[RTB1] Practical Wireless and Radio Hacking
The Practical Wireless & Radio Hacking (PWRH) course will be held for the fourth year in RootedCON 2019, updated as a result of training experience acquired over previous years on the security of more traditional wireless technologies such as Wi-Fi and Bluetooth, extended to new technologies, such as Bluetooth Low Energy (BLE), radio communications at frequencies below 1 GHz (433 MHz, 868 MHz, etc.) and other radio communications both standard and proprietary.
[RTB2] Bootcamp sobre explotación de vulnerabilidades
In this BootCamp, oriented to the attendees to enter the fascinating world of exploiting or expand their knowledge. During Bootcamp different techniques and tricks used in the exploitation of application vulnerabilities will be presented. It will work in an eminently practical way since from my point of view and my own experience is the best way to lay theoretical foundations on which the development of exploits is sustained.
[RTB3] Tácticas para el desarrollo de ejercicios Red Team
The training will introduce the students in the development of the main techniques and tools to develop complete intrusion exercises, from the initial commitment of an asset to the lateral movement and compromise of the main assets of the organization, through the elevation of privileges over internal infrastructure, Multiple ways of pivoting between equipment (SMB, WMI, WinRM, DCOM, ...) among others.
[RTB4] Counter Threat Intelligence
The bootcamp taught by the CounterThreat.IO team helps to develop knowledge to identify, detect, analyze and monitor current threats, evolving from simple and effective concepts, to an understanding of how these work. Techniques are taught to collect information both actively (offensive technical achievement) and passive, and analyze it to produce intelligence about these threats. As a final purpose, the participants will be guided on how to exploit the information to improve the defensive posture of their operations and infrastructures.
[RTL2] Ethical Hacking and Pentesting
The workshop presents different techniques aimed at ethical hacking today. The focus of the workshop is eminently practical and begins with the contextualization of ethical hacking, methodologies and models. The rest of the workshop has an approach of different phases and techniques used daily in different audits and pentesting.
[RTL3] Powershell Offensive
This innovative workshop presents the power that Powershell offers to the pentester in environments such as Windows (7/8 / 8.1 / 10). The workshop offers different environments in which we will see how Powershell works, why it is so important in the pentesting of today and how to create some functions that we need in our day to day
During this workshop we will delve into the docker technology that is the most widespread today in the IT sector, addressing, among other issues, both good practices when building such docker images and good security practices. apply at the level of the host, the docker daemon and the rest of the components that take part in the execution of said containers.
On the other hand, it can not be missed in this workshop how a security profile must intervene within the 'DevOps' flows to add the 'Sec' without blocking the continuous delivery of software that this philosophy pursues. And finally, there will be a review of the most important projects within the range included in the so-called Moby Project.
[RTL5] Auditoría de Sistemas de VoIP
All companies work with VoIP systems and it is important to know how to audit this type of infrastructure. The objectives of this workshop are:
- Operation of a VoIP system
- Penetration test
- Types of attacks