EuskalHack Security Congress V
EuskalHack Security Congress
24-25 June 2022
Olarain Hall of Residence
Donostia
TOP-LEVEL PRESENTATIONS
We pay special attention to the choice of talks, especially valuing their originality and contribution to the community.
REDUCED BY CHOICE
Since our constitution, we have opted for a reduced congress in order to guarantee the best experience for the attendees.
NON-PROFIT
Under our philosophy of association, this congress is made possible by the countless hours of partners and sponsoring companies.
UNPRECEDENTED RELAXED ATMOSPHERE
From EuskalHack we are putting all our efforts to make - one more year - an unforgettable congress for all the attendees.
] CONFIRMED SPEAKERS [
] PROGRAM [
Registration will open at 08.00 hours. Please arrive on time so as not to block the accreditation system.
Remember that if you are a student you will have to prove it with your ticket.
FRIDAY, 24 JUNE
| TIME | TALK | LANG | SPEAKER | |
|---|---|---|---|---|
| 09:15h - 09:30h | Presentation of the Congress | [ES][EN] |
|
|
| 09:30h - 10:15h | Pasado y presente de la ciberguerra en Ucrania | [ES] |
|
|
| 10:15h - 11:00h | Desmitificando disable_functions en PHP | [ES] |
|
|
| 11:00h - 11:30h | BREAK | |||
| 11:30h - 12:15h | UFOs: Unidentified Flying Objects | [ES] |
|
|
| 12:15h - 13:00h | INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Industrial Control Systems | [EN] |
|
|
| 13:00h - 13:30h | Desenmascarando a tus adversarios ocultos | [ES] |
|
|
| 13:30h - 16:00h | LUNCH AND WORKSHOPS | |||
| 16:00h - 16:45h | Esteganografía en redes sociales | [ES] |
|
|
| 16:45h - 17:30h | I must break you. Ivan Drago vs. VMware | [EN] |
|
|
SATURDAY, 25 JUNE
| TIME | TALK | LANG | SPEAKER | |
|---|---|---|---|---|
| 09:30h - 10:15h | Current state of Internet worms. Compromising hosts since 1988 | [ES] |
|
|
| 10:15h - 11:00h | Is your app XS-Leaking? | [EN] |
|
|
| 11:00h - 11:30h | BREAK | |||
| 11:30h - 12:15h | Invoke-DNSteal: Exfiltrando información DNS "like a boss" | [ES] |
|
|
| 12:15h - 13:00h | Using policy delay to gain RCE and to execute Ransomware to infection victim machine. | [EN][ES] |
|
|
| 13:00h - 13:30h | Ciberseguridad en Deep Learning | [ES] |
|
|
| 13:30h - 16:00h | LUNCH & WORKSHOPS | |||
| 16:00h - 16:45h | Cronología del backdoor Kazuar y una nueva relación con Turla | [ES] |
|
|
| 16:45h - 17:30h | Zero-knowledge proofs security, in practice | [EN] |
|
|
| 17:30h - 18:00h | Cybersecurity Award y closure | [ES][EN] |
|
|
] WORKSHOPS [
FRIDAY, 24 JUNE
| TIME | WORKSHOP | LANG | SPEAKER | REGISTER |
|---|---|---|---|---|
| 14:00h - 16:00h | TA0004: Privilege Escalation in Adversary Simulation | [ES] |
|
FULL |
SATURDAY, 25 JUNE
| TIME | WORKSHOP | LANG | SPEAKER | REGISTER |
|---|---|---|---|---|
| 14:00h - 16:00h | Pentest Active Directory Rocks! | [ES] |
|
FULL |
] WORKSHOPS [
TA0004: Privilege Escalation in Adversary Simulation
Speaker: Josu Barrientos
The aim of this workshop is to analyse and practice with certain local privilege escalation vectors, both state-of-the-art and traditional. This workshop, in addition to studying the techniques in detail, is eminently practical, so Windows machines configured with these vulnerabilities will be used to simulate a totally realistic environment and the attendee will be able to practice identifying, exploiting and detecting them based on the events generated.
RegisterPentest Active Directory Rocks!
