Éditions précédentes

2017 | 2016 | 2015 | 2014 | 2013 | HackUS

Challenge Coins for Winners

2017

In 2017 we introduced a track of workshops running along the conference.

NorthSec gathered around 600 infosec professionals, students and enthusiasts that year.

Competition

The theme was Rao’s Rigged Elections.

Top 3 were:

Conference

Talk Videos

Talks

  • KEYNOTE: Playing Through the Pain: The Impact of Dark Knowledge and Secrets on Security and Intelligence Professionals by Richard Thieme
  • Hack Microsoft Using Microsoft Signed Binaries by Pierre-Alexandre Braeken
  • Attacking Linux/Moose Unraveled an Ego Market by Masarah Paquet-Clouston & Olivier Bilodeau
  • BearSSL: SSL For all Things by Thomas Pornin
  • Hacking POS PoS Systems by Jackson Thuraisamy & Jason Tran
  • Backslash Powered Scanning: Implementing Human Intuition by James Kettle
  • Don’t Kill My Cat by Charles F. Hamilton
  • Stupid RedTeamer Tricks by Laurent Desaulniers
  • Murder Mystery – How Vulnerability Intelligence is Poisoning your Information Security Program by Gordon MacKay

Workshops

  • Introduction to Assembly Language and Shellcoding by Charles F. Hamilton & Peter Heppenstall
  • Automating Detection, Investigation and Mitigation with LimaCharlie by Maxime Lamothe-Brassard
  • Script Engine Hacking For Fun And Profit by Jean-Marc Le Blanc & Israël Hallé
  • Cracking Custom Encryption – An Intuitive Approach to Uncovering Malware’s Protected Data by Pavel Asinovsky & Magal Baz

Event Photos

Photos

2016

In 2016 we introduced training sessions before the conference growing NorthSec into a whole week event. The NorthSec security festival was born. We also gave a badge to every conference and competition attendee.

In 2016, NorthSec gathered around 500 infosec professionals, students and enthusiasts.

Competition

The theme was the leaks around Marcus Madison’s Bakery.

Top 3 were:

Conference

Talk Videos

Talks

  • KEYNOTE: How Anonymous (narrowly) Evaded the Cyberterrorism Rhetorical Machine by Gabriella Coleman
  • The New Wave of Deserialization Bugs by Philippe Arteau
  • Applying DevOps Principles for Better Malware Analysis by Olivier Bilodeau & Hugo Genesse
  • Practical Uses of Program Analysis: Automatic Exploit Generation by Sophia D’Antoine
  • CANtact: An Open Tool for Automotive Exploitation by Eric Evenchick
  • Bypassing Application Whitelisting in Critical Infrastructures by René Freingruber
  • Inter-VM Data Exfiltration: The Art of Cache Timing Covert Channel on x86 Multi-Core by Etienne Martineau
  • Analysis of High-level Intermediate Representation in a Distributed Environment for Large Scale Malware Processing by Eugene Rodionov & Alexander Matrosov
  • Real Solutions From Real Incidents: Save Money and Your Job! by Guillaume Ross & Jordan Rogers
  • Security Problems of an Eleven Year Old and How to Solve Them by Jake Sethi-Reiner
  • Android – Practical Introduction into the (In)Security by Miroslav Stampar
  • Hide Yo’ Kids: Hacking Your Family’s Connected Things by Mark Stanislav
  • Law, Metaphor and the Encrypted Machine by Lex Gill
  • Stupid Pentester Tricks by Laurent Desaulniers
  • Not Safe For Organizing: The state of targeted attacks against civil society by Masashi Crete-Nishihata & John Scott-Railton

Event Photos

Photos

2015

In 2015 we added a two-day conference to the event and gave a hardware badge per CTF team.

NorthSec gathered around 400 infosec professionals, students and enthusiasts that year.

Competition

The theme was the revolution against Rao’s intricate Kingdom.

Top 3:

Conference

Talk Videos

Talks

  • KEYNOTE: Privacy, Surveillance & Oversight by Chris Prince - Office of the Privacy Commissioner of Canada
  • Breaking PRNGs: A predictable talk on Pseudo Random Number Generators by Philippe Arteau
  • 2 years of Montréhack: the local CTF training initiative by Olivier Bilodeau
  • The Sednit Group: “Cyber” Espionage in Eastern Europe by Joan Calvet
  • CHEKS, Complexity Science in Encryption Key Management by Jean-François Cloutier & François Gagnon
  • Hopping on the CAN Bus by Eric Evenchick
  • EMET 5.2 - armor or curtain? by René Freingruber
  • Bitcoin: Putting the “pseudo” back in pseudonymous by Mathieu Lavoie
  • DDoS: Barbarians At The Gate by Dave Lewis
  • TextSecure: Present and Future by Trevor Perrin
  • The Uroburos case: analysis of the tools used by this actor by Paul Rascagnères
  • Object Oriented Code RE with HexraysCodeXplorer by Eugene Rodionov
  • CTF or WTF? by Guillaume Ross
  • Threat Modeling for the Gaming Industry by Robert Wood
  • Why You Should (But Don’t) Care About Mainframe Security by Phil “Soldier of Fortran” Young

Flash Talks

  • Philippe Arteau: Rosetta Flash And Why Flash Is Still Vulnerable…
  • Joan Calvet & Paul Rascagnères: Totally Spies!
  • Guillaume Ross: iOS App Analytics And Your Privacy

Event Photos

Photos

2014

In 2014, NorthSec gathered around 300 infosec professionals, students and enthusiasts.

Competition

The theme was the Associated Nation Organization (ANO)

Top 3:

Promo Video

Event Photos

Photos

2013

For the first year of NorthSec, we were hosted at ÉTS University in Montreal

NorthSec gathered around 150 infosec professionals, students and enthusiasts that year.

Competition

The theme was Onionotar, a parody of a Certificate Authority

Top 3:

Fan Video

Event Photos

Photos

HackUS

NorthSec is the spiritual child of the HackUS competition hosted at Université de Sherbrooke in 2010 and 2011. The first Hacker Jeopardy — in the format you are familiar with at NorthSec — happened at HackUS in 2011 from a desire to have a break and a social event during the CTF.