2.0 -//Pentabarf//Schedule//EN PUBLISH BCDYXL@@cfp.pacifichackers.com -BCDYXL WELCOME CEREMONY en en 20250428T091500 20250428T093000 0.01500 WELCOME CEREMONY WELCOME CEREMONY PUBLIC CONFIRMED Lightning Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/BCDYXL/ MAIN TRACK PUBLISH ZADCW7@@cfp.pacifichackers.com -ZADCW7 KEYNOTE en en 20250428T093000 20250428T100000 0.03000 KEYNOTE OPENING KEYNOTE PUBLIC CONFIRMED Keynote https://cfp.pacifichackers.com/hackthebay-2025/talk/ZADCW7/ MAIN TRACK Malcolm Harkins Eoin Wickens PUBLISH XEVY8W@@cfp.pacifichackers.com -XEVY8W From pocket to Pwn: How we hacked a multinational corporation for $200 with just what’s in our pockets (and theirs) en en 20250428T100000 20250428T104500 0.04500 From pocket to Pwn: How we hacked a multinational corporation for $200 with just what’s in our pockets (and theirs) When Red Teaming a multinational technology company with an extensive security budget we had to think outside the box in order to leverage new attack pathways to gain a foothold in their environment where typical Red Teaming methodologies simply weren’t viable. Using readily available hardware and almost no code, we were able to abuse both application protocols and inbuilt applications to gain persistent access via a chained attack across multiple devices to gain system level access to a customer environment. This talk will focus on a modified real world scenario which included: Denial of BlueTooth service (conceptual due to legal implications) Wireless BadUSB Modified Metasploit for Android Abuse of Android Debugging Tool (ADB) to gain persistent reverse shell over Mobile Service (not USB) Abuse of ADB for real time screen recording and interaction Network enumeration via ADB Using ADB as a pivot for further compromise of the environment Exfiltration of VPN configuration and subsequent abuse of MFA Undetectable data exfiltration via mobile service This talk highlights how devastating attacks are still easily possible with a very low price entry point and virtually undetectable by most Security Tools. This talk will feature a live demo (if the demo gods deem it so) and aim to encourage aspiring penetration testers to think outside of the (Windows) box when approaching their objectives. PUBLIC CONFIRMED Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/XEVY8W/ MAIN TRACK Tim Shipp Lisa Landau PUBLISH VHU3FS@@cfp.pacifichackers.com -VHU3FS Adversarial Intelligence: Redefining Application Security through the eyes of an attacker en en 20250428T104500 20250428T113000 0.04500 Adversarial Intelligence: Redefining Application Security through the eyes of an attacker PUBLIC CONFIRMED Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/VHU3FS/ MAIN TRACK Aviv Mussinger PUBLISH RJBHD8@@cfp.pacifichackers.com -RJBHD8 Netsec is dead(?): Modern Network Fingerprinting for Real-World Defense en en 20250428T113000 20250428T121500 0.04500 Netsec is dead(?): Modern Network Fingerprinting for Real-World Defense Network reconnaissance is often overshadowed by other threats, like phishing, yet it remains a critical first step in the kill chain. Because edge infrastructure is typically exposed around the clock, adversaries have a 24/7 opportunity to gather information and use it for initial exploitation. In this talk, we’ll trace the evolution of network fingerprinting, starting with traditional methods like p0f, which relied on passive TCP/IP signature analysis, and advancing to modern suits (JA4, JA4+, MuonFP). By walking through each generation of fingerprinting, I’ll show how visibility has expanded along with the trade-offs and limitations inherent in these methods. I’ll present real-world scenarios that highlight how to spot fast scanners indexing massive numbers of hosts, how to detect covert traffic routed via jump boxes and VPNs, and how to block lower-level banner-grabbers. We’ll also discuss how these fingerprints can be integrated into SOC workflows, from building prioritized alerts to automating responses in firewalls and IDS. Finally, we’ll wrap up with a practical checklist of tools, including Arkime and eBPF-based detection, as well as firewall rule approaches to immediately strengthen defenses. Attendees will leave with the knowledge and resources to apply modern fingerprinting for continuous monitoring, streamlined threat hunting, and reduced exposure to both mass and targeted network scans. PUBLIC CONFIRMED Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/RJBHD8/ MAIN TRACK Vlad Iliushin PUBLISH 3ZM9CY@@cfp.pacifichackers.com -3ZM9CY Beyond Detection: Building a Living Security Knowledge Ecosystem with SNARF en en 20250428T121500 20250428T130000 0.04500 Beyond Detection: Building a Living Security Knowledge Ecosystem