- Hyderabad'17
- About Schedule
SCHEDULE nullcon Hyderabad 2017
YOUR ITINERARY FOR Hyderabad 2017
| Registration | Start | Lunch | End | Venue | Training Name | Trainer Names |
|---|---|---|---|---|---|---|
| 8:30 to 9:00 | 9:00 | 13:00 to 14:00 | 18:00 | Courtyard Marriot, Hyderabad | Xtreme Web Hacking | Akash Mahajan & Riyaz Walikar |
| 8:30 to 9:00 | 9:00 | 13:00 to 14:00 | 18:00 | Courtyard Marriot, Hyderabad | Reverse Engineering & Malware Analysis | Abhishek Datta |
| 8:30 to 9:00 | 9:00 | 13:00 to 14:00 | 18:00 | Courtyard Marriot, Hyderabad | Xtreme Exploitation | Omair |
| Start | Lunch | End | Venue | Training Name | Trainer Names |
|---|---|---|---|---|---|
| 9:00 | 13:00 to 14:00 | 18:00 | Courtyard Marriot, Hyderabad | Xtreme Web Hacking | Akash Mahajan & Riyaz Walikar |
| 9:00 | 13:00 to 14:00 | 18:00 | Courtyard Marriot, Hyderabad | Reverse Engineering & Malware Analysis | Abhishek Datta |
| 9:00 | 13:00 to 14:00 | 18:00 | Courtyard Marriot, Hyderabad | Xtreme Exploitation | Omair |
| Start | End | Training | Venue | Training Name | Trainer Names |
|---|---|---|---|---|---|
| 9:00 | 17:00 | Training 1 | The Byke's Old Anchor Resort, Goa | Practical IoT Hacking | Aseem Jakhar |
| 9:00 | 17:00 | Training 2 | The Byke's Old Anchor Resort, Goa | Advanced Infrastructure Security Assessment Training | Abhisek Datta & Omair |
| 9:00 | 17:00 | Training 3 | The Byke's Old Anchor Resort, Goa | Assessing And Exploiting Industrial Control Systems | Justin Searle |
| 9:00 | 17:00 | Training 4 | The Byke's Old Anchor Resort, Goa | Cloud Security For Devs & Ops/td> | Akash Mahajan & Riyaz Walikar |
| 9:00 | 17:00 | Training 5 | Holiday Inn Resort, Goa | The Web Application Hacker's Handbook, Live Edition | Marcus Pinto |
| 9:00 | 17:00 | Training 6 | Holiday Inn Resort, Goa | Practical RFID/NFC Hacking Training | Adam Laurie |
| 9:00 | 17:00 | Training 7 | Holiday Inn Resort, Goa | Low level Hardware reversing (Basic) | Javier-Vazquez Vidal & Ferdinand |
| 9:00 | 17:00 | Training 8 | Holiday Inn Resort, Goa | Audit +++ (OPSE Certification) | Joerg Simon |
| 9:00 | 17:00 | Training 9 | Holiday Inn Resort, Goa | Xtreme Android Exploitation Lab | Anant Shrivastava & Anto Joseph |
| 9:00 | 17:00 | Training 10 | Holiday Inn Resort, Goa | Understanding and Exploiting Cryptography & PKI Implementations | Ajit Hatti |
| 9:00 | 17:00 | Training 11 | Holiday Inn Resort, Goa | Windows Kernel Exploitation | Ashfaq Ansari |
Night Track
| Start | End | Ballroom A | Ballroom B+C |
|---|---|---|---|
| 17:00 | 20:30 | Registration | |
| 20:30 | 21:00 | Blackshield Awards | |
| 21:00 | 21:20 | BountyCraft | NULL Community Talk |
| 21:20 | 21:40 | The Mirai BotNet and where DDoS attacks are headed by Ben Herzberg | |
| 21:40 | 22:00 | Case Study on RFID (proximity cards) hacking by Sarwar Jahan & Ashwath Kumar | |
| 22:00 | 22:20 | Hackers! Do we shoot or do we hug? By Edwin Van Andel | |
| Start | End | Ballroom A | Ballroom B+C | Carnival | CXO Track (Exhibition Area) |
Woto |
|---|---|---|---|---|---|---|
| 8:30 | 9:45 | Registration | ||||
| 9:45 | 10:00 | Opening Note | ||||
| 10:00 | 10:45 | Keynote By Joshua Pennel - Silicon: Security's New Layer | ||||
| 10:45 | 11:00 | BREAK | ||||
| 11:00 | 12:00 | How to be successful in the Azure bug bounty by Michael Hendrickx | Antivirus Evasion Reconstructed - Veil 3.0 by Christopher Truncer | CXO Panel "Digital warriors: India and the Future of Conflict on the Internet" | ||
| 12:00 | 13:00 | Increasing your impact on Facebook Bug Bounty by Jack Whitton | Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To) D""e`Tec`T 'Th'+'em' by Daniel Bohannon | CXO Panel "Breach Response - Time to shake up the status quo" | ||
| 13:00 | 14:00 | LUNCH | ||||
| 14:00 | 14:45 | Great Bugs in Google VRP in 2016 by Martin Straka, Karshan Sharma | Nearly generic fuzzing of XML-based formats by Nicolas Gregoire | Workshop Introduction to Logical Windows Privilege Escalation by James Forshaw |
CXO Panel "Securing Critical National Infrastructure" | ICS Village by Arun Mane |
