NEWS


RC16 Archives Partially Available
Posted on: 10.06.22

We have recuperated from sleep deprivation for the last 8 months, ROOTCON 16 Archives is now partially available and is already good for human consumption.

We are working on getting the remaining slides and videos into the archives in no time.

Check out the RC16 Archives for your reading and watching pleasures.

CTF Pre-Quals Registration is now live!
Posted on: 09.20.22

The moment you've all been waiting for! Capture The Flag Pre-Quals registration is now live!

But first you need to register, after your registration you will be receiving an email for the initial target!

Same rules applies
1. NO DIRECT DDoS or any form of ATTACKS on the game servers, anyone caught attacking the server will be disqualified. (let others enjoy the game)
2. Minimum team members is 2, maximum is 3.
3. Only teams made it to the cut on the CTF Pre-Quals can play during the CTF Finals.
4. Sharing of flags is strictly prohibited, anyone caught will be disqualified.
5. Only top 10 teams will qualify for the CTF Finals.

Register now!

Parties Are Up!
Posted on: 09.12.22

Zer0-Hour has been hosting the infamous Hacker Jeopardy, and finally it is back to good ol' LIVE, in-your-face mental and alcoholic brawls with the contestants! Same classic game mechanics, same pogi host, but new HJ Babes ;-) We also have a special bartender and poison maker this year, Mr. Tipsy Hacker!

To recoup our lost yearly hacking community get-together we added another party to the list! This year we added the After-Dark Party. Beer and chips are on us with tracks from DJ Icetre Normal made exclusively for ROOTCON 16.

Come with your best Cyberpunk Attire!

Visit the Party Page for details!

RC16 Schedule Now Live!
Posted on: 09.08.22

ROOTCON has been expanding year by year, Call For Papers submission has been overwhelmingly awesome!, so this year ROOTCON will be from Tuesday until Friday! Here's a quick rundown on the ROOTCON Week so you can plan your itinerary.

September 27 (Pre-con Tracks) - all tracks on this day will be purely virtual via Zoom Webinar, registration to the webinar will be announced soon.

September 28 (Trainings) - If you signed-up for trainings then you are a Human+, you will be at Taal Vista a day early than the Human con-goers. (Note: This is for HUMAN+ Only)

September 29 (Day 1 Con Proper) - This is it we are BACK! Live tracks, live speakers, live con-goers

September 30 (Day 2 Con Proper) - You will most likely still have hang-overs from Day 1.

Check out the RC16 Schedule Page

Official Contests Page Now Live!
Posted on: 09.01.22

What's up brain-picking, challenge driven humans, do you have what it takes to earn the conveted challenge pins and Ub3r badges? Or are you returning to try again this year? The ROOTCON Challenges are back! LIVE and BOLD.

Capture The Flag
All our ovens are fired up for this year's LIVE ROOTCON CTF! This year we are bringing you the most grueling ROOTCON CTF to date, LIVE! Even as we usher in the age of the new normal, the pandemic will not stop us from highlighting the best and the brightest talents that our local hacking community has to offer. On this year's 16th iteration of the ROOTCON CTF, Pwn De Manila stands by its commitment of making intellectually-rewarding and painfully-meaningful CTF challenges that aim to meet ROOTCON's reputation and tradition of bringing organized chaos to con-goers every year.

Everything you need to know about the Capture The Flag

Hacker Jeopardy
Finally! RootCon's signature post-Con party game is back to good ol' LIVE, in-your-face mental and alcoholic brawls with the contestants! Same classic game mechanics, same pogi host, but new HJ Babes ;-) We also have a special bartender and poison maker this year, Mr. Tipsy Hacker!

Are you sober enough? more details here

Final Round of Talks
Posted on: 08.16.22

CFP Review Board's brain-picking task is finally done! The CFP submissions were overwhelmingly great! Here's what's added on our line-up.

Alternative ways to detect mimikatz

AWSGoat : A Damn Vulnerable AWS Infrastructure

Building defensive playbooks from others misfortune

DDexec

Gazing into the Crystal Ball - The Fog of Cyberwarfare Escalations

Pwnppeteer - Phishing Post {Exploi/Automa}tion at Scale

The Simple, Yet Lethal, Anatomy of a Software Supply Chain Attack

Wild IoT Tales: from power grids to oil pipelines

Check-out the full tracks line-up.

