Partial RC17 Archives
Posted on: 10.12.23
With immense gratitude, we can now put ROOTCON 17 to the books, leaving us with unforgettable memories, experiences, and of course, a wealth of knowledge to carry forward. Our sincerest thanks to all con-goers, sponsors, speakers, and staff who made ROOTCON 17 a resounding success.
Today we are excited to announce that our extensive archives are now partially processed and now available for viewing and download.
Check out ROOTCON 17 Archives page for details, if you want to indulge in watching the talks visit our
YouTube ROOTCON 17 Playlist.
Village Track videos are underway stay tuned.
Posted on: 09.22.23
We have been receiving calls, texts, and emails regarding the situation of the Taal Volcanic Smog. To clear things up, here is an official statement from both ROOTCON and Taal Vista Hotel.
Quote from Taal Vista Hotel Operations
"As of September 21, 2023 at 4:00PM per the advisory of the Municipal Disaster Risk Reduction and Management Office, there is a presence of volcanic smog caused by the Taal Volcano. Taal Vista Hotel is situated in Tagaytay City, Cavite, which is about 27 kilometers away from the Taal Volcano. While there is no immediate or direct hazard expected to affect Taal Vista Hotel at this time, the management continues to monitor the situation through constant coordination with the local authorities."
We are working closely with Taal Vista Hotel to monitor the situation and come up with a contingency plan should this situation worsen. The organizers are scheduling an ocular visit to our venue so we can assess the situation. The safety of our crew, con-goers, speakers, and sponsors is our utmost priority.
Keep your radars open on our social media channels for announcements.
Posted on: 09.22.23
The ROOTCON 17 Schedule LIVE! You may now starting planning your conference experience, parties to attend, villages to visit and of course sponsors to talk to.
ROOTCON 17 is almost here, we are just six days away from ROOTCON 17 and we are officially getting psyched.
Visit the RC17 Schedule Page, you can also download the handy RC17 Pocket Guide.
Posted on: 09.7.23
Are you ready to party? Cuz we are, the largest hacker party in the country by far is back this year!
Here's the whole shenanigans
Right after the Day 1 session, After-Dark Party will kick in drinks and a little pica is on us (limited while supply lasts).
Aside from all the party drinking that we will be having, the After-Dark Party will be hosting the first ROOTCON Beer Pong Championship (hacker style),
Our friends from Emerson who happened to be the sponsor for this party will also be hosting a networking session.
On the second day, we will be having our after-con party AKA Zerø-Hour together with the infamous Hacker Jeopardy.
You may register via Eventbrite and choose Zer0-Hour Party, limited seats only!
Your registration will cover your drinks (while supply lasts), pica and we will be having a live band!
We don't want to be a party pooper so have Taal Vista Mobile Bar on standby and ready to serve some beverages both alcoholic and non-alcoholic drinks but of course, this will be paid at your own expense.
Now that's one hell of a party, prepare those dance moves, splendid voice (if you are into singing) and of course those liver!
Can't wait to party with old and new friends! See you there!
Special mention to Taal Vista Hotel for allowing us to extend our party until 2:00AM! Yes you read that right!
Posted on: 09.1.23
We are days away from ROOTCON 17, and our villages are taking shape! Here is the initial line-up of village talks, more are underway.
Car Hacking Village Talks
Analysis of an In-vehicular network: From CAN bus to infotainment by Div0 CSQ
Present-day vehicles such as the Connected vehicles (CV) include wireless and external
functionalities that improve drivers' experiences. CV will continue to play a huge role in our daily
lives despite mass adoptions on Electric Vehicles (EV) and testing on Autonomous Vehicles (AV).
This talk will feature CSQ’s test bench 3 as we explore more features on Connected vehicles.
We will talk more about Infotainment systems and the difficulties we face with setting up bench 3 and go through the vehicular architectural differences between test bench 2 and 3. Finally, we will point out some learning points and challenges.
Blue Team Tricks - An overview of Automotive Defensive Engineering By Scott Sheahan
Sun Tzu said, "If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” This talk is for car hackers to learn about modern defense measures being added to ECUs and Vehicle Architectures.
Cellular Assault Village Talks
Uncovering Cellphone Risks: Interception and Other Mobile Attacks
In this talk, we'll explore the world of mobile security. We'll dive into how our everyday mobile devices and the communication system connect. We'll uncover different ways that hackers can attack mobiles, from intercepting calls to faking sender names in texts. We'll also dig into how these attacks work, like reading SMS over-the-air. We'll cover both passive and active ways that hackers intercept data. Passive ones quietly gather info transmitted between devices and cell towers. Active methods, on the other hand, pretend to be real cell towers to mess with communications. As we wrap up, you'll walk away armed with insights into the potential risks that our beloved mobile devices face and equipped with knowledge on safeguarding yourself against these digital threats.
Lockpick Village Talks
Safe Cracking 101: manipulating mechanical Group 2 safe locks
Mechanical safe locks have been around for a very very long time, and with good reason, many have no idea how they work. With the obscurity of this safety mechanism, we achieve security. In this talk, we explore the working mechanisms of Group 2 Safe locks, debunk some Hollywood myths and learn to exploit it's inherent weaknesses.
More details a the RC17 Villages
Posted on: 08.14.23
We are thrilled to unveil our highly anticipated and mind-boggling series of gruelling contests that are packed to challenge, inspire,
and reward the brightest minds within our community!
Capture The Flag
All our ovens are fired up for this year's ROOTCON CTF! This year, we are bringing you the most grueling ROOTCON CTF to date—all to achieve our goal of highlighting the best and the brightest talents that our local hacking community has to offer! As always, Pwn De Manila stands by its commitment to making intellectually-rewarding and painfully-meaningful CTF challenges that aim to meet ROOTCON's reputation and tradition of bringing organized chaos to con-goers every year.
Hacker Jeopardy
ROOTCON's signature post-Con party game is back this year with more challengjng trivias and alcoholic drinks! Unique this year are the special cocktails prepared by our creative Goons 😁 Think you're still smart enough after several shots and despite plenty of distractions from our lovely Hacker Jeopardy Babes? Then this game is for YOU!
