ROOTCON 14 Recovery Mode

October 7-10, 2020 Zoom Webinar, Discord, Twitch
Media direct downloads || Back to past events


2 wires and 2 wheels: Bikes can do CAN too
by: @canbusdutch
(PDF) (Video)
"Most motorcycle manufacturers started using CAN in the early 2000s, and since then, more and more devices have been added to CAN networks on bikes. ABS, traction control, navigation systems, luxuries like heated grips, basics like lighting and advanced diagnostics, but for some reason, they still haven’t grabbed the attention of car hackers. Why? I hope to open the door to this field, and help gain popularity in motorcycle CANbus hacking.

Through this adventure, you’ll follow me as my passion for motorcycles, goes headfirst into my passion for computers, and I build tools and software to reverse engineer my motorcycle's CAN system.

Python scripts, microcontrollers, pulse width modulation, some potentiometers, and a bit of what I like to call “Ruthless Engineering”, has helped me finally reach the pinnacle of CAN bus packet reversing. We’ll cover some engine simulation, execute some packet capture session analysis, and put it all back together again, for the development of an aftermarket gauge cluster."

A deeper diving on shellcode...
by: unixfreaxjp
(PDF) (Video)
Shellcode is often spotted to execute a malformed code in a way that can trigger the injection or further exploitation process, or other operations, mostly used in offensive ways.

In this presentation I would like to describe more advance method in handling malicious shellcode cases I dealt in Linux operating systems on several architectures.

But beforehand I will to try to present several basics & category of shellcode in a simple and practical ways that maybe can help other analysts or RE beginners to help in recognizing which type of shellcodes and how to handle them in their work on their blue-team's field.

This is a sequel of my previous presentations at:

2018: R2CON2018 "Unpacking the non-unpackable Linux malware"
2019: HACKLU2019 "Linux Fileless Malware and Post Exploitation"

Automating Threat Hunting on the Dark Web and other nitty-gritty thingso
by: Apurv Singh Gautam (@ASG_Sc0rpi0n)
(PDF) (Video)
What's the hype with the dark web? Why are security researchers focusing more on the dark web? How to perform threat hunting on the dark web? Can it be automated? If you are curious about the answers to these questions, then this talk is for you. Dark web hosts several sites where criminals buy, sell, and trade goods and services like drugs, weapons, exploits, etc. Hunting on the dark web can help identify, profile, and mitigate any organization risks if done timely and appropriately. This is why threat intelligence obtained from the dark web can be crucial for any organization. In this presentation, you will learn why threat hunting on the dark web is necessary, different methodologies to perform hunting, the process after hunting, and how hunted data is analyzed. The main focus of this talk will be automating the threat hunting on the dark web. You will also get to know what operational security (OpSec) is and why it is essential while performing hunting on the dark web and how you can employ it in your daily life.

Blockchain Based OT Monitoring Solution (BBOTMS)
by: Asif Hameed Khan / Gagan Jattana
(PDF) (Video)
Industrial Control Systems (ICS) are no longer an Isolated system. Industrial Control Systems (ICS) are having internet connectivity capabilities. The rise of IIoT/Industry 4.0 has opened the gateway for an adversary to attack the OT environment. The last decade has shown tremendous growth of cyber-attacks on OT/ICS environments ranging from Stuxnet malware to Industroyer, Shamoon, and Triton SIS devices compromise to name a few. As the cyber-related issues are rising, it is necessary to build threat detection and monitoring capabilities for an enterprise to detect and respond to sophisticated cyber threats. This work presents a novel approach for robust monitoring of OT/ICS environment based on the blockchain technology.

Discover vulnerabilities with CodeQL
by: Boik Su (@boik_su)
(PDF) (Video)
- In this talk, I'll give a little bit of introduction to CodeQL and its practical functionality. Besides, I'll showcase some vulnerabilities that I found through utilizing CodeQL's powerful static and taint analysis. There's even one flaw that could lead to RCE! Consequently, the audience will understand the concepts of static analysis, taint analysis, data flow analysis, and so on after the talk.
- In addition to finding flaws, developers gaining such experiences can also take advantage of using CodeQL's powerful features to improve the SSDL cycle and have security baseline enacted for large codebases.