Music Playlist for RC16
Posted on: 08.16.22

ROOTCON 16 is just around the corner, we are now feeling the vibes! What about some good music as we wait for ROOTCON 16!

We curated good musics from the hacker community. Get your music in the playlist collaborate at ROOTCON 16 Music Playlist

ROOTCON 16 Village Tracks
Posted on: 08.03.22

Contents are slowly building up, it's time to make your personal itinerary for RC16 and we have great contents!

Village tracks now available!

101 Village
Every year new blood comes out of their comfort shells, it's where Hacking 101 started, just as a small training at ROOTCON, but we've seen a significant improvement in our attendees so why not make this a village and let it grow not only to cater Hacking 101, but everything 101's, this is your beginners guide to the world of hackers and hacking.

Click here for 101 Village Tracks

Car Hacking Village
The Car Hacking Village PH is a branch in Asia of the official Car Hacking Village (https://www.carhackingvillage.com/about) Its primary goal is to build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today. Educating security researchers on the functionality of vehicle systems coupled with providing them with the opportunity to gain hands-on experience working side by side with experts in this field is a plus for the attendees. Leveraging the vast amount of experience the security research community brings to the Village may increase the safety and security of vehicles on the road today and for generations to come.

Click here for Car Hacking Village Tracks

ROOTCON 16 First Batch of Talks Now Online!
Posted on: 07.30.22

Humans! the long wait is over first batch of talks for ROOTCON 16 is now available for your reading pleasure.

A new secret stash for fileless malware

China’s Cyber Capabilities: Espionage, Warfare, and Implications

Hardware Hacking for Bug Bounty Hunters

How Did I Get Here? I still don’t know what I’m doing: Getting into The Lifelong Adventure of Learning Cybersecurity & Incident Response

Human-Controlled Fuzzing With AFL

Microsoft Defender Will Be Defended: MemoryRanger Prevents Blinding Windows AV

Security Like the 80's : How I stole your RF

Signs, Signs, Everywhere There are Signs of a Ransomware Intrusion

Streamline security with shift left: A cloud approach

Uncovering 0-days in Healthcare Management Applications

Understanding and Re-creating Process Injection Techniques through Nimjector

Village tracks and more main tracks are underway! Stay tuned.

ROOTCON 16 Keynote: China’s Cyber Capabilities: Espionage, Warfare, and Implications
Posted on: 07.29.22

The ROOTCON CFP Review Board has picked our Keynote for this year!

Talk Title: China’s Cyber Capabilities: Espionage, Warfare, and Implications by: Aaron Ng

Synopsis
Over the past decade, there has been an alarming rise in the frequency and sophistication of China’s state-sponsored and state-affiliated cyberespionage activity, as well as its scope of targeting. China-Nexus Adversaries have deliberately and aggressively pursued targets across a spectrum of industries, including technology, defense, energy, healthcare, education, and other key sectors in pursuit of trade secrets and of sensitive information.

Of note, in early 2021, the China-Nexus Adversaries rapidly and effectively exploited a series of vulnerabilities in Microsoft Exchange — now collectively known as ProxyLogon and ProxyShell — to compromise email servers and consequently the sensitive information of tens of thousands of organizations around the world. Over the duration of the pandemic, Chinese cyberespionage campaigns continue to target hospitals and research institutions for data that could confer competitive advantages in science and technology, and at the same time, demonstrating emphasis on COVID-19 related research.

Coupling these recent prolific intrusions with the longstanding campaign of targeting a wide swarth of industries, including insurance, travel & hospitality, government, for the purpose of acquiring sensitive personnel data, the threat that China-Nexus Adversaries pose to organizations today cannot be understated.

This session will provide insight into China’s intent and capabilities for cyberespionage and importantly what organizations can do to address this challenge effectively.

