[ :: mainpage :: register :: conference :: training :: call for papers (CFP) :: the venue ]
[ :: capture the flag (CTF) :: press/media :: conference agenda :: contact us ]
[ :: forum :: sponsors :: past conferences :: conference kit (PDF) ]

HITBSecConf2006 - Malaysia: VIDEOS RELEASED

Filed under: Main Page — Administrator @ 8:53 pm

December 15, 2006

We are pleased to announce that the videos from HITBSecConf2006 - Malaysia are now available for download. Broken down into 2 packs, the download’s are rather hefty at 6.52GB and 5.66GB each but is well worth the download. The videos are available for download from http://video.hitb.org

Here’s what’s in each package.

HITBSecConf2006 - Malaysia - PACK 1

KEYNOTE 1 - Schneier on Security - Bruce Schneier

Security Engineering in Windows Vista - Ian Hellen and Vishal Kumar
Playing with Botnets for Fun and Profit - Thorsten Holz
Taming Bugs - The Art of Writing Secure Code - Paul Boehm
Application Intrusion Prevention Systems - Fabrice Marie
Attacking the IPV6 Protocol Suite - Van Hauser
Writing Metasploit Plugins - From Vulnerability to Exploit - Saumil Shah
x.805 Standard - Ching Tim Meng
The World Through the Eyes of a Signature Developer - Jonathan Limbo
Client Honeypots - It’s Not Only the Network - Michael Davis
Triple Play; Triple Threats? IPTV Security - Yen-Ming Chen
Firefox Security - Window Snyder
Pentesting Java/J2EE - Discovering Remote Holes - Marc Schoenefeld
Visualizing Source Code for Auditing - Lisa Thalheim

HITBSecConf2006 - Malaysia - PACK 2

KEYNOTE 2: What application security tools vendors don’t want you to know and the holes they will never find - Mark Curphey and John Viega

Scapy and IPV6 Networking - Phil Biondi and Arnaud Ebalard
Finding Secrets in ISAPI - Nish Bhalla
Pentesting Windows Vista BitLocker Drive Encryption from the Inside - Douglas MacIver
HPP - A New Approach to Cybercrime - Raoul Chiesa
The Biggest Brother - Roberto Preatoni and Fabio Ghioni
Towards an Invisible Honeypot Monitoring System - Nguyen Anh Quynh
Hacking a Bird in the Sky - Hijacking VSAT Connections - Jim Geovedi and Raditya Iryandi
Smasing the stack for Profit; period - Rohyt Belani
Using Neural Networks and Statistical Machinery to Improve Remote OS Detection - Javier Burroni and Carlos Sarraute
MOSREF - Using Cryptography and Injectable Virtual Machines in Security - Wes Brown
Hacking Trust - Anthony Zboralski and Dave McKay
Yet Another Web Application Testing Toolkit - Fyodor Yarochkin and Meder Kydyraliev
VoIP Phreaking - SIPhallis Unveiled - The Grugq
Subverting Vista Kernel for Fun and Profit - Joanna Rutkowska

A bonus video of the charity auction is also included on the Day 2 pack! On a related note, the Call for Papers for HITBSecConf2007 - Dubai is now open! See you guys next year!

HITBSecConf2006 - Malaysia is over!

Filed under: Main Page — Administrator @ 6:54 am

October 9, 2006

Thank you to everyone who flew from all over the world to be with us this year! It was an amazing event with over 500 attendees hacking it up with 37 speakers in the final line-up! The conference materials and photos from the setup days, training days and conference itself have been released. All presentations will also be mirrored on Packet Storm

Presentation Materials:

http://conference.hitb.org/hitbsecconf2006kl/materials/ or http://conference.hackinthebox.org/hitbsecconf2006kl/materials/

Official Photos:

HITBSecConf2006 - Setup and Misc
HITBSecConf2006 - Training Day 1 and Day 2
HITBSecConf2006 - Conference Day 1 and Day 2
HITBSecConf2006 - Post Conference Party

Post Conference Press Coverage:

