Pumpcon 2010 Speakers who do not want to remain anonymous:
Mudsplatter
(apt-get remove logical_thinking) trolling for sensitive information
Abstract / Bio
This talk will show and demonstrate why social engineering done right and not by Kevin Mitnick can be the most powerful tool a new fag can use. It will further go in to confidence building and the plannings of a attack in simple to follow step by step terms for educational purpose only. Also it is not a very good idea to write a abstract on a caturday when you started drinking since 7 am to keep the goats away. I forgot what i was talking about, o ya its about doing what ever you want to person and breaking the profiles of people down.
Mudsplatter has served four years in the U.S. Air Force as a computer, network, crytography, and telephone switching tech. He has also served a year with the NSHC in South Korea, performing research and development as the senior master security engineer and lead security consultant and is currently the acting military liaison for NeoCatena Systems. He's also the only person I know that has been thrown out of the UAT Tech Forum for doing what he does.
Kanen Flowers
Weaponizing Lisp
Abstract / Bio
Lisp is powerful, underrated and perfect for hackers. It has all the tools and functions needed to perform advanced network security audits and recon. This presentation will prove it.
Lisp should be a weapon in your arsenal. Ruby is great. Python is great. PERL is great, but Lisp is a powerful scripting language that can do a lot more than you think. In this presentation, I will show you how to port scan, detect operating systems, enumerate vulnerabilities, load in fuzzing techniques and fire them at remote systems. I will show you the fully functional power of Lisp, with example scripts that do everything you can do with other tools, but faster and a lot easier than you expected. This presentation includes examples, that can be downloaded, which do everything we discuss. We'll focus on newLISP, one of the most popular versions of Lisp, with a 15+ year history, but many examples work in Common and other Lisps. By the end of the presentation, you'll stop seeing parenthesis and start seeing containers for highly evolved weapons in your arsenal.
A walk-through/comparison of other scripting languages (brief), including Ruby, Python and PERL. A brief history of LISP. An overview of LISP methods and structures. We will discuss and review several examples of network security tools you can create immediately; Port Scanning, OS Identification, Application Identification, Web Application Scanning, Fuzzing, Intrusion Prevention and more.
Kanen Flowers is the founder of nCircle Network Security and the creator of IP360, the nCircle Ontology Language, advanced scoring methodologies for network security, and interoperability between Detection and Scanning technologies. He was the founder of kozoru, a search technology purchased by the co-founder of Ask.com. He has spoken at conferences, built tools and holds patents in natural language, search, network security and time-travel. He is working on a new network security platform, called kane-box.
Brad Bowers
Microcontroller Mayhem - the use of USB microcontrollers as an attack platform
Abstract / Bio
The number and complexity of client side attacks has steadily increased over the last years. We have seen the rise to truly imaginative attacks blending sophisticated exploits with social engineering and creative method for deployment. An emerging trend in these attacks has been the use of small USB hardware microcontroller devices to act as attack platforms or the delivery mechanism for malicious code. In this presentation we'll discuss some of the capabilities and advantages that USB microcontroller devices have and exam their use from a Hacker's perspective. The presentation will focus on two common microcontrollers based on the Arduino family. We'll look at the Duemilanove and the wildly popular Teensy microcontrollers and demonstrate just how much mayhem they potentially can cause.
Brad Bowers is an IT Security professional with over 10 years of experience working for military and large corporations. He has worked in many areas of Information Security with a focus in Incident Response, System Forensics and Threat Intelligence. When not voiding warranties or tinkering with embedded devices, Brad is an evangelist and frequent presenter on the importance of information security.
PLUS Special Surprise Guests!!!