From an 'IVI in a box' to a 'CAR in a box'
by: Ian Tabor (@mintynet)
(PDF) (Video)
The talk will have details of the vulnerability I found in my 2015 DS5 Limited Edition. I decided to build an 'IVI in a box' to further test the hardware for further exploits, this posed its own challenges. There is information on how I found a major vulnerability in a vehicle which paid out some money to allow me to complete the ‘car in a box’.

The talk also details the additional hardware that was used to make PD0 'car in a box' think that the engine is working, the wheels are turning and other sensors are also working.

Hackers Don't Wear Black Hoodies, They Wear Capes
by: Chloé Messdaghi
(PDF) (Video)
Sixty percent of hackers don’t submit vulnerabilities due to the fear of out-of-date legislation, press coverage, and companies misdirected policies. This fear is based on socially constructed beliefs. This talk dives into the brain's response to fear while focusing on increasing public awareness in order to bring legislation that supports ethical hackers, ending black hoodie and ski mask imagery, and encourage organizations to support bilateral trust within their policies.

High Value Adversary Emulation through Purple Team and the C2 Matrix
by: Jorge Orchilles and Bryson Bort
(PDF) (Video) Adversary Emulation is a type of ethical hacking engagement where the Red Team emulates how an adversary operates, leveraging the same tactics, techniques, and procedures (TTPs), against a target organization. The goal of these engagements is to train and improve people, process, and technology. This is in contrast to a penetration test that focuses on testing technology and preventive controls. Adversary emulations are performed using a structured approach following industry methodologies and frameworks (such as MITRE ATT&CK) and leverage Cyber Threat Intelligence to emulate a malicious actor that has the opportunity, intent, and capability to attack the target organization. Adversary Emulations may be performed in a blind manner (Red Team Engagement) or non-blind (Purple Team) with the Blue Team having full knowledge of the engagement.

Command and Control is one of the most important tactics in the MITRE ATT&CK matrix as it allows the attacker to interact with the target system and realize their objectives. Organizations leverage Cyber Threat Intelligence to understand their threat model and adversaries that have the intent, opportunity, and capability to attack. Red Team, Blue Team, and virtual Purple Teams work together to understand the adversary Tactics, Techniques, and Procedures to perform adversary emulations and improve detective and preventive controls.

The C2 Matrix was created to aggregate all the Command and Control frameworks publicly available (open-source and commercial) in a single resource to assist teams in testing their own controls through adversary emulations (Red Team or Purple Team Exercises). Phase 1 lists all the Command and Control features such as the coding language used, channels (HTTP, TCP, DNS, SMB, etc.), agents, key exchange, and other operational security features and capabilities. This allows more efficient decisions making when called upon to emulate and adversary TTPs.

It is the golden age of Command and Control (C2) frameworks. Learn how these C2 frameworks work and start testing against your organization to improve detective and preventive controls.

The C2 Matrix currently has 48 command and control frameworks documented in a Google Sheet, web site, and questionnaire format.

How I Pwned the ICS data during my internship
by: Shail Patel
(PDF) (Video) As part of my summer graduate internship, I was hired by NREL as a cybersecurity intern to perform security evaluations on a grid based ICS network. There was a need to develop, validate and deploy a unique and innovative architecture that comprehensively addresses the challenges associated with the proliferation of high penetration of distributed PV systems such as reverse power flows, feeder load balancing and voltage stability. Having considering this type of architecture which includes Advanced Distributed Management System (ADMS), a Beaglebone pi controller, Real-Time Automation Controller (RTAC), Grid Edge Management System (GEMS), a local python script that communicates between these devices, and unencrypted communication protocols like Modbus and DNP3 being used, there was a need to perform vulnerability assessments on these devices to test the confidentiality and integrity of the data being flowed between these devices. Thus, I performed packet capture analysis, vendor device analysis and local NREL device analysis on them and observed interesting results.