with SNARF PUBLIC CONFIRMED Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/3ZM9CY/ MAIN TRACK John Owen PUBLISH QNZ3XY@@cfp.pacifichackers.com -QNZ3XY KEYNOTE en en 20250428T130000 20250428T133000 0.03000 KEYNOTE KEYNOTE PUBLIC CONFIRMED Keynote https://cfp.pacifichackers.com/hackthebay-2025/talk/QNZ3XY/ MAIN TRACK Jake Williams (aka MalwareJake) PUBLISH HVWUVF@@cfp.pacifichackers.com -HVWUVF Breaking Down Silos: Unify Assets, Minimize Attack Exposure en en 20250428T133000 20250428T140000 0.03000 Breaking Down Silos: Unify Assets, Minimize Attack Exposure PUBLIC CONFIRMED Lightning Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/HVWUVF/ MAIN TRACK Lucas Zaichkowsky PUBLISH SC9GX8@@cfp.pacifichackers.com -SC9GX8 SAST AI en en 20250428T140000 20250428T144500 0.04500 SAST AI Will discuss deeply what is SAST is. (Static Application Security Testing) and how using AI and pattern matching find source code vulnerabilities. PUBLIC CONFIRMED Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/SC9GX8/ MAIN TRACK Bogdan Barchuk PUBLISH LYFTBR@@cfp.pacifichackers.com -LYFTBR Exploitation Techniques in APIs: RESTful, SOAP ,GraphQL and gRPC, en en 20250428T144500 20250428T153000 0.04500 Exploitation Techniques in APIs: RESTful, SOAP ,GraphQL and gRPC, This talk will explore key attack and exploitation techniques for RESTful, SOAP, GraphQL, and gRPC APIs, based on the OWASP API Security Top 10 framework. We'll cover practical methods to identify and exploit vulnerabilities such as injection flaws, broken authentication, and data exposure. The focus will be on real-world attack scenarios using tools like Burp Suite and custom scripts. We'll dive into specific vulnerabilities for each API type: manipulating RESTful tokens, exploiting GraphQL query injection, compromising gRPC protobuf-based requests, and executing XML external entity (XXE) attacks on SOAP. The session will provide step-by-step demonstrations of these techniques, highlighting how to chain them for maximum impact. Finally, we'll discuss the Open-Sec framework and how to apply it to API penetration testing. This structured approach—covering reconnaissance, scanning, testing, and analysis—will help identify and exploit complex vulnerabilities, offering actionable insights to improve API security. PUBLIC CONFIRMED Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/LYFTBR/ MAIN TRACK Toshiro Nagata Bolivar PUBLISH 9NBABQ@@cfp.pacifichackers.com -9NBABQ Rules Writers and Threat Hunters in the Age of AI en en 20250428T153000 20250428T160000 0.03000 Rules Writers and Threat Hunters in the Age of AI To Be Determined PUBLIC CONFIRMED Lightning Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/9NBABQ/ MAIN TRACK Eric Zietlow PUBLISH J9FZJB@@cfp.pacifichackers.com -J9FZJB Beyond SAST: Advancing Vulnerability Detection with Symbolic Execution en en 20250428T160000 20250428T164500 0.04500 Beyond SAST: Advancing Vulnerability Detection with Symbolic Execution Static Application Security Testing (SAST) is a vital tool for securing software, but its limitations, such as difficulty handling complex inputs, runtime behaviors, and dynamic data, can lead to missed vulnerabilities and false positives. This session explores these challenges and introduces symbolic execution, enhanced with artificial intelligence, as a game-changing solution. Symbolic execution goes beyond traditional static analysis by simulating all possible execution paths of a program, abstracting inputs symbolically to uncover hidden vulnerabilities like race conditions, memory safety violations, and edge case errors. We’ll also discuss the limitations of symbolic execution, such as path explosion, and strategies to mitigate them. PUBLIC CONFIRMED Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/J9FZJB/ MAIN TRACK Ulrich Lang Jason Kramer PUBLISH VVD73L@@cfp.pacifichackers.com -VVD73L GameHacking 101 en en 20250428T164500 20250428T171500 0.03000 GameHacking 101 PUBLIC CONFIRMED Lightning Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/VVD73L/ MAIN TRACK Julian Dunning PUBLISH QLZMKV@@cfp.pacifichackers.com -QLZMKV KEYNOTE en en 20250428T171500 20250428T174500 0.03000 KEYNOTE CLOSING KEYNOTE PUBLIC CONFIRMED Keynote https://cfp.pacifichackers.com/hackthebay-2025/talk/QLZMKV/ MAIN TRACK Sunil Gottumukkala PUBLISH M78KTL@@cfp.pacifichackers.com -M78KTL CLOSING CEREMONY en en 20250428T174500 20250428T180500 0.02000 CLOSING CEREMONY CLOSING CEREMONY PUBLIC CONFIRMED Lightning Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/M78KTL/ MAIN TRACK PUBLISH SH8SWT@@cfp.pacifichackers.com -SH8SWT Attacking AI en en 20250428T100000 20250428T120000 2.00000 Attacking AI While most AI assessment material focuses on academic AI red team