Sunny Isles Beach, FL 33160

HackMiami X 2023 Conference will consist of training classes on May 19, 2023 and speaking tracks on Saturday May 20, 2023.

Track 1 – NüWorld0rder – A novice track will be available for hackers who are learning the game. If you have a presentation that you believe would be beneficial to the community and will give attendees a information that can be used to advance their skills, knowledge, and/or careers, then this is the track for you. Total presentation time is 45 minutes with 10 minutes of Q&A.

Track 2 – 0ldWorld0rder – An advanced track for the hackers looking to show off their latest projects and research. If you have any hot research, code drops, vulnerability disclosures, or attack methodologies that you want to present on, then this is the track for you. Total presentation time is 45 minutes with 10 minutes of Q&A.

Subscribe to our mailing list and follow us on Twitter for announcements regarding CFP’s and training courses.

PRICING

  • General Admission: This ticket includes all talks and events taking place during the HackMiami Conference on Saturday May 20, 2023
  • Training Session: This ticket includes access to a comprehensive 8 hour training course on Friday, May 19. 2023. General Admission to the HackMiami Conference on May 20, 2023 is included with purchase of Training Session.

GENERAL ADMISSION

$199.991 person

TRAINING COURSES

$16001 person

Sponsors

 

For sponsorship inquiries and prospectus, reach out to sponsors [at] hackmiami.com

ReliaQuest is the force multiplier of security operations. Our security operations platform, GreyMatter, automates detection, investigation, and response across cloud, endpoint, and on-premise tools and applications. GreyMatter is cloud-native, built on an open XDR architecture, and delivered as a service any time of the day, anywhere in the world. With over 700 customers worldwide and 1,200 teammates working across six global operating centers, ReliaQuest is driving outcomes for the most trusted enterprise brands in the world. We exist to make security possible.  Learn more here: https://reliaquest.com

ARMY ROTC goarmy.com

As the largest United States military branch, we defend our nation’s freedom and safety as well as provide stability during challenging times. This has been a focus since 1775 when the Army’s fight for independence began. Today, we honor a legacy rooted in freedom and lead by example with core values that every Soldier lives by. Learn more here: https://goarmy.com

HackNotice is a threat intelligence company specializing in data breaches as well as leaked credentials and identities.

Hacknotice is the only company-wide threat awareness platform, making employees safer online. Users monitor, review, and take swift actions against their real cyber-threats. The platform focuses on bridging the gap between security teams and other employees through real-time alerts, around-the-clock monitoring, recovery recommendations, and a full security training and assessment program. HackNotice’s mission is to make all employees threat aware, creating a resilient culture of security. Founded in 2019, HackNotice is located in Austin, TX. Learn more here: https://www.hacknotice.com

At Nuspire, our 20+ years of cybersecurity expertise combined with our vision to make clients fanatically happy delivers an experience that meets you where you are in your security journey.

At Nuspire, our 20+ years of cybersecurity expertise combined with our vision to make clients fanatically happy delivers an experience that meets you where you are in your security journey. Nuspire is a leading managed security services provider (MSSP) founded over 20 years ago to revolutionize the cybersecurity experience by taking an optimistic and people-first approach. Learn Here more at https://www.nuspire.com

At Black Hills Information Security (BHIS), we strive to strengthen our customers’ information security infrastructure and employees through penetration testing, consulting, and defensive security services. Since our founding in 2008, companies of all sizes, from small community banks to Fortune 100 companies, have entrusted us with their business. Learn here more at https://www.blackhillsinfosec.com

 

TRAINING COURSES

Training Courses will take place throughout the day on Friday, May 19, 2023 from 9am – 5pm.

Purchase of a Training Course INCLUDES admission to the HackMiami X Conference events on Saturday May 20, 2023.

Lunch will be provided during all Training Courses.

In order to purchase a Taining Course, select the course from the dropdown menu on the official HackMiami X Conference Eventbrite registration page.

