Talk Title: Automating Web App Security Testing Using Hubot Artificial Intelligence Chat Bot
Speakers: Abhijith BR and Thoufeeque NS
Abstract: This is the age of Automation, Artificial Intelligence and Machine learning. Even the most sophisticated tasks are being automated. Then why can’t we do the same for security testing as well? Pen-testing as a profession, we will have to repeat a lot of boring tasks on a daily basis. I have tried a lot of ways to automate some tasks using various methods. Finally ended up with Hubot from GitHub, which is an automation/AI Chat framework developed by GitHub using node.js
Hubot is popular in the technology world; mostly used for DevOps, ChatOps, DFIR etc
This presentation is all about customizing this bot and making it a virtual assistant only for web application testing; we can treat this bot as a person with huge amount of knowledge about information security; it can do so many things it was trained to do.
I managed to create and add a bunch of customized security testing interaction scripts to make our job much easier.
Other than automating manual testing scenarios, this bot can help us with messy corporate policies and rules. We tends to forget those corporate infosec policies all the time. We could just ask this guy; Hey bot, what is our password policy? Or what’s the list of secure SSL ciphers? Hubot will respond with all possible responses with less error rate.
It is possible to interact with our infosec chat from anywhere using mobile interfaces. I’m still working for writing more scripts to automate manual web app security testing; and making this bot much more useful for Web app pen-testers.
Talk Title: Exploiting Home Automation, The Esoteric Way/s!
Speaker: Arun Mane and Rushikesh Nandedkar
Abstract: The core idea of the talk is to discuss the practical attacks relating ZigBee and z-wave in Home Automation Hub. The demos are enumerated as under:
- Network discovery (ZigBee and z-wave)
- Eavesdropping (ZigBee and z-wave)
- Replay attack (ZigBee and z-wave)
- Acquiring privacy keys while reassociation (ZigBee and z-wave)
- Reversing hardware and firmware of Home Automation Hub
- Reversing hardware and firmware of some wireless sensors (e.g. dimmers, motion sensors)
- Killer Bee
- GNU Radio
- Scapy Radio
- Basics of Home Automation Hub and some sensors.
- How to approach/attack home automation hub.
- Where can the experiment possibly go wrong?
- How to troubleshoot issues.
- The input to set up offensive mind for attacking Home Automation Hub and other similar devices.
Talk Title: Shifting Paradigms in Cyber Network Operations
Speaker: Kamal Ranjan
Abstract: Modern cyber network operations, whether defensive or offensive suffer from a unique predicament. As professionals in the field of cybersecurity, we are inundated with information overload, defining return on investment, metrics, and politics. All the while we seek the same goals as our physical-world intelligence and counterintelligence counterparts, which is to protect the secrets that allow our organizations to provide for our way of life. By reframing the context of our daily cybersecurity duties into an intelligence and counterintelligence perspective, regardless of the offensive or defensive nature of the work, we can better protect our organizations by leveraging and applying centuries old, well-established fundamentals and practices of the intelligence and counterintelligence professions. Read More
Talk Title: Doing recon like it’s 2017!
Speaker: Bharath Kumar
Abstract: This talk discusses and demonstrates some interesting, latest reconnaissance techniques. The overall theme of this talk is to cover reconnaissance techniques that are relevant for today’s security assessments. We’ll delve deep into how these recon techniques work, why they are effective and tooling around them.
The rough outline of the talk is as following:
- What is reconnaissance?
- What are the main themes/aspects of a reconnaissance phase?
