Skip to content
BLACKOUT

SIGINT made easy with RF Swift

By lehackadmin

Date: 06/07/2024
Time: 17:00 > 19:00
Location: ZONE 2 - WORKSHOP ZONE - level -3 - Salle 3C
Field type not supported.
Field type not supported.
Join us for an engaging and interactive workshop where we introduce RF Swift, a cutting-edge toolbox for Signal Intelligence (SIGINT) and Communications Intelligence (COMINT) applications. This session will provide a hands-on experience with RF Swift, demonstrating its powerful capabilities for signal identification and for decoding various signals. Participants will delve into the fascinating world of […]

Capture The Flag d’un drone miniature (session 2)

By FINTCH

Date: 06/07/2024
Time: 10:30 > 12:30
Location: ZONE 2 - WORKSHOP ZONE - level -3 - Salle 2B
Field type not supported.
Field type not supported.
Venez l'espace de quelques heures vous mettre dans la peau d'un hacker et laissez vous guider vers l'exploitation des vulnérabilités d'un drone grand public. Attaques hardware, attaques radio, reverse engineering, buffer overflow, vous pourrez expérimenter de multiples facettes de la cybersécurité des systèmes embarqués et appliquer ces concepts sur une cible concrète. A l'issu de […]

Capture The Flag d’un drone miniature (session 1)

By FINTCH

Date: 05/07/2024
Time: 10:30 > 12:30
Location: ZONE 2 - WORKSHOP ZONE - level -3 - Salle 2B
Field type not supported.
Field type not supported.
Venez l'espace de quelques heures vous mettre dans la peau d'un hacker et laissez vous guider vers l'exploitation des vulnérabilités d'un drone grand public. Attaques hardware, attaques radio, reverse engineering, buffer overflow, vous pourrez expérimenter de multiples facettes de la cybersécurité des systèmes embarqués et appliquer ces concepts sur une cible concrète. A l'issu de […]

Rétro-ingénierie d’un logiciel de drone avec Ghidra (architecture ARM) (session 2)

By FINTCH

Date: 06/07/2024
Time: 14:30 > 16:30
Location: ZONE 2 - WORKSHOP ZONE - level -3 - Salle 3C
Field type not supported.
Field type not supported.
Vous rêvez d’accéder au code source d’une application pour mieux la comprendre, pour découvrir ses secrets, pour vous assurer qu’elle ne présente pas de vulnérabilité ou pour modifier son comportement ? La rétro-ingénierie logicielle est le moyen de réaliser ces rêves par vous-même. Cet atelier vous présentera les principes de la rétro-ingénierie logicielle et vous […]

Rétro-ingénierie d’un logiciel de drone avec Ghidra (architecture ARM) (session 1)

By FINTCH

Date: 05/07/2024
Time: 14:30 > 16:30
Location: ZONE 2 - WORKSHOP ZONE - level -3 - Salle 2B
Field type not supported.
Field type not supported.
Vous rêvez d’accéder au code source d’une application pour mieux la comprendre, pour découvrir ses secrets, pour vous assurer qu’elle ne présente pas de vulnérabilité ou pour modifier son comportement ? La rétro-ingénierie logicielle est le moyen de réaliser ces rêves par vous-même. Cet atelier vous présentera les principes de la rétro-ingénierie logicielle et vous […]

Active Directory pwnage with NetExec

By FINTCH

Start date: 06/07/2024
End date: 07/07/2024
Time: 21:30 > 00:00
Location: ZONE 2 - WORKSHOP ZONE - level -2 - Salle C/D
Field type not supported.
Field type not supported.
In this workshop I will present the tool NetExec and how to take advantage of the tool to compromise efficiently a domain Active Directory during an internal pentest. Which feature should I use regarding the attack I need to perform, which command I should try to run first, what should I do when I crab […]

Analyse d’un dump de disque dur suite à une attaque via rubber ducky (session 1)

By FINTCH

Date: 06/07/2024
Time: 21:00 > 22:45
Location: ZONE 2 - WORKSHOP ZONE - level -3 - Salle 3C
Field type not supported.
Field type not supported.
Ce workshop propose d'analyser le disque dur d'une machine victime d'une attaque par une Rubber Ducky. Le workshop aborde notamment : Recherche de la connexion de la clé Recherche des journaux PowerShell (scripts passés) Analyse des scripts PowerShell Analyse des preftech Analyse des evtx Afin de gagner du temps lors du lancement du workshop, vous […]

Analyse d’un dump de disque dur suite à une attaque via rubber ducky (session 2)