Speaker: Ignacio Brihuega
The aim of the workshop is to demonstrate what an attacker who has control of a corporate computer could do. To do so, we will show how to abuse the functionalities and configurations of the active directory (kerberoast, aspreroast,...) as well as how to bypass protections such as ASMI, CLM or modify scripts to avoid detection by AV. In addition, DA enumeration techniques, privilege escalation in Windows and lateral and vertical movement will be taught.
Register] SPONSORS [
PLATINUM
GOLD
SILVER
BRONZE
] COLLABORATORS [
] LOGISTICS PARTNERS [
] EUSKALHACK CYBERSECURITY AWARD [
In this fifth edition we have a novelty in recognition of one of the people whose contribution to cybersecurity during 2021 has been worthwhile. At EuskalHack we would like to be able to recognize all those individuals, often anonymous, whose efforts have been more than beneficial to the cybersecurity community, professional environment, and citizens.
The nomination period is open until March 15 by sending a private message, a post on our social networks, or a simple email. Among all the applications received, we will raffle two tickets to the congress.
At the end of the congress, we will award a prize to the person whose contribution we consider to be the most significant.
We look forward to your proposals!
] GAU-HACK [
In this fifth edition we would like to offer ESC attendees a relaxed space to share experiences, knowledge and of course a good time.
Throughout the night of Friday 24th June you will be able to join our hackathon "gau-hack" where you will work in groups on a series of projects related to hacking proposed both by the organisation and by yourselves.
DATES OF INTEREST
| 29/04/2022 | Registration of participants. |
| 10/06/2022 | Sharing and selection of projects. |
| 24/06/2022 | Night of the event. |
PLANNED TIMETABLE
| 20:30 | (Place unknown) | Informal get-together and potluck. * |
| 21:00 | (Place unknown) | Dinner of sandwiches and portions. * |
| 22:30 | (Place unknown) | Reception of participants. |
| 23:00 | (Location unknown) | Exhibition of projects, creation of groups. |
| 23:30 | (Place unknown) | Start of the gau-hack. |
| [0-4]:00 | (Location unknown) | Gong! (1 min. each group to present progress; possibility for participants to change projects). |
* Optional activities and on your own
] SPONSOR THE EVENT [
Being part of EuskalHack as a sponsoring company means obtaining presence and repercussion in a unique and singular environment, allowing you to address a message to a specific public oriented to computer security, making it easier to consolidate your brand and credibility in an event of relevance for the community.
If you would like to take part in this congress, please contact us as soon as possible.
] LOCATION [
Olarain Hall of Residence
Paseo de Ondarreta 24
Donostia - San Sebastián | Gipuzkoa | Spain
] DISCOUNTS[
ACCOMMODATION
We have agreed a 10% discount with the Olarain Residence,
place where the congress itself will take place:
Reservations via email: [email protected]
Indicating the matter: "Reserva EuskalHack"
Offer subject to availability
booking
+ Info
TRAIN
5% off.
Tell us your Locator
Go to renfe.com
Select the Destination
Choose dates and times
Use the Promo Code.
BUS
15% off.
Go to alsa.es
Select the Destination
choose the dates
Use the Promo Code.
Time selection
BUY TICKET
This ticket gives you access to the congress for both days, Welcome Pack, Hackathon, and other congress initiatives.
* Reduced Ticket: Students and unemployed (They must prove it irrefutably at the entrance)
Price list:
[TRANCHE 1] > 08 of March to 30 of April:
60€
[TRANCHE 2] > 01 of May to 31 of May:
70€
[TRANCHE 3] > 01 of June to 15 of June:
85€
* REDUCED TICKET:
70€
EuskalHack Security Congress is an initiative of the first Ethical Hacking Association of Euskadi, a non-profit organisation constituted in Donostia and made up of various professionals linked to computer security research and computer forensics.
Our goal is to promote the community and culture of digital security to any type of interested public (experts or beginners who want to enter the world of security), through the promotion and dissemination of mainly technical knowledge.
This exclusive congress is shaping up to be the most important in the Basque Country, with an estimated capacity of 200 people in this fifth edition.