The Mystery Challenge
An immersive challenge that will test your deductive skills, critical thinking, and ability to unravel a cryptic puzzle shrouded in intrigue and of course your hack-fu skills. Prepare to step into the shoes of an amateur sleuth as you navigate through the enigmatic twists and turns of The Mystery Challenge.
Posted on: 07.31.23
After deliberating all of our CFP submissions, today we are thrilled to share the final list of talks and speakers!
Here are the additional talks and speakers who made the cut for ROOTCON 17.
- A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor Evolution, and Lessons Learned
- Azure Illuminati: Unveiling the Mysteries of Cloud Exploitation
- Unleashing Cyber Chaos: Evolving Nexus Between Nation-State and eCrime Adversaries
- Scarlet OT - OT adversary emulation for fun and profit
- Crashing Cars, not Systems: Navigating the New Terrain of Browser Fuzzing in Automotive Headunits
- Active Directory Domination through Configuration Abuse and OPSEC
Posted on: 07.15.23
We are excited to share the final village line-up for this year.
Here's the final list of villages:
101 Village
Car Hacking Village
Cellular Assault Village
Lockpick Village
Recon Village
Red Teaming Village
For details checkout the Villages page.
Posted on: 05.31.23
RC17 Website is starting to beef up its contents, today we are thrilled to announce the first round of talks. Whether you are an industry professional, a student, a security researcher, or simply curious about hacking conference, we welcome you to join us in this enriching experience.
Here are the first round of talks.
- AI for Red Team && Malware Development
- Breaking Barriers: Using XSS to Achieve RCE
- Car Hacking Scene in the PH: How Far We've Come
- Hacking Back Your Car
- Old Services, New Tricks: Cloud Metadata Abuse by Threat Actors
- Phish MOMUKAMO: Meticulously Outmaneuvering Malicious and - Unscrupulous adversaries with Knowledge, Action, Mitigation, and Organization
- The Creation of the Out-Of-Band Anti Virus Dock (OOBAVD)
More details at https://www.rootcon.org/html/rc17/talks
Posted on: 05.29.23
For those that need company approval, we are here to help! We are thrilled to announce the availability of the RC17 Conference Overview downloadable file. We have meticulously curated and prepared a quick conference guide to convince your companies to send you to ROOTCON this year. This is an opportunity you definitely don't want to miss!
Here's a sneak peek on some of the highlights inside the Conference Overview Guide
- What is ROOTCON
- Why attend ROOTCON
- Notable speakers
- Schedule Highlights
- Villages
- Conference Price
- Invitation Request Form
Send us an invitation request and we will be happy to send you a PDF file you can use to get approval from your company.
You may download it here: https://rootc.onl/media_rc17_overview
Posted on: 05.25.23
And we are live!.....
We are excited to announce the registration for ROOTCON 17, and we invite you to be a part of another awesome conference experience.
Here's what to look forward to:
* Keynote
* New villages
* Networking Opportunities
* Hacker Parties
and many more exciting and fun activities in store for you!
To secure your spot, register at https://www.rootcon.org/html/rc17/register. Register early to take advantage of exclusive benefits and discounts available for early birds!
We look forward to welcoming you to this year's conference, where you'll have the opportunity to expand your horizons, connect with remarkable individuals, and leave with a renewed sense of purpose and motivation.
Don't miss out on this remarkable event! Register today and be a part of an extraordinary conference experience.
Posted on: 04.25.23
ROOTCON 17 Call For Sponsor is now live!
As a sponsor, you'll have the opportunity to connect with industry leaders, top researchers & hackers, demonstrate your products and services, and build valuable relationships with our attendees. Your support will help us continue to provide a world-class conference experience that is both informative and engaging.
In addition to the exposure and networking opportunities, your sponsorship will also help us keep the conference accessible to all. By supporting ROOTCON, you'll be contributing to the growth and development of the hacking and cybersecurity community in the Philippines and beyond.
We offer a variety of sponsorship levels and packages to fit your budget and needs. From booth space to speaking opportunities and branding.
Don't miss out on this opportunity to showcase your brand and connect with a community of passionate and knowledgeable cybersecurity professionals. Join us at ROOTCON and be a part of the premier hacking and information security conference in the Philippines!
For more information on sponsorship opportunities, please visit
https://rootc.onl/sponsorship_request and fill-in your information
and our team will be happy to contact you. We look forward to seeing best sponsors this year!
Posted on: 04.11.23
Calling all hackers, researchers, and experts, ROOTCON 17 Call For Papers is now open!
ROOTCON aims to bring together researchers, practitioners, and experts from academia, industry, and government to discuss the latest trends,
challenges, and opportunities in the world of hacking. We encourage submissions that present innovative ideas, cutting-edge research,
and best practices in the field.
Our main interest for this year should be in relation to our theme which is surveillance and privacy and how it connects to technology.
All submissions will be reviewed by the ROOTCON CFP Review Board, and accepted papers will be presented at the ROOTCON 17.
If you are interested check out the Call For Papers page to know more about the details.
Posted on: 02.14.23
This year's theme revolves around surveillance, privacy and technology.
Surveillance, privacy, and technology are all closely interconnected topics that have become increasingly important in the modern world.
The intersection of surveillance, privacy, and technology has become increasingly complex in recent years. On the one hand, technology has made surveillance easier and more widespread, allowing for the collection and sharing of vast amounts of data. On the other hand, technology can also be used to protect privacy, through the use of encryption, privacy-focused tools, and other means of securing personal data.
As society continues to grapple with these complex issues, it is important to consider the balance between surveillance and privacy, and to ensure that technology is used in a responsible and ethical manner.
Plans
For our con-goers to have full ROOTCON experience ROOTCON 17 will be executed fully as physical conference. We are no longer offering hybrid this year.
Exciting times ahead, we hope to see everyone this year! Hack-on....
Look n Feel
Color Scheme:
#9E4F33
#456176
#4D4C4F
#50A4B2
Posted on: 02.14.23
The machines for organizing ROOTCON 17 are upon us, we will start off with expanding ROOTCON villages. We are now opening Call For Villages to the
public and to all our con-goers who desire to organize a village within ROOTCON.
