Villages




Car Hacking Village

Schedule: October 7, 2020 - Day ZerØ

ROOTCON Car Hacking Village is organized by the Car Hacking Village Philippines and blessed by the elders of the main CHV community: https:// www.carhackingvillage.com/about.

The CHV PH share the same primary goal of the Car Hacking Village which is to "build a community around discovering weaknesses and exposing vulnerabilities that could significantly impact the safety and security of all drivers and passengers on the road today".

With ROOTCON's Recovery Mode activated, CHV PH will be conducting workshops and will be giving talks about automotive security and basic diagnostics this year.

Agenda

October 7, 2020 - Day ZerØ

20:00 - 20:45
Car Hacking Village PH 101 by: shipcod3 and Eman0n

We don’t need roads and seat belts! This is your guide to this year’s Car Hacking Village PH and what it is all about. Not just a talk, also with actions! We will be introducing our awesome speakers and current updates about the CHV in the Philippines like how far we’ve come.

About the speakers
Jay Turla aka shipcod3 is a Manager, Security Operations (PH) at Bugcrowd Inc., and one of the goons of ROOTCON. He has been acknowledged and rewarded by Facebook, Adobe, Yahoo, Microsoft, Mozilla, etc. for his responsible disclosures. He has also contributed auxiliary and exploit modules to the Metasploit Framework. He has presented at ROOTCON, HITCON, PEHCON, DEFCON’s Packet Hacking Village, LevelUp 0x06, DragonCon, Bsides Myanmar, Nullcon and TCON. He used to work for HP Fortify where he performed Vulnerability Assessment, Remediation and Advance Testing. His main interest or research right now is about car hacking and is currently one of the main organizers of the Car Hacking Village of ROOTCON / Philippines which is recognized and supported by the Car Hacking Village community.

[email protected] is a clinical psychology major who has a knack for information security, most definite to identifying vulnerabilities when it comes to the human participation in processing information and its transition from user-to-user. He has been a consultant for different companies, helping them develop their best practices in information handling to avoid malicious attacks like fraud and confidential information leakages. His contribution is also found in testing revenue generating platforms through social engineering, targeting flaws in transactional processes for banks, finance groups, telco, etc. He was fortuned by Rootcon to be one of its Goons, with this he has been one of the contributors that brings about the largest hacking conference that takes place in the Philippines yearly (ROOTCON). Jami on the other hand is also the resident grease monkey of the team, which comes very handy in organizing and researching for the car hacking village of Rootcon. To your surprise, he is also your humble HR guy during the day.


20:45 - 21:30
You Are Also A Car Mechanic by: Jayjack (J4yJ4ck)

Nowadays, cars are also considered a necessity. In our lifetime, it is a privilege to learn how to drive one. And a choice to know how to fix and maintain your own. This talk will help you understand the basics of an automotive system and how you’ll be able to find courage to try and fix your own. Learn about the fundamentals of EUT (Engine, Underchassis, Transmission).

About the speaker
Jayjack is an experienced Automotive Technician / Mechanic of different brands of automobile and a CyberSecurity enthusiast. A walking wrench with a hackers mindset combined. His interests lies in Vulnerabilities of Automotive Systems. #AlsoAHardcoreGamer #AlsoAScratchGolfer




21:30 - 22:15
A Modern Day of Tweaking Your Ride by: Jef D.( JCDTUNED )

Know your limits and maximize the capability of your car. Modify the existing code of your car's ECU or completely replace it with a new code to deliver more optimized performance. Do you want better fuel efficiency? Then, let's target the brain to gain power in this talk that will tackle the basics of ECU remapping.

About the speaker
Jef D. is an experienced car tuner and enthusiast for more than 10 years. He is a Computer Engineer and also an Aircraft Mechanic. He is currently a Cybersecurity Consultant. His interests are Hardware Hacking, IoT/OT and Penetration testing. #JCDTuned
#ECUTuner
#Dragracer
#EngineBuilder
#AfterMarketSupplier


22:15 - 23:00
The Tale of Two Benches by: Peisi, Alina, and Edmund

When a car is as expensive as a house (in Singapore), no one in the right mind would inject malcode into his/her vehicle. The only sane way is to learn through a test bench. This talk will feature two benches built by the Car Security Quarter (CSQ), our journey and lessons learned. We will also describe the challenges faced when building a vehicle IVI system and how we overcome it.

About the speakers
Peisi Tan Pei Si (Kaskrex) is a seasoned developer with a strong interest in cybersecurity. Pei Si is an active advocate in the Singapore cybersecurity community — she actively contributes to Division Zero (Div0) and Infosec In the City/SINCON. She is also the pioneer member of Div0’s Car Security Quarter (CSQ). Pei Si’s interest lies in Digital Forensics & Incident Response (DFIR), hardware hacking and DevSecOps.

Alina Alina (0x410x54) Tan is the founder of Division Zero’s (Div0) Car Security Quarter (CSQ). Her expertise lies in securing Operational Technology (OT), Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) systems — specifically on the offensive security of these systems. Her interest lies in pentesting OT and automotive systems.

Edmund is an experienced software functional tester & vehicle tester. He is also the pioneer member of Div0’s Car Security Quarter (CSQ). Making a switch into cybersecurity, his interest lies in hardware hacking & pentesting in automotive systems as a start. #animallover #gamer

Operators

shipcod3 (@shipcod3)
[email protected]



Red Team Village

Schedule: Date to be Announced

Red Team Village (https://redteamvillage.org) is a community driven combat readiness platform for Adversarial attack simulation, Red teaming tactics and Offensive security operations. This community is managed by a group of cyber security and red team tactics enthusiasts. A red teamer needs to be skilled in every aspect of Adversarial Simulation and offensive security operations. We can consider this as a platform to share tactics, techniques, and tools related to various domains of adversarial attack simulation. We have been organizing workshops, talks, demonstrations, open discussions, Capture the flag challenges (CTF) and other exercises at Cyber Security conferences for the past 4 years. We do design real life corporate CTF scenarios with the same network architecture and defensive mechanisms used by the organizations. The CTF players needs to do the red teaming against this infrastructure which protected and monitored by Blue teams. This village welcomes Red teams, Blue teams and Purple teams. Blue teams get to know the attack tactics used by the adversaries, and Red teams get to learn the security monitoring/detection techniques used by the SoC teams. A collaborative purple teaming culture can be cultivated.

Community URL: https://redteamvillage.org/
Twitter: https://twitter.com/redteamvillage
Facebook: https://www.facebook.com/redteamvillage
Discord: https://discord.gg/5Tq9ebE

Agenda

Talks on Red teaming tactics and Adversarial attack simulation
Schedule: October 8, 2020 (Tracks and time to be announced)

Training/Workshop on Adversarial attack simulation, Red teaming and Offensive cyber security
Schedule: October 8, 2020 (Workshop and time to be announced)

Live Interaction with the speakers and the community
Schedule: To Be Announced

Adversaries and Defenders - CTF (Capture the flag competition)
Schedule: To Be Announced


Operators

Abhijith (https://twitter.com/abhijithbr)
Sreehari (https://twitter.com/sr33h4ri)
Thoufeeque (https://twitter.com/thoufeequens)
Vishnu Prasad
Adithya (https://twitter.com/adithyps)