content, “Attacking AI” is focused on the task of assessing AI enabled systems. Join Jason as he discusses his seven point methodology to assessing these systems and releases Arcanum’s prompt injection taxonomy and other resources for aspiring testers. PUBLIC CONFIRMED Workshop https://cfp.pacifichackers.com/hackthebay-2025/talk/SH8SWT/ TRACK 2 Jason Haddix PUBLISH WAUNKX@@cfp.pacifichackers.com -WAUNKX Vulnerability Exploitation in the Cloud: A Cross-Platform Graph-Based Attack en en 20250428T120000 20250428T124500 0.04500 Vulnerability Exploitation in the Cloud: A Cross-Platform Graph-Based Attack During this talk I intended to cover this: - Welcome - - What is HVT - - Difference between Attack Vector and Attack Path - - What is Chock Point - AWS IAM - - AWS Attacks ( Explanation and Demo) - - Attack Methods - CreatePolicyVersion - Attaching Attack - Conclusions PUBLIC CONFIRMED Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/WAUNKX/ TRACK 2 Filipi Pires PUBLISH BGTZW8@@cfp.pacifichackers.com -BGTZW8 Layered Security for Kubernetes en en 20250428T124500 20250428T131500 0.03000 Layered Security for Kubernetes Security for Kubernetes PUBLIC CONFIRMED Lightning Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/BGTZW8/ TRACK 2 Brian Six PUBLISH RXUVVC@@cfp.pacifichackers.com -RXUVVC Tabletop War Gaming en en 20250428T131500 20250428T151500 2.00000 Tabletop War Gaming Tabletop War Gaming brought to you by Google - Mandiant PUBLIC CONFIRMED Workshop https://cfp.pacifichackers.com/hackthebay-2025/talk/RXUVVC/ TRACK 2 Mike Lombardi Erik Barzdukas PUBLISH LXBZF8@@cfp.pacifichackers.com -LXBZF8 Devops and threat research walk into a bar... en en 20250428T151500 20250428T154500 0.03000 Devops and threat research walk into a bar... In my presentation, I'll discuss how we've integrated CI/CD pipelines to automate the deployment of both low and high-interaction honeypots. By tailoring these honeypots to mirror our customers' technology stacks, we've been able to gather more relevant threat data. I'll explain how we've used HASH (https://github.com/DataDog/HASH) to quickly deploy low-interaction honeypots and delve into how container technology allows us to deploy high-interaction honeypots capable of running any technology stack. Additionally, I'll highlight how the data we collect enhances our understanding of threats and enriches our customers' logs with valuable security insights. Our approach stands out because it combines DevOps methodologies with cybersecurity practices to create a dynamic and responsive honeypot deployment system. By integrating CI/CD pipelines, we're able to respond rapidly to emerging threats, deploying honeypots in real-time as new vulnerabilities surface. We customize these honeypots to reflect our customers' actual environments, making the data we collect more relevant. This integration also streamlines the entire process from deployment to data analysis, reducing manual effort and minimizing potential errors. I'll share recent case studies to illustrate the effectiveness of our approach. For example, I'll talk about how we quickly deployed honeypots to capture exploit attempts on a newly discovered Confluence vulnerabilities, Docker API exploitation, Log4J, and Redis exploitation. I'll also discuss how our high-interaction honeypots allowed us to monitor attackers' behavior after they gained initial access. Additionally, I'll highlight instances where the intelligence we gathered significantly improved our customers' ability to detect and respond to threats. These real-world examples will demonstrate the impact of our methods. PUBLIC CONFIRMED Lightning Talk https://cfp.pacifichackers.com/hackthebay-2025/talk/LXBZF8/ TRACK 2 Andy Giron Arthi Nagarajan PUBLISH UYWEQQ@@cfp.pacifichackers.com -UYWEQQ Securing Critical Infrastructure en en 20250428T154500 20250428T174500 2.00000 Securing Critical Infrastructure The workshop is structured as a CTF competition. There will be demonstrations of the techniques, and help on the challenges will be available. We will use Modbus and DNP networks, as well as normal IP-based networks. Software used includes OpenPLC, FactoryIO, Splunk, Velociraptor, and Zeek. Participants need a laptop capable of running virtual machines, or a few dollars to rent cloud servers. All class materials are freely available on the Web and may be easily used in other classes. PUBLIC CONFIRMED Workshop https://cfp.pacifichackers.com/hackthebay-2025/talk/UYWEQQ/ TRACK 2 Sam Bowne PUBLISH JZAJRB@@cfp.pacifichackers.com -JZAJRB Soldering Village en en 20250428T100000 20250428T170000 7.00000 Soldering Village PUBLIC CONFIRMED Village https://cfp.pacifichackers.com/hackthebay-2025/talk/JZAJRB/ SOLDERING VILLAGE Abhinav Pandagale