Pentesting disclosed various bugs and loopholes as a result of the use of insecure protocols like Modbus and DNP3. Some of the classic examples I discovered are Default credentials for the Inverter, LFI in BeagleBone image, lots of open network ports, capacitor bank statuses, and lots of plaintext values in the communication model. I also devised measures to protect the DNP3 and Modbus data in transit which I will introduce in this talk. Thus, the purpose of this talk would be focused on need to secure the ICS/SCADA data which has no built-in security and possess challenges.

I've Injected a DLL - You Won't Believe What Happened Next!
by: @CaptnBanana
(PDF) (Video)
"Over the past year I've noticed that many people are particularly interested in the field of multiplayer game hacking, since these kinds of blog posts get quite a few clicks on my blog. Detailed information of good quality on this topic is hard to find on the internet, especially documentation of game hack source codes. I think this topic is quite interesting and fascinating at the same time since game hacks are able to precisely alter the inner workings of other processes by employing modifications of assembly code or memory segments. What's even better is that people with experience in game hacking are able to transfer the knowledge into various other fields, like exploit development and antivirus evasion research. Hence, game hacking is a win for everyone :)

These are the reasons why I decided to dig into this topic myself, with the goal to share my research, code and knowledge afterwards. During the last years I've implemented various game hacks for two different games:

- A hack for the Quake3 engine based game Jedi Academy: It allows you to view enemies trough walls (wallhack), it automatically aims (aimbot) and shoots (triggerbot) at enemies. Also, it has various other very game-specific features and some convenience functions like adding custom shaders to enemies to make them more visible. Even though the game is kind of retro, the techniques I've used can be applied to modern games too.

- Hacks for the game Counter Strike: Global Offensive: It makes you immune to flash grenades that would normally block your view. It's able to hook the 3D engine of the game to add custom content to the screen, like information on other player's current weapon and status. Also, I've implemented an aimbot that's very different to the one from the other game since the underlying game engine is also different.

During the talk I will explain two methods to implement a game hack:

1. Internal Hacks: It basically works by injecting a custom DLL into the game process that's able to hook and modify game functions. I'll also explain how to implement hooking from scratch without using an external library.

2. External Hacks: They run in their own process and constantly read and write the game memory of the game process in order to alter it at runtime.

As you can imagine, implementing the same cheat, e.g. the aimbot, is quite different when doing it internally versus externally."

Inside the Mind of a Threat Actor: Beyond Pentesting
by: Phillip Wylie
(PDF) (Video) Red team is a commonly misunderstood offensive security discipline. Red team has been used as a general term for all areas of offensive security just as blue team for defensive security. True red teaming goes Beyond Pentesting and into more adversarial emulation. While there are overlapping skills, there are differences that will be discussed as Phillip shares his experience of going from a pentester to a red teamer. In this talk, you will learn about the different areas that make up red team operations, common tools, and the path to becoming a red teamer. In this presentation, you will learn about resources helpful for a path into red teaming.

Offensive Embedded Exploitation : Getting hands dirty with IOT/Embedded Device Security Testing
by: Kaustubh Padwad
(PDF) (Video) "The world is moving towards smart culture everything nowadays is smart, and mostly all are those smart devices are basically embedded devices with internet connectivity or some provision to connect with the internet. Since these devices are booming in market this also tempting lots of people/groups for hacking.

In this 1 hour talk we will discuss how to test the embedded/IoT devices, it would give you a methodology for assessment, how to perform firmware analysis, identifying vulnerable components, basic approach for reverse engineering the binaries to discover potential remote code execution, memory corruption vulnerabilities by looking for native vulnerable functions in C or bad implementation of functions like System, popen, pclose etc.

After conducting static analysis,firmware analysis we will move towards dynamic testing approch which include web application testing, Underlying OS security testing, identifying vulnerabilities and misconfiguration in device. At last we will move towards fuzzing the device via web application parameters and installing aproppriate debugger on device to identify memory corruption vulnerabilities."

Payload delivery for initial access in Adversary Simulation exercise
by: Bourbon Jean-Marie aka "kmkz"- @kmkz_security
(PDF) (Video) How to perform payload delivery and compromise a company that have a very small attack surface during Adversary Simulation exercise? Let's talk about this!

