ToorCon X Lineup & Training Seminars Posted & Pre-Registration Ending

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: ToorCon X Lineup & Training Seminars Posted & Pre-Registration Ending
From: h1kari@xxxxxxxxxxx
Date: Mon, 1 Sep 2008 19:09:00 -0600
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

[*] TOORCON X LINEUP & TRAINING SEMINARS POSTED & PRE-REGISTRATION ENDING

We're very proud to announce our lineup for this year and wanted to remind 
everyone that ToorCon is happening in less than a month! We also have a couple 
different training workshops and a day of seminars in addition to the 
conference for anyone looking for training. As such, we will be closing 
pre-registration soon (September 12th, 2008) and are trying to let everyone 
know it's their last chance to get the best deals on one of the best hacker 
conferences in the US. As always, more information is available at 
http://www.toorcon.org. If you have any questions, please don't hesitate to 
email me.



[*] CONFERENCE
Pre-Registration: $100
Door Price: $140
September 26th-28th, 2008
San Diego Convention Center
Rooms 24-26, Upper Level
111 W. Harbor Drive
San Diego, CA 92101
http://www.sdccc.org

SATURDAY - 50 minute talks
Dan Kaminsky - TBA
Alexander Sotirov - How To Impress Girls With Browser Memory Protection Bypass
Ben Feinstein - Loaded Dice: SSH Key Exchange & the OpenSSL PRNG Vuln
grutz - One XSS To Rule The Enterprise
Jason Ostrom - Targeted VoIP Eavesdropping: An Attack From Within
Jay Beale - Owning the Users with The Middler
Joseph McCray - Advanced SQL Injection
Nick Farr & Eric Michaud - Freifunk in the USA: Leveraging Community 
Organizations to build Neighborhood Wireless Networks
Ariel Waissbein - Your risk is not what it used to be
Asteria - hackerspace:FAIL

SUNDAY - 20 minute talks
Andre Gironda - A little TLC for your SDL
Bruno G Oliveira - Knowing and Enjoying the Cold Boot Attack
Chema Alonso & Jose Parada - RFD (Remote File Downloading) using Blind 
Techniques
Chris Gates - New School Information Gathering
Christian Heinrich - Google Denied
David Byrne - Advanced Techniques in Automated Web Application Testing
Dennis Brown - Anatomy of the Asprox/Danmec Botnet
Joshua Brashars - Owning telephone entry systems (aka why you shouldn't sleep 
so well)
Sergey Bratus, Cory Cornelius, Daniel Peebles, & Axel Hansen - Active 
Fingerprinting of 802.11 APs
Strom Carlson - Why your mother will never care about Linux (a rant)
Stephan Chenette - Ultimate Script Deobfuscation: Browser Hooking versus 
simulation
Luiz "effffn" Eduardo - a 30,000 feet look at wi-fi, the freezing spot
Adam Cecchetti - Nunchaku: Attack, Defense, and a lot of arm flailing
Dan Griffin - Hacking SharePoint
Zane Lackey & Luis Miras - Mobile Phone Messaging Anti-Forensics
Dan Hubbard - P0wn the Cloud. The good, the bad, and the pugly of Cloud 
Computing
Tom Stracener - Advanced Cross-Site Scripting Scenarios, Filter Evasion and 
Browser Exploits
Thomas Ristenpart - Privacy-preserving Location Tracking of Lost or Stolen 
Devices: Cryptographic Techniques and Replacing  Trusted Third Parties with DHTs
Dean Pierce - Seeds of Contempt
Zax - How did that Nigerian do that?! Artificial Intelligence and You



[*] WORKSHOPS
Pre-Registration: $1300
Door Price: $1600
Lunch & Dinner Provided
Conference Admission Included
September 24th-25th, 2008
The Hotel Solamar
435 6th Avenue
San Diego, CA 92101
http://www.hotelsolamar.com

CRASH COURSE IN PENETRATION TESTING
Instructors: Joseph McCray & Chris Gates
Includes: 250GB 2.5" USB Harddrive preloaded with lab VMWare images

This course will cover some of the newer aspects of pen-testing covering; Open 
Source Intelligence Gathering with Maltego and other Open Source tools, 
Scanning, Enumeration, Exploitation (Both remote and client-side) and 
Post-Exploitation relying heavily on the features included in the Metasploit 
Framework. We'll discuss our activities from both the Whitebox and Blackbox 
approach keeping stealth in mind for our Blackbox activities.

Web Application penetration testing will be covered as well with focus on 
practical exploitation of cross-site scripting (XSS), cross-site request 
forgery (CSRF), local/remote file includes, and SQL Injection.

The course will come with a complementary USB Harddrive loaded with the lab 
Virtual Machine images for you to play with so you can continue to hone your 
skills and learn new techniques even after the course is finished. Attendees 
will walk away with a current knowledge of how to pen-test both a network and a 
web application, all of the basic tools needed, and a set of practice exercises 
that they can use to improve their skills.


CORPORATE SECURITY AND INCIDENT RESPONSE CRASH COURSE
Instructors: Gabriel Lawrence, James O'Gorman, Matthew Churchill, & datagram
Includes: USB Flash Drive, Lockpicks, Materials

This course will cover all of the behind the scenes things that you need to 
know to be an effective security administrator and/or CSO. Thie first day of 
this course will focus on the different threats and attack vectors of your 
company covering both network and physical based attacks and ways to identify 
how attackers could get into your network and the countermeasures that you can 
take to prevent it from happening.

On the second day, we will address the scenario of if someone does get into 
your network and go in-depth on how to perform proper incident response, what 
happens behind the scenes with the whole forensics process, including 
real-world training from ex-law enforcement, and the do's and don'ts of 
handling data on compromised machines.



[*] SEMINARS
Pre-Registration: $750
Door Price: $950
Lunch Provided
Conference Admission Included
September 26th, 2008
The Hotel Solamar
435 6th Avenue
San Diego, CA 92101
http://www.hotelsolamar.com

FRIDAY - 75 minute talks
James O'Gorman & Matthew Churchill - Digital Forensics - Footsteps in the Snow
Travis Goodspeed - Repurposing the TI EZ430 Development Tool
Ryan Sherstobitoff - The Evolution of Cyber Crime
Jared DeMott - AppSec A-Z: Reverse Engineering, Source Code Auditing, Fuzzing, 
and Exploitation



[*] WORKSHOP & SEMINAR
Pre-Registration: $1700
Door Price: $2100
Lunch & Dinner Provided
Conference Admission Included
September 24th-26th, 2008
The Hotel Solamar
435 6th Avenue
San Diego, CA 92101
http://www.hotelsolamar.com

Prev by Date: [security bulletin] HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
Next by Date: Postfix Linux-only local denial of service
Previous by thread: [security bulletin] HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
Next by thread: Postfix Linux-only local denial of service
Index(es):
- Date
- Thread