What are a villages?
Villages are mini events with specific topics and goals held and exhibited with the conference.
Who are the village organizers
Village organizers are same-minded individuals who are enthusiastic in sharing their research.
If you have any sort of village that you want to bring to ROOTCON now is the time! You may visit the Call For Villages page to submit your application.
Posted on: 10.06.22
We have recuperated from sleep deprivation for the last 8 months, ROOTCON 16 Archives is now partially available and is already good for human consumption.
We are working on getting the remaining slides and videos into the archives in no time.
Check out the RC16 Archives for reading and watching pleasures.
Posted on: 09.20.22
The moment you've all been waiting for! Capture The Flag Pre-Quals registration is now live!
But first you need to register, after your registration you will be receiving an email for the initial target!
Same rules applies
1. NO DIRECT DDoS or any form of ATTACKS on the game servers, anyone caught attacking the server will be disqualified. (let others enjoy the game)
2. Minimum team members is 2, maximum is 3.
3. Only teams made it to the cut on the CTF Pre-Quals can play during the CTF Finals.
4. Sharing of flags is strictly prohibited, anyone caught will be disqualified.
5. Only top 10 teams will qualify for the CTF Finals.
Register now!
Posted on: 09.12.22
Zer0-Hour has been hosting the infamous Hacker Jeopardy, and finally it is back to good ol' LIVE, in-your-face mental and alcoholic brawls with the contestants! Same classic game mechanics, same pogi host, but new HJ Babes ;-) We also have a special bartender and poison maker this year, Mr. Tipsy Hacker!
To recoup our lost yearly hacking community get-together we added another party to the list! This year we added the After-Dark Party. Beer and chips are on us with tracks from DJ Icetre Normal made exclusively for ROOTCON 16.
Come with your best Cyberpunk Attire!
Visit the Party Page for details!
Posted on: 09.08.22
ROOTCON has been expanding year by year, Call For Papers submission has been overwhelmingly awesome!, so this year ROOTCON will be from Tuesday until Friday!
Here's a quick rundown on the ROOTCON Week so you can plan your itinerary.
September 27 (Pre-con Tracks) - all tracks on this day will be purely virtual via Zoom Webinar, registration to the webinar will be announced soon.
September 28 (Trainings) - If you signed-up for trainings then you are a Human+, you will be at Taal Vista a day early than the Human con-goers. (Note: This is for HUMAN+ Only)
September 29 (Day 1 Con Proper) - This is it we are BACK! Live tracks, live speakers, live con-goers
September 30 (Day 2 Con Proper) - You will most likely still have hang-overs from Day 1.
Check out the RC16 Schedule Page
Posted on: 09.01.22
What's up brain-picking, challenge driven humans, do you have what it takes to earn the conveted challenge pins and Ub3r badges? Or are you returning to try again this year?
The ROOTCON Challenges are back! LIVE and BOLD.
Capture The Flag
All our ovens are fired up for this year's LIVE ROOTCON CTF! This year we are bringing you the most grueling ROOTCON CTF to date, LIVE! Even as we usher in the age of the new normal, the pandemic will not stop us from highlighting the best and the brightest talents that our local hacking community has to offer. On this year's 16th iteration of the ROOTCON CTF, Pwn De Manila stands by its commitment of making intellectually-rewarding and painfully-meaningful CTF challenges that aim to meet ROOTCON's reputation and tradition of bringing organized chaos to con-goers every year.
Everything you need to know about the Capture The Flag
Hacker Jeopardy
Finally! RootCon's signature post-Con party game is back to good ol' LIVE, in-your-face mental and alcoholic brawls with the contestants! Same classic game mechanics, same pogi host, but new HJ Babes ;-) We also have a special bartender and poison maker this year, Mr. Tipsy Hacker!
Are you sober enough? more details here
Posted on: 08.16.22
CFP Review Board's brain-picking task is finally done! The CFP submissions were overwhelmingly great! Here's what's added on our line-up.
Alternative ways to detect mimikatz
AWSGoat : A Damn Vulnerable AWS Infrastructure
Building defensive playbooks from others misfortune
DDexec
Gazing into the Crystal Ball - The Fog of Cyberwarfare Escalations
Pwnppeteer - Phishing Post {Exploi/Automa}tion at Scale
The Simple, Yet Lethal, Anatomy of a Software Supply Chain Attack
Wild IoT Tales: from power grids to oil pipelines
Check-out the full tracks line-up.
Posted on: 08.16.22
ROOTCON 16 is just around the corner, we are now feeling the vibes! What about some good music as we wait for ROOTCON 16!
We curated good musics from the hacker community.
Get your music in the playlist collaborate at ROOTCON 16 Music Playlist
Posted on: 08.03.22
Contents are slowly building up, it's time to make your personal itinerary for RC16 and we have great contents!
Village tracks now available!
101 Village
Every year new blood comes out of their comfort shells, it's where Hacking 101 started, just as a small training at ROOTCON, but we've seen a significant improvement in our attendees so why not make this a village and let it grow not only to cater Hacking 101, but everything 101's, this is your beginners guide to the world of hackers and hacking.
Click here for 101 Village Tracks
Car Hacking Village
The Car Hacking Village PH is a branch in Asia of the official Car Hacking Village (https://www.carhackingvillage.com/about) Its primary goal is to build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today. Educating security researchers on the functionality of vehicle systems coupled with providing them with the opportunity to gain hands-on experience working side by side with experts in this field is a plus for the attendees. Leveraging the vast amount of experience the security research community brings to the Village may increase the safety and security of vehicles on the road today and for generations to come.
Click here for Car Hacking Village Tracks
Posted on: 07.30.22
Humans! the long wait is over first batch of talks for ROOTCON 16 is now available for your reading pleasure.
