Mayhem 2021 Schedule

Mayhem is on Saturday, May 29th.
All times are U.S. Eastern Daylight Time (EDT).


Fuzzing: Finding Your Own Bugs and 0days!

Speaker: Rodolpho Concurde (ROd0X)

Abstract: This presentation has as objective to explain how 0day are found through Fuzzing technique. I'll be explaining how you can create a fuzzer, what are types of fuzzers and types of targets. And how you can find a Buffer Overflow vulnerability, and how to write step-by-step your own exploit. 2 PoC demos included, of course!

Got Cookies? Exploiting Vulnerabilities in Cookie Based Authentication

Speaker: Harsh Bothra

Abstract: Cookies are a widely used way to enable authentication in many of the applications out there. Over time, there has been a lot of security implications in Cookie-Based Authentication and new methods such as token-based authentication has entered the picture. Although many modern applications are adapting Token-Based authentication, Cookie-Based Authentication is still alive and can be observed in the wild.  In this talk, we will look at various attack scenarios that can be exploited in the wild if the application is using cookies for authentication, tracking, personalization, or some value reflections. 

Malware Hunting - Using Python as an Attack Weapon

Speaker: FilipiPires

Abstract:  The purpose of this presentation is to use python scripts to perform some tests of efficiency and detection in various endpoint solutions, during our demonstration we'll show a defensive security analysis with an offensive mind performing an execution some python scripts responsible for downloading some malware in Lab environment. The first objective will be to simulate targeted attacks using a python script to obtain a panoramic view of the resilience presented by the solution, with regard to the efficiency in its detection by signatures, NGAV and Machine Learning, running this script, the idea is to download these artifacts directly on the victim's machine. The second objective is to run more than one python script with daily malware, made available by MalwaresBazaar upon request via API access, downloading daily batches of malware . With the final product, the front responsible for the product will have an instrument capable of guiding a mitigation and / or correction process, as well as optimized improvement, based on the criticality of the risks.

Purple Team Maturity Model

Speaker: Jorge Orchilles and Tim Schulz

Abstract: Purple teaming is the new kid on the block, straddling the fence between red and blue teams, except this new kid doesn’t know what to be when they grow up. As processes and fields mature, standards of operation become the new normal. Blue teams have the multi-level security operations center (SOC) maturity model and hunting maturity model (HMM) to provide a clear path of capability building. Red teams have the Ethical Hacking Maturity Model, and can leverage frameworks like ATT&CK and David Bianco’s Pyramid of Pain to match emulation with their capability level. When it comes to purple, there is currently no such model for determining the maturity or capability level. This talk will present an approach to maturing a new purple team from scratch, allowing anyone to chart the path for an internal capability. We will use a multi-level approach to identify the skill sets, people, and processes needed to build a strong purple team. Audiences can expect to walk away with an understanding of where their organization sits in the Purple Team Maturity Model, and what skills their current blue and red teams can leverage to strengthen the organization’s purple capabilities.

Defeating EDRs using Dynamic invocation

Speaker: Jean-Francois Maes

Abstract: How can red team operators emulate covert operations and operate at the same level as a real threat group? EDR solutions can make the life of a red team operator significantly harder. Dynamic invocation (also known as D/Invoke) – a sub branch of the popular “Sharpsploit” project, can help with evading those pesky EDR’s and execute your payloads successfully. In this presentation, we will go over D/Invokes capabilities and how to leverage them in your red team operations.

The Big Threat to Security Teams

Speaker: Chloé Messdaghi

Abstract: Did you notice a shift in your mental health and/or your colleagues? Burnout was at an all time last year due to the surreal 2020. As we approach 2021, we recognize how critical mental health plays when accomplishing goals and productivity output. This talk dives into the factors that lead to burnout among security professionals, the clear line between burnout and failure to retain people on the security team, and how to invest in your team to make sure your team is able to thrive during stressful times. 

Bio: Chloé Messdaghi is an award-winning changemaker who is innovating tech and information security sectors to meet today and tomorrow demands. As a growth strategy consultant, she accelerates startups through solutions that empower organizations and people to stand out from the tech crowd. She is an international keynote speaker at major information security and tech conferences and events, and serves as a trusted source for national and sector reporters and editors, such as Forbes and Business Insider. Additionally, she is one of the Business Insider’s 50 Power Players of Cybersecurity, a SC Magazine honoree, Cybersecurity Advocate of the Year, and Cybersecurity Women of the Year by Cybersecurity Excellence Awards. Outside of consulting, she is the cofounder of WoSEC and Hacking is NOT a Crime, and founder of WeAreHackerz. She holds a Master of Science from The University of Edinburgh, and a BA in International Relations from University of California, Davis, as well as executive education certificates from Wharton and Cornell. Learn more:

B&E from A-Z

Speaker: Andrew Lemon

Abstract: Ever used airbags to open a door? From the old tried and true B&E techniques to the stuff you’ve never heard of—learn the tools and methods of the trade. Peek inside the kit of a red teamer as we cover the ways we broke into your data center even during lockdowns.

Hacking Routing Protocoles (OSPF, RIP, etc..)

Speaker: Kamal BENZEKKI

Abstract: Routing Protocol vulnerabilities will be discussed and a hacking demo will be presented on GNS3.

(c)2021, Red Team Village