Derbycon 2015 Videos (Hacking Illustrated Series InfoSec Tutorial Videos)

These are the videos of the presentations from Derbycon 2015. Big thanks to my video jockeys Sabrina, Skydog, Some Ninja Master, Glenn Barret, Dave Lauer, Jordan Meurer, Brandon Grindatti, Joey, Fozy, nightcarnage, Evan Davison, Chris Bridwell, Rick Hayes, Tim Sayre, Lisa Philpott, Melanie Lecompte, Ben Pendygraft, Austin Hunter, Harold Weaver, Michael Shelburne (and maybe the speakers too I guess).

Time	Track 1 (Break Me)	Track 2 (Fix Me)	Track 3 (Teach Me)	Track 4 (The 3-Way)
8:30 – 9:00	Welcome to the Family – Intro
9:00 – 9:50	Jordan Harbinger Keynote
10:00 – 10:50	Information Security Today and in the Future HD Moore – Ed Skoudis – John Strand – Chris Nickerson – Kevin Johnson – Katie Moussouris hosted by David Kennedy
11:00 – 11:50	Lunch
12:00 – 12:50	The M/o/Vfuscator – Turning 'mov' into a soul-crushing RE nightmare – Christopher Domas	APT Cyber Cloud of the Internet of Things – Joey Maresca (@l0stkn0wledge)	When A Powerful Platform Benefits Both Attackers And Defenders: Secure Enhancements To Scripting Hosts In Windows 10 – Lee Holmes	How not to infosec – Viss (no audio)
1:00 – 1:50	AND YOU SHALL KNOW ME BY MY TRAIL OF DOCUMENTATION – Jason Scott	Stealthier Attacks and Smarter Defending With TLS Fingerprinting – Lee Brotherston	A deep look into a Chinese advanced attack. -Michael Gough – "HackerHurricane"	Python for InfoSec – Bart 'd4ncind4n' Hopper (no audio in official recordings, Bart sent me a new video)
2:00 – 2:50	Gadgets Zoo: Bypassing Control Flow Guard in Windows 10 - Rafal Wojtczuk – Jared DeMott	Honeypots for Active Defense – Greg Foss	Pavlovian Security: How To Change the Way Your Users Respond When the Bell Rings – Magen Wu (@tottenkoph) – Ben Ten (@ben0xa)	Dog The Freaking (OSINT) Bounty Hunter – Helping Law Enforcement Catch Criminals For (Mostly) Fun – And (Probably No) Profit – Dennis Kuntz (no audio)
3:00 – 3:50	Red vs. Blue: Modern Active Directory Attacks & Defense – Sean Metcalf "@PyroTek3"	Manufactorum Terminatus – The attack and defense of industrial manufacturers – Noah Beddome – Eric Milam	The State of Information Security Today – Jeff Man	Current Trends in Computer Law – Matthew Perry (Mostly no audio)
4:00 – 4:50	Metasploit Town Hall – David Maloney "thelightcosine" – James Lee "egyp7" – Tod Beardsley "todb" – Brent Cook "busterbcook"	High Stake Target: Lo-Tech Attack – Bill Gardner "oncee" – Kevin Cordle	Learning through Mentorship – Michael Ortega "SecurityMoey" – Magen Wu "Tottenkoph"	Spankng the Monkey (or how pentesters can do it better!) – Justin Whitehead "(at)3uckaro0" – Chester Bishop "@chet121"
5:00 – 5:50	Red Teaming Enemy of the State – Wayne (Not being posted)	Operating in the Shadows – Carlos Perez "darkoperator"	The Law of Drones – Michael "theprez98" Schearer	On Defending Against Doxxing – Benjamin Brown Ajnachakra
6:00 – 6:50	$helling out (getting root) on a 'Smart Drone' – Kevin Finisterre – solo ape	Getting Started with PowerShell – Michael Wharton "MyProjectExpert"	The Phony Pony: Phreaks Blazed The Way – Patrick McNeil "Unregistered436" – Owen "Snide"	Practical Windows Kernel Exploitation – Spencer McIntyre @zeroSteiner
7:00 – 7:50	Phishing: Going from Recon to Creds – Adam Compton – Eric Gershman	SETUP	HackerQue – Michael Smith (DrBearSec) – Kyle Stone (Essobi)	Hijacking Label Switched Networks in the Cloud – Paul Coggin (no audio)