About the speaker
Aaron Aubrey Ng serves as Strategic Threat Advisor at Crowdstrike. He is responsible for CrowdStrike’s Threat Intelligence business across Asia-Pacific and the Middle East & North Africa regions. Aaron focuses on helping customers operationalise and integrate threat intelligence within their organisation's cybersecurity strategy. Additionally, he represents the Crowdstrike Intelligence ecosystem and frequently speaks at Security Conferences, sharing insights into the latest threat trends and developments.

Aaron got his start in Security and Threat Intelligence in the Singapore Armed Forces as a Military Intelligence Officer. He concluded 12 years of Active Duty in 2019 and has served in multiple Command Appointments in classified Intelligence Units, and garnered staff experience in the areas of Strategic Planning and Policy Development. In his penultimate tour of duty, Aaron was instrumental in establishing the Defence Cyber Organisation (DCO), which is akin to Singapore’s Cyber Command.

ROOTCON 16 Latest Updates
Posted on: 06.04.22

We are very excited that ROOTCON 16 is starting to shape up now.

Updates on where are we with the planning.

Call For Papers
The clock is ticking for the Call For Papers, we have a month left before closing and slots are getting filled up already we are at 80% submission if you wish to share those awesome research submit now or get left behind.

Call For Sponsors
Elite sponsorship slots have been filled up like hot pancakes, but worry not Platinum, Gold, and Supporter package is still open. Sign up now and be part of the hacking community come-back after the two-year break due to the Covid-19 pandemic.

Trainings
This year we bundled up our Human+ registration with two trainings to choose from, Web Pentesting & Network Pentesting, these two trainings will be conducted on Day Zer0 (Sept 28, Wed) by Pentester Academy which is now part of INE one the of leading Expert IT Training for Networking, Cyber Security and Cloud.

Villages
Car Hacking, 101 Village and Lockpick village will be back this year with more activities and other surprises.

Registration
And lastly Earlybird registration is now open! You may choose two Human+ registration with options for training bundle Web Pentesting and Network Pentesting! Human+ with training bundle has very limited slots, hurry and reserve those seats and register.

You may now register here.

ROOTCON 16 In A Nutshell
Posted on: 04.14.22

We are excited to announce that ROOTCON 16 will be hybrid this year.

For the past two years, the situation of the Covid-19 pandemic didn't stop us from being a community, it only thwart us from being together physically. With the high vaccination rate and low critical case count, we will try again this year. ROOTCON 16 will be both available in physical and virtual, and for us to maintain the safety of our con-goers we will be limiting the physical presence to 200 pax only, but no limit for the virtual attendees

The Venue
Taal Vista Hotel has been our comfort zone holding the conference, and since we just rebooted there is a high risk involved in exploring another venue, so for us to deliver the conference you've always enjoyed and loved we will be back at Taal Vista Hotel for ROOTCON16.

Human+ and Human
You know the drill hybrid conference means two badges. Human+ are the physical con-goers their badges come with a top-notch training we will be flying our top picks from around the globe to do the training physically, this will be held on Day Zer0 and Day 1. We will be missing our Human attendees as this will only be virtual with limited access to our tracks.

Our Sponsors
Same as our con-goers, our sponsors can now showcase their cutting-edge products at the conference, plus network and give away those fist-bumps with the hacking community.

This it fam what we all been waiting for. Time to get hyped-up

ROOTCON 16 Theme: Hard Wired
Posted on: 01.31.22

The planning for ROOTCON 16 has been kicked off, this year's theme is based on the novel Hard Wired by Len Vlahos, the novel is a contemporary sci-fi story about a boy who might not be human.

The Plot
Quinn thinks he's a normal boy with an average life. That is, until he finds a trail of clues the father he barely knew left behind.
After Quinn unravels his father's puzzles, he “wakes up” ... and realizes his world was nothing more than a virtual construct. In reality, he’s the first fully-aware A.I. in the world, part of an experiment run by a team of scientists—including the man he thought was his father.
As the scientists continue to study him, Quinn's new existence becomes a waking nightmare. Determined to control his own destiny, he finds allies in other teens—including crush Shea—and plots his escape.
But what does true freedom look like when you're not human?

Plans
The execution of ROOTCON 15 was smooth, yes there were hiccups along the way but they were manageable. With the country's vaccination rate going uptrend and with the fewer lockdowns, the full-physical conference is within reach but can be misty. So for us to easily switch the event to full-virtual just in case something comes up along the way we will imprint what we had last year. ROOTCON 16 will still be a hybrid conference where con-goers get to pick if they will be on-site or virtual.