Computer World: Post-Sept. 11 security measures seen doing more harm than good
Computer World: At hacker conference, Microsoft gets credit for effort
CSO Online: HITB: Technology Outpacing Security Advances
Computer World: HITB - VOIP presents major security risk, expert warns
ARNnet: HITB - Researcher to make Blue Pill even harder to detect
Linux World: HITB - Be prepared, IPv6 is coming sooner than you think
CSO Online: Bruce Schneier: We Are Losing IT Security War
Computer World: Control Charlie
Zone-H: HITB Day 1 - Schneier on Security: 10 Trends
Zone-H: HITB Day 2 - Hackers Ain’t Bad
VoIP Lowdown: VoIP a Hackers Dream
BBC - Security Fears Raised at Conference
BBC (Radio) - Digital Planet
The Star - Delving deep into the hacker culture
BBC - Microsoft engaging with hackers
The Star - Hacking out of the box
BBC Television (Oct 7th) - Click - Microsoft engaging with hackers

Foreign Language

LOO3.com
CSO Online (China)
Microsoft recurre a los piratas
Microsoft se reune con hackers
Detalles del post: Microsoft lanza una nueva versión de Windows
Microsoft busca “hackers” para mejorar su sistema
“Hack in the Box” (Russian)

Blog Posts

Paul Ooi

HITB CTF Team @ Work
HITBSecConf Reports on Nanyang
HITBSecConf2006 - Training
HITBSecConf2006 - Conference Day
Sheep in the Box Source Code Released
HITBSecConf2006 - Finished

Meling Mudin

I pay to be called the boss
HITBSecConf2006 - CTF Summary
HITBSecConf2006 - CTF Winner
Sheep in the Box
Nanyang Article on CTF

Xwings

HITB Day 1
HITB Day 2

Red Dragon - CTF Summary
Prabu -HITBSecConf2006 - 9 Days Away
Geek00l - HITB Conference 2006
Christian Seifert - Client Honeypot presentation at the Hack In The Box Conference
nemesisv - Back from HITB 2006
Fyodor Yarochkin - Another Con
Meder Kydyraliev - HackInTheBox
Nitesh Dhanjani - Hack In The Box 2006
Thorsten Holz - Hack In The Box 2006 Honeypot Summary
F-Secure Weblog - HITB2006
Akram - Enough Said

HITBSecConf - LIVE WEBCAST

Filed under: Main Page — Administrator @ 9:52 am

September 19, 2006

For those of you who can’t make the trip over to Kuala Lumpur for HITBSecConf2006 - Malaysia, we have arranged to make the following sessions available LIVE through http://webcast.hackinthebox.org

Day 1

1.) Welcome Address by MCMC
2.) Bruce Schneier - Schneier on Security (WEBCAST SESSION)
3.) Ian Hellen and Vishal Kumar - Security Engineering in Windows Vista

Day 2

1.) Mark Curphey and John Viega - What application security tools vendors don’t want you to know and holes they will never find!

We will also provide LIVE audio streams of the entire conference throughout both days as well. Please click here for the conference agenda.

Calling all CTF Teams! REGISTER NOW!

Filed under: Main Page — Administrator @ 11:51 am

September 16, 2006

REGISTRATION FOR CTF IS NOW CLOSED

We have space for 10 teams as always and this year’s line up so far includes:

1.) F1r3wAll burn3r5 - SIG^2 SINGAPORE
2.) Team Zone-H - ITALY
3.) Qb1t - SIG^2 SINGAPORE
4.) Project Tango UITM - MALAYSIA
5.) Stealther - MALAYSIA
6.) FullDupl3x - MALAYSIA
7.) Tango Junior UITM - MALAYSIA
8.) Kickers - SINGAPORE
9.) DOKDO-KOR (PADOCON) - KOREA

Team servers will be configured with Ubuntu 6.06 (FreeBSD option is no longer offered)

Hints

  • Plan, plan, plan.
  • Be organized. 1 team principal. 1 firewall/IDS expert. 1 l33t sysadmin. 1 l33t hacker. 1 code junky would be a good line up.
  • Learn, learn, learn. Learn what the Score Server wants, and please it.
  • Learn how to attack the reference distributions.
  • Learn the importance of taking backups, in order to restore yourself to a known state in the unlikely event that your server has been r00ted or 0wn3d.

    Prizes

    1st Place - RM3,000
    2nd Place - RM2,000
    3rd Place - RM1,000

    For the full list of rules and regulations, please take a look at the Capture The Flag page.

  • UPDATE: On a related note, we have updated the Press/Media page with all the pre-conference coverage that HITBSecConf has received thus far.

    HITBSecConf2006 - Conference Agenda is now online

    Filed under: Main Page — Administrator @ 12:21 pm

    May 15, 2006

    The conference agenda for the 2 day Dual-Track Security Conference is now online! HITBSecConf2006 will see well over 30 speakers presenting their papers over the 2 day period and is expected to draw over 600 attendees from around the world. Below are the titles of the presentations attendees can expect to see:

    Keynotes:

    Schneier on Security

    What application security tools vendors don’t want you to know and holes they will never find!

