Here are some of the selected papers. Rest will be added as soon as we get confirmation from speakers
Mantra – Free and Open Source security framework based on browser platform (Abhi M Balakrishnan)
It is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. Mantra is a security framework which can be very helpful in performing all the five phases of attacks including reconnaissance, scanning and enumeration, gaining access, escalation of privileges, maintaining access, and covering tracks. Apart from that it also contains a set of tools targeted for web developers and code debuggers which makes it handy for both offensive security and defensive security related tasks.
Mantra is lite, flexible, portable and user friendly with a nice graphical user interface. You can carry it in memory cards, flash drives, CD/DVDs, etc. It can be run natively on Linux, Windows and Mac platforms. It can also be installed on to your system within minutes. Mantra is absolutely free of cost and takes no time for you to set up.
Windows Memory Forensic Analysis (Ashish Kunte)
A Detailed Analysis of live activities from the contents of RAM on a Windows XP Machine. To find interesting information from the Live Memory, where the suspicious process can be identified and analyzed. This analysis includes methods using easily accessible tools and frameworks. Analysis finds such information that can not be found on the hard drive during a post-mortem analysis, specifically encrypted, compressed or hidden processes.
# List of Processes, Threads, Thread Dispatcher Objects
# Loaded DLLs, DLL Extraction and File Handles
# Network Details, Sockets, Open TCP Connection, Open Ports.
# VAD and Virtual to Physical Address Translation
# Windows registry details and open registry keys from live memory
# SSDT and Hidden Modules and API Hooks in kernel space and user space
are we entering State of Mobile Sabotage age ? (Dror Shalev)
Latest smartphone evolution , which bring always on, always connected mobile mini-computers , carry strong Hardware , with tons of users content are becoming new frontier for hackers armed with malware/viruses. Apps stores model revolution ,with open garden or closed garden approach , combined with the fact that people start to pay for content , and the problem of long tale – more then 100k apps in the market, are letting us understand that we are facing a new age in Mobile Security: the age of Mobile Sabotage.
come to get a peek how our online cellular world is going to be soon.
come to see how the age of Mobile Sabotage is going to change our future.
Data theft in India(K K Mookhey)
This talk looks at the Indian scenario, where data theft is rampant and is beginning to affect each and every person. Through the use of case studies the presentation tries to dig deeper into how such information is getting leaked out and the sort of market that exists for this data. There will be a few real life cases discussed
Attacking with HTML5 (Lava Kumar)
Web developers and users assume that just because their site does not implement any HTML5 features they are unaffected. Also a large section of the internet community believes that HTML5 is only about stunning graphics and video streaming. This talk will show how these assumptions are completely contrary to reality.
This presentation will show how existing ‘HTML4’ sites can be attacked using HTML5 features in a number of interesting ways. Then we look at how it is possible to use the browser to perform attacks that were once thought to require code execution outside the sandbox. Finally we look at an attack where the attacker is not interested in the victim’s data or a shell on the machine but is instead after something that might perhaps even be legal to steal!
Ultimate Pen Test – Compromising a highly secure environment (Nikhil Mittal)
Many of us do Pen Testing as our daily job. So what type of environments we have tested? Some have unnecessary ports open on the firewall, some do not have poorly patched DMZ Severs, some do poor egress filtering, and some trust their internal network. What I am going to present here is Pen testing a highly secure environment. By secure I mean an environment where you literally have layered security with multiple security controls, policies and devices on each layer. The environment contains Gateway level firewalls and IPS, internal firewall and IPS, host level firewall, HIDS, HIPS and antivirus systems, Servers are patched and hardened, Internet access is restricted to some counted white list based websites, there are dedicated teams for monitoring abnormal activities (who emphasize on blocking 0day vulnerabilities, told to us later on). It seemed that every step of a regular pen test was kept in mind while designing the security architecture, regular methods just did not work.
Like a regular Pen test the only info given was a bunch of IP and organization name. Recon was toughest and longest one, spreading across weeks and was done in several phases and with different privileges. While compromising, multiple attack vectors were cleverly chained together and the Security Operations team was there to be dealt with. And yes, access was maintained on production servers.
Firefox Security! (Prasanna Kanagasabai)
This paper aims to detail some of the techniques and methods that exist to subvert a fully patched and functioning browser Firefox. This aims to provide insight to developers and end users on some methodologies when used could be subverted by malicious users. We will understand some of the basic important components that make up the Mozilla platform and various attacks that can be targeted against it.
Cloud computing for Crime & Forensic (Terence Sequeira)
Cloud computing has the potential to become one of the most transformative developments in how information technology services are created, delivered, and accessed. At the same time it gives cyber criminals enormous potential to leverage this technology to commit crimes more effectively.
The new environment for rising cyber crimes demands principles and procedures of cyber forensics too to be upgraded to the cloud environment.
As cloud begins to move beyond the pure hype stage and into the beginning of mainstream adoption, lets take a closer look at
* Caas (Crime as a Service)
* Faas (Forensics as a Service)
Register for Technical Briefings here