• If you are citizen of an European Union member nation, you may not use this service unless you are at least 16 years old.

  • Whenever you search in PBworks, Dokkio Sidebar (from the makers of PBworks) will run the same search in your Drive, Dropbox, OneDrive, Gmail, and Slack. Now you can find what you're looking for wherever it lives. Try Dokkio Sidebar for free.



Big thanks to all speakers that made the first Security BSides Delaware a success!


For this year's conference info please see: http://bit.ly/BSidesDE



BSides Delaware Accepted Talks List


CFP is Closed!

However, please submit any lighting talks you wish to be considered.

Submissions should be emailed to securitybsidesde {at} googlegroups(dot)com

Note: non member posts are now accepted with moderation

To join for help with planning please visit the Google group http://groups.google.com/group/securitybsidesde


Summary and Bio for all BSides Delaware Speakers



Brian Baskin
P2P Forensics: Your Admin Knows Your Porn Habits  

As a method for quick and efficient sharing of files, many computer users have turned towards P2P applications to obtain information and media that they require at home and on the job. With transmissions occurring over non-HTTP connections, even many technically savvy users don't realize just how easily their downloads and habits can be tracked and monitored across a network. This technical talk will delve into the network and file system forensic artifacts of P2P applications, focusing more towards BitTorrent but also including other relevant protocols. It will show what artifacts are left behind, and how some can be hidden away by knowledgeable users. It will also cover many of the new legal challenges that P2P users face and some of the newest protocol implementations created to bypass these legal restrictions.  This information is focused towards forensics examiners and network administrators that wish to mitigate the risks of P2P communications, though the information is appropriate for all audiences and skill levels. This is a similar talk to one given at the DoD Cyber Crime Conference, GFIRST, and in briefings to the U.S. DoJ and various law enforcement agencies, though recreated for BSides Delaware.

Brian Baskin is a digital forensics professional with cmdLabs, LLC. He was formerly with CSC and acted as the Deputy Lead Technical Engineer with the Defense Cyber Investigations Training Academy (DCITA), part of the Department of Defense Cyber Crime Center (DC3). For over 10 years Brian has worked to research, develop, and train forensic responses to growing network threats. Brian devotes much of his time to Linux and Unix forensics, evolving Internet crimes, and network protocol analysis. He has also authored and co-authored seven computer security books with Syngress Publishing, most recently writing the technical portion of "Dissecting The Hack: The F0rb1dd3n Network". He has developed various online undercover training courses for law enforcement and used his experience to contribute the P2P material to his first book in 2005, "Securing IM and P2P Applications in the Enterprise".




Brad Bowers
warezjoe {at}digitalintercept.com

The evolution of Evil - Changes in the use of USB devices as delivery mechanisms for malicious code

Summary Description -
The number and complexity of client side attacks has steadily increased over the last years. We have seen the rise to truly imaginative attacks blending sophisticated exploits with social engineering and creative method for deployment.  An emerging trend in these attacks has been the use of small hardware microcontroller devices to act as attack platforms or the delivery mechanism for malicious code.  In this presentation we'll discuss some of the capabilities and uses of Arduino microcontroller devices and build upon some of the excellent work and code being developed by Adrian Crenshaw (IronGeek). This presentation will discuss the methods and examples in which microcontrollers can be used and challenges for IT Security professional to defend against them.Comments -I'll discuss several forms of the Arduino microcontrollers and some of their capabilities that I've been working on:Duemilanove with Ethernet shield (DHCP exhaustion, DNS spoofing, ARP, DoS, Covert packet capture, etc.)Picoduino  - (Hiding in plain sight, clandestined implementations,etc.)  Teensy  - (Endless list of mayhem and uses)

Marcus J. Carey
Title: Hyper-Segmentation: Network Architecture for Advanced Persistent Threats


This talk will discuss the shortcomings of traditional network security architecture and how it fails to deter APT intrusions. It will discuss a dramatic new approach to network design needed for new threats. Hyper-Segmentation can significantly reduce the spread and scope of enterprise solutions. This approach uses technology available on most networks, which makes this new network architecture strategy feasible to most environments.



Marcus J. Carey is a Security Analyst with over 18 years experience in information assurance. Marcus has worked in diverse setting ranging from military, federal, and state government environments. Marcus has engineered and secured networks for the United States Navy, National Security Agency, Defense Intelligence Agency, and the State of Maryland over his career. Marcus is experienced in networking engineering, network exploitation, and computer forensics. Marcus earned a M.Sc. in Network Security from Capitol College. DojoSec & DojoCon Founder.



Joel Esler

jesler{at}sourcefire dot com


Title:  So I have this IDS.  Now what?

Abstract:  Shining light into the "now what" arena of IDS and IPS tuning, I'll talk about
what the next steps should be with the alerts, tuning, and maintenance of the ruleset and
configuration deployed into an IDS or an IPS.  General guidelines will be provided, however,
all guidelines must be adapted to your specific environment.