- Common reconnaissance techniques
- Emerging trends in reconnaissance
- Certificate Transparency as a recon technique
- DNSSEC zone walking for reconnaissance
- Reconnaissance in the age of APIs/DevOps
- Code repositories as a treasure trove of information
- Problems with the way reconnaissance is conducted
- Passive recon using public datasets
- Doing reconnaissance at a scale
Talk Title: Ineluctable weakness of logical vulnerabilities
Speaker: Ankit Giri
Abstract: This talk covers patterns that we have found in web applications while exploring business logic flaws. Business logic vulnerabilities make up only 5%-10% of the total vulnerabilities out there. These are difficult to detect but have the highest impact. There are multiple sources of information for legacy security vulnerabilities in applications such as OWASP & WASC. Hackers and pentesters try finding these legacy bugs using their experience and the common exploit scenarios known to them. The steps to follow searching for such bugs are available across the internet. On the other hand, when we talk about a business logic bug or a logical flaw, there seems to be much less information available, as there is no specific exploit scenario. These bugs vary drastically from one application to another. Business logic flaws are much more complex than they appear to be, because one can create a computer program according to the need or the logic the program intends to perform. However, it is difficult to predict the logical point of failures. Read More
Talk Title: Securing your Enterprise using CIS Critical Security Controls
Speaker: Vikas Singh Yadav
Abstract: Information Security is critical to ensuring protection of critical information and information systems. Most organisations implement Information Security in an ad hoc manner with few security controls sprinkled throughout the organisation after threats emerge and attacks happen. CIS Critical Controls are a set of 20 security controls which is based on “Offense informs Defense” concept. In this talk I will describe how we implemented CIS critical controls in our organisation to improve Information Security. The major achievement was to use low cost and open source tools to execute the project in limited time and budget.
Talk Title: Bitcoin Forensics – Unintelligible Yet Transparent
Speaker: Anupam Tiwari
Abstract: The increased use of cryptocurrencies such as Bitcoin among an increasing user base has opened a new avenue of research in the field of digital forensics ie Bitcoin Forensics. Since the creation of Bitcoin in 2008, cryptocurrencies have begun to make a presence in the world of e-commerce. Cryptography serves as the underlying foundation for Bitcoin, which gives it the benefits of confidentiality, integrity, non repudiation and authentication. Having been designed and built upon the foundation of these four objectives makes Bitcoin an attractive alternative to mainstream currency and provides users with the benefits of payment freedom, security, very low fees, and fewer risks for merchants.But with a pleothra of advantages that it offers,there is a definete side to worry too and thats the money laundering transactions.On an average it is estimated that around 3 lakh bitcoin transactions happen inside a day and its not an easy task any day for a forensic investigator to trace the origins here.The talk will bring out the technical overview and evolving forensics developments in the domain.
Talk Title: Symbolic Execution for Reverse Engineering
Speaker: Jai Verma
Abstract: This would be an introduction to SAT (Boolean Satisfiability) and SMT(Satisfiability Modulo Theories). It would then include how symbolic execution can be used to solve reverse engineering problems by modelling conditions as mathematical equations and constraints. This would be followed by a brief about how symbolic execution works and how code discovery is performed by a symbolic engine. This would be followed by 2 examples of solving a reverse engineering challenge using symbolic execution. The first method will demonstrate the use of the Z3 theorem prover from Microsoft Research. This would include modelling the conditions in the binary as boolean logic. The second example will demonstrate the use of angr which as another symbolic execution framework developed by the Computer Security Lab at UC Santa Barbara. This would be followed by a discussion on the shortcomings of symbolic execution and what steps can be taken to optimise the performance of a symbolic execution engine.
Talk Title: Security Automation for Red and Blue Team
Speaker: Suraj Pratap
Abstract: As I started working in a startup. Being a single person in information security team it was almost impossible to maintain all information security posture. I will talk about these topics.
- How I automate almost everything for information security using open source tools
- What are the challenges we faced during the automation
- What we have automated
- Automation of defensive (hardening, agents deployment, Log Management etc)
- Automation of attacking (Network scanning automation, web application automation, source code review automation.)
- Vulnerability management using open source tools
- Security event monitoring using open source tools we will open source all the scripts and configuration file that we used in automation.
Speaker: Dheeraj Joshi
- Cross-site Scripting (XSS) & CSP
- Cross-site Request Forgery (CSRF)
- HTTP Security Headers
- Other Best Practices