As red team we know that a decisive task is to gain initial access... and it is not that easy in 2020. The goal of this talk is to provide a real feedback from battlefield on how to deal with all mitigation and blue teamers in order to gain initial access in restricted environments.

Some droppers example, payloads and other real-life oriented TTPs will be shared during this talk (no magic but working!) as well as some idea on how a blue team can catch attacker using some quick-wins solution.

Pursuing Evasive Custom Command & Control (C3)
by: Mark Ian Secretario / Renzon Cruz
(PDF) (Video) - Investigating in-memory attacks leveraging legitimate 3rd party services like Dropbox, OneDrive, and Slack to use as a medium for Command & Control Communication
- Detecting usage and exfiltration optimizing custom command & control channels
- Part of this talk is performing a forensics investigation to a large footprint of artifacts when utilizing cloud storage such as OneDrive, Dropbox, Box, GoogleDrive

Quark Engine - An Obfuscation-Neglect Android Malware Scoring System
by: JunWei Song / KunYu Chen
(PDF) (Video) "Android malware analysis engine is not a new story. Every antivirus company has their own secrets to build it. With curiosity, we develop a malware scoring system from the perspective of Taiwan Criminal Law in an easy but solid way.

We have an order theory of criminal which explains stages of committing a crime. For example, crime of murder consists of five stages, they are determined, conspiracy, preparation, start and practice. The latter the stage the more we're sure that the crime is practiced.

According to the above principle, we developed our order theory of android malware. We develop five stages to see if the malicious activity is being practiced. They are

1. Permission requested.

2. Native API call.

3. Certain combination of native API.

4. Calling sequence of native API.

5. APIs that handle the same register.

We not only define malicious activities and their stages but also develop weights and thresholds for calculating the threat level of a malware.

Malware evolved with new techniques to gain difficulties for reverse engineering. Obfuscation is one of the most commonly used techniques. In this talk, we present a Dalvik bytecode loader with the order theory of android malware to neglect certain cases of obfuscation.

Our Dalvik bytecode loader consists of functionalities such as 1. Finding cross reference and calling sequence of the native API. 2. Tracing the bytecode register. The combination of these functionalities (yes, the order theory) not only can neglect obfuscation but also match perfectly to the design of our malware scoring system.

Further, we will also show a case study of Android malware and demonstrate how the obfuscation technique is useless to our engine. Last but not least, we will be open-sourcing everything (Malware Scoring System, Dalvik Bytecode Loader) during our presentation."

ReconPal: Leveraging NLP for Infosec
by: Nishant Sharma & Jeswin Mathai
(PDF) (Video) Recon is one of the most important phases that seem easy but takes a lot of effort and skill to do right. One needs to know about the right tools, correct queries/syntax, run those queries, correlate the information, and sanitize the output. All of this might be easy for a seasoned infosec/recon professional to do but for rest, it is still near to magic. How cool it will be to ask a simple question like “Find me an open Memcached in Manila with UDP support?” or “How many IP cameras in Phillippines are using default credentials?” in WhatsApp chat or a web portal and get the answer?

The integration of GPT-3, deep learning-based language models to produce human-like text, with well-known recon tools like Shodan can allow us to do the same. In this talk, we will cover how such integration can be done with Shodan and other recon tools. And, how this functionality can be extended to cover other popular tools. The code will be open-source and made available after the talk.

Zero Trust in the Era of Cloud
by: Vandana Verma Sehgal aka InfosecVandana
(PDF) (Video) Cloud is the new cool thing, everyone wants to be in cloud but what about security and compliance standards. How do organizations manage safety as well as security in the era of cloud. The concept of everyone inside the network being good or trusted is blown out of the water with cloud deployments. Effectively everyone is a tenant on a big server farm when it comes to cloud.

The only way forward is to not trust anything or what can be called a zero trust model. This talk will explore the concept of zero trust and will try to demystify zero trust models. The talk will focus on implementation and deployment scenarios of zero trust for organizations. How should the business prepare for the transition, what are the architectural requirements and what policies are required to be implemented?

