Home Events 2011 Event THF - The Hex Factor
THF - The Hex Factor PDF Print E-mail
Tuesday, 15 November 2011 08:45

The ISSA Brussels-European Chapter is proud to announce our 1st December event:

THF - The Hex Factor 

We invited Pieter Danhieux - all the way from Australia! - and Daan Raman and Tim Beyens.


The Schedule:
18h00 - 18h30: Welcome at Ernst & Young
18h30 - 19h30: Part 1: Exfiltration techniques in a corporate network by Pieter Danhieux and Daan Raman
19h30 - 19h45: Networking break
19h45 - 20h45: Part 2: The Hex Factor - Live solving two hacking challenges by Tim Beyens and Daan Raman
20h45 - 21h30: Networking & closure

With special thanks to Ernst and Young for hosting of the evening and for the catering.

 

The Venue :
E&Y
Pegasus Park
De Kleetlaan, 2
B-1831 Diegem

how to get there


Registration procedure:  Closed


Abstract Exfiltration techniques in a corporate network

During this technical presentation, Pieter will talk about and demonstrate different techniques that were and are being used to bypass typical network defences to create ex-filtration channels from the early 90's until now. One of these techniques includes tunnelling through the internal DNS systems which could become more and more prevalent in the next year (and he will explain you why). Together with Daan, they will provide insights and give a demo about an unreleased Metasploit stager which uses the DNS system as a communication channel.

Abstract
The Hex Factor - Live solving two hacking challenges
During the presentation we will solve two hacking challenges provided at The Hex Factor in 2010. The first hacking challenge will be a reverse engineering challenge which will be presented by Daan. The second challenge will be a penetration testing challenge presented by Tim.

 

The presentation will focus on the technical aspects on how to solve the challenges (e.g. how to fully exploit an SQL injection, how to disable WAF from an external perspective), but will also highlight the business impact these vulnerabilities have and why clients should test their applications prior and during deployment.


Bio - Daan

Since 2009, Daan has been a member of The Hex Factor. As an active volunteer, Daan is one of the core members developing hacking challenges, focusing on reverse engineering. He also helps organizing and running editions of The Hex Factor at security conferences all across the world (e.g Hack in The Box, SANS, etc).

 

Daan is currently employed at Ernst & Young as a penetration tester in the Financial Services space, with a strong focus on web application security. His clients mainly consist of banks and insurance companies. Before starting at Ernst & Young, Daan worked for two years at a risk analysis firm in the lovely city of Ghent, developing and implementing risk models.



Bio - Pieter
Pieter Danhieux is a certified instructor for the SANS Institute, teaching military, government, and private organizations offensive techniques on how to target and assess organizations, systems, and individuals for security weaknesses. He is also one of the founders of the security and hacking conference BRUCON in Belgium, where he has designed and run cyber-intrusion exercises (The Hex Factor) across Europe since 2009 together with a group of talented people.
He currently works at the BAE Systems stratsec, the cyber security team in Australia and South-East Asia of this multinational defence, security and aerospace company. Before that, Pieter worked for seven years at Ernst & Young in Europe and Oceania as one of their information security experts running a team of security resources operating in the financial industry and telecommunication space.
Pieter is doing a blitz visit to Belgium before flying of for SANS London.

 

Bio - Tim
Tim Beyens has been professionally active with information security since 2009 at Ernst & Young. At Ernst & Young he is focused on performing attack & penetration exercises for telecommunication companies, executing DRP and network reviews. The latter focusing on the security aspects of the network set-up.

Next to all the technical work he is performing at Ernst & Young Tim is an active member at The Hex Factor, creating hacking challenges for the community and running The Hex Factor at security conferences. Within The Hex Factor Tim develops the ‘pwnd’ levels or the penetration testing levels.

 

 
 

Upcoming Events

There are no upcoming events.