Olivier Bilodeau Cybersecurity Research Lead, GoSecure
Olivier Bilodeau is leading the Cybersecurity Research team at GoSecure. With more than 10 years of infosec experience, he enjoys luring malware operators into his traps, writing tools for malware research and vulnerability research. Olivier is a passionate communicator having spoken at several conferences including BlackHat, Defcon, Botconf, NorthSec, Derbycon, and HackFest. Invested in his community, he co-organizes MontréHack, a monthly workshop focused on hands-on CTF problem solving, and NorthSec, a large non-profit conference and CTF based in Montreal.
Workshop: Capture-The-Flag 101
Workshops are first-come, first-serve and have limited capacity. Some workshops may be streamed for additional passive participation.
The objective of this workshop is to dive into Capture-The-Flag (CTF) competitions. First, by introducing participants to the basic concepts. Then, by helping them prepare for the upcoming NorthSec CTF, and, finally, evolve in their practice of applied cybersecurity.
We will have easy and medium CTF challenges in several categories (binaries, Web, exploitation, forensics) and we will give hints and solutions during the workshop.
This is meant to be for CTF first timers. Seasoned players should play NorthSec's official CTF.
Requirements
- a laptop
- a programming language of choice (it's usually Python)
- Wireshark
- a web assessment security tool (Burp, ZAP, mitmproxy)
- a disassembler/decompiler (Radare2, Binary Ninja, IDA Pro)
Pre-requisites/assumed knowledge:
None
Participants should prepare by:
- a laptop
- a programming language of choice (it's usually Python)
- wireshark
- a web assessment security tool (Burp, ZAP, mitmproxy)
- a disassembler / decompiler (Radare2, Binary Ninja, IDA Pro)
Participants must have the following equipment:
- a laptop
- a programming language of choice (it's usually Python)
- wireshark
- a web assessment security tool (Burp, ZAP, mitmproxy)
- a disassembler / decompiler (Radare2, Binary Ninja, IDA Pro)
Discussion: Red Team Block
This is a Q&A session. Moderators will take audience questions both remotely and on-site via sli.do.
Hosted panel discussion and Q&A.
Talk: The Risks of RDP and How to Mitigate Them
Talks will be streamed on YouTube and Twitch for free.
Remote Desktop Protocol (RDP) is the de facto standard for remoting in Windows environments. It grew in popularity over the last couple of years due to the pandemic. Many remote workers are now relying on it to perform duties on remote systems. RDP is secure when well deployed but, unfortunately, that’s rarely the case and thus clicking through warnings is common. We have spent the last 3 years working on and reimplementing parts of RDP in PyRDP, our open-source RDP library. This presentation is about what we have learned and can be applied to attack and defend against RDP attacks.
From an attacker’s perspective, we will cover conventional RDP attacks such as Monster-in-the-Middle (MITM) of RDP connections, capture of NetNTLMv2 hashes and techniques to bypass conventional defense mechanisms such as Network Level Authentication (NLA). Case in point: Did you know that by default all clients allow server-side NLA downgrades right now? This will enable us to understand and identify the risks with RDP.
From the Blue Team’s perspective, we will provide techniques and tools to detect attacks showcased previously. Finally, we will provide step-by-step instructions to deploy an accessible RDP server that is both secure and functional.