 

 

TALKS

Track 1 – NüWorld0rder

David Marcus
David Marcus
Keynote

Keynote Address

Track 1 – NüWorld0rder
9.00 am

Dave Marcus is a 25-year veteran and survivor of The Cyber Wars. Starting from IT administration and then into pre-1998 red teaming to getting bruised and battered in the cyber trenches of antivirus to the highs of becoming a Principal Engineer at both Intel and McAfee. The cyber scars are real. Dave Marcus currently serves as Senior Director of Intelligence and Analysis at LookingGlass (LGC). He has co-created methodologies and analytical processes to effectively research and target threat actors internationally, built and delivered thousands of weekly, monthly, and yearly Intelligence Summaries based upon unique customer intelligence requirements and has had the pleasure of presenting at more conferences than he probably deserved. A great team leader and people builder, he helps drive LGC’s intelligence, attack surface methodologies and technical direction. In his spare time, he is an avid powerlifter and family man.


Track 1 – NüWorld0rder
Austin Turecek
Austin Turecek
Application Pen Tester

The Route(r) To Success: Hacking A Router To Its End of Life - Austin Turecek

Track 1 – NüWorld0rder
10.00 am

During the lockdown, many hackers were left to their own (and other’s) devices. This extra time, and a stable internet connection, lead some to the mass purchasing of inexpensive IoT devices and routers. One of these devices, a travel router by Trendnet, proved to be especially vulnerable. Through multiple chaining vulnerabilities, the system was compromised past repair.

This presentation explores the process, methodology, and tools used throughout the investigation and development of the full exploit. Designed to be friendly to both newcomers, and veterans, we’ll explore the technical and nontechnical sides of vulnerability hunting. While much of our work exists within the virtual realm, it's important to never forget the human side behind our endeavors.

Attendees will have the opportunity to relive the full hunting process from start to finish, including all the ups and downs of hacking and reporting. By retracing our steps through the hunt process, we can learn how to better focus our work, leading to more successful hunts.

Biography:
Austin Turecek is an application penetration tester with an interest in IoT, embedded systems, and open source technology. In the past Austin has worked within incident response, purple teaming, and system administration. Prior to beginning his work as an application penetration tester, Austin worked as a malware analyst studying and tracking cyber criminals, and their tools, throughout the deep and dark web.

The combined experiences of system administration, malware analysis, and penetration testing have all contributed to his independent work bug hunting.


Track 1 – NüWorld0rder
Tal Melamed
Tal Melamed
CloudEssence Co-Founder

Hacking Serverless Applications

Track 1 – NüWorld0rder
11.00 am

When adopting serverless technology, we eliminate the need to develop a server to manage our application and by doing so, we also pass some of the security threats to the infrastructure provider. However, serverless functions, even without provisioning or managing servers, still execute code. If this code is written in an insecure manner, it can still be vulnerable to traditional application-level attacks and could lead to a cloud disaster.

In this talk, we will discuss common risks and challenges in serverless environments. I will introduce techniques used by attackers to exploit Serverless apps in unconventional ways. I will also demonstrate exploits of recently discovered CVE, targeting cloud functions.

Bio
With more than 15 years' experience in Application and Serverless Security, Tal recently co-founded CloudEssence, a cloud-native Application Security company that was acquired by Contrast Security in 2020, where he now leads the new innovation center. Previous to CloudEssence, Tal headed the security research at Protego Labs, a Serverless security startup that was acquired by Check Point. Tal is committed to evangelizing serverless and application security to the community, by training hundreds of developers and security teams around the world, serving as an AWS Community builder and teaching at the cybersecurity master's program at Quinnipiac University.

Steve Borosh
Steve Borosh
Penetration Tester

Azure cloud for offensive operations - Steve Borosh

1:00 pm

Not only has today’s enterprise perimeter extended beyond the traditional firewall to the cloud, but hackers have also been using Azure to launch attacks and host malware. In this talk, I will cover use-cases for launching your offensive operations from Microsoft Azure for maximum success on your next Red Team or phishing scenario.
Offensive operations may benefit from using Azure. Specifically, Azure Cloud Shell may be used to deploy and manage offensive operations. I will dive into (ab)using Azure Cloud Shell to launch your operation and target enterprises who utilize Microsoft 365 for email, chat, and Active Directory. This talk and demonstration will provide the audience the knowledge to utilize Microsoft Azure Cloud Shell and other Microsoft services as platforms to launch advanced offensive operations.