By FINTCH

Start date: 06/07/2024
End date: 07/07/2024
Time: 22:45 > 00:30
Location: ZONE 2 - WORKSHOP ZONE - level -3 - Salle 3C
Field type not supported.
Field type not supported.
Ce workshop propose d'analyser le disque dur d'une machine victime d'une attaque par une Rubber Ducky. Le workshop aborde notamment : Recherche de la connexion de la clé Recherche des journaux PowerShell (scripts passés) Analyse des scripts PowerShell Analyse des preftech Analyse des evtx Afin de gagner du temps lors du lancement du workshop, vous […]

GEOINT: Mastering Overpass Turbo (session 2)

By FINTCH

Start date: 06/07/2024
End date: 07/07/2024
Time: 23:00 > 00:30
Location: ZONE 2 - WORKSHOP ZONE - level -3 - Salle 4D
Field type not supported.
Field type not supported.
Ce workshop propose d'utiliser Overpass Turbo pour réaliser des opérations de GEOINT.

Network protocol abuse: driving ICS equipment mad

By FINTCH

Date: 06/07/2024
Time: 20:00 > 21:30
Location: ZONE 2 - WORKSHOP ZONE - level -3 - Salle 2B
Field type not supported.
Field type not supported.
Ce Workshop s'articulera sur les explications et l'utilisations de plusieurs librairies qui permette de s'interfacez avec de PLC (microcontrôleur programmable destiné au contrôle industriel). Une 1ʳᵉ partie sera dédiée aux explications techniques du fonctionnement des PLC et des différents protocoles réseaux associé. La deuxième partie sera sur "l'exploitation" et l'explication des libraires qui permette de […]

No Metadata No Problem, Predicting photo locations from pixels using AI

By FINTCH

Date: 06/07/2024
Time: 11:00 > 12:00
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
Have you ever wanted to find out where a photo posted online was taken? In this talk I will demonstrate the abilities of modern photo location AI systems, how they function and how you can build these AI systems for yourself. I will also give an overview of where the field of photo geolocation is […]

Cracking the Code: Decoding Anti-Bot Systems!

By FINTCH

Date: 06/07/2024
Time: 10:00 > 11:00
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
Web scraping is gaining momentum, particularly with the advent of Large Language Models (LLMs). Access to data is being thwarted more and more by companies implementing anti-bot protections. This talk aims to shine a spotlight on a uniquely rare subject, focusing on strategies to circumvent these mechanisms.

The XE-Files: Trust No Router

By FINTCH

Date: 05/07/2024
Time: 15:30 > 16:30
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
Exploring the world of compromised IOS XE devices. On the 16th October 2023 Cisco Talos shared intelligence about a handful of compromised routers discovered while resolving customer support requests. As the full story unfolded, a few backdoored devices turned into tens of thousands, and the massive mobilisation of incident response teams as patches were applied […]

Telling the big stories with a bit of help from AI

By FINTCH

Date: 05/07/2024
Time: 14:30 > 15:30
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
In an era where technology is reshaping the way we engage with information, the relationship between Artificial Intelligence and Journalism has become a focal point of exploration. This track will uncover the multifaceted landscape of AI’s role in journalism, offering a comprehensive examination of its potential, risks, challenges, and real-world applications through the lens of […]

Where do the guns go? Mapping Arms Flows with OSINT: Opportunities and Challenges

By FINTCH

Date: 05/07/2024
Time: 13:30 > 14:30
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
In light of recent political developments, the topic of tracing arms flows has gained significant interest from both researchers and the media. This talk will explore the opportunities and limitations of using Open Source Intelligence (OSINT) to track the movement of arms, both legal and illicit. The speaker will showcase projects undertaken by the Small […]

RE-TOUR DE CLEFS – L’EXPO

By lehackadmin

Date: 05/07/2024
All-day event
Location: Zone 2 - Workshop Rooms
Field type not supported.

Serrurier et collectionneur ,chercheur et grand découvreur de ces petits détails qui font la différence, Jean-christophe vous enjoint à observer en taille réelle les quelques trouvailles, réalisations et improbables Mécaniques sorties du cerveau humain aux seules fins de "hacker" les serrures du quotidien censées nous isoler en une révolution de clef.

Open source analysis in plane crashs

By FINTCH

Date: 05/07/2024
Time: 11:00 > 12:00
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
For 15 years, investigation on plane crashs has accelerated thanks to collective intelligence and open source data. Xavier Tytelman, former crew member in the naval aviation and open source investigator in the fields of aeronautical and military, will describe the techniques he uses with his community, to identify the crash causes as fast as possible.

Disinformation as Infrastructure

By FINTCH

Date: 05/07/2024
Time: 10:00 > 11:00
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
Disinformation has flooded social networks. Once posted, it is sometimes too late to react. Investigating open sources infrastructure can help anticipate the threat. This presentation will present a return of experience on the interest of such investigations.