Title: Hacking Your Way into an Infosec Career

Abstract of Presentation

The information security field is rapidly growing due in part to the  
combination of government laws and regulations, industry compliance  
requirements, and ongoing increases in online crime. If you have an  
interest in infosec, there has never been a better time to take the  
leap from something you do for fun into a full time career. This  
presentation helps guide those with a passion for infosec into turning  
their hobby into a career. It begins with a study of the lack of  
infosec focus at the foundation of our educational system and  
continues on to discuss an overarching principle and several simple  
frameworks you can follow to help get your foot into the door of that  
first infosec job. On top of this framework, the presentation suggests  
several immediate and ongoing activities you can do to help catalyze  
the transition. The talk closes with several case studies and the  
release of a Career Exploit Kit to ensure you can hack your way into  
that infosec career.


* Introduction
* Limited Undergrad Programs
* Overarching Principle
* Transition Frameworks
* Immediate Activities
* Ongoing Activities
* Discipline Examples
* Career Exploit Kit
* Conclusion


Grecs has over 15 years experience, undergraduate and graduate degrees  
in Electrical Engineering, and a really well known security  
certification. Even though his training was in Electrical Engineering,  
Grecs has always been more of a Computer Science person at heart going  
back to his VIC-20, Commodore 64, and high school computer club days.  
After doing the IT grind for 5 years, he discovered his love of  
infosec and has been pursuing this career ever since.




Scott Hazel

Social Engineering for Non-Penetration Testers: How to practice the basics without getting slapped, shot, or arrested.

This talk is for everyone that's interested in learning more about Social Engineering but doesn't work as a penetration tester or conduct Social Engineering tests as part of their job. We've all heard the fantastic stories where professional SE's have gained access to buildings with nothing more than a pack of cigarettes, a clipboard, or a friendly smile.
We marvel at what they can accomplish but where do the rest of us learn these skills without getting slapped, shot, or arrested?

Many components of Social Engineering occur organically throughout our daily interactions with other people. The key is to be aware, focus on these interactions, and learn how to implement them at will. The world around us is a rich source of information on human interaction and we can all tap it. I'll discuss a variety of options for learning more about information gathering, elicitation, and non-verbal communications. I'll also talk about what it means to fail at SE and where you could go next.

Scott Hazel (@phat32) is a security professional with 10 years experience working for vendors and MSSP's. He has never worked as a penetration tester and there is a running bet on whether he could actually hack his way out of a paper
bag. He also has 39 years of experience interacting with people, was raised by women, and has worked in customer facing roles since he lied about his age to get his first job at 15 years old. He is the winner of the Defcon 17 SE contest
and Defcon 18 SE CTF. When he's not laboring to perfect his Autopwn skills he can usually be found on the Freenode #social-engineer IRC channel or helping the www.social-engineer.org crew.




Joe Klein


Title: “IPv6 - Evil and Good”

Ok, so we are running out of IPv4 addresses and we need to move to IPv6. Fortunately the process of implementing IPv6 is simple because most operating systems can “talk” IPv6 by default. Unfortunately,  as most organizations have not begun to implement IPv6, they are left defenseless and clueless. IDS/IPS don’t detect it, firewalls let tunneled IPv6 through, SIMS miss complex attacks and best practices have yet to be written or implemented. Since management of most organizations don’t think it is a problem, funding has not been allocated to mitigate this network attack.

This discussion is focused on how to leverage IPv6 in a Pen Test/Red Team Exercise. We will discuss the tools to discover IPv6 devices, IPv6 specific vulnerability fun and how to setup a backchannel to maintain persistence. We will finish with several of my “Best Practice” techniques to mitigate IPv6 attack, just so we don’t drive the defenders crazy.


Bio: IPv6 Security Researcher, Hiker, Hacker, Photographer, and Marathon runner. IPv6 Security/Hacking Subject Matter Expert for North American IPv6 Task Force and IPv6 Forum.  And for the crowd, I graduated high school at Claymont, DE!



Dave Marcus
Social Engineering and Target Profiling with 100% Accuracy Using Social Media and OSINT

Social engineering is one of the most complex threats to deal with and protect against. The more you know about your victims likes, dislikes, hobbies and activities, the better chance you have of successfully social engineering them to do whatever you want.

What if there existed a set of tools that told a scammer or cybercriminal everything they wanted to know about their intended targets? What if their intended targets were, in fact, freely sharing this information with the very attackers that sought to steal their data?

This presentation will take the audience through the most powerful set of tools ever created for the wily social engineer and cybercriminal: Bing, Twitter, Facebook, TwitScoop, TinyURL and other social media sites.