Bio
Steve (rvrsh3ll) Borosh is a proud U.S. Army Infantry combat veteran and security consultant at Black Hills Information Security. Steve earned a B.S. in Computer and Information Science from ECPI University. Steve has extensive experience as a penetration tester, red team operator, and instructor since 2014. Steve has instructed courses on penetration testing and red teaming for the public, private, and federal law enforcement sectors. Steve also has experience teaching or speaking at conferences such as Blackhat, various BSides events, Gartner, and others. Steve maintains a blog and GitHub repository to share knowledge and open-source offensive tools with the community.

Christopher Truncer and Victor Suarez
Christopher Truncer and Victor Suarez
Co Founder and Penetration Tester with FortyNorth Security

An Offensive Review of Ransomware Group Techniques

2.00 pm

Ransomware groups utilize a wide range of attack techniques to gain elevated access to enable their ransomware to be as effective as possible. It can be perceived that these ransomware groups must utilize the newest, most pristine tooling to achieve their goals, but that isn’t always the case. Of course, there can be some custom tooling, but other times you might see old-school PowerShell one-liners to deploy their code. In this talk, we plan on looking at different groups and instances of ransomware being deployed to study how the operators performed each attack. We’re going to discuss their tactics and tooling used, and we plan on releasing sample tooling, which re-creates some of the tools used by the ransomware groups, along with detections. Attendees will be able to walk away from our talk with a better understanding of how some ransomware groups operate, along with sample tooling to simulate the same actions within their work environment as well as indicators of compromise for some of the techniques covered.

Bio
Christopher Truncer (@ChrisTruncer) is a co-founder and Offensive Security Lead with FortyNorth Security. He is a co-founder and current developer of the Veil-Framework, EyeWitness, WMImplant, EDD, and many other tools. Chris enjoys offensive security work.

Victor Suarez (@Gr1mmie) is an Offensive Security Engineer on FortyNorth Security's offensive security and research team. He is an open source developer whose written tooling encompassing various aspects of a penetration test and red team operation including situational awareness and persistence. Victor is involved not only with offensive operations, but also detection engineering and threat hunting in an effort to better advise defenders.

Michael Rosenfeld
Michael Rosenfeld
Cyber Network Operator

A Not so Theoretically Devastating Cyber Attack on America's Gas Stations

3.00 pm

In 2015, HD Moore published an article disclosing over 5,800 gas station Automated Tank Gauges (ATGs) which were publicly accessible. Besides monitoring for leakage, these systems are also instrumental in gauging fluid levels, tank temperature, and can alert operators when tank volumes are too high or have reached a critical low. ATGs are utilized by nearly every fuelling station in the United States and tens of thousands of systems internationally. For remote monitoring of these fuel systems, operators will commonly configure the ATG serial interface to an internet-facing TCP port. The process for accessing these systems is quite simple: telnet to the port and issue documented TLS-350 or TLS-250 commands to execute everything from setting alarm thresholds to editing sensor configurations and running tank tests. While tools such as Nmap include scripts for enumerating these devices, the functionality is generally limited to In-Tank Inventory Reports and System Status Reports. These scripts are good for reconnaissance, but what if an attacker decided to prevent the use of the fuel tank entirely by changing access settings and simulating false conditions, triggering a manual shutdown? Could an attacker shutting down over 7,000 fueling stations in the United States with little effort leave the nation crippled? I believe the answer is clear.

Bio
Hey, I'm Michael! As a Cyber Network Operator experienced in vulnerability assessments, threat hunting, and incident response, Idevelop scalable intrusion detection capabilities to effectively discover and defeat adversaries in critical infrastructure networks! I'm passionate about transforming threat intelligence into tangible detection solutions. In my free time, you can catch me conducting security research for my blog (https://medium.com/@RoseSecurity), strengthening the cybersecurity posture of organizations through my company (https://rosesecurity.live/), and educating the community on modern threats and adversarial Techniques, Tactics, and Procedures; feel free to check out the work that I do through my GitHub portfolio (https://github.com/RoseSecurity).