    Papers & Presentations:

    Firefox Security

    The world through the eyes of a signature developer

    X.805 Standard

    Security Engineering in Windows Vista

    Pen Testing Windows Vista BitLocker Drive Encryption from the Inside

    Triple Play; Triple Threats? IPTV Security

    Pentesting Java/J2EE: Discovering Remote Holes

    Subverting Vista Kernel for Fun and Profit

    VoIPhreaking: SIPhallis Unveiled

    Attacking the IPv6 Protocol Suite

    A new approach to Cybercrime: The Hackers Profiling Project (HPP)

    Playing with Botnets for Fun and Profit

    Taming Bugs: The Art and Science of Writing Secure Code

    Application Intrusion Prevention Systems: A new approach to protecting your data

    Writing Metasploit Plugins - From Vulnerability to Exploit

    Client Honeypots - It’s not only the network

    Visualization of Source Code for Auditing

    Scapy and IPv6 networking

    Finding Secrets in ISAPI

    The Biggest Brother

    Towards an Invisible Honeypot Monitoring Tool

    Smashing the stack for profit - period

    Hacking a Bird in The Sky: Hijacking VSAT Connections

    Using Neural Networks and Statistical Machinery to Improve Remote OS Detection

    Yet Another Web Application Testing Toolkit (YAWATT)

    MOSREF: Using Cryptography and Injectable Virtual Machines in Security


    If you haven’t registered for your seats, you are strongly encouraged to do so early as places are limited and spaces are going fast!

    REGISTER NOW

    Hack In The Box Security Conference 2006 - Malaysia

    Filed under: Main Page — Administrator @ 10:16 am

    February 22, 2006


    Welcome to the official homepage of HITBSecConf2006- Malaysia. The main aim of the HITBSecConf conference series is to enable the dissemination, discussion and sharing of deep knowledge network security information. Featuring presentations by respected members of both the mainstream network security arena as well as the underground or black hat community, HITBSecConf2006 - Malaysia will see over 30 of the world’s leading network security specialists down to present their research and findings. Set to take place from September 18th - 21st 2006 at The Westin Kuala Lumpur, the event will feature 7 hands-on technical training sessions and 2-days of deep knowledge presentations.

    Event Details

    Venue: The Westin Kuala Lumpur
    199 Jalan Bukit Bintang
    55100 Kuala Lumpur

    Date: 18th September
    Time: 0900 - 1800
    Item: 7-tracks Hands-On Technical Training (Day 1)

    Date: 19th September
    Time: 0900 - 1800
    Item: 7-tracks Hands-On Technical Training (Day 2)

    Date: 20th September
    Time: 0900 - 1800
    Item: Dual Track Security Conference & Capture The Flag ‘Live Hacking’ Competition (Day 1)

    Date: 21st September
    Time: 0900 - 1800
    Item: Dual Track Security Conference & Capture The Flag ‘Live Hacking’ Competition (Day 2)

    Hands-On Technical Training

    TECH TRAINING 1 - Advanced Web Application & Services Hacking
    Trainer: Umesh Nagori (Vice President, Net-Square) & Lyra Fernandes (Principal Analyst, Net-Square)

    TECH TRAINING 2 - Attacking & Defending Networks (Advanced Linux Edition)
    Trainer: Nish Bhalla (VP Consulting Solutions, Security Compass)

    TECH TRAINING 3 - The Exploit Laboratory
    Trainers: Saumil Shah (Director, Net-Square) & SK Chong (Scan Associates)

    TECH TRAINING 4 - Tactical VoIP : Applied VoIPhreaking
    Trainer: The Grugq (Independent Network Security Researcher)

    TECH TRAINING 5 - War Driving .Gov
    Trainers: Anthony Zboralski (Founder HERT & PT Bellua Asia Pacific) with Jim Geovedi (Member HERT & Security Consultant PT Bellua Asia Pacific).

    TECH TRAINING 6 - Structured Network Threat Analysis and Forensics
    Trainers: Meling Mudin (spoonfork) & Lee Chin Sheng (geek00l)

    TECH TRAINING 7 - Yin and Yang of Java Security Programming
    Trainer: Marc Schonefeld

    HITBSecConf2006 - Keynote Speakers

    1.) Bruce Schneier (Chief Technology Officer, Counterpane Internet Security)
    2.) Mark Curphey (Vice President, Foundstone Professional Services - A division of McAfee Inc.)
    3.) John Viega (Chief Security Architect, McAfee Inc.).

