Olivier Bilodeau

Cybersecurity Research Lead

Back to the list of Speakers and Sessions

Olivier Bilodeau Cybersecurity Research Lead, GoSecure

Olivier Bilodeau is leading the Cybersecurity Research team at GoSecure. With more than 10 years of infosec experience, he enjoys luring malware operators into his traps, writing tools for malware research and vulnerability research. Olivier is a passionate communicator having spoken at several conferences including BlackHat, Defcon, Botconf, NorthSec, Derbycon, and HackFest. Invested in his community, he co-organizes MontréHack, a monthly workshop focused on hands-on CTF problem solving, and NorthSec, a large non-profit conference and CTF based in Montreal.

Workshop: Capture-The-Flag 101

Workshops are first-come, first-serve and have limited capacity. Some workshops may be streamed for additional passive participation.

An introduction to Capture-The-Flag (CTF) with easy challenges and tips on how to approach them.

The objective of this workshop is to dive into Capture-The-Flag (CTF) competitions. First, by introducing participants to the basic concepts. Then, by helping them prepare for the upcoming NorthSec CTF, and, finally, evolve in their practice of applied cybersecurity.

We will have easy and medium CTF challenges in several categories (binaries, Web, exploitation, forensics) and we will give hints and solutions during the workshop.

This is meant to be for CTF first timers. Seasoned players should play NorthSec's official CTF.

Requirements

  • a laptop
  • a programming language of choice (it's usually Python)
  • Wireshark
  • a web assessment security tool (Burp, ZAP, mitmproxy)
  • a disassembler/decompiler (Radare2, Binary Ninja, IDA Pro)
Pre-requisites/assumed knowledge:

None

Participants should prepare by:
  • a laptop
  • a programming language of choice (it's usually Python)
  • wireshark
  • a web assessment security tool (Burp, ZAP, mitmproxy)
  • a disassembler / decompiler (Radare2, Binary Ninja, IDA Pro)
Participants must have the following equipment:
  • a laptop
  • a programming language of choice (it's usually Python)
  • wireshark
  • a web assessment security tool (Burp, ZAP, mitmproxy)
  • a disassembler / decompiler (Radare2, Binary Ninja, IDA Pro)

Discussion: Red Team Block

This is a Q&A session. Moderators will take audience questions both remotely and on-site via sli.do.

Hosted panel discussion and Q&A.

Hosted panel discussion and Q&A.

Talk: The Risks of RDP and How to Mitigate Them

Talks will be streamed on YouTube and Twitch for free.

We have been studying and reimplementing parts of RDP for the last three years. This talk is about how to attack and defend against RDP attacks. From MITM and credential capture to secure deployment.

Remote Desktop Protocol (RDP) is the de facto standard for remoting in Windows environments. It grew in popularity over the last couple of years due to the pandemic. Many remote workers are now relying on it to perform duties on remote systems. RDP is secure when well deployed but, unfortunately, that’s rarely the case and thus clicking through warnings is common. We have spent the last 3 years working on and reimplementing parts of RDP in PyRDP, our open-source RDP library. This presentation is about what we have learned and can be applied to attack and defend against RDP attacks.

From an attacker’s perspective, we will cover conventional RDP attacks such as Monster-in-the-Middle (MITM) of RDP connections, capture of NetNTLMv2 hashes and techniques to bypass conventional defense mechanisms such as Network Level Authentication (NLA). Case in point: Did you know that by default all clients allow server-side NLA downgrades right now? This will enable us to understand and identify the risks with RDP.

From the Blue Team’s perspective, we will provide techniques and tools to detect attacks showcased previously. Finally, we will provide step-by-step instructions to deploy an accessible RDP server that is both secure and functional.