Daniel Wyleczuk-Stern
Daniel Wyleczuk-Stern
Blue Team and Threat Detection Engineer

Detection as Code, Buzzword or Panacea?

4.00 pm

If you’ve spent any time browsing blue team blogs or chatting with folks in the SOC, you’ve probably heard the phrase “Detection-as-Code” pop up. These discussions frequently exalt the virtues of Detection-as-Code characterizing it as the ultimate solution for all of the Blue Team’s problems. Usually, whenever something sounds too good to be true, it usually is. In this case, however, the advocates aren’t totally off base. In this talk, we’ll seek to separate truth from fiction and clarify how Detection-as-Code can help their organization.
We’ll start off with defining what Detection-as-Code is for those unfamiliar. After diving into some history of infrastructure, we’ll cover what problems Detection-as-Code solves and what it doesn’t. Finally, we’ll dive into some lessons learned from a team that manages hundreds of rules and petabytes of data using Detection-as-Code. Along the way, we’ll have some demos showcasing some of the power and failings of Detection- as-Code. After it all, you’ll come away with an answer to if Detection-as-Code is right for your team. You should also be equipped with an understanding of dos and don’ts and some guidelines and frameworks for a successful implementation.

Bio Daniel is a recent convert to the blue team after spending the majority of his career breaking systems at Praetorian and the USAF. For the past 2 years at Snowflake, he’s been helping to improve the threat detection program. When he’s not working, you can find him spending time with his wife and cats, enjoying a nice cup of coffee, or exploring Washington DC.

Santiago Gama
Santiago Gama
Industrial Hunter at Dragos

The things I wish I knew for ICS Cybersecurity

5.00 pm

ICS security is a growing and critical field of cybersecurity. With the escalating conflict of Russia and Ukraine, increase in ransomware activity, and critical infrastructure becoming more interconnected, it’s important to have more people in the field. When I transitioned to an OT cybersecurity role, I felt lost by the vast number of concepts one needed to understand. Talking to people that show interest in joining the ICS side of the house, I noticed they asked me a similar set of questions including “where do you start with ICS?”, “what are the differences between ICS and IT security?”, and “what are the components and technologies you encounter on an OT environment?”. As someone who was once in the position of wanting to explore ICS security, I want to offer advice to those wanting to shift their career in this industry or simply are curious about ICS security.
In this presentation, I want to give attendees a “starting point” in their journey to ICS security. I want people to understand the fundamentals of what they should encounter in an OT environment. What is the difference between SCADA and a Distributed Control System? What are controllers used for in an ICS environment? What is the standard architecture you’ll find in an OT environment? Among other questions that I had when I first started learning about ICS security. I intend to pave the road and bridge the knowledge gap for IT cybersecurity professionals so they can have a better insight of what it takes to safeguard and protect critical infrastructure.

Bio
Santiago Gama is an Industrial Hunter at Dragos on the OT Watch team. He has been with Dragos for the past year and before worked in Help Desk, Software development, and System Administration. Santiago is active in the South Florida information security community with SFISSA and HackMiami.

Jonathan Echavarria and Marcus J. Carey
Jonathan Echavarria and Marcus J. Carey
Enterprise Architects at ReliaQuest

AI-Pocalypse Now

6.00 pm

As Machine Learning and AI are becoming more advanced, they are also becoming more prevalent in the field of cybersecurity. This talk will focus on the duality of using Machine Learning and AI in the realm of cybersecurity and hacking. Marcus Carey will highlight the potential for these technologies to be used for good, such as improving threat detection and response, and enhancing the overall security of networks and systems. Jonathan Echavarria will take a contrasting approach, examining the darker side of these technologies and the potential risks they pose to individuals and organizations. He will delve into the techniques used by hackers to leverage Machine Learning and AI to launch sophisticated attacks, such as malware and phishing campaigns. Together, they will present a balanced view of the current state of Machine Learning and AI in cybersecurity and their future possibilities, encouraging attendees to consider both the positive and negative implications of these technologies.
Join us for a thought-provoking and informative discussion on the "blue pill" and "red pill" of Machine Learning and AI in cybersecurity.