A new secret stash for fileless malware
China’s Cyber Capabilities: Espionage, Warfare, and Implications
Hardware Hacking for Bug Bounty Hunters
How Did I Get Here? I still don’t know what I’m doing: Getting into The Lifelong Adventure of Learning Cybersecurity & Incident Response
Human-Controlled Fuzzing With AFL
Microsoft Defender Will Be Defended: MemoryRanger Prevents Blinding Windows AV
Security Like the 80's : How I stole your RF
Signs, Signs, Everywhere There are Signs of a Ransomware Intrusion
Streamline security with shift left: A cloud approach
Uncovering 0-days in Healthcare Management Applications
Understanding and Re-creating Process Injection Techniques through Nimjector
Village tracks and more main tracks are underway! Stay tuned.
Posted on: 07.29.22
The ROOTCON CFP Review Board has picked our Keynote for this year!
Talk Title: China’s Cyber Capabilities: Espionage, Warfare, and Implications by: Aaron Ng
Synopsis
Over the past decade, there has been an alarming rise in the frequency and sophistication of China’s state-sponsored and state-affiliated cyberespionage activity, as well as its scope of targeting. China-Nexus Adversaries have deliberately and aggressively pursued targets across a spectrum of industries, including technology, defense, energy, healthcare, education, and other key sectors in pursuit of trade secrets and of sensitive information.
Of note, in early 2021, the China-Nexus Adversaries rapidly and effectively exploited a series of vulnerabilities in Microsoft Exchange — now collectively known as ProxyLogon and ProxyShell — to compromise email servers and consequently the sensitive information of tens of thousands of organizations around the world. Over the duration of the pandemic, Chinese cyberespionage campaigns continue to target hospitals and research institutions for data that could confer competitive advantages in science and technology, and at the same time, demonstrating emphasis on COVID-19 related research.
Coupling these recent prolific intrusions with the longstanding campaign of targeting a wide swarth of industries, including insurance, travel & hospitality, government, for the purpose of acquiring sensitive personnel data, the threat that China-Nexus Adversaries pose to organizations today cannot be understated.
This session will provide insight into China’s intent and capabilities for cyberespionage and importantly what organizations can do to address this challenge effectively.
About the speaker
Aaron Aubrey Ng serves as Strategic Threat Advisor at Crowdstrike. He is responsible for CrowdStrike’s Threat Intelligence business across Asia-Pacific and the Middle East & North Africa regions. Aaron focuses on helping customers operationalise and integrate threat intelligence within their organisation's cybersecurity strategy. Additionally, he represents the Crowdstrike Intelligence ecosystem and frequently speaks at Security Conferences, sharing insights into the latest threat trends and developments.
Aaron got his start in Security and Threat Intelligence in the Singapore Armed Forces as a Military Intelligence Officer. He concluded 12 years of Active Duty in 2019 and has served in multiple Command Appointments in classified Intelligence Units, and garnered staff experience in the areas of Strategic Planning and Policy Development. In his penultimate tour of duty, Aaron was instrumental in establishing the Defence Cyber Organisation (DCO), which is akin to Singapore’s Cyber Command.
Posted on: 06.04.22
We are very excited that ROOTCON 16 is starting to shape up now.
Updates on where are we with the planning.
Call For Papers
The clock is ticking for the Call For Papers, we have a month left before closing and slots are getting filled up already we are at 80% submission if you wish to share those awesome research submit now or get left behind.
Call For Sponsors
Elite sponsorship slots have been filled up like hot pancakes, but worry not Platinum, Gold, and Supporter package is still open.
Sign up now and be part of the hacking community come-back after the two-year break due to the Covid-19 pandemic.
Trainings
This year we bundled up our Human+ registration with two trainings to choose from, Web Pentesting
& Network Pentesting, these two trainings will be conducted on Day Zer0 (Sept 28, Wed)
by Pentester Academy which is now part of INE one the of leading Expert IT Training for Networking, Cyber Security and Cloud.
Villages
Car Hacking, 101 Village and Lockpick village will be back this year with more activities and other surprises.
Registration
And lastly Earlybird registration is now open! You may choose two Human+ registration with options for training bundle Web Pentesting and Network Pentesting! Human+ with training bundle has very limited slots, hurry and reserve those seats and register.
You may now register here.
Posted on: 04.14.22
We are excited to announce that ROOTCON 16 will be hybrid this year.
For the past two years, the situation of the Covid-19 pandemic didn't stop us from being a community, it only thwart us from being together physically. With the high vaccination rate and low critical case count, we will try again this year. ROOTCON 16 will be both available in physical and virtual, and for us to maintain the safety of our con-goers we will be limiting the physical presence to 200 pax only, but no limit for the virtual attendees
The Venue
Taal Vista Hotel has been our comfort zone holding the conference, and since we just rebooted there is a high risk involved in exploring another venue, so for us to deliver the conference you've always enjoyed and loved we will be back at Taal Vista Hotel for ROOTCON16.
Human+ and Human
You know the drill hybrid conference means two badges. Human+ are the physical con-goers their badges come with a top-notch training we will be flying our top picks from around the globe to do the training physically, this will be held on Day Zer0 and Day 1. We will be missing our Human attendees as this will only be virtual with limited access to our tracks.
Our Sponsors
Same as our con-goers, our sponsors can now showcase their cutting-edge products at the conference, plus network and give away those fist-bumps with the hacking community.
This it fam what we all been waiting for. Time to get hyped-up
Posted on: 01.31.22
The planning for ROOTCON 16 has been kicked off, this year's theme is based on the novel
Hard Wired by Len Vlahos, the novel is a contemporary sci-fi story about a boy who might not be human.
The Plot
Quinn thinks he's a normal boy with an average life. That is, until he finds a trail of clues the father he barely knew left behind.
After Quinn unravels his father's puzzles, he “wakes up” ... and realizes his world was nothing more than a virtual construct. In reality, he’s the first fully-aware A.I. in the world, part of an experiment run by a team of scientists—including the man he thought was his father.
As the scientists continue to study him, Quinn's new existence becomes a waking nightmare. Determined to control his own destiny, he finds allies in other teens—including crush Shea—and plots his escape.
But what does true freedom look like when you're not human?
