Seminars

ToorCon's 6th annual intensive seminar sessions are aimed to provide the best information for decision makers and IT/IS professionals. Entrance to the seminars includes admission to all of the seminar talks on Friday, September 26th 2008, complementary breakfast and lunch, and general conference admission. Pre-registration for the seminars is now Closed. Onsite registartion only. We can not accept credit cards at the door, please have cash or a check. We are also offering a discount when you register for both the workshops and the seminars. Our pricing schedule is listed below:

Register Today >>

Seminar Lineup

The Deep Knowledge Seminars this year conists of 5 90-minute talks geared towards our corporate audience that wants more detailed information presented in a more intimate environment.

Owning the Users with The Middler

This talk introduces a new open source, plugin-extensible attack tool for exploiting web applications that use cleartext HTTP, if only to redirect the user to the HTTPS site. We'll demonstrate attacks on online banking as well as Gmail, LinkedIn, LiveJournal and Facebook. We'll also compromise computers and an iPhone by subverting their software installation and update process. We'll inject Javascript into browser sessions and demonstrate CSRF attacks.

Our new tool, The Middler, automates these attacks to make exploiting every active user on your computer's network brain-dead easy and scalable. It has an interactive mode, but also has a fire-and-forget mode that can perform these attacks automatically without interaction. Written in Ruby, this tool is easy to both extend and add into other tools.

Jay Beale

Jay Beale is an information security specialist, well known for his work on threat avoidance and mitigation technology. He's written two of the most popular security hardening tools: Bastille UNIX, a system lockdown and audit tool that introduced a vital security-training component, and the Center for Internet Security's Unix Scoring Tool. Both are used worldwide throughout private industry and government. Jay also contributed to the OVAL project and the Honeynet Project. Jay has served as an invited speaker at a variety of conferences worldwide as well as government symposia. He's written for Information Security Magazine, SecurityFocus, and SecurityPortal. Jay has co-authored or edited nine books in the Information Security space. Six of these make up his Open Source Security Series, while two are technical works of fiction in the "Stealing the Network" series.

Jay is a security analyst and managing partner at Intelguardians, where he gets to work with brilliant people on topics ranging from application penetration to virtual machine escape. Prior to this, Jay served as the Security Team Director for MandrakeSoft, helping set company strategy, design security products, and pushing security into the then third largest retail Linux distribution.

Digital Forensics - Footsteps in the Snow

Attacking systems is a bit like walking in snow. If you are not paying attention to your actions, it is really easy to leave a trail. If you want to remain subtle however, there are tactics that one can take to minimize the system footprint left on the system. We will show the way actions taken by an attacker show up on the network and the compromised host. As both forensic investigators and penetration testers, we believe the two fields build upon each other as a Yin/Yang relationship. Those engaged on either end of the exploited system life cycle will find this interesting.

James O'Gorman

James O'Gorman is a consultant with Continuum Worldwide. In his over 10 years of working in information technology, James has worked in consulting, support, and managerial positions at companies across a spectrum of industries. Specializing in information security, James has made contributions in to the industry in the way of speaking engagements, papers, tool and process development that have been made available to the community. A member of the GIAC advisory board and the Omaha ISSA chapter, James holds OSCP, CISSP, GCIA and GCFA certifications. Working off the principal that the better one is at breaking into systems the better one is investigating break-ins, James has focused at Continuum on penetration testing and incident response/computer forensics.

Matthew Churchill

Matt Churchill is the Director of Digital Forensics and Cyber Investigations for Continuum Worldwide.  Matt is a former member of the FBI's Cyber Crimes Task Force and former Deputy Douglas County Sheriff of ten years, where he conducted digital forensic examinations.  Matt is a graduate of UNO and has earned the professional designations of Certified Forensic Computer Examiner (CFCE), Certified Computer Examiner (CCE), Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH).  Matt is a founding member and current President of the Nebraska Chapter of the High Technology Crime Investigation Association (HTCIA) and he is a member of the International Association of Computer Investigative Specialists (IACIS), the International Society of Forensic Computer Examiners (ISFSE) and Infragard. 