Bio
Jonathan is an experienced Enterprise Architect at ReliaQuest, where he aligns business strategy with technological solutions. Prior to this role, he was an offensive security engineer at Facebook, where he conducted various offensive operations. He has also held multiple positions at ReliaQuest, including penetration testing, red teaming, security operations, and malware analysis. Jonathan is a frequent speaker at industry conferences, discussing topics such as cybercrime, state-sponsored operations, and smart home security. Marcus is a cybersecurity practitioner with over 20 years of experience in the field and is a US Navy veteran. He currently serves as an Enterprise Architect at ReliaQuest, performing research and leading the development of a variety of solutions. He has worked with federal agencies like NSA, DC3, DIA, and DARPA and is the co-author of the Tribe of Hackers cybersecurity book series. He also holds a Master of Science in Network Security from Capitol Technology University. His diverse background and extensive experience make him a valuable asset in the field of cybersecurity.

TALKS

Track 2 – 0ldWorld0rder

Bryson Bort
Bryson Bort
Founder of SCYTHE

Get Off The Sidelines

10.00 am

Cybersecurity isn't solved. It's why there are so many products constantly appearing (we may be running out of made-up words for company names). We'll talk about how you can get involved! Whether it's in your enterprise, angel investing, or how to launch your own start-up!

Bio
Founder of SCYTHE, a start-up building a next-generation attack emulation platform, GRIMM, a cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit for industrial control system security. He is a Senior Fellow at the National Security Institute and an Advisor to the Army Cyber Institute. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom. He was recognized as one of the Top 50 in Cyber by Business Insider, Security Executive Finalist of the Year by SC Media, and a Tech Titan in Washington DC.


Track 1 – NüWorld0rder
Ryan Slaney
Ryan Slaney
Staff Threat Research at Security ScoreCard

Analysis of Zhadnost Botnet

11.00 am

Zhadnost, was discovered when it was conducting DDoS attacks on Ukrainian government and financial websites shortly before and during Russia's invasion of Ukraine. The botnet was later used against Finnish Government websites, on the same date President Zelensky addressed the Finnish parliament, and against the Ukrainian Postal Service, on the day a controversial anti-Russian stamp was to go on sale. The presentation discusses the methodology and tools I used to discover its bots, provides an analysis of its bots and how they were compromised, how its impact can be mitigated, and attribution of the botnet to the Russian GRU. The presentation also compares and contrasts Zhadnost with the activities of another Russia aligned- botnet operator, KillNet, who has targeted dozens of US, European, and NATO websites with DDoS attacks.

Bio
Ryan Slaney While working for CSIS, I spoke at Security BSides in St. John's NL and ISACA's IT Risk Symposium Conference in Halifax about the disruption of a GRU close access cyber team in The Hague. Currently working as Staff Threat Research at Security ScoreCard.

sh1katagana1
sh1katagana1
Infosec Instructor

Do You Even Threat Intel Bro?

1:00 pm

Companies want to be ready for current and future cyber attacks, and a Cyber Threat Intel Program would give them the insight they need to combat these attacks. I will cover the basics of building a Cyber Threat Intel Program from scratch, even if your company has a limited or no budget for tooling. Ill cover essentials such as Threat Intel Platforms, OSINT, Dark Web research, Ransomware analysis, Threat Intel sources, and much more. So when they ask you...do you even Threat Intel bro..you can answer a resounding YES!

Bio
I have taught infosec classes for 15 years and achieved and taught 21 certifications. I have also done web app pentesting for a government facility as well as my current company. I created the AppSec Program there from scratch as well as the Cyber Threat Intel program. I enjoy teaching and have created a lot of cybersecurity content on my website at https://www.sh1katagana1.com. I also play live Trip Hop, Funk and Jazz using live looping. I play concerts both in real life and in the metaverse in Second Life, OpenSim and Neos VR.

