We pay special attention to the choice of talks, especially valuing their originality and contribution to the community.
Since our constitution, we have opted for a reduced congress in order to guarantee the best experience for the attendees.
Under our philosophy of association, this congress is made possible by the countless hours of partners and sponsoring companies.
From EuskalHack we are putting all our efforts to make - one more year - an unforgettable congress for all the attendees.
Remember that if you are a student you will have to prove it with your ticket.
FRIDAY, 24 JUNE
|09:15h - 09:30h||Presentation of the Congress||[ES][EN]|
|09:30h - 10:15h||Pasado y presente de la ciberguerra en Ucrania||[ES]|
|10:15h - 11:00h||Desmitificando disable_functions en PHP||[ES]|
|11:00h - 11:30h||BREAK|
|11:30h - 12:15h||UFOs: Unidentified Flying Objects||[ES]|
|12:15h - 13:00h||INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Industrial Control Systems||[EN]|
|13:00h - 13:30h||Desenmascarando a tus adversarios ocultos||[ES]|
|13:30h - 16:00h||LUNCH AND WORKSHOPS|
|16:00h - 16:45h||Esteganografía en redes sociales||[ES]|
|16:45h - 17:30h||I must break you. Ivan Drago vs. VMware||[EN]|
SATURDAY, 25 JUNE
|09:30h - 10:15h||Current state of Internet worms. Compromising hosts since 1988||[ES]|
|10:15h - 11:00h||Is your app XS-Leaking?||[EN]|
|11:00h - 11:30h||BREAK|
|11:30h - 12:15h||Invoke-DNSteal: Exfiltrando información DNS "like a boss"||[ES]|
|12:15h - 13:00h||Using policy delay to gain RCE and to execute Ransomware to infection victim machine.||[EN][ES]|
|13:00h - 13:30h||Ciberseguridad en Deep Learning||[ES]|
|13:30h - 16:00h||LUNCH & WORKSHOPS|
|16:00h - 16:45h||Cronología del backdoor Kazuar y una nueva relación con Turla||[ES]|
|16:45h - 17:30h||Zero-knowledge proofs security, in practice||[EN]|
|17:30h - 18:00h||Cybersecurity Award y closure||[ES][EN]|
FRIDAY, 24 JUNE
|14:00h - 16:00h||TA0004: Privilege Escalation in Adversary Simulation||[ES]||FULL|
SATURDAY, 25 JUNE
|14:00h - 16:00h||Pentest Active Directory Rocks!||[ES]||FULL|
Speaker: Josu Barrientos
The aim of this workshop is to analyse and practice with certain local privilege escalation vectors, both state-of-the-art and traditional. This workshop, in addition to studying the techniques in detail, is eminently practical, so Windows machines configured with these vulnerabilities will be used to simulate a totally realistic environment and the attendee will be able to practice identifying, exploiting and detecting them based on the events generated.Register
Speaker: Ignacio Brihuega
The aim of the workshop is to demonstrate what an attacker who has control of a corporate computer could do. To do so, we will show how to abuse the functionalities and configurations of the active directory (kerberoast, aspreroast,...) as well as how to bypass protections such as ASMI, CLM or modify scripts to avoid detection by AV. In addition, DA enumeration techniques, privilege escalation in Windows and lateral and vertical movement will be taught.Register
In this fifth edition we have a novelty in recognition of one of the people whose contribution to cybersecurity during 2021 has been worthwhile. At EuskalHack we would like to be able to recognize all those individuals, often anonymous, whose efforts have been more than beneficial to the cybersecurity community, professional environment, and citizens.
The nomination period is open until March 15 by sending a private message, a post on our social networks, or a simple email. Among all the applications received, we will raffle two tickets to the congress.
At the end of the congress, we will award a prize to the person whose contribution we consider to be the most significant.
We look forward to your proposals!
In this fifth edition we would like to offer ESC attendees a relaxed space to share experiences, knowledge and of course a good time.
Throughout the night of Friday 24th June you will be able to join our hackathon "gau-hack" where you will work in groups on a series of projects related to hacking proposed both by the organisation and by yourselves.
|29/04/2022||Registration of participants.|
|10/06/2022||Sharing and selection of projects.|
|24/06/2022||Night of the event.|
|20:30||(Place unknown)||Informal get-together and potluck. *|
|21:00||(Place unknown)||Dinner of sandwiches and portions. *|
|22:30||(Place unknown)||Reception of participants.|
|23:00||(Location unknown)||Exhibition of projects, creation of groups.|
|23:30||(Place unknown)||Start of the gau-hack.|
|[0-4]:00||(Location unknown)||Gong! (1 min. each group to present progress; possibility for participants to change projects).|
* Optional activities and on your own
Being part of EuskalHack as a sponsoring company means obtaining presence and repercussion in a unique and singular environment, allowing you to address a message to a specific public oriented to computer security, making it easier to consolidate your brand and credibility in an event of relevance for the community.
If you would like to take part in this congress, please contact us as soon as possible.
This ticket gives you access to the congress for both days, Welcome Pack, Hackathon, and other congress initiatives.
* Reduced Ticket: Students and unemployed (They must prove it irrefutably at the entrance)
[TRANCHE 1] > 08 of March to 30 of April:
[TRANCHE 2] > 01 of May to 31 of May:
[TRANCHE 3] > 01 of June to 15 of June:
* REDUCED TICKET:
EuskalHack Security Congress is an initiative of the first Ethical Hacking Association of Euskadi, a non-profit organisation constituted in Donostia and made up of various professionals linked to computer security research and computer forensics.
Our goal is to promote the community and culture of digital security to any type of interested public (experts or beginners who want to enter the world of security), through the promotion and dissemination of mainly technical knowledge.
This exclusive congress is shaping up to be the most important in the Basque Country, with an estimated capacity of 200 people in this fifth edition.