Date
September 28, 29 & 30, 2022

Venue
To be announced third week of February

Look n Feel
Color Scheme:
#83816D
#929079
#A7A38B
#CF4334

Vibes:
Science, AI, Cyborg, 70s, 80s

We are looking forward to physically meet everyone at the conference.

ROOTCON 15 has rebooted! Thank you!
Posted on: 10.04.21

Since the pandemic has given us an uncontrollable challenge but stopping is not an option. The last-minute changes of ROOTCON 15 speak for its theme “Rebooted”, we had to reboot and change everything from being a supposed to be hybrid conference to a full-virtual conference, this wouldn't be possible if the Goons didn't offer their sleepless nights to deliver an excellent quality conference, to our speakers who gave their esteemed time to do their pre-recording to provide ROOTCON a top-notch content. The support of our sponsors gave a huge impact in making this possible, and lastly, to our highly regarded con-goers for being kind and patient in the humps, ROOTCON has been dealing with.

We are looking forward to next year for the Philippine hacking community to connect physically.

Again from all of us at ROOTCON sending our love to everyone! Keep safe and healthy.

Archives and YouTube uploads coming your way.

Official Games Registration
Posted on: 10.04.21

Happy Monday! This is it hacker fam! Time to choose your battle!

Official Games Registration Now Open!

Capture The Flag - The most grueling ROOTCON CTF to date, right at the comfort and safety of your very homes. This pandemic will not stop us from highlighting the best and the brightest talents that our local hacking community has to offer.

Hacker Jeopardy - The Sweet Revenge! Because the game is now virtual (and we have no budget to ship the Blue Labels to all the players), the Goons and Babes will be drinking the booze instead of the players! Answer the question right and the Goons get drunk. Answer the question wrong and the Babes get drunk. Choose your revenge!

Choose your battle wisely

Register Now: https://rootc.onl/official_games_reg (only for registered attendees)

Details:
Hacker Jeopardy
Capture The Flag

Challenge Pins
Posted on: 10.01.21 (Updated 10.03.21)

Aside from the pride, bragging rights, and the coveted black badge which entitles our winners for a free ROOTCON pass, this year 2021 (October 14) ROOTCON launched the ROOTCON Challenge Pins, all official contests winners will be receiving this coveted ROOTCON Challenge Pins. You can be awarded by the ROOTCON Challenge Pins by playing these grueling ROOTCON Official games.

Capture The Flag -- The most grueling game in every hacking conference, ROOTCON is no different! This game is not for the faint-hearted it requires sleepless nights of problem-solving, cryptos, puzzles, and exploitation.

Hacker Jeopardy -- Do you have a liver of a metal, up-to-date with the latest technologies, or have a geekish, nerdish historian-fu skills? This game is for you.

Do you have what it takes to be a well-decorated ROOTCON Official Contests Team? Prove it, earn the pride and the pins!

Check-out our Hall-Of-Fame page.

Updated: October 3, 2021

Hybrid Updates!
Posted on: 09.21.21

Whereas Covid-19 cases have been rising continuously with a daily average of around 20,000 cases, forcing our government to implement heavier and stricter protocols such as ECQ and MECQ to prevent further infection of the virus. Due to these unfortunate circumstances, the hybrid setup for ROOTCON 15 will no longer be proceeding. As much as we want this setup to be implemented, the situation and circumstances make it more difficult for us to mobilize, possibly risking the good health of our beloved con-goers.

In line with this, going full virtual will be the safest and efficient way to conduct our informative and productive conference without risking the health of our participants. But rest assured, our awesome talks will proceed and be delivered as planned, and your conference kits will be delivered to your doorsteps!

For those who signed-up for Human+ you will be refunded with the price difference of Human tickets, kindly contact comms as soon as you can. Once again we apologize for this inconvenience it might cause you and we hope everyone stays safe during this time.

Stay Safe and Lots of love from ROOTCON!

RC 15 Schedule Published
Posted on: 09.03.21

ROOTCON 15 is just around the corner, the pandemic won't stop us!