Casey Smith
Casey Smith
Senior Security Researcher at Thinkst Applied Research

Building a Canarytoken to Monitor Windows Process Execution

2.00 pm

Have you ever wanted a simple alert if an unexpected Windows process runs on a host? The open source Canarytokens project allows teams to build simple tripwires to alert on attacker actions. We’ve recently built a new free Canarytoken type that allows you to set up a quick alert when you want to know any time a specific windows file is executed. In nearly every ransomware report, we can see attackers running a series of commands on endpoints. What if you wanted to monitor critical systems and endpoints for sensitive commands? For example, suppose you wanted to see an alert if someone runs wmic.exe or qwinsta.exe or bitsadmin.exe on a device? With this new token, we can create Canarytoken alerts for some of these commands as an early warning tripwire that something is wrong, or someone is running a command that they should not be. Coupled with other telemetry, these Canarytokens may be just the rapid tipoff you need. This talk will explore our research and creation of the new Canarytoken. From windows internals to encoding alerts over a DNS channel, we think these classical offensive techniques can strengthen your defense.

Bio
Casey Smith is a Senior Security Researcher at Thinkst Applied Research. He enjoys continually working to understand and evaluate the limits of defensive systems. He led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. His background includes security analysis, threat research, penetration testing, and incident response. Casey has spoken at several security conferences. DerbyCon, Shmoocon, BlackHat USA, BlueHat, BlueHat IL, and Troopers.

Jose Hernandez & Michael Haag
Jose Hernandez & Michael Haag
Threat Researchers at Splunk

Transpuny - Hunting punycode oddness using Certificate Transparency Logs

3.00 pm

During the investigation into #openssl CVE-2022-3602 Michael Haag and Jose Hernandez from the Splunk Threat Research Team had the question, “who on the internet is registering potentially malicious certificates with punycode in them?” This led them down the path of writing a simple tool named TransPuny to study certificates being registered or changed on the internet with punycode on the SubjectAlternativeName (SAN). This talk will take the attendee on a journey through certificate transparency logs and how they may be used by researchers. In addition, learn how to install and use TransPuny in hopes to identify suspicious intent, and learn about interesting findings and observations found with certificate transparency logs. Spoiler there is A LOT of sketchy activity on the internet happening from sites with punycode in their domain name.

Bio
Jose
Currently, José leads the Threat Research team at Splunk. He started his professional career at Prolexic Technologies (now Akamai), fighting DDoS attacks from “anonymous” and “lulzsec” against Fortune 100 companies. As an engineering co-founder of Zenedge Inc. (acquired by Oracle Inc.), José helped build technologies to fight bots and web-application attacks. Although security information has been the focus of his career, José has found that his true passion is in solving problems and creating solutions.

Haag
Michael Haag is a Senior Threat Researcher at Splunk. Michael has 10 years of experience across the spectrum of cybersecurity. Michaels main focus is the Atomic Red Team project and detection engineering. Michael enjoys threat research but also threat hunting and big data analysis.

Matthew Eidelberg
Matthew Eidelberg
Engineering Fellow at Optiv

How to Fix the Old and Busted: The Science Behind Loaders

4.00 pm

Often when red teamers are preparing for initial access, they develop a complex payload and delivery method. Though it was tested in a lab, when launched, something gets caught burning the whole operation. Often the blame falls on the loader when it could be something as simple as the command used to execute. Adjusting just a few things might change the result from a successful callback to total invisibility. Let’s face it detection controls aren’t perfect, and this lack of knowledge often comes from a black box approach.
This talk will show an in-depth walk through of the process to make a sophisticated loader. We will begin by walking through detections, breaking it down into three major categories’ “Delivery”, “Loader”, and “Stage”. This division helps outline the different aspects that can result in the execution being blocked. Understanding the differences in the techniques used in each phase, we will walk through the OPSec considerations that need to be considered as well as what evasion features need to be built into your payload to be successful.

Bio
Matthew Eidelberg is a husband, father, and big security fanatic. Matthew works as an Engineering Fellow leading Optiv’s Red Team & Adversarial Simulation Services team. Matthew has authored several open-source tools including ScareCrow, Freeze, Ivy, Mangle, and published articles focused on EDR evasion and adversarial techniques.

Pramod Rana
Pramod Rana
Author of Omniscient, vPrioritizer, sec-depend-aider

How to have visibility and security OF CICD ecosystem

5.00 pm

Today CICD platforms are an integral and critical part of the overall software supply chain. To support the business requirements, it processes a lot of sensitive data, compromise of which can have effect on the entire organization. Security IN CICD is a well discussed topic, now security OF CICD deserves the same attention.