| 14:45 | 15:30 | Bug Bounty Reports - How do they work by Adam Bacchus | Drone Hijacking and other IoT hacking with GNU Radio and SDR by Arthur Garipov | CXO Panel "Cyber-Security Blue-Print for a Future!" | [WORKSHOP - Invite Only] Digital & Social Media Forensic by Manu Zacharia | |
| 15:30 | 16:00 | BREAK | ||||
| 16:00 | 16:45 | How to Interact with Bug Bounty Programs by Faraz | Barbarians at the Gate(way) by Dave Lewis | Workshop Adversarial Machine Learning by Anto Joseph |
CXO Panel "Hardware Security: Foundational Block of Cyber Battlefield" | [WORKSHOP - Invite Only]Digital & Social Media Forensic by Manu Zacharia |
| 16:45 | 17:15 | Address by Guest of Honor, Shri Alok Joshi (IPS), Chairman NTRO | ||||
| 17:15 | 17:45 | Hackers InSight | ||||
| 19:30 | 22:00 | Invite only Nullcon Networking Party | ||||
| Start | End | Ballroom A | Ballroom B+C | Carnival | CXO Track (Exhibition Area) |
|---|---|---|---|---|---|
| 8:30 | 9:30 | Breakfast with Winja (Invite Only) |
|||
| 10:00 | 10:45 | Keynote by Karsten Nohl - When enough is enough: The limits of desirable security. | |||
| 10:45 | 11:00 | BREAK | |||
| 11:00 | 12:00 | Training Machines for Application Scanning in Retro Style by Bharadwaj Machiraju | Hypervisors in Your Toolbox: Monitoring and Controlling System Events with HyperPlatform by Satoshi Tanda & Timo Kreuzer | Winja CTF | CXO Panel - Challenges in securing the cloud |
| 12:00 | 13:00 | Explorer's Guide to Shooting Satellite Transponders by Jay Turla | Case study of SS7/Sigtran assessment by Akib Sayyed | CXO Panel - Application Security Opportunities and Challenges in a DevOps World | |
| 13:00 | 14:00 | LUNCH | |||
| 14:00 | 14:45 | Hacking medical devices and infrastructure by Anirudh Duggal | 7 sins of ATM protection against logical attacks by Timur Yunusov | [Workshop] Security Testing of Docker Containers and Applications by Akash Mahajan |
DevOpSec: Rapid Security in the Cloud with AWS and CIS by Mikhail Advani & Rajesh Tamhane |
| 14:45 | 15:30 | The Art of Bootloader Unlocking: Exploiting Samsung Sboot by Nitay Artenstein | Blockchain and security : bank and insurance applications by Renaud Lifchitz | Engineering Better Security at Facebook by Karen Sittig | |
| 15:30 | 16:00 | BREAK | |||
| 16:00 | 16:45 | p≡p ≡ pretty Easy privacy: making privacy the default for everyone by SVA | Injecting Security into Web apps with Runtime Patching and Context Learning by Ajin Abraham | Social Engineering Village by Neelu Tripathy | Agility with security mitigations in Windows 10 by Swamy Nagaraju |
| 16:45 | 17:30 | Closing Keynote by Ashish K - NextGeneration Threat detection using AI | BOF Quiz | ||
| Start | End | Title | Speaker | Abstract | Company |
|---|---|---|---|---|---|
| 9:00 | 11:00 | Conference Keynote | |||
| 11:00 | 11:50 | How to be successful in the Azure bug bounty | Michael Hendrickx | Microsoft will teach you how to spin up Azure and discuss techniques to find vulnerabilities. 5 Free MSDN licenses will be given out to the top researchers in the room. Microsoft will announce a bonus bounty period during this talk. |
Microsoft |
| 11:50 | 12:00 | BREAK | |||
| 12:0 | 12:50 | Increasing your impact on Facebook Bug Bounty | Jack Whitton | Learn about how to successfully find and report high impact vulnerabilities to Facebook's Bug Bounty Program. |
|
| 1:00 | 2:00 | Conference Lunch | |||
| 2:10 | 3:00 | Great Bugs in Google VRP in 2016 | Martin Straka, Karshan Sharma |
In this talk we cover in detail the best vulnerability reports we received in 2016. |
|
| 3:00 | 3:30 | How to Interact with Bug Bounty Programs | Faraz | BugCrowd | |
| 3:30 | 4:00 | Conference Tea Time | |||
| 4:00 | 4:45 | Bug Bounty Reports - How do they work | Adam Bacchus | Whether you are new to bug bounty programs or a veteran, this talk will help you learn how you get more money, better reputation and ensure a quick turnaround from the various companies presenting to you today. |
HackerOne |
| 4:45 | 5:00 | Closing Remarks | Josh Armour | ||