Time	Stable Talks
12:00 – 12:25	Shooting Phish in a Barrel and other fish related puns – Amanda Berlin
12:30 – 12:55	Don't Laugh – I Dare You! – Carl Alexander "DrHaxs"
1:00 – 1:25	Marketers Are Friends – Not Food – Kara Drapala
1:30 – 1:55	Blue Team Starter Kit – Timothy De Block
2:00 – 2:25	Simplified SIEM Use Case Management – Ryan Voloch "VDog90"
2:30 – 2:55	Bypassing 2Factor Auth with Android Trojans – Paul Burbage
3:00 – 3:25	Putting the Management into Vulnerability Management (or – YOU'VE GOT BEARS!!!) – Jesika McEvoy (octalpus)
3:30 – 3:55	Moving Target Defense – Learning from Hackers – Sachin Shetty
4:00 – 4:25	Malfunction's Functions : Automated Static Malware Analysis using Function Level Signatures – Matthew Rogers – Jeramy Lochner
4:30 – 4:55	We Owe You Nothing – Rockie Brockway
5:00 – 5:25	Backdooring Git – John Menerick
5:30 – 5:55	Detecting phishing attacks with DNS reconnaissance – Mike Saunders
6:00 – 6:25	Hacking Web Apps – Brent White
6:30 – 6:55	Sticky Honey Pots – Paul J. Vann
7:00 – 7:25	Top Ten is Old Skool – Meet the New Age of AppSec – Andrew Leeth
7:30 – 7:55	Cryptography and You – Justin Herman

Time	Track 1 (Break Me)	Track 2 (Fix Me)	Track 3 (Teach Me)	Track 4 (The 3-Way)
9:00 – 9:50	Pwning People Personally – Josh Schwartz "FuzzyNop"	OSINT for AppSec: Recon-ng and Beyond – Tim Tomes "lanmaster53"	Mobile Application Reverse Engineering: Under the Hood – Drew Branch – Billy McLaughlin	Hacking for homeschoolers – Branden Miller
10:00 – 10:50	Stagefright: Scary Code in the Heart of Android – Joshua "jduck" Drake	Hacking Virtual Appliances – Jeremy Brown	Introducing the RITA VM: Hunting for bad guys on your network for free with math. – John Strand – Derek Banks – Joff Thyer – Brian Furham	Going AUTH the Rails on a Crazy Train – Tomek Rabczak – Jeff Jarmoc
11:00 – 12:00	Lunch
12:00 – 12:50	Dec0ding Humans Live – Chris Hadnagy @HumanHacker	ISLET: An Attempt to Improve Linux-based Software Training – Jon Schipp	Breaking in Bad (I'm the one who doesn't knock) – Jayson E. Street	Bugspray – The 802.15.4 Attack Surface – Bryan "Crypt0s" Halfpap
1:00 – 1:50	Gray Hat PowerShell – Ben Ten (@ben0xa)	CyberSecurity Alphabets – Hacker Edition – Reuben Paul	Developers: Care and feeding – Bill Sempf	Unbillable: Exploiting Android In App Purchases – Alfredo Ramirez
2:00 – 2:50	WhyMI so Sexy? WMI Attacks – Real-Time Defense – and Advanced Forensic Analysis – Matt Graeber – Willi Ballenthin – Claudiu Teodorescu	Losing Battles – Winning Wars – Active Defense Rebooted – Rafal Los "Wh1t3Rabbit"	Fingerprinting the modern digital footprint - Arian Evans	BYPASS SURGERY ABUSING CONTENT DELIVERY NETWORKS WITH SERVER-SIDE-REQUEST FORGERY (SSRF) FLASH AND DNS – Matthew Bryant (mandatory) – Michael Brooks (rook)
3:00 – 3:50	Hackers vs. Defenders: Can the defender ever stop playing catch up and win? – Mano Paul "dash4rk"	Social Media Risk Metrics. When OMGWTFBBQ meets risk algorithms. – Ian Amit – Alex Hutton	Surviving your Startup – Bruce Potter (part of talk missing)	Dynamic Analysis of Flash Files – Jacob Thompson
4:00 – 4:50	Medical Devices: Pwnage and Honeypots – Scott Erven "windshield wipers" – Mark Collao	Building a Brain for Infosec – Ryan Sevey – Jason Montgomery	How to ruin your life by getting everything you ever wanted. – Chris Nickerson	Attacking Packing: Captain Hook Beats Down on Peter Packer – Vadim Kotov – Nick Cano
5:00 – 5:50	State of the Metasploit Framework – James Lee "egypt"	How to Build Your Own Covert SIGINT Vehicle – Drew Redshift Porter	Using Windows diagnostics for system compromise – Nicholas Berthaume "aricon"	Johnny Long and Henry Wanjala – HFC Update
6:00 – 6:50	Credential Assessment: Mapping Privilege Escalation at Scale – Matt Weeks "scriptjunkie1"	SETUP	InfoSec Big Picture and Some Quick Wins – Schuyler Dorsey	HARdy HAR HAR HAR: HAR File Collection and Analysis for Malware – Robert Simmons "Utkonos"