One of the challenges with security OF CICD, like most areas of security, is the lack of visibility of what actually makes a CICD ecosystem. Security starts with being aware of what needs to be secure.

In this talk I will be presenting how an organization can approach the visibility and thus security OF CICD ecosystem along with some common attack areas like access controls, credentials hygiene, misconfiguration etc. and their possible solutions.

I will introduce two new open source projects:

1) CICDGuard - a graph based CICD ecosystem visualizer and security analyzer, which

  • Represents entire CICD ecosystem in graph form, providing intuitive visibility and solving the awareness problem
  • Identifies common security flaws across supported technologies and provides industry best practices and guidelines for identified flaws
  • Technologies supported as of now:
  • GitHub
  • GitHub Action
  • Jenkins
  • Spinnaker
2) ActionGOAT - a deliberate damn vulnerable GitHub Action for learning purposes

Biography:
Pramod Rana is author of below open source projects:
Omniscient - LetsMapYourNetwork: a graph-based asset management framework
vPrioritizer - Art of Risk Prioritization: a risk prioritization framework
sec-depend-aider - Dependabot pull request monitoring automation platform

He is leading the application security team in Netskope with primary focus on integrating security controls in the development process and providing security-testing-as-a-service to other teams. He loves to understand new security practices and how to practically implement them.

He has presented at BlackHat, Defcon, nullcon and GrayHat before. A security professional by job, a coder by hobby, a runner by passion.

Travis Weathers
Travis Weathers
Practice Director at Optiv

Badge cloning with Doppelgänger - Tool Release

6.00 pm

This project stemmed from the RaspberryPi chip shortage, which drove up the cost of RPi Nano W boards making the cost to repair my team's long-range cloners not feasible. In addtion, there were some limitations with existing tooling (Wiegotcha, ESP-RFID-Tool, Tastic RFID Thief, etc.) that I aimed to mitigate. The intent with this project was to accomplish the following:

  1. Reduce the amount of wiring/soldering required to go operational.
  2. Hotswappable devices for easy servicing.
  3. Use modern CoTS equipment that can easily be replaced.
  4. The operator can't go into a comms blackhole when connected to the device.
  5. Egress for notifications (Email/Text), reducing the need to check for card reads while in the middle of an operation.
  6. Simplified WebGUI that only displays Bit Length, Facility Code, and Card Number. Option to download the complete data set(e.g., BL, FC, CC, HEX, BIN).
  7. Error handling, so the device doesn't log bad reads, EMI, etc.
  8. Easy configuration and reset functionality for team use.


Bio Travis Weathers is a Practice Director on Optiv's Attack & Penetration team based out of Tampa, FL. Since stepping out of the military, Travis has worked within the offensive security space performing advanced adversarial emulation assessments and leading offensive security practitioners.

TALKS

%27 Track (Event Room)

Antonio Juanilla
Antonio Juanilla
Specter

Dangerous CI/CD webhooks

11.00 am

I want to demonstrate how to exploit a CI/CD system and escalate privileges, as well as how we can defend ourselves and prevent this type of attacks.

Bio >/b>
I am Antonio Juanilla known as Specter, I am an active member and collaborator of the communities in Spain HackMadrid%27 and HackBarcelona%27, member of the CTF flagHunters team, I am DevSecOps, and speaker in the different conferences in LATAM and Spain.

Kennashka DeSilva
Kennashka DeSilva
Cybersecurity Consultant

Threat Modeling Blockchain Applications

11:30 AM

This session will provide you with insights on how to put a security-focused threat model into action for Blockchain Applications. I will share learnings from building an NFT Security initiative and working with creators, developers, and communities as security champions from a seasoned Cybersecurity Professional and Community Builder perspective.

Bio
Kennashka DeSilva is a highly skilled Cybersecurity Consultant at a Big Four Financial Firm with experience ranging in Blockchain Security and Cloud Computing. She has participated as a Main Stage speaker at DEFCON30 in the AppSec Village. Kennashka works in various community initiatives towards tech diversity such as Women For Crypto and serves as an Executive Council Board Member at WICYS Florida.