Plans
The execution of ROOTCON 15 was smooth, yes there were hiccups along the way but they were manageable. With the country's vaccination rate going uptrend and with the fewer lockdowns, the full-physical conference is within reach but can be misty. So for us to easily switch the event to full-virtual just in case something comes up along the way we will imprint what we had last year. ROOTCON 16 will still be a hybrid conference where con-goers get to pick if they will be on-site or virtual.
Date
September 28, 29 & 30, 2022
Venue
To be announced third week of February
Look n Feel
Color Scheme:
#83816D
#929079
#A7A38B
#CF4334
Vibes:
Science, AI, Cyborg, 70s, 80s
We are looking forward to physically meet everyone at the conference.
Posted on: 10.04.21
Since the pandemic has given us an uncontrollable challenge but stopping is not an option. The last-minute changes of ROOTCON 15 speak for its theme “Rebooted”, we had to reboot and change everything from being a supposed to be hybrid conference to a full-virtual conference, this wouldn't be possible if the Goons didn't offer their sleepless nights to deliver an excellent quality conference, to our speakers who gave their esteemed time to do their pre-recording to provide ROOTCON a top-notch content. The support of our sponsors gave a huge impact in making this possible, and lastly, to our highly regarded con-goers for being kind and patient in the humps, ROOTCON has been dealing with.
We are looking forward to next year for the Philippine hacking community to connect physically.
Again from all of us at ROOTCON sending our love to everyone! Keep safe and healthy.
Archives and YouTube uploads coming your way.
Posted on: 10.04.21
Happy Monday! This is it hacker fam! Time to choose your battle!
Official Games Registration Now Open!
Capture The Flag - The most grueling ROOTCON CTF to date, right at the comfort and safety of your very homes. This pandemic will not stop us from highlighting the best and the brightest talents that our local hacking community has to offer.
Hacker Jeopardy - The Sweet Revenge! Because the game is now virtual (and we have no budget to ship the Blue Labels to all the players), the Goons and Babes will be drinking the booze instead of the players! Answer the question right and the Goons get drunk. Answer the question wrong and the Babes get drunk. Choose your revenge!
Choose your battle wisely
Register Now: https://rootc.onl/official_games_reg (only for registered attendees)
Details:
Hacker Jeopardy
Capture The Flag
Posted on: 10.04.21
Happy Monday! This is it hacker fam! Time to choose your battle!
Official Games Registration Now Open!
Capture The Flag - The most grueling ROOTCON CTF to date, right at the comfort and safety of your very homes. This pandemic will not stop us from highlighting the best and the brightest talents that our local hacking community has to offer.
Hacker Jeopardy - The Sweet Revenge! Because the game is now virtual (and we have no budget to ship the Blue Labels to all the players), the Goons and Babes will be drinking the booze instead of the players! Answer the question right and the Goons get drunk. Answer the question wrong and the Babes get drunk. Choose your revenge!
Choose your battle wisely
Register Now: https://rootc.onl/official_games_reg (only for registered attendees)
Details:
Hacker Jeopardy
Capture The Flag
Posted on: 10.01.21 (Updated 10.03.21)
Aside from the pride, bragging rights, and the coveted black badge which entitles our winners for a free ROOTCON pass,
this year 2021 (October 14) ROOTCON launched the ROOTCON Challenge Pins, all official contests winners will be receiving
this coveted ROOTCON Challenge Pins. You can be awarded by the ROOTCON Challenge Pins by playing these grueling ROOTCON Official games.
Capture The Flag -- The most grueling game in every hacking conference,
ROOTCON is no different! This game is not for the faint-hearted it requires sleepless nights of problem-solving,
cryptos, puzzles, and exploitation.
Hacker Jeopardy -- Do you have a liver of a metal, up-to-date with the latest technologies, or have a geekish, nerdish historian-fu skills? This game is for you.
Do you have what it takes to be a well-decorated ROOTCON Official Contests Team? Prove it, earn the pride and the pins!
Check-out our Hall-Of-Fame page.
Updated: October 3, 2021
Posted on: 09.21.21
Whereas Covid-19 cases have been rising continuously with a daily average of around 20,000 cases, forcing our government to implement heavier and stricter protocols such as ECQ and MECQ to prevent further infection of the virus. Due to these unfortunate circumstances, the hybrid setup for ROOTCON 15 will no longer be proceeding. As much as we want this setup to be implemented, the situation and circumstances make it more difficult for us to mobilize, possibly risking the good health of our beloved con-goers.
In line with this, going full virtual will be the safest and efficient way to conduct our informative and productive conference without risking the health of our participants. But rest assured, our awesome talks will proceed and be delivered as planned, and your conference kits will be delivered to your doorsteps!
For those who signed-up for Human+ you will be refunded with the price difference of Human tickets, kindly contact comms as soon as you can. Once again we apologize for this inconvenience it might cause you and we hope everyone stays safe during this time.
Stay Safe and Lots of love from ROOTCON!
Posted on: 09.03.21
ROOTCON 15 is just around the corner, the pandemic won't stop us!
This year we added two more pre-con days to fill in your conference week for pre-con, we have seven talks to kick-start your conference week! it will be followed by the ZerØ Hour Movie Night late in the evening.
Day &OSlash; we will be hosting the villages to sharpen your hack-fu skills before we start the con proper. Con proper starts on Day 1 & 2, October 14 & 15.
Get pumped up and start planning your conference week. If you haven't registered yet now is a good time!
Posted on: 08.27.21
Villages are now live!
This year's Lock Picking Village is exclusive to Human+ participants only, and it's all about high-security locks. We will have an in-depth discussion and hands-on demo on high-security locks, the different mechanisms, and ways to attack them.
Car Hacking Village will be putting up some talks for newbies to get you started with your automotive hacking-fu.
Keep your radar open for updated village talks and schedules.
Posted on: 08.23.21
Let's all welcome our keynote speakers for ROOTCON 15!
