ROOTCON 12 will be held on September 27-28, 2018 at Taal Vista Hotel in Tagaytay
ZerØ Hour Party
92 Days Out
Nullforge Private Party
New set of talks
First round of talks!
Early Registration Now Open!
RC12 CFP Is Now Open
RC12 CFP Review Board
Campus Tour 2018
Call For Sponsors Is Up
Blackcard Registration Now Live!
ROOTCON 12 Timeline
Hackers: Heroes of the Computer Revolution
ROOTCON & Blackhat Asia
What is Infosec Rundown?
Infosec Rundown is a closed-door breakfast session designed by ROOTCON in partnership with Nullforge for top-executives to provide updates on the latest trends of attacks in the Information Security landscape both local and international.
07:00 - 07:30 - Registraion
07:30 - 07:45 - Opening Remarks
07:45 - 8:30 - Topic #1 (TBA)
08:30 - 09:15 - Case Study (TBA)
09:15 - 10:00 - Solutions #1 (TBA)
10:00 - 10:45 - Solutions #2 (TBA)
10:45 - 11:00 - Closing
Are you one of the top-executives in your company? Call us (+63.917.804.3643) and reserve a seat!
A ROOTCON after con party! It's where it gets crazy.
When: September 28, 2018 2000 HRS
Entrance Fee: ₱650.00 (light dinner, unlimited alcohol)
20:00 - Hacker Jeopardy
22:00 til you drop! - Live Band, Drinks, and more.
Taal Vista Hotel to Party Venue
Party Venue to Taal Vista Hotel
What's up hacker fam! Here's another surprise just for you.
Bugcrowd is happy to offer a full day workshop for bug hunters to learn both intro and advanced topics in web bug hunting. Each BCU module will go over a vulnerability describing it's nature, how to identify it, how to exploit it, relevant tools associated to it, and have labs for students to test their skills. These Bugcrowd University modules are designed to enable the crowd to spot and exploit Priority One level bugs, even in seemingly complex web applications.
(Intro) What makes a good submission
(Intro) Burp Suite Workshop
(Intermediate) Asset Discovery and Recon
(Advanced) XML External Entity Injection
(Advanced) Authorization & Access Control Testing (MFLAC, IDOR)
(Advanced) Server Side Request Forgery
(Advanced) Security Misconfiguration (Git, AWS, Subdomain, ++)
These trainings are 100% FREE to all ROOTCON attendees, first come first served basis only!
Our theme this year Hackers: Heroes of the Computer Revolution, with a retro feel.
With RC12 just around the corner, hearing those 56k dial-up modem feels so nostalgic.
ROOTCON 12 is now on full swing. Here are some updates for you
Talks lineup - 15 talks for two days
Speakers lineup - get to know the speakers
Schedule - what to expect on your two day hacking conference experience
We were overwhelmed with the submissions we received this year, here are the new set of talks freshly baked from the CFP review board.
True hackers hides behind the shadows, a retro hacker party organized by Nullforge Security Inc.
Where: UNDISCLOSED LOCATION
When: September 26, 2018 2000 HRS
NullForge Security, Inc. is a premier cybersecurity company helping businesses protect their data, people, and their brands. Our passion and dedication to cybersecurity greatly reduce security risks and enable companies to focus on their core business.
Looking for another party? Checkout the Parties and Meet-ups
We were overwhelmed with the submissions we received this year, here are the new set of talks freshly baked from the CFP review board.
Binary Patching for code injection
Bug Bounty Hunting on Steroids
Cyber Security Threats to Telecom Networks
Defending cloud Infrastructures with Cloud Security Suite
Exploiting ActionScript3 interpreter
Expl-iot: Hacking IoT like a boss
Fire & Ice: Making and Breaking macOS firewalls
How to rob a bank over the phone!
IoT and JTAG Primer
Mind the (Air) Gap
Are you into cars? Are you into hacking? or both? You're in luck! the author of The Car Hacker's Handbook will be at ROOTCON 12 as a keynote speaker.
Introducing our ROOTCON 12 Keynote Speaker, Craig Smith.
Craig Smith is the Director of Transportation Security and Research at Rapid7, a cybersecurity analytics and automation company. He is also the founder of Open Garages, a distributed collective of performance tuners, mechanics, security researchers and artists. Craig authored the "Car Hacker's Handbook", the de facto guide to automotive security. At Rapid7, Craig runs the Transportation Practice, which specializes in providing strategic consultancy and deep technical expertise to the transport industries. His work includes extensive testing for innovative new technologies being developed in the automotive industry. Craig has developed many free and open source tools to help teach others about vehicle security. Craig has worked in security for over 20 years, with a focus on automotive and other types of transport for the last 7 years.