Matthew Nickerson
Matthew Nickerson
Customer Success & Project Manager

Straight Outta Layer 0: How My Journey into InfoSec can Help You

2.00 pm

This presentation will go through the thought process and inspiration for moving into the field, as well as the action plan used to set goals and achieve them. He also plans to go over the resources that he used to go from non-technical to fairly-technical

This presentation is not for the technical wizards or the people who were pwning networks as a teenager. This talk is for the call agent, the fast-food worker, and the truck driver who is looking to find a more fulfilling career. My path to working in cybersecurity is non- traditional, and this presentation is to help other “non-traditional” people find their way into the career they want.After leaving a non-technical business role, Matthew began the process of changing hiscareer into the field of cybersecurity and in less than a year moved into an Offensive Security role.

Bio
Matthew Nickerson is a former Customer Success & Project Manager for a Telecomm company in Florida who recently made a career change into Cyber Security. He is an Offensive Security Consultant at Layer 8 Security in his free time he enjoys golfing (currently on the quest to become a scratch), playing video games, camping (at music festivals and national parks) and spending time with his two dogs.

Jose Hernandez & Michael Haag
Jose Hernandez & Michael Haag
Threat Researchers at Splunk

Level up as investigator

2:30 pm

Are you looking to get a job as a level 1 analyst in a SOC or do you regularly lead month long investigations to counter foreign adversaries access operations? In conducting investigations of all levels of complexity and training over 100 investigators we have found some core skills that helped us solve cases. Identifying what information we can pivot off of is often taught as a very procedural process. We don’t teach how to use tools to enrich information. We teach how to find what information is valuable, and then find how to make a connection. This session is an introduction to this way of investigating that has been used in cases ranging from network intrusion to money laundering. Examples shown will span investigation types from malware to wrongful imprisonment.

bio
Vincent has led security teams for clients globally and is now at an international finance organization where he specializes in incident response, forensics, and insider threat. He is also an instructor at the University of Miami’s Cybersecurity Professional program and has taught at NYU, UCF, and UC Long Beach.

Zeshan Aziz is an independent security researcher with experience in combatting and attributing information operations by nation-states and profit-motivated actors. He is also a Digital Sherlocks scholar at the Atlantic Council. He writes about globally relevant disinfo campaigns, cyber attacks against civil society, and is active in the OSINT community.

Matthew Eidelberg
Matthew Eidelberg
Engineering Fellow at Optiv

WORKSHOP - Stop Committing Your Secrets - Git Hooks To The Rescue

3:30 - 4:45 PM

Stop Committing Your Secrets - Git Hooks To The Rescue

No one wants their keys, passwords, and other secrets exposed. Ideally, no developer would ever hardcode anything like that into their work. Unfortunately, many repos are just one bad push from the world gaining access to sensitive data and mission-critical systems. In the best-case scenario, you can discover the issue and fix it before something terrible happens; but in the worst case, you don’t find out until it is too late. Just ask folks like Uber or Twitch.

Developers might be familiar with using .env and .gitignore files to help prevent Git from tracking specific files and folders, but did you know that you can leverage git hooks and some open source awesomeness to keep from accidentally committing your secrets in the first place?

Attend this workshop to:

  • Learn about the state of secrets sprawl
  • Gain a deeper understanding of the .git folder
  • Understand git security best practices
  • Set up your first git hook
  • Get hands-on help setting up a free GitGuardian Internal Monitoring account
  • Automate secrets detection before secrets can be pushed to your shared repositories


Bio
Dwayne has been working as a Developer Relations professional since 2015 and has been involved in the wider tech community since 2005. He loves sharing his knowledge by giving talks, and he has done so at over a hundred events worldwide. Dwayne currently lives in Chicago, and outside of tech, he loves karaoke, seeing live music, and doing improv.

Subscribe for Conference Updates

* indicates required






Contact Us

Questions? Send us an email.

If you are with the media, we have press passes available. Contact us for more information.

General Inquiries:  info [at ] hackmiami.com
Press/Media Inquiries: press [at] hackmiami.com
Sponsorship Inquiries: sponsors [at] hackmiami.com
CFP/Training Submissions: cfp [at] hackmiami.com