Our Blog

Orange Cyberdefense at Hacker Summer Camp

Reading time ~3 min

It’s that time of year again where we head out to the desert, more specifically Las Vegas, for what is known as Hacker Summer Camp to attend Black Hat and DEF CON 31! Like previous years, the SensePost team will be present in full force delivering talks, training and hanging out at numerous occasions. For an idea on what we’ve got lined up, check out the rest of this blog post. If you’re keen to meet up, feel free to reach out!

Training

Celebrating being a part of Black Hat for 22 years and more recently DEF CON and Ringzer0, we’re always excited for opportunities to share knowledge (and geek out on all things offensive security).

This year we’re delivering numerous courses at Hacker Summer Camp ranging from Infrastructure, Web, Mobile, Wi-Fi and Active Directory hacking. Whether you’re seeking introductory insights, intermediate skill-building, or specialised technical training, we have crafted courses that cater to various proficiency levels and interests.

We are giving the following courses at Black Hat US 23:

John Iatridis will be presenting “Advanced Active Directory Exploitation” at Ringzer0 on the 5th of August.

We will also provide three courses at DEF CON 31, which will take place on the 14th and 15th of August:

Talks

Each year we encourage everyone internally to share their research at conferences like Black Hat and DEF CON. This year is no different, and we have two talks taking place at DEF CON 31.

1 – Felipe Molina de la Torre at DEF CON 31, AppSec Village

Felipe will be talking about the current, arguably surprising state of Content Security Policies in the wild using data collected by scanning top one million websites. Using an assessment where Felipe identified a possible XSS vector and CSP prevented exploitation, Felipe found that he could abuse a trust relationship with a third-party to exploit the XSS vulnerability for impact. Curious about how prevalent and effective CSP policies are today? This one is for you.

2 – Thomas Bygodt at the DEF CON 31, Hardware Hacking Village

For the past couple years Thomas has focused on hardware hacking, primarily motivated by the need to know more about it. Thomas did so by looking for vulnerabilities within smart locks, where his journey resulted in some great finds that include a vulnerability that would allow you to remotely open several thousand certain smart locks. In this talk Thomas will go over his methodology, the issues he found as well as to show that hardware hacking isn’t always as hard as it looks.