We will conclude the talk with some recommendations based on our own experience dealing with zero trust deployments across a broad spectrum of clients and market segments.


Derrick is a corporate IT infrastructure professional, Cyber security hobbyist and motorcycle enthusiast, with more than a decade involved in the fields. When Derrick isn’t consulting for major firms in the San Francisco area, feeding his autodidact addiction, or working on independent projects, he can be briefly seen as a blur passing you on the highway.

@CaptnBanana enjoys reverse engineering and exploit development. He blogs regularly about these topics at his blog Recently he got into the field of game hacking and is here to present his research. Also, @CaptnBanana is a red teamer and penetration tester at @codewhitesec. He likes bananas.

Apurv Singh Gautam (@ASG_Sc0rpi0n)
Apurv Singh Gautam is pursuing his Master's in Cybersecurity from Georgia Tech. He commenced work in Threat Intel/Hunting 2 years ago. Throughout his professional career, he worked on hunting threats from both clear web and dark web and is also involved in performing HUMINT on the d2web. He is very passionate about giving back to the community and has already conducted several talks and seminars in local security meetups, schools, and colleges. He loves volunteering with Cybrary and Station X to help students make their way in cybersecurity. He looks forward to the end of the day to play and stream one of the AAA games Rainbow Six Siege.

Asif Hameed Khan
Asif Hameed Khan is an independent OT/ICS Cybersecurity Researcher. He has an expertise in OT/ICS Cybersecurity, ISA 62443 Audit and Compliance, Cyber Threat Intelligence, Digital Forensics and Incident Response, Malware Analysis, and Honeypots. He published research papers in the field of Artificial Intelligence and Cryptography. He is currently exploring areas where concepts of Blockchain, Artificial Intelligence and Swarm Intelligence are applicable in Cybersecurity. He runs the platform namely OTISP- OT Threat Information Sharing Platform on LinkedIn, Github, and Twitter.

Bryson Bort
Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a boutique cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is an R Street Senior Fellow and an Advisor to the Army Cyber Institute. Prior, Bryson led an elite offensive capabilities development group. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. ‍

Bryson received his Bachelor of Science in Computer Science with honors from the United States Military Academy at West Point. He holds a Master’s Degree in Telecommunications Management from the University of Maryland, a Master’s in Business Administration from the University of Florida, and completed graduate studies in Electrical Engineering and Computer Science at the University of Texas.

Boik Su
Boik Su is currently in CyCraft as a security researcher focusing on web security and threat hunting. He has received some awards from CTFs, been the speaker at various security conferences like [email protected], ROOTCON 13, OWASP Global AppSec - DC, AVTokyo, NanoSec, and others like OSCON and Taiwan Modern Web. He is also the lecturer at HITCON Training and National Center for Cyber Security Technology in Taiwan.

Bourbon Jean-Marie aka "kmkz"- @kmkz_security
Jean-Marie (kmkz) is an experimented Penetration tester and Red/Purple teamer that works now as a team leader in Luxembourg. His favorite part is post-exploitation, physical security and initial accessing in the most realistic condition that he consider as the most useful approach in term of security challenging human, processes, technologies etc.

He was speaker in "Nuit du Hack, Paris in 2011" , and more recently he presented talks in "Security Bsides, Dublin 2019", "Swiss CyberSecurity Day 2020" and other smaller event such as "JS meetup, Luxembourg 2019".

Chloé Messdaghi
Chloé Messdaghi is the VP of Strategy at Point3 Security. She is a security researcher advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & the President and cofounder of Women of Security (WoSEC), podcaster for ITSP Magazine's The Uncommon Journey, and runs the Hacker Book Club.Twitter: @ChloeMessdaghi

Ian Tabor
Network / security architect that has a passion for car hacking, found vulnerabilities in his own car and private Car bug bounties.

Now runs Car Hacking Village UK and is part of the team behind CHV at defcon.

Has created the nano-can pcb and software, which can allow potential car hackers to build a cheap OBD2 (<£10) car hacking device.