By focusing on how to cleverly mine these sites for key user words, trends and topics and combining these results with an URL shortening service like TinyURL, we will demonstrate how any user can be sent any amount of malware, phishing attacks or any other social engineering-based attack at the cybercriminals command with a lure that will work every time.

Attendees will gain a better understanding of the power and dangers of social engineering and the potential risks Web 2.0 technologies, specifically social networking technologies, present in today's digital society.

Speaker's Bio(s):

Dave Marcus currently serves as Director of Security Research and Communications for McAfee® Labs, focusing on bringing McAfee’s extensive security research and global threat intelligence to McAfee’s customers and the greater security community. Mr. Marcus formerly served as Senior Security Evangelist and Strategist for McAfee, with more than ten years of technical experience in network solutions, information technology security, network performance and integration, e-learning solutions, in addition to management and consulting.  Mr. Marcus’ current focus at McAfee Labs includes PR, media, and thought leadership responsibilities, serving as both blogmaster and tweetmaster for McAfee Labs Security Blog, and is the co-host of AudioParasitics – The Official PodCast of McAfee Labs. Marcus also has responsibilities for all publications from McAfee Labs, such as McAfee Labs’ journal of security vision The McAfee Security Journal. Prior to joining McAfee, Marcus has held leadership and consulting positions focusing on information technology security services, network solutions, enterprise management, knowledge engineering and management, information technology, research & development program management, and has provided professional consulting services.  His industry experience crosses all IT-based industries with a determined focus on advanced intelligence gathering, digital forensic analysis, as well as intrusion detection/prevention and analysis on both the network and host.  Mr. Marcus is also a Qualified Expert Witness in Computer Forensics and Computer Security as well as being one of the most highly sought after speakers on all levels of information security.


Joshua Marpet
Jmarpet{at}datadevastation {dot} com

Insecure Systems: How not to Write an RFP


Request for Proposals are the way that a company can standardize what it needs, so that it can receive fair, comparable bids for the product(s) or service(s) required. You're going to be asked to write them, answer them, or evaluate the results. This will become a project for you.  Like many projects, there are pitfalls. Some of the problems will be contractual, some security related, and some could even open you up to exploitation. Let's discuss what some of those pitfalls are. And who they are.  And hopefully, how to avoid them.  OR if it's fun, how to push annoying co-workers into them!

On the serious side, how do you make sure that the RFP will actually result in something that meets your needs?  And doesn't bankrupt your budget?  And that you can stand to work with the vendor?

From the attacker side, find out if a pentest can be enhanced with access to RFP's.  Not just a passive source of reconnaissance information, but an active source of access to attack with.


Joshua Marpet is an Sales-Engineer-At-Large, providing strategic guidance to vendors and enterprise customers on their Information Security Risk Management.
Mr. Marpet is a popular speaker at industry events including Black Hat and Bsides, and has served as an adjunct professor of computer science at St. Johns University's Tobin College of Business.
Joshua has worked as an information security consultant focused on penetration testing, auditing and forensics.  Early in his career, he worked in law enforcement. He was later able to combine those skills with his interest in technology to create security systems for the airline, gaming, and prison industries. Mr. Marpet earned a bachelor's degree in psychology from Fairleigh Dickinson University.
His industry certifications include C|EH (Certified Ethical Hacker), from EC-Council, as well as the ever popular Application Security Specialist.  The Application Security Specialist Hat has yet to arrive.



Alex Muentz
lex {at} successfulseasons dotcom
Bio:Alex Muentz is a geek and a lawyer. When he’s not trying to keep his clients out of trouble, he teaches about the collision of law and technology and tries to be useful to his fellow geeks.


1. Security, Stupidity and Employability (the Hope 2010 talk)


Hackers are curious above all other things. While we all think this trait should be rewarded (or at least not punished so much), sometimes employers don’t agree. As a lawyer, Alex has had more phone calls than he’d like from employees who were fired once they reported a security hole - or even showed an interest in hacking. This talk will discuss a few case studies, U.S. law, and some recommendations on how to protect your job while remaining an active hacker (or merely a curious person).

2. Litigation as a security hole (an updated talk)

You think your systems and data are safe from any attack. You fear no script kiddie. You get a +5 against social engineering. Yet a single subpoena can crack your junk open wide. A search warrant might leave you with an empty server room.The law might be the biggest threat to your users, systems and you.Learn how to plan for and react to search warrants, subpoenas and wiretaps. I'm going to speak about the law in an IT context, make it accessible and relevant. If you manage other people's systems for a living or just are afraid of your own privacy and liberty, you might want to see this.

Jason Ross  ( algorythm [at] gmail [dot] com )
Bio:Jason is this big guy that's quiet unless he's talking.