We are stoked to announce the first round of talks for ROOTCON 12.
Call Of Duty - Modern Browser Warfare - The discussion flow would start from the importance of browsers, need for security within it, my research and vulnerabilities found, and finally demonstration of zero day, apart from other exploits and attacks, against browsers. The talk would conclude with a discussion around remediation efforts to protect these attacks.
Cracking Financial Systems - Recent attacks provide insight on cyber assaults which could halt the global economy. Financial systems are little more than a set of promises between various online and real life entities. Processes designed to make financial services safe have created new vulnerabilities. If systemic institutions were compromised, panic could spread.
Exploits in Wetware - Robert discusses his third place experience at the Defcon 2017 SE CTF and how his efforts clearly show how easy it is to get sensitive information from any organization. The 2017 Verizon report clearly shows the dramatic growth rate of social engineering attacks and Robert demonstrates how he collected hundreds of data points from the target organization using OSINT techniques. He then goes into the vishing strategy he implemented to maximize the points he collected in the 20 minute live contest. Without much effort Robert was able to know their VPN, OS, patch level, executive personal cell phone numbers and place of residence.
How (not) to fail at hardware - A lot of security is being moved into hardware. This doesn't fix security, it just makes it smaller. Security professionals have a good handle on network and application security, however when it comes to doing hardware testing, things are not as easy as they seem.
NFC Payments: The Art of Relay & Replay Attacks - Relay and replay attacks are more prevalent in the payment industry than ever, becoming more complex and sophisticated day by day. We are not just seeing simple skimming techniques but complex attack vectors that are a combination of technologies and implementations involving SDR, NFC, APDU, hardware emulation design, specialized software, tokenization protocols and social engineering.
SAP Incident Response, how to attack and defend! - SAP is a core part of the business-critical infrastructure of 95% of the biggest companies in the world, these companies rely on SAP to perform their most sensitive daily operations such as processing employees payroll and benefits, managing logistics, managing suppliers / customers, material management, releasing payments to providers, credit cards processing, business intelligence, etc.
Walrus: Make the most of your card cloning devices - Walrus enables you to use your existing contactless card cloning devices with your Android device. Using a simple interface, cards can be read into a wallet to be written or emulated later.
Check out the complete synopsis of the talks.
ROOTCON 12 is coming to life, master plan has been laid-out, CFP submissions are slowly coming-in, contests and events are being finalized, and today we open
the doors for Early registration! This will only run from April 16 - May 16.
There will still be two mode of payments that will be accepted, direct deposit and through Paypal. Blackcard holders with their discount codes should select "Regular Rate" to apply the discount.
ROOTCON 12 Call For Papers is open! Want to share those new research, shiny new exploits and exploitation techniques? Now is the best time.
Topics of interest but not limited to:
- Real-life hack (responsible disclosure required)
- Non-tech hacking
- New tool release
- Exploit Development
- Reverse Engineering
- Web Application Attacks
- Tools 101 (Metasploit, Nmap, etc…etc…)
- Wireless Attacks (3G, 4G, 802.11(x))
- Cloud Security
- Vulnerability Discovery
- OS Level Vulnerabilities
- Physical Security (Lock picking – Digital Locks or Digital Safes)
- SQL Injections
- Vendor Appliance Vulnerabilities
- Exploitation Techniques
- Mobile Security
Interested to submit? Fill-out the Call For Papers form.
CFP will close on June 09, 2018. Good luck!
With the Call For Papers just around the corner, we are proud to announce our Call For Papers Review Board for ROOTCON 12.
Bill Breen is a computer security subject matter expert in several domains. He is currently living in SE Asia and continues to work in the computer security arena. Mr. Breen has spent 17 years doing information security work for a Fortune 100 company. Work related to incident response, forensics, risk assessments, perimeter security and implementing security policy on a global scale. Mr. Breen has been a senior planner for the DEF CON security conference for over 12 years, and is on the CFP review board for DEF CON and BlackHat Asia. Mr. Breen is a very proud member of the Ninja Network hacker group, and has been involved in the hacking community for over 23 years.