Harshit Agrawal (@harshitnic)
Harshit Agrawal is currently working as a Radio Security Researcher. He is enthusiastic about SIGINT, Drone Pentesting, and IoT Security. He presented his research at International Security conferences like RSAC USA, DEFCON, HITB Cyberweek, HITB Amsterdam, etc. Previously, he was President at CSI Chapter and Vice President for Entrepreneurship cell at MIT, where he also headed the team of security enthusiasts, giving him a good insight into cybersecurity and increased his thirst to explore more in this field. Learn more: https://www.linkedin.com/in/harshitnic/
Emil Tan
Emil has experience in many cybersecurity trades —including R&D, cybersecurity operations, governance, policies and regulations, and consultancy. Emil is an active contributor in the cybersecurity ecosystem. He plays an active role in catalysing cybersecurity conversations and thought leadership in the community. Amongst many things, he co-founded Division Zero (Div0) —a cybersecurity community group in Singapore—, and Infosec In the City, SINCON —a techno-centric cybersecurity conference. Emil is also often found speaking under various spotlights —including 44CON, Black Hat Asia, BSides London, Hack In the Box (HITB) Singapore, The Honeynet Project Workshop, and at universities and many various cybersecurity plenaries.
Posted on: 08.16.21
Let's get this show on the road. We are excited to announce the second and final batch of talks for ROOTCON 15. Here's a glimpse of what was added to the line-up.
Buzzard : Crafting your post exploitation framework against odds
Click Here For Free TV! Chaining Bugs to Takeover Wind Vision Accounts
Gathering Cyber Threat Intelligence from the Cybercriminal Underground
Hack the Planet! Desecuritise Cyberspace
Keeping Up With Modern Automotive Exploitation
Securing Process Control Data Transmission to the Blockchain Network
The Curious case of knowing the unknown
The Kill Chain: Future of Cyber in Defense
Using Wordpress comments section as a C&C for fun
VMProtect2 : Architectural Analysis, Exploitation, and VMP2 IL
Everything is coming to place now! Check the complete track lists.
Posted on: 08.15.21
We just recently noticed that Eventbrite made a recent change and they removed their Direct Deposit / Bank Transfer feature depending on the processing country, unfortunately, the Philippines was not part of this list. Having said that we will be migrating our registration platform to Eventzilla, this is for us to cater to our con-goers that do not have a Paypal account and will opt for offline registration.
Eventzilla is more flexible, feature-rich, and as intuitive as Eventbrite, it still supports electronic check-in and still supports both iOS and Android for our con-goers to store their electronic tickets.
We apologize for the inconvenience this might cost our con-goers. For those who already registered we will be sending your new tickets directly to your mailbox.
Also a quick reminder that early-bird is nearing an end so hurry and
register now!
Posted on: 07.25.21
We would like to thank everyone who submitted their awesome talks! The CFP Review Board is still validating the second wave of talks please stay tuned for more announcements.
First batch of talks:
Attacking Modern Environments Series: Attack Vectors on Terraform Environments Inbox
Burnout: The Security Risk
Crafting your own combat hardware
Discovering C&C in Malicious PDF with obfuscation, encoding and other techniques
Fuzzing: Revisiting Software Security
Malware Hunting - Using python as attack weapon
OAuth Authentication Bypass
Phishing & Education: Applying security principles during the pandemic
Skrull Like A King: From File Unlink to Persistence
Check full details of each talks at Talks Page.
Posted on: 07.16.21
This is it hacker fam, ROOTCON 15 is slowly shaping up, before we will officially open the registration we would like to present to you the initial batch of speakers and their talks.
Check out the Speakers page to know our speakers and the synopsis of their talks on the
Talks page.
To know the people who vetted these awesome talks check our CFP Review Board.
Posted on: 07.15.21
This year ROOTCON Hacking Conference will be a hybrid conference, we will be catering both virtual and physical attendees. For
questions please refer to FAQ Page or email us at comms [at] rootcon dot org.
Discord, you will be given access at the RC15 - Rebooted Chat Lounge to interact with other con-goers.
Human, you will be able to join the conference virtually via Zoom, other activities such as workshops and trainings are not available.
Human+, if you register as Human+ you will get a full hybrid conference experience, this is in-person at Pico Sands Hotel, a good way to
reconnect back to the hacker community in person.
Prices, inclusions and other details at the registration page.
Posted on: 07.5.21
ROOTCON 15 will be held (and headquartered) at the famous and secluded vacation beaches of Pico De Loro!
The venue is ideal during this pandemic as it is well-secluded from the public and their safety protocols help avoid any unnecessary contacts from the outside.
Pico Sands Hotel, two and a half hours away from Manila, the 1.5 kilometer sandy shore of Pico de Loro Cove awaits. Take a break at Pico Sands Hotel, a tropical contemporary seven-story hotel that offers spacious rooms equipped with modern amenities and captivating views of the lush mountains and tranquil lagoon.
Posted on: 07.5.21
Blackcard registration will be closing on July 19, 2021.
What are the perks?
1. 20% discount on ROOTCON tickets applicable only on regular rates.
2. 10% off on all official ROOTCON swags.
3. FREE Entrance on ROOTCON Hackerspace activities.
4. FREE drinks at the ROOTCON chill-out area on the day of the event.
5. Priority lane during ROOTCON event check-in.
If you have an expired Blackcard email us at comms [at] rootcon dot org.
For new registration please register
here.
Posted on: 05.29.21
Choose from a wide range of sponsorship opportunities.
✓ Brand Exposure
✓ Community Presence & Support
✓ Recruitment Opportunities
✓ Professional Networking
Visit the sponsorship page
Posted on: 05.27.21
Let's get this party on the road! ROOTCON would like to announce Call For Papers for ROOTCON 15 is now open!
xxxxxxXXXXXXXxxxxxxxx
BEGIN MESSAGE
-------------
WHAT: ROOTCON 15 Call For Papers
WHEN: September 30 & October 1, 2021
WHERE: Hybrid Conference - Physical (Pico Sands Hotel) Virtual (via Zoom)
DEADLINE: July 25, 2021
-------------
END MESSAGE
xxxxxxXXXXXXXxxxxxxxx
Details at Call For Papers
Posted on: 04.19.21
We are nowhere near the end of this Covid-19 pandemic but that will not stop our creative organizers from delivering another great conference for everyone this year!