"WHOIS the Master - An Introduction to ShoNuff"

This talk introduces a new security tool called ShoNuff. With all the talk about IPv4 address scarcity, and the resulting migration to IPv6,I thought it'd be interesting to see how the IP space was chopped up.Additionally, I figured it'd be interesting to see what organizations were responsible for various network blocks. So, I've started enumerating the whois space for the entire Internet and am normalizing that information and making it available to the public, Additionally,I'm tying the allocated network blocks to SHODAN, so that one canquery an organization's name and return a complete list of netblocks associated with that entity, then discover what service banners SHODAN has for that particular netblock.This talk is similar to the "Who Owns the Internet" talk I presented at BSides Las Vegas, though I will will have both more data, as well as additional functionality in the tool by the time it is presented at this event.




Michael "theprez98" Schearer

Name of Presentation: "How to Pwn an ISP in 10 Minutes or Less (without really trying)"

Detailed Outline:

I. Introduction
   1. Present background
   2. Explain agenda
   3. Introduce topic
   1. Brief explanation of SHODAN
   2. Demonstration for finding insecure devices
      a. default passwords
      b. Cisco devices
   III. How to Pwn an ISP
   1. Explain backstory of how devices were found
   2. Look what i found! ISP infrastructure devices
   3. Now what?
      a. Very brief! disclosure debate
      b. My decision
      c. ISP response
IV. Conclusions and "The Moral of the Story"
   1. Ethical issues regarding penetration testing
   2. Issues regarding disclosure


It all starts out so innocently.  You're doing some research for one project or another, and you stumble across something that doesn't seem right.  Then you start looking more, and you realize, this REALLY isn't right.  The hair on the back of your neck stands up, but you press on, into the deep... "How to Pwn an ISP in 10 Minutes or Less (without really trying)"  is the story of how I found a few misconfigured devices (that if discovered by someone else could have lead to complete disaster) and what I did about it.

Speaker's Bio(s): Michael Schearer ("theprez98") is a government contractor who spent nearly nine years in the United States Navy as an EA-6B Prowler Electronic Countermeasures Officer. His military experience includes aerial combat missions over both Afghanistan and Iraq and nine months on the ground doing counter-IED work with the U.S. Army. He is a graduate of Georgetown University's National Security Studies Program and a speaker at ShmooCon, DEFCON, HOPE, and other conferences. Michael is a licensed amateur radio operator and an active member of the Church of WiFi. He lives in Maryland with his wife and children.



Name: Gal Shpantzer @Shpantzer

Title: Security Domination via Hard Drive Isolation

Abstract: Every organization is a reluctant participant in the malware arms-race, investing untold blood and treasure in securing the essentially unsecurable: Commercial general-purpose, fat-client endpoints that are simply inappropriate for certain high-risk business processes and sensitive data.  This talk goes through this problem and proposes an alternative approach to the one-size-fits-all desktop. SANS.edu grad students call this approach ROBAM, while Gartner calls it Trusted Portable Personality Devices.

You will learn how leading government, financial and emergency response sector organizations are improving security while simultaneously extending remote access and mobility to administrators as well as end users. Several specific use-cases are outlined and analyzed in this talk.  Attendees will take away technical knowledge of this evolving niche as well as a business-focused approach for evaluating the tradeoffs between security and convenience in securing the endpoint.


Gal Shpantzer is a security advisor to CSOs of large corporations, hospital chains, Silicon Valley startups, specialty security vendors, universities and non-profits/NGOs. He has contributed to the security community as a co-editor of the popular SANS Newsbites security newsletter, co-authored book chapters, courseware and assigned papers on topics including IT ethics, Information Warfare, business continuity, cyberstalking and digital forensics. Most recently, Gal created and led the privacy subgroup of the NIST Smartgrid Interoperability Standards, which contributed the privacy section to NISTIR 7628.  Gal is on Twitter as @Shpantzer


Christopher Witter
Topic/Title: Packet Capture and Analysis

Christopher Witter has over 18 years of experience in Information Technology. Having worked as a consultant for 14 of those years, his customers included pharmaceuticals, manufacturing, service providers, dotcoms, and government entities. Mr. Witter has over 10 years of packet analysis experience. While working on a project for a customer, Mr. Witter designed and built a custom packet collection sensor before one existed on the market. The packet collection portion of his talk today will be based on a large portion of the research that went into that product. Currently, Mr. Witter is a Principal Network Security Engineer specializing in network and disk forensics.

Description: Learn how to build your own dedicated packet capture engine with
minimal hardware at a minimal cost. Whether you are interested in setting up an enterprise collection infrastructure or you just want to build a box to aid in troubleshooting, this talk has something for everyone. After discussing how to get the packets, we will dive into analyzing them. Analysis will cover looking at the data from different perspectives, including network engineering/traffic troubleshooting, application troubleshooting, and network forensics. Tools and techniques for both Windows and Unix will be covered.

Comments (0)

You don't have permission to comment on this page.