Maxi Soler has more than 10 years of experience in Information Security, his work has been oriented towards Penetration Testing, for Web and Mobile Application Security. Maxi is part of Black Hat Arsenal Review Board and has had the opportunity to deliver lectures in conferences such as Black Hat, DEF CON, OWASP AppSec, EKOParty, Andsec, H2HC, 8dot8 and many important conferences. He is the CTO of ArtsSEC a company securing the digital transformations.
Mon provides security consulting with a special focus to financial services, government systems, and telecommunications industries, while teaching Computer and Network Security for graduate students in UP Diliman. He is currently taking his PhD in Computer Science from the University of the Philippines, Diliman majoring in Security, researching on Wireless Networks, Software Defined Radio (SDR), Software Defined Networks (SDN), and Hypervisor Security. At DEF CON 24, he and his teammate Siege won the much coveted DEF CON Black Badge for winning the CTP Contest. They are now free for life at DEF CON aside from bragging rights. Mon regularly takes certifications such as GSEC, GNFA, GWAPT, GCIH, GASF, CISA, CISM, CICP, GXPN among others as a form of entertainment.
Jay Turla is an application security engineer at Bugcrowd Inc., and one of the goons of ROOTCON. He has been acknowledged and rewarded by Facebook, Adobe, Yahoo, Microsoft, Mozilla, etc. for his responsible disclosures. He has also contributed auxiliary and exploit modules to the Metasploit Framework and has presented at ROOTCON, Nullcon, and TCON. He used to work for HP Fortify where he performs Vulnerability Assessment, Remediation and Advance Testing.
ROOTCON has maintained it's balance between content and affordability this balance won't be possible without our sponsors who are supporting the conference and
the infosec and hacking community.
Take part in the Computer Revolution and become a key player in the cyber security transformation in the millennial era. Leverage on this platform to "Learn", "Collaborate" and "Network" with the future CISOs and Information Security practitioners in leading industries. This venue is the avenue where you can share the capability and strengths of your brand in information security.
Head on to the Sponsorship Tier to check which fits your branding exposure. Call For Sponsors will close August 30, 2018.
ROOTCON Black card was formerly known as ROOTCON Ambassadors card, the black card is a program created by ROOTCON for the attendees to enjoy yearly discounts and other perks.
1. 20% discount on ROOTCON tickets applicable only on regular rates.
2. 10% off on all official ROOTCON swags.
3. FREE Entrance on ROOTCON Hackerspace activities.
4. FREE drinks at the ROOTCON chill-out area on the day of the event.
5. Priority lane during ROOTCON event check-in.
* Exclusive PC, laptops and more discounts (in negotiation with partners)
We are now accepting Blackcard registration, this registration only happens once a year so don't miss your opportunity, to register just follow the link below.
With only 200+ days to go ROOTCON 12 is slowly coming to life and plans has been laid out, whether you are joining for the tracks, update your skills with the trainings,
join the gruelling contests, hosting a contests or activities or just to meet old and new friends. We are making sure you won't miss a single bit to the ROOTCON 12 road.
Here it is the ROOTCON 12 Timeline
Feb - March - Blackcard Application Opening (Blackcard registration)
April - June - Earlybird Registration (P8,050.00)
June - August - Regular Registration (P9,150.00)
Discounts like Blackcard, Students rate and Group rates will be posted on the registration page.
Call for Chaos
Feb - August - Call For Sponsors
April - June - Call For Papers
April - June - Call For Trainings
April - June - Call For Hosts
Parties & More
July - August - Zero-Hour party registration
July - August - CTF Registration
Time to gear up and get ROOTCON 12 a kick-off, starting off with our first task the ROOTCON 12 theme.
Event themes will give us the feel and vibe on the conference each year, last year we had Humans meets IoT where we had a vibe of knowing the troubles and insecurities on IoT devices.
This year we thought of giving highlights on the hacker community and the culture it's living, our theme will be Hackers: Heroes of the Computer Revolution which is based from the novel written by Steven Levey, on his novel he discussed about hacker culture and that he thought hackers were fascinating people, adventurers, visionaries, risk-takers and artists rather than what most ordinary nowadays pictured the word "hackers". The look n feel of this years theme will be carrying a Retro and 8-bit feel.
Coming together as a hacker family. We are very much stoked to announce that Blackhat Asia and ROOTCON are now community partners. Blackhat will be giving discounts to
ROOTCON & Philippine hackinng community.
Blackhat Asia will be held on March 20-23, 2018 at the Marina Bay Sands in Singapore! More details at Blackhat Asia
Use promo code DAX18br to save S$225. Register now!