ROOTCON 15 will be a hybrid conference this year, having both physical (very limited slots) and virtual (stay at home) sessions available for our attendees.
Date — September 30 & October 1, 2021
Venue — For those who will be physically attending the event, ROOTCON 15 will be held (and headquartered) at the famous and secluded vacation beaches of Pico De Loro! The venue is ideal during this pandemic as it is well-secluded from the public and their safety protocols help avoid any unnecessary contacts from the outside.
Physical Attendees — we REQUIRE that all humans who plan on physically attending the conference to undergo an on-site antigen swab test, and follow the usual proper health protocols such as wearing a face mask and face shield at ALL times. Tables and seating arrangements will be in accordance with the hotel's safety protocols adhering to National and LGU guidelines.
As with the previous year when the pandemic started, majority of RootCon's speakers will come from around the world and will be presenting their talks over videoconference platforms from the safety of their homes or offices. Large screens will be made available to our physical attendees in the hotel's secured conference rooms.
Virtual — virtual attendees will be the same as last year where you are given a link to join the conference. Other mediums such as Twitch, Youtube, and Discord will also be available for you to participate and communicate.
Badges This year we will have two types of badges.
* Human — if you wish to attend virtually you will be given a Human badge, which will be shipped to you a week before the conference.
* Human+ — for our physical attendees, a Human+ (Human-plus) badge will be given to the attendees, plus a limited edition challenge coin for your collection!
Other inclusions will be posted as soon as we open the registration.
Rates and Registration
Human+ rates will cost a premium over the regular Human registration rates to cover your snacks, meals and your swab test kits. We will be announcing the exact registration rates in the next coming days.
Back-up plans — Speakers will present their talks LIVE during the event but we require them to submit a recorded version of their talks just in case there will be last-minute restrictions from the government. In the event physical attendance does not push through, ROOTCON will be issuing a refund to our Human+ registrants. Details of the refund guidelines will be posted in the registration page.
We will be putting up an FAQ page specific to the hybrid setup of the conference as soon as we launch the ROOTCON 15 website.
I am looking forward to seeing everyone virtually and physically!
Keep safe!
-semprix
Posted on: 04.07.21
Last year was a turbulent ride, this year is a complex one, as we slowly recover from the pandemic it's time for a reboot.
This year's theme reading material is Reboot by Amy Tintera, the book presents an interesting mix of dystopian science fiction and horror elements.
Synopsis
Five years ago, Wren Connolly was shot three times in the chest. After 178 minutes she came back as a Reboot: stronger, faster, able to heal, and less emotional. The longer Reboots are dead, the less human they are when they return. Wren 178 is the deadliest Reboot in the Republic of Texas. Now seventeen years old, she serves as a soldier for HARC (Human Advancement and Repopulation Corporation).
Plans in play
Here's what ROOTCON 15 will look like in different scenarios.
Physical + Social Distancing, this has a very low survey rate and will not be feasible this year to conduct a full physical conference.
Hybrid (Limited Physical + Virtual), we received very good numbers for this type of conference and we are leaning towards having a Hybrid Conference this year.
Full Virtual, this setup will be the same as last year, this will also be a fallback should there be changes in government guidelines when it comes to limited physical conferences.
Date
September 30 and October 1, 2021
Posted on: 10.16.20
Slide-decks are now available for downloads, for the tracks videos we are currently working on it's post-processing and will be uploading to our
Youtube channel soon. Check back later for updates.
Checkout the Recovery Mode Archives.
Posted on: 10.8.20
The Unlikely Romance: Part 2 - Now What?
We did it!
After 30 years of tireless and largely thankless education, research, blood/sweat/tears, and legal threats, the world is finally starting to understand that hackers can be "locksmiths" and aren't necessarily "burglars". Better still, dogs and cats have found a way to get along and security experts have a seat at the table to help keep businesses their users safe and prosperous. We've slain the dragon, and can now ride off into the sunset... Right?
Not quite. Now that we have the world's attention, what are we going to say? How do we say it? As a community, now what?
This talk goes through the history of how the cybersecurity industry got the place it is today, the opportunity that exists for hackers all around the world, and the things we'll need to figure out in order to take advantage of it to continue to do those crazy things we do and make the world a safer place in the process.
Posted on: 09.06.20
ROOTCON Car Hacking Village is organized by the Car Hacking Village and blessed by the elders of the main CHV community:
https:// www.carhackingvillage.com/about.
The CHV PH share the same primary goal of the Car Hacking Village which is to "build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today".
Talks
Car Hacking Village PH 101
You Are Also A Car Mechanic
A Modern Day of Tweaking Your Ride
The Tale of Two Benches
Posted on: 09.23.20
ROOTCON Recovery Mode Capture The Flag Qualifier round has been concluded.
Top 3
TheGenerals with 1900 points
FACBois with 950 points
Novice with 850 points
Finalist
툴롱 주세요
MI
Hakdogzz
giddsec
Kaizen
Anjing
Goblok
Congratulations to the teams that made it to the finals. ROOTCON Recovery Mode CTF Finals will be held on October 8, 9, and 10.
Posted on: 09.06.20
ROOTCON Car Hacking Village is organized by the Car Hacking Village and blessed by the elders of the main CHV community:
https:// www.carhackingvillage.com/about.
The CHV PH share the same primary goal of the Car Hacking Village which is to "build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today".
Talks
Car Hacking Village PH 101
You Are Also A Car Mechanic
A Modern Day of Tweaking Your Ride
The Tale of Two Benches
Posted on: 09.13.20
This year, we will be conducting two phases of the CTF--the qualifiers and the finals. In which only one winning team will be declared the ROOTCON14 CTF: Recovery Mode Champions and will be awarded the coveted ROOTCON Black Badge.
More details...
Posted on: 09.06.20
ROOTCON Car Hacking Village is organized by the Car Hacking Village and blessed by the elders of the main CHV community:
https:// www.carhackingvillage.com/about.
The CHV PH share the same primary goal of the Car Hacking Village which is to "build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today".
