BruCON Security Conference Courses

DNS as Critical Infrastructure - Do You Know Where Your Domain Is?

1 review

Explores DNS as critical infrastructure, examining its evolution, security measures, and operational challenges. Analyzes ccTLD operations, hosting risks, and adoption of security features like DNSSEC and CAA records.

• YouTube
• 54 minutes
• On-Demand
• Conference Talk

CommandGPT: Using ChatGPT for C2 and Post-Exploitation - Lecture 13

Explore CommandGPT's potential in offensive security, leveraging AI for dynamic code generation in command and control frameworks and simulating ransomware techniques.

• YouTube
• 40 minutes
• On-Demand
• Free Video

Red Team Tales: 7 Years of Physical Penetration Testing

Explore real-world physical penetration testing experiences across diverse facilities, from banks to cheese factories. Gain insights into security vulnerabilities and unconventional tactics used in red team operations.

• YouTube
• 1 hour 7 minutes
• On-Demand
• Free Video

OSDP Auditing for Red Teamers and Facility Managers

Explore OSDP access control protocol, its functionality, and security implications. Learn to interface with devices and audit implementations for potential vulnerabilities.

• YouTube
• 1 hour 1 minute
• On-Demand
• Free Video

Attack Surface and Security Implications of eSIM Technology

Explore the security vulnerabilities and potential risks associated with eSIM technology in mobile phones and desktop devices, raising awareness about offensive operations and post-compromise scenarios.

• YouTube
• 45 minutes
• On-Demand
• Free Video

Reverse Engineering an EV Charger - Zaptec Pro Analysis

Dive into the reverse engineering process of a popular EV charger, exploring firmware analysis, custom bootloader creation, and potential security improvements in this insightful presentation.

• YouTube
• 43 minutes
• On-Demand
• Free Video

The Mobile Malware Maze - 15 Years of Evolution

Explore the 15-year evolution of mobile malware, from Symbian OS to Android, examining shifting trends and current threats in this comprehensive keynote on mobile security.

• YouTube
• 53 minutes
• On-Demand
• Free Video

Breaking and Disrupting WPA2/3 Networks by Abusing Sleep Mode

Novel attacks exploiting Wi-Fi sleep mode to leak encrypted frames and disrupt networks. Demonstrates vulnerabilities in WPA2/3, impacts on geofencing, and client isolation bypasses. Discusses potential mitigations and security trade-offs.

• YouTube
• 54 minutes
• On-Demand
• Free Video

Robot vs Robot: The Future of Automated Cyber Attacks and Defense

Explore the future of cybersecurity as automated malware campaigns face off against AI-powered defenses. Learn how the battle between good and bad AI will shape the landscape of digital security.

• YouTube
• 1 hour 12 minutes
• On-Demand
• Free Video

Firmware Vulnerabilities in Critical Infrastructure - Tools and Techniques for Security Analysis

Explore firmware vulnerabilities in critical infrastructure using open-source tools. Learn techniques for deep security analysis, uncovering risks, and leveraging AI to simplify research and reverse engineering.

• YouTube
• 56 minutes
• On-Demand
• Free Video

Improving Cyber Resilience Through Micro Attack Simulations

Innovative Micro Attack Simulations approach for validating specific security controls, enhancing cyber resilience through targeted assessments of technical and non-technical aspects, demonstrated with a ransomware attack case study.

• YouTube
• 50 minutes
• On-Demand
• Free Video

Critical Evaluation and Historical Context of the Vulkan Leaks - Lecture 10

Analyze the Vulkan Leaks' impact on cybersecurity, exploring historical context and critical implications for threat intelligence and network defense strategies.

• YouTube
• 1 hour 12 minutes
• On-Demand
• Free Video

Inside the Biggest Hacks and Facts of the Past Year - 2022-2023

Explore the most significant cybersecurity events, active threat actors, and surprising facts from 2022-2023 in this comprehensive overview of the rapidly evolving digital security landscape.

• YouTube
• 42 minutes
• On-Demand
• Free Video

In Curation We Trust - Generating Contextual and Actionable Threat Intelligence

Optimizing threat intelligence with MISP: Learn to curate, contextualize, and automate TI feeds for actionable insights, reducing false positives and enhancing SOC, IR, and malware analysis collaboration.

• YouTube
• 42 minutes
• On-Demand
• Conference Talk

Understanding the Discipline to Optimize Cyber Defense Collaboration

Explore the Cyber Threat Intelligence Analyst role, its competencies, and how it intersects with other cybersecurity disciplines to enhance collaboration and organizational security posture.

• YouTube
• 53 minutes
• On-Demand
• Conference Talk