Jeswin Mathai (@jeswinmathai)
Jeswin Mathai (@jeswinmathai) is a Researcher at Pentester Academy and Attack Defense. He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo labs (DEFCON). He has also been a co-trainer in classroom trainings conducted at HITB, RootCon, OWASP NZ Day. He has a Bachelor degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. His area of interest includes Malware Analysis and Reverse Engineering, Cryptography, WiFi security, and Web Application Security.

Jorge Orchilles
Jorge Orchilles is the Chief Technology Officer of SCYTHE and co-creator of the C2 Matrix project. He is a SANS Certified Instructor and the author of Security 564: Red Team Exercises and Adversary Emulation. He was a founding member of MITRE Engenuity Center of Threat-Informed Defense. He is a Fellow at the Information Systems Security Association (ISSA) and National Security Institute. Prior, Jorge led the offensive security team at Citi for over 10 years. ‍

He also co-authored Common Vulnerability Scoring System (CVSS) and A Framework for the Regulatory Use of Penetration Testing in the Financial Services Industry, and author of Microsoft Windows 7 Administrator’s Reference. Jorge holds post-graduate degrees from Stanford and Florida International University in Advanced Computer Security & Master of Science. Jorge speaks English, Spanish, and Portuguese, in decreasing levels of fluency. When he’s not hacking, teaching, or writing, you’ll find him watching and playing soccer.

Junwei Song
JunWei is a Security Researcher from Taiwan. A paranoid Pythonista who focuses on cybersecurity, reverse engineering, and malware analysis. And as a PyCon Taiwan Program Committee, presented at DEFCON, HITB, ROOTCON, PyCon Europe/TW/KR/MY. He’s the co-founder of Quark-Engine and a security research group, TWBGC.

Kaustubh Padwad
Kaustubh is a Device security Assurance Manager at Reliance Jio Infocomm limited, his main work include Securing JIO’s Cutting Edge Enterprise, Consumer, and SMB(small,Medium,Big) business products. His main area of interest is Device security,Reverse engineering, discovering RCE,Priv-esc bugs in proprietary or close source devices. He was Null champion, He had deliver more than dozens of talk in null meet and he was champion for 3 years in null community. Also he is a speaker at Owasp SeaSide 2020,Some of his works are published in SecurityWeek, ExploitDB, and have more than Dozens of CVE, Recently he was the winner of SCADA CTF @ nullcon 2019.

KunYu Chen
KunYu Chen is a security researcher at Telecom Technology Center, Taiwan. Since 2014, he has been engaged in honeynet system research and the automation of malware analysis. Also, he’s an open source activism who contributes to CPython, viper-framework and the founder of Quark-Engine and a security research group, TWBGC. He presented at HITCON CMT 101, PyCon Korea, PyCon Taiwan and COSCUP.

Mark Ian Secretario
Mark Christian Secretario is a security professional who has 8 years of experience who holds different positions throughout his career like Security Analyst, Incident Responder, and now working as Senior Penetration Tester. He is also the Founder of GuideM, a cybersecurity training provider in The Philippines that conducts real-world cybersecurity training and assessments. He also holds multiple offensive certifications including OSCP, OSCE, CRTP, CRTE, CRTO, CCNP, CFR & CCNA CyberOps. His interest is towards on offensive security, red teaming, exploit development, security architecture & purple teaming and likes to play different CTF such as Netwars.

Phillip Wylie
Phillip Wylie is the Senior Red Team Lead for a global consumer products company, Adjunct Instructor at Dallas College, and The Pwn School Project founder. Phillip has over 22 years of experience with the last 8 years spent as a pentester. Phillip has a passion for mentoring and education. His passion motivated him to start teaching and founding The Pwn School Project a monthly educational meetup focusing on cybersecurity and ethical hacking. Phillip teaches Ethical Hacking and Web Application Pentesting at Dallas College in Dallas, TX. Phillip is a co-author of the soon to be published book based on his talk "Thee Pentester Blueprint." Phillip is a co-host for The Uncommon Journey podcast. Phillip holds the following certifications; CISSP, NSA-IAM, OSCP, GWAPT.