Fingerprinting at the Frontier: How Edge Cases and Ambiguities can help Attribute Digital Attacks

By FINTCH

Date: 06/07/2024
Time: 13:30 > 14:30
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
Can an ambiguity in a popular file format be used to geolocate customers of a spyware platform? Can an improperly handled edge case in the IP protocol illuminate exports of network attack tools? Yes, and yes! In this talk, we will present several concrete examples of what we call "fingerprinting at the frontier": building fingerprints […]

Intelligence Agencies Hosting: When Threat Intelligence and OSINT lead to delightful discoveries

By FINTCH

Date: 06/07/2024
Time: 14:30 > 15:30
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
This presentation will introduce the world of bulletproof hosting and Intelligence Agencies Hosting (IAH) and how it has been used by the majority of cybercriminals for decades, by both small groups and state actors. Then, we will highlight various examples where OSINT has enabled the discovery of invaluable details to attribute actions to groups, companies, […]

OSINT field stories and future considerations

By FINTCH

Date: 06/07/2024
Time: 15:30 > 16:30
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
As we navigate through the rapidly altering landscape of Open-Source Intelligence, Nico will try to sharpen your focus on the contemporary and upcoming trends, making a deep dive into the potential that OSINT harbors. But, it's not just about the sunny side. With every stride forward, there come challenges waiting to be addressed. Through a […]

RUMPS Session OSINT et Hacking

By FINTCH

Date: 06/07/2024
Time: 16:30 > 19:30
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
More info
More information and the rules of engagement on the dedicated page: What are RUMP SESSIONS?

Mastering Web Scraping with Scrapoxy

By FINTCH

Date: 06/07/2024
Time: 21:00 > 23:00
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
|
Join me for an incredible tutorial to unlock the full potential of Web Scraping! From novice to virtuoso, you’ll learn advanced techniques for collecting crucial datasets to train AI models. Protection Disclosed 🔒 - Overcome fingerprint challenges and anti-bot measures. - Reverse engineering protection to understand tracking signals Proxy and Browser Farms Adventure 🌐 - […]

OSINT Uncovered: Enhancing Public Investigations with the ObSINT Guidelines

By FINTCH

Date: 07/07/2024
Time: 00:30 > 02:00
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
|
An insightful workshop that delves into the world of open-source intelligence (OSINT) through the lens of the newly established "OSINT Guidelines." Developed by a consortium of experts (EU DisinfoLab, The Atlantic Council’s Digital Forensic Research Lab (DFRLab), OSINT Curious, CheckFirst, Centre for Information Resilience, OpenFacto, and Logically), these guidelines offer a comprehensive framework to elevate […]

How to OSINT in any language

By FINTCH

Date: 07/07/2024
Time: 02:00 > 04:00
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
|
Searching online in a foreign language can seem daunting to most. Others will pivot to the duo "Google Lens" and "Google Translate" which are arguably not bad. The devil, however, is always in the details which are often missed by online translation tools as well as AI. This workshop will present the fundamental steps to […]

Attack Surface Discovery with OSINT

By FINTCH

Start date: 06/07/2024
End date: 07/07/2024
Time: 23:00 > 00:30
Location: Zone 3 - OSINT Village - Louis Armand conference stage
Field type not supported.
Field type not supported.
Field type not supported.
|
Understanding an attack surface is a necessary first-step to for cyber-defenders looking to protect an organization. With this hands-on workshop you’ll be able to use open-source tools and data and a repeatable process to build an exhaustive list list of an organization’s assets exposed on the Internet - whether your own organization or someone else's.

Exploration of Cellular Based IoT Technology

By lehackadmin

Date: 06/07/2024
Time: 15:30 > 16:15
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
Field type not supported.
As cellular technologies continue to become more integrated into IoT devices, there has been a noticeable lag in comprehending potential security implications associated with cellular hardware technologies. Furthermore, the development of effective hardware testing methodologies has also fallen behind. Given the highly regulated nature of cellular communication and the prevalent use of encryption, it is […]

A praise to laziness (or why hackers are awesome people) !

By lehackadmin

Date: 06/07/2024
Time: 16:30 > 17:15
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
Nous sommes tous plus ou moins paresseux. On utilise désormais des IA pour générer des textes relativement longs à partir de courts prompts, car rédiger est juste ennuyeux. On demande à ChatGPT de simplifier un long texte car on n'a pas envie de tout lire. On copie/colle du code de StackOverflow au lieu de comprendre […]

Take your revenge on this fucking EDR

By lehackadmin

Date: 06/07/2024
Time: 17:15 > 18:00
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
Après avoir un talk l'année dernière sur quelques techniques de contournement d'EDR (unhooking, direct syscalls), cette fois-ci nous nous focaliserons sur l'obfuscation et la post-exploitation, et nous verrons comment extraire les hash du domaine sans déclencher d'alertes au niveau de l'EDR et du SIEM !