Repurposing the TI EZ430 Development Tool

The twenty dollar EZ430-F2013 development kit includes both a programmer board and a target board, but users are only expected to write software that runs on the latter.  This lecture covers methods of reprogramming the programmer, which in hardware is little more than an MSP430F1612 paired with an 8051-based USB device controller.  Topics include dumping the original firmware by JTAG, reverse engineering that firmware to determine proper I/O pin configurations, managing the USB controller, and more.  The result is a repurposed development kit with which users can build their own USB peripherals.

Travis Goodspeed

Travis Goodspeed is a neighborly reverse engineer from Knoxville, Tennessee. He has spoken at ToorCon 9 and the Texas Instruments Developer Conference regarding stack overflow exploits of wireless sensor networks, at Black Hat USA 2008 regarding a side-channel timing attack against the password protection mechanism of the MSP430's serial bootstrap loader, and at various other conferences regarding the reverse engineering of MSP430 firmware.

The Evolution of Cyber Crime

In the past two years, the industry has seen an upsurge in data breaches affecting millions of consumers and causing corporations to pay heavily in fines. With the sophistication of cyber crime tactics, security professionals are faced with the challenge of defending against a new breed of malware designed to remain hidden and undetectable by traditional security solutions. This new breed no longer relies on massive propagation or destructive pay-loads; rather, the sole purpose is economical gain. Data breaches can lead to exposure of consumer information through a number of different ways that vary in complexity. The common perception associated with a data breach is the difference between data being extracted from physical assets stolen and actual breaches in perimeter security (electronic).

The business of cyber crime is increasingly rapidly and is becoming an epidemic as the industry has already witnessed a number of electronic breaches that have accounted for some of the most famous incidents of 2007 and 2008 including TJ Maxx, Monster.com and Hannaford Bros. According to a study conducted by the Identity Theft Resource Center (ITRC), the financial community has already experienced twice as many incidents in 2008 as then have in all of 2007. These incidents go hand in hand with regulatory laws that were supposedly designed to mitigate and reduce the risk window in an attempt to avoid such embarrassing situations.

Now and in the future, implementing measures to protect against data breaches will be critical to the survival of any corporation. It’s not a matter of if a company will be breached, but a matter of when, therefore; it’s important that the primary goal is to significantly reduce the acceptable loss and mitigate the window of risk.

Ryan Sherstobitoff

Ryan Sherstobitoff is chief corporate evangelist of Panda Security. Sherstobitoff oversees and manages the strategic response to new and emerging virus attacks.

Sherstobitoff’s extensive experience includes work designing and managing network infrastructures, as well as mobilizing and managing security technologies throughout widely dispersed large-scale networks. Sherstobitoff has worked on a variety of security technologies in a myriad of platforms and environments, including financial, industrial, and service infrastructures.

Prior to joining Panda Security, Sherstobitoff worked as a consultant for GE and Crystal Decisions (Business Objects).

Sherstobitoff earned a professional designation in Information Systems from Okanagan University in British Columbia. He holds industry certifications in Microsoft MCSE, Microsoft MCSA, A+, Cisco CCNA and Comptia A+ Certified.

AppSec A-Z: Reverse Engineering, Source Code Auditing, Fuzzing, and Exploitation

For many years hackers have been reversing code, scanning source, fuzzing applications, and crafting lethal exploits.  It’s time for security researchers, consultants, testers, and administrators to freshen up their skills by walking back through the computer science fundamentals of these techniques.  This is a deeper knowledge lecture series intended to bring newbs up from the ground, and challenge pros that have been at it for a while.  Bring your Red Bull as the prior Prof. DeMott walks through 6 lectures that he designed for his security class.

Jared DeMott

Jared DeMott is a security researcher for Crucial Security, frequent speaker, former teacher, and author (fuzzing book with Takanen and Miller). He is been deeply involved in the security community since he started going to security cons in 2000.  Jared is probably best known for the fuzzing tool, GPF, which he released in 2005.