Renzon Cruz
Renzon Cruz, a Filipino security professional living in Doha who works as Sr. Security Consultant in a government and part of a national cybersecurity operations center. Prior to working to Doha, he works as Sr. Security Analyst & Incident Responder and was also a previous college instructor at New Era University, Philippines. He was also accepted to various international conferences as a speaker such as BSides Vancouver (2019), BSides London (2019) & BSides Doha just this year. He is also a co-founder, course developer and instructor of GuideM, a real-world cybersecurity training provider based in the Philippines. He also holds different certifications such as GCFE, GCIH, eCTHP, eCDFP, eJPT, CFR, ITIL, MCS, MCP. His interest is towards defensive strategy, threat hunting, digital forensics, and incident response, malware analysis and purple teaming.

Shail Patel
I am a security enthusiast, researcher, and an engineer by profession having been involved in the info-sec community since 2+ years now. I hold a master's degree in cybersecurity from the University of North Carolina at Charlotte and two industry certifications (AccessData Certified Examiner, CompTIA Security +). I have worked on numerous security concepts and frameworks, though my research interests include red teaming, malware analysis, digital forensics and automation.

a security engineer, currently a cyber threat analyst and RE in IR field of cyber incident management in Cyber Emergency Center of LAC/LACERT, Tokyo, Japan. For coding, I am a practical UNIX related coder, unixfreaxjp coded in some languages without flavors and he don’t like to do specific indentation. unixfreaxjp code environtment is on the shell, mostly on the VT100-base.

unixfreaxjp do programming in: Perl, Shell scripts, C, Python, Assembler or a bit of Ruby, with some web programming like: PHP, Java(+/-JavaScript), and also some VB/PowerShell etc. Currently unixfreaxjp on LUA, Cython and Go for DFIR/RE purpose.

Nishant Sharma (@wifisecguy)
leads R&D at Pentester Academy and Attack Defense. He has 8+ years of experience in the information security field including 6+ years in WiFi security research and development. He has conducted classroom trainings in Blackhat USA, HITB Amsterdam/Singapore, RootCon, OWASP NZ Day. He has presented research and conducted workshops at Blackhat USA/Asia, DEF CON China, HITB, RootCon, Packet Hacking Village, Wireless Village, IoT village, and Demo labs (DEFCON USA). Prior to joining Pentester Academy, he worked as a firmware developer at Mojo Networks where he contributed in developing new features for the enterprise-grade WiFi APs and maintaining the state of art WiFi Intrusion Prevention System (WIPS). He has a Master's degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi and IoT security, Linux security.

Vandana Verma Sehgal aka InfosecVandana
Vandana Verma Sehgal is a seasoned security professional with over a decade worth of experience ranging from application security to infrastructure and now dealing with DevSecOps. She is currently working as a Security Architect. Vandana is a global speaker and Women in Cyber Security Advocate. She received Global cybersecurity influencer among IFSEC Global's "Top Influencers in Security and Fire" Category for 2019. She recently received Cybersecurity Women of the year award by Women Cyberjutsu Society in the Category "Secure Coder." She has also been listed as one of the top women leaders in this field of technology and cybersecurity in India by Instasafe. She works with various communities (InfoSecGirls, OWASP, WoSec and null) and is passionate about increasing female participation in Infosec space. She has trained over 1000 Diversity Participants around the globe on Web Application Security. She was a keynote speaker at Owasp Global AppSec DC, 2019. She has spoken and trained at various conferences AppSec Europe, AppSec USA, NullCon, Security Guild 2019, BSides Delhi, c0c0n (Kerala Police Conference), Global AppSec Tel Aviv, and Black Hat US 2019. She is part of the crew for OWASP Seasides and BSides Delhi conferences. She also does CFP Reviews for AppSec Europe, Global AppSec Tel Aviv, Global AppSec DC and Grace Hopper US 2019 (Security/Privacy Review Track).


Car Hacking Village

Red Team Village

Contest Winners
Receives the Black Badge entitled them for free entrance for next years conference.

Capture The Flag
To be updated...





Community Partners


Unfortunately there isn't too much we can take picture of since it's virtual. We do have screenshots :)