OSINT et journalisme

By lehackadmin

Date: 06/07/2024
Time: 18:00 > 18:45
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
Reflets.info est un journal qui a été co-fondé par un expert en sécurité informatique et un journaliste. Aujourd'hui les actionnaires sont des journalistes et des "informaticiens talentueux". Nous mettons donc en place des outils numériques d'aide à l'investigation novateurs. Dans cette conférence, Reflets présentera deux d'entre eux. L'un sert à indexer de très gros lots […]

Insert coin: Hacking arcades for fun

By lehackadmin

Date: 06/07/2024
Time: 19:00 > 19:45
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
Field type not supported.
Since we were children we wanted to go to the arcade and play for hours and hours for free. How about we do it now? In this talk I’m gonna show you some vulnerabilities that I discovered in the cashless system of one of the biggest companies in the world, with over 2,300 installations across […]

Clés incopiables : contournements, exceptions et paradoxes

By lehackadmin

Date: 06/07/2024
Time: 19:45 > 20:30
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
On nous parle souvent de clés brevetées, clés incopiables, à reproduction interdite ou encore de clés de sécurité. Mais qu'en est-il réellement ? Certaines clés on des billes, des aimants, des anneaux, ou encore des goupilles mobiles. Est-ce que cela complique le crochetage, l'impressionning, ou les autres techniques d'ouverture ? Et surtout, est-ce que l'utilisateur […]

The Red and the Blue: a tale of stealth and detection

By lehackadmin

Date: 06/07/2024
Time: 10:00 > 10:45
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
With the evolution of attack surfaces, attacker skills, zero-day exploits and supply chain attacks, it is no longer possible to solely rely on prevention to ensure a company's security. Therefore, it is crucial to use detection mechanisms, as well as response and investigation capabilities. After an overview of Red Team operations and the ecosystem of […]

S.E. with A.I. & Defending against it with H.I.

By lehackadmin

Date: 05/07/2024
Time: 18:45 > 19:30
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
Field type not supported.
A.I. may be seen as a cost-effective way to replace workers. We will look closer however and discover the uncomfortable truth behind A.I. and what really powers it. We will also discover how to harness the hidden power propping up A.I. for ourselves & our company’s security. One of the biggest, most advanced, and adaptive […]

Supply Chain Attack : Le cas du Registre Privé Docker

By lehackadmin

Date: 05/07/2024
Time: 18:00 > 18:45
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
Docker est aujourd'hui un outil de conteneurisation incontournable, largement adopté dans le développement logiciel. Cette expansion a souligné l'importance de sécuriser tous les composants associés, comme le registre privé Docker. Alternative au Docker Hub public, c’est une plateforme open-source où les développeurs peuvent stocker, gérer et distribuer leurs applications localement. Hélas, la documentation officielle et […]

Prism, a light BEAM disassembler

By lehackadmin

Date: 05/07/2024
Time: 17:15 > 18:00
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
BEAM (Bogdan/Björn's Erlang Abstract Machine) is a virtual machine designed by Ericsson used to run Erlang applications. We ran into such an application during an assignment and had to disassemble it as well as many libraries, and discovered that the existing tools do not produce a correct and complete disassembly. A lot of valuable information […]

Physical intrusion: Defeating On-Site Security

By lehackadmin

Date: 05/07/2024
Time: 15:30 > 16:15
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
Aujourd'hui, l'intrusion physique est devenue un sujet de plus en plus abordé dans le domaine du Pentest/Red Team. Mais quelles sont les implications concrètes de cette pratique ? Comment se prépare-t-on pour une mission de ce type ? Souvent négligée, cette facette de la sécurité présente pourtant des risques majeurs pour les entreprises. Dans ce […]

Découverte du groupe APT-C36 sur les réseaux d’une profession libérale réglementée

By lehackadmin

Date: 05/07/2024
Time: 14:00 > 14:45
Location: Zone 1 - Gaston Berger conference stage
Field type not supported.
Field type not supported.
Depuis fin 2022, l'équipe forensics du CSIRT INQUEST analyse des attaques informatiques sur des entreprises de profession réglementée. Depuis cette date plus d'une quinzaine de cas ont été découverts. Après diverses corrélations et à l'aide de leur base CTI enrichie avec leurs recherches, il s'avère que les attaques seraient menées par le groupe APT-C-36. Cette […]