    HITBSecConf2006 - Speakers (alphabetical order)

    1.) Anthony Zboralski (Founder, HERT & PT. Bellua Asia Pacific)
    2.) Arnaud Ebalard (Security Research Engineer, EADS Corporate Research Center)
    3.) Carlos Sarraute (Senior Researcher, Core Security Technologies)
    4.) Ching Tim Meng (Regional Security Consultant, Lucent Worldwide Services)
    5.) Douglas MacIver (Penetration Engineer, Microsoft Penetration Team, Microsoft Corporation)
    6.) Fabio Ghioni (Independent Advisor to various MNCs and Government organizations)
    7.) Fabrice Marie (Manager, FMA-RMS Singapore/Malaysia)
    8.) Fyodor Yarochkin (Co-Author, XProbe)
    9.) Ian Hellen (Security Program Manager, Windows Security Engineering Team, Microsoft Corporation)
    10.) Javier Burroni (Senior Developer of Core Impact, Core Security Technologies)
    11.) Jim Geovedi (Member of HERT & Security Consultant, PT Bellua Asia Pacific)
    12.) Joanna Rutkowska (Senior Security Researcher, COSEINC)
    13.) Jonathan Limbo (Security Researcher, Cisco Systems)
    14.) Lisa Thalheim (Independent Network Security Consultant)
    15.) Marc Schonefeld (Independent Network Security Consultant)
    16.) Meder Kydyraliev (Co-Author, XProbe)
    17.) Michael Davis (Member, The Honeynet Project.)
    18.) Nguyen Anh Quynh (PhD student of Keio university, Japan)
    19.) Nish Bhalla (VP Consulting Solutions, Security Compass)
    20.) Paul Boehm (Founding member of TESO Security, Security Consultant, SEC Consult)
    21.) Philippe Biondi (Research Engineer at EADS Corporate Research Center)
    22.) Raditya Iryandi (Information Security Consultant, Bellua Asia Pacific)
    23.) Raoul Chiesa (Board of Directors Member@ Mediaservice.net ISECOM Group & TSTF)
    24.) Roberto Preatoni (Founder, Zone-H Defacement Mirror)
    25.) Rohyt Belani (Director, Mandiant)
    26.) Saumil Shah (Director, Net-Square)
    27.) Thorsten Holz (HoneyNet Project Germany, Independent Network Security Researcher)
    28.) The Grugq (Independent Network Security Researcher)
    29.) Van Hauser (Founder, THC.org and Security Consultant at n.runs GmbH)
    30.) Vishal Kumar (Security Program Manager, Secure Windows Initiative Team, Microsoft Corporation)
    31.) Wes Brown (Founder, Ephemeral Security)
    32.) Window Snyder (Chief Security Something-or-Other, Mozilla Foundation)
    33.) Yen Ming Chen (Senior Managing Consultant, Foundstone - A division of McAfee Inc.)



    Event Organizer


    Hack In The Box (M) Sdn. Bhd.

    Supported & Endorsed By


    Malaysian Communications and Multimedia Commission (MCMC)


    Malaysian Administrative Modernisation & Management Planning Unit

    Platinum Sponsors


    Foundstone - A division of McAfee Inc.

    Microsoft Corporation

    Main Sponsors

    Cisco Systems

    Lucent Technologies - Bell Labs Innovations

    Official Airline Partner


    Internet Bandwidth Sponsor


    AIMS - Malaysia's Telecommunications Hub

    Official Hotel


    Westin Kuala Lumpur

    CTF Sponsor


    Ascendsys

    CTF Prize Sponsor


    Scan Associates Berhad.


    Our Speakers Are Supported By:


    Bellua Asia Pacific


    Core Security Technologies

    Media Partners:

    InfoSec News

    (ISN) InfoSec News

    Virus Bulletin online magazine is dedicated exclusively to reporting and analysing malicious computer programs and spam. The annual Virus Bulletin conference is cited by many in the industry as the anti-malware event of the year.

    Insecure Magazine

    Phrack Magazine

    Hakin9 Magazine

    Supporting Organizations


    HERT


    ISECOM - Insititue for Security and Open Methodologies


    IT Underground


    Chaos Computer Club (Germany)


    X-Focus China

    Zone-H Defacement Mirror


    Xatrix Security


    SyScan


    Special Interest Group in Security & Information InteGrity Singapore