Talks
Car Hacking Village PH 101
You Are Also A Car Mechanic
A Modern Day of Tweaking Your Ride
The Tale of Two Benches
Posted on: 08.20.20
2 wires and 2 wheels: Bikes can do CAN too
A deeper diving on shellcode...
Automating Threat Hunting on the Dark Web and other nitty-gritty
things
Discover vulnerabilities with CodeQL
From an 'IVI in a box' to a 'CAR in a box'
High Value Adversary Emulation through Purple Team and the C2
Matrix
Inside the Mind of a Threat Actor: Beyond Pentesting
Payload delivery for initial access in Adversary Simulation
exercise
Pursuing Evasive Custom Command & Control (C3)
Zero Trust in the Era of Cloud
You may check out complete list of talks for ROOTCON Recovery Mode.
Posted on: 08.18.20
ROOTCON 14 Slash - we are supposed to have our 14th iteration of ROOTCON this year, but due to the Covid19 pandemic we had to slash RC14 and switch to Recovery Mode.
Recovery Mode Official - Our official recovery mode t-shirt.
Hack-At-Home - companies are starting to work from home due to the pandemic and that doesn't separate us InfoSec people and hackers, we should stay at home and hack.
More details on Pre-orders
Posted on: 08.03.20
The long wait is over! First round of talks for ROOTCON Recovery Mode Edition is now up!
Blockchain Based OT Monitoring Solution (BBOTMS)
Cracking Financial Systems
Hackers Don't Wear Black Hoodies, They Wear Capes
I've Injected a DLL - You Won't Believe What Happened Next!
Offensive Embedded Exploitation : Getting hands dirty with IOT/Embedded Device Security Testing
Quark Engine - An Obfuscation-Neglect Android Malware Scoring System
Posted on: 08.03.20
Casey Ellis
Casey is the Chairman, Founder and CTO of Bugcrowd. He is an 18 year veteran of information security, servicing clients ranging from startups to multinational corporations as a pentester, security and risk consultant and solutions architect, then most recently as a career entrepreneur. Casey pioneered the Crowdsourced Security as a Service model launching the first bug bounty programs on the Bugcrowd platform in 2012, and co-founded the disclose.io vulnerability disclosure standardization project in 2016. A proud ex-pat of Sydney, Australia, Casey lives with his wife and two kids in the San Francisco Bay Area. He is happy as long as he is pursuing potential.
Randolph Barr
Head of Product Security at Zoom & Contributor CISO Council for Zoom. Bug Bounty Program, Application Security, Technical Security. Most recently, Barr served as CISO at Topia, overseeing security for the company’s global cloud-based platform.
As the former CISO at Aryaka Networks, Saba, the Talent Development company, Barr created the company's global security program from the ground up. Prior to Saba, Barr held CISO positions at leading cloud companies including ServiceSource, Qualys, Yodlee and WebEx Communications.
Posted on: 08.03.20
One of the challenges mentioned in my previous post was THE OUTBREAK. Since March 26, we are closely monitoring the Covid19 pandemic situation both locally and internationally, after the ECQ (Enhanced Community Quarantine) has been lifted the number of cases in the Philippines shoots-up, this could be an early warning that we will be going back to ECQ anytime or in between ROOTCON 14 planning.
At this time everything is just so uncertain, it makes planning very difficult. Travel restriction could vary from one country to another, hotels and bars are still closed or only caters a specific number of people. Furthermore we don't want to risk the health safety of our crew, speakers, sponsors, and attendees.
Like most other hacking conferences, ROOTCON 14 will be entering Recovery Mode, you may call it a Limited Edition as this is the first time in the history of ROOTCON that we will be hosting the full event virtually. We are looking forward to seeing everyone.
Stay tuned for more ROOTCON Recovery Mode announcements. In the mean time Call for Papers and Call For Sponsors are still on-going.
All the best,
-semprix
Partial RC17 Archives
Taal Volcanic Smog
RC17 Schedule Is Now Live!
The Parties are live!
Village Updates
Official Contests Now Live!
Talks & Speakers Update
RC17 Final Village Line-up
RC17 First Round of Talks!
RC17 Conference Overview
RC17 Theme
RC17: Call For Sponsors
RC17: Call For Papers
RC17 Theme
RC17: Call For Villages
RC16 Archives Partially Available
CTF Pre-Quals Registration is now live!
Parties Are Up!
RC16 Schedule Now Live!
Official Contests Page Now Live!
Final Round of Talks
Music Playlist for RC16
ROOTCON 16 Village Tracks
ROOTCON 16 First Batch of Talks Now Online!
ROOTCON 16 Keynote: China’s Cyber Capabilities: Espionage, Warfare, and Implications
ROOTCON 16 Latest Updates
ROOTCON 16 In A Nutshell
ROOTCON 16 Theme: Hard Wired
ROOTCON 15 has rebooted!
Official Games Registration
Challenge Pins
Hybrid Updates!
RC 15 Schedule Published
Village Page is Live!
Keynote Speakers Announced!
RC15 More Tracks Announced!
ANNOUNCEMENT: RC15 Ticketing Platform
RC15 CFP Now Closed
RC15 Content Now Live
RC15 Prices Now Available
RC15 Black Registration Closing Soon
Call For Sponsors Now Open!
Call For Papers Now Open!
Announcement: ROOTCON 15 Hybrid Con
ROOTCON 15 Theme: Reboot
Recovery Mode Archives NOW LIVE
Opening Keynote: Casey Ellis
CTF Quals Concluded
Capture the Flag Quals
Car Hacking Village Talks Now Live
Final Round of Talks!
Recovery Mode Swags
Recovery Mode First Round of Talks
Recovery Mode Keynote
Breaking News: RC Recovery Mode
RC13 Schedule now live!
ROOTCON 13 Scholar
Car Hacking is a go!
RC13 Talks
Lockpick Village Announced
First round of talks!
ROOTCON 13 Registration Now Live!
ROOTCON 13 CFP is open!
Review Board Announced
RC13 Call For Trainings
ROOTCON 13 Call For Sponsors Now Live!
Blackcard now accepting registration
Venue Transparency Report
ROOTCON 13 Theme & Details
ROOTCON on eBay