This year we added two more pre-con days to fill in your conference week for pre-con, we have seven talks to kick-start your conference week! it will be followed by the ZerØ Hour Movie Night late in the evening.

Day &OSlash; we will be hosting the villages to sharpen your hack-fu skills before we start the con proper. Con proper starts on Day 1 & 2, October 14 & 15.

Get pumped up and start planning your conference week. If you haven't registered yet now is a good time!

Village Page is Live!
Posted on: 08.27.21

Villages are now live!

This year's Lock Picking Village is exclusive to Human+ participants only, and it's all about high-security locks. We will have an in-depth discussion and hands-on demo on high-security locks, the different mechanisms, and ways to attack them.

Car Hacking Village will be putting up some talks for newbies to get you started with your automotive hacking-fu.

Keep your radar open for updated village talks and schedules.

Keynote Speakers Announced!
Posted on: 08.23.21

Let's all welcome our keynote speakers for ROOTCON 15!

Harshit Agrawal (@harshitnic)
Harshit Agrawal is currently working as a Radio Security Researcher. He is enthusiastic about SIGINT, Drone Pentesting, and IoT Security. He presented his research at International Security conferences like RSAC USA, DEFCON, HITB Cyberweek, HITB Amsterdam, etc. Previously, he was President at CSI Chapter and Vice President for Entrepreneurship cell at MIT, where he also headed the team of security enthusiasts, giving him a good insight into cybersecurity and increased his thirst to explore more in this field. Learn more: https://www.linkedin.com/in/harshitnic/

Emil Tan
Emil has experience in many cybersecurity trades —including R&D, cybersecurity operations, governance, policies and regulations, and consultancy. Emil is an active contributor in the cybersecurity ecosystem. He plays an active role in catalysing cybersecurity conversations and thought leadership in the community. Amongst many things, he co-founded Division Zero (Div0) —a cybersecurity community group in Singapore—, and Infosec In the City, SINCON —a techno-centric cybersecurity conference. Emil is also often found speaking under various spotlights —including 44CON, Black Hat Asia, BSides London, Hack In the Box (HITB) Singapore, The Honeynet Project Workshop, and at universities and many various cybersecurity plenaries.

RC15 More Tracks Announced!
Posted on: 08.16.21

Let's get this show on the road. We are excited to announce the second and final batch of talks for ROOTCON 15. Here's a glimpse of what was added to the line-up.

Buzzard : Crafting your post exploitation framework against odds
Click Here For Free TV! Chaining Bugs to Takeover Wind Vision Accounts
Gathering Cyber Threat Intelligence from the Cybercriminal Underground
Hack the Planet! Desecuritise Cyberspace
Keeping Up With Modern Automotive Exploitation
Securing Process Control Data Transmission to the Blockchain Network
The Curious case of knowing the unknown
The Kill Chain: Future of Cyber in Defense
Using Wordpress comments section as a C&C for fun
VMProtect2 : Architectural Analysis, Exploitation, and VMP2 IL

Everything is coming to place now! Check the complete track lists.

ANNOUNCEMENT: RC15 Ticketing Platform
Posted on: 08.15.21

We just recently noticed that Eventbrite made a recent change and they removed their Direct Deposit / Bank Transfer feature depending on the processing country, unfortunately, the Philippines was not part of this list. Having said that we will be migrating our registration platform to Eventzilla, this is for us to cater to our con-goers that do not have a Paypal account and will opt for offline registration.

Eventzilla is more flexible, feature-rich, and as intuitive as Eventbrite, it still supports electronic check-in and still supports both iOS and Android for our con-goers to store their electronic tickets.

We apologize for the inconvenience this might cost our con-goers. For those who already registered we will be sending your new tickets directly to your mailbox.

Also a quick reminder that early-bird is nearing an end so hurry and register now!

RC15 Content Now Live
Posted on: 07.16.21

This is it hacker fam, ROOTCON 15 is slowly shaping up, before we will officially open the registration we would like to present to you the initial batch of speakers and their talks.

Check out the Speakers page to know our speakers and the synopsis of their talks on the Talks page.

To know the people who vetted these awesome talks check our CFP Review Board.

More news...