Time	Stable Talks
9:00 – 9:25	Stacking the Virtual Deck: Attacks by Predicting RNGs – Adam Schwalm
9:30 – 9:55	Homebrewing for Hackers – Benjamin Holland – Amber Aldrich
10:00 – 10:25	Stealthy and Persistent Back Door for Z-Wave Gateways – Jonathan Fuller and Ben Ramsey
10:30 – 10:55	Building a Better Honeypot Network – Josh Pyorre
11:00 – 11:25	Lunch
11:30 – 11:55	Lunch
12:00 – 12:25	Surveillance using spare stuff – Matt Scheurer "Cerkah"
12:30 – 12:55	Crypto 101: An Intro To Real-World Crypto – Adam Caudill
1:00 – 1:25	Practical Attacks Against Multifactor – Josh Stone
1:30 – 1:55	Hacking the Next Generation – David Schwartzberg
2:00 – 2:25	The Human Interface Device Attack Vector: Research and Development – Alexander Livingston Segal
2:30 – 2:55	A survey of Powershell enabled malware – Tyler Halfpop
3:00 – 3:25	Tool Drop: Free as in Beer – Scot Berner – Jason Lang
3:30 – 3:55	Tactical Diversion-Driven Defense – Greg Foss – Thomas Hegel
4:00 – 4:25	Windows 10 Defense in Depth – Eddie David
4:30 – 4:55	Latest Tools in Automotive Hacking – Craig Smith
5:00 – 5:25	Ansible. And why it works for me. – Charles Yost
5:30 – 5:55	Learning Mainframe Hacking: Where the hell did all my free time go? – Chad Rikansrud "Bigendian Smalls (BeS)""
6:00 – 6:25	Intercepting USB Traffic for Attack and Defense – Brandon Wilson
6:30 – 6:55	Geeks Need Basements! – Kathleen Veach
7:00 – 7:25	Intro to x86 – Stephanie Preston
7:30 – 7:55	Spy Vs. Spy: How to Use Breakable Dependencies to Your Advantage – Stacey Banks – Anne Henmi

Time	Track 1 (Break Me)	Track 2 (Fix Me)	Track 3 (Teach Me)	Track 4 (The 3-Way)
9:00 – 9:50	Is That a Router in Your Pocket or are You Trying to P0wn Me? – Michael Vieau – Kevin Bong	Beyond Bad IP Addresses Hashes and Domains - Ed McCabe	How I Stopped Worrying and Learned To Love InfraOps – Karthik Rangarajan (krangarajan) – Daniel Tobin (dant24)	PHaaS – Phishing as a Service – Raymond Gabler
10:00 – 10:50	The little-known horrors of web application session management – Matthew Sullivan	DNS Miner – A semi-automatic Incident response and threat intelligence tool for small – over worked security teams – Doug Leece – AJ Leece	Blue Team Army – It's your network – defend it! – Mick Douglas – Jamie Murdock	Circles & Boxes – Drawing SecArch into your program – Chris Robinson
11:00 – 11:50	Practical hardware attacks against SOHO Routers & the Internet of Things – Chase Schultz "f47h3r"	Martin Bos and Eric Milam (did not happen)	LongTail SSH Attack Analysis – Eric Wedaa	Disecting Wassenaar – Tyler Pitchford
12:00 – 12:30	Quick lunch break
12:30 – 1:20	Stretching the Sandbox with Malware Feature Vectors – Mike Schladt	Larry Pesce – My password cracking brings all the hashes to the yard..	Hunting Unicorns and Jerks – Irrational – Defensible – or Necessary? – Steve Werby	Five Hardware Hacking Projects Under $30 – Kevin Bong – Michael Vieau
1:30 – 2:20	Gnuradio demystifying rf black magic – Matthew O'Gorman "mog"	Intrusion Hunting for the Masses – A Practical Guide – David Sharpe	The problems with JNI obfuscation in the Android Operating System – Rick Ramgattie	Confessions of a crypto cluster operator – Dustin Heywood "EvilMog"
2:30 – 3:30	Closing Ceremonies

Time	Stable Talks
9:00 – 9:25	Voltron: Defender of your inferiors – Richo Healey "richo"
9:30 – 9:55	Malware is hard. Let's go Shopping! – Richard Wartell "wartortell"
10:00 – 10:25	The Pentesters Framework (PTF) – The easy way to roll your own distro. – Dave Kennedy (HackingDave)
10:30 – 10:55	Hack my Derby – Nate Lager
11:00 – 11:25	Lunch