Details
| When | Friday 27th of May 2022 |
| Where | 253 Flinders Lane, Melbourne. Building C1, Level 4, Rooms C1.429/430 |
| Time | 6:00 PM |
| After Talks | TBA |
| @ruxmon | |
| Meetup | Ruxmon Meetup |
| Host | Box Hill Institute Cyber Security
|
Notification List
Please sign up to our email notification list for advanced notification of planned Ruxmon events and presentation details.
Presentations
Secrets & Adversarial Message Block Attacks - Jeff Thomas
File shares can be leveraged during pentests and red team exercises to achieve goals such as remote code execution, lateral movement, and access to sensitive information. There are a number of techniques and tools used to achieve this however they may not always be the best choice. This talk will take a look at a custom tool that was built to make SMB fun times easier to perform and harder to detect.
Finding logic bugs in android applications for profit and learnings - Luke Symons
This talk will present multiple vulnerabilities I discovered in the Samsung devices and applications and how I chained them together to increase impact.
Archive
| When | Title | Speaker | Materials |
|---|---|---|---|
Friday 28th February 2020 |
Web Crypto 101: ECB - Marcio Almeida |
Marcio Almeida |
Not available |
Friday 28th February 2020 |
Entomology 101 |
Louis Nyffenegger |
Slides |
Friday 29th November 2019 |
JIT-Spray in Mozilla Firefox |
Breno Dario |
Not available |
Friday 29th November 2019 |
Where's Your Head At! |
Louis Nyffenegger |
Not available |
Friday 25th October 2019 |
When (your|their) IPS lies to you |
Barry Anderson |
Not available |
Friday 25th October 2019 |
Gone Phishing/Viral: How to achieve organic traffic to the Nth degree using counter-advertising, feel-good non-fake news |
Mike Monnik |
Not available |
Friday 25th October 2019 |
Breaking into Chinese language dictionaries(如何破解中文电子词典的内容) |
Peter Ross |
Not available |
Friday 25th October 2019 |
Please. Make the Slackware stop. |
seven |
Not available |
Thursday 26th September 2019 |
The NeverEnding Story of a bug - Web(un)Logic |
pimps |
Not available |
Thursday 26th September 2019 |
Security as Convenience: When safe is also easier |
Ulisses Albuquerque |
Not available |
Thursday 26th September 2019 |
SQL Injection |
Luke Jahnke |
Not available |
Friday 30th August 2019 |
$vendor 0day |
Brendan Scarvell |
Not available |
Friday 30th August 2019 |
Command injection and restriction bypass on IoT device |
Harold |
Not available |
Friday 30th August 2019 |
Pimps is the most annoying friend that someone can have... So I'm here! |
j |
Not available |
Friday 30th August 2019 |
This vulnerability is doo doo |
Justin Steven |
Not available |
Friday 30th August 2019 |
OK, You're Leet - What Now |
Marc Bown |
Not available |
Friday 30th August 2019 |
Hack the Mac |
Neelakanteswara Rao Patnaik Baggam (Neel) |
Not available |
Friday 30th August 2019 |
Supply Chain Attacks: What are my options? |
Riley Baird |
Not available |
Friday 31st May 2019 |
Little Black Book of Libc: Exploring the security properties of multiple libc implementations |
mercy |
Not available |
Friday 29th March 2019 |
Choo Choo, All Aboard The Ruby Train! |
Louis Nyffenegger |
Not available |
Friday 26th October 2018 |
A Modular Approach to Red Team Payloads |
Lloyd Simon |
Not available |
Friday 31st August 2018 |
Security Measures in OpenSSH |
Damien Miller |
Not available |
Friday 27th July 2018 |
Side-Stepping Defensive Measures in a Windows 10 Enterprise Environment |
XTreeGold |
Not available |
Friday 29th June 2018 |
Offensive Tricks 0x00: Turning XXE into RCE on Java Environments |
Marcio Almeida |
Not available |
Friday 29th June 2018 |
Ruby Deserialization |
Luke Jahnke |
Not available |
Friday 25th May 2018 |
Overview of Cryptonote |
Kee Jeffreys, Jack Murray |
Not available |
Friday 25th May 2018 |
Electron.js - turning XSS into RCE |
Brendan Scarvell |
Not available |
Friday 27th April 2018 |
How to improve your threat research, YARA + KLara |
Noushin Shabab |
Not available |
Friday 27th April 2018 |
Adventure Time Cont. |
Joaquim Espinhara |
Not available |
Friday 23rd March 2018 |
JWT == insecurity ?? |
Louis Nyffenegger |
Not available |
Friday 23rd March 2018 |
Not available | ||
Friday 25th August 2017 |
BitcoinCTF III |
Luke Jahnke |
Not available |
Friday 25th August 2017 |
Building a SOC for fun and profit |
Barry Anderson |
Not available |
Friday 28th July 2017 |
Keyboard cowboys - Herding shells |
Eldar Marcussen |
Not available |
Friday 28th July 2017 |
Not available | ||
Friday 30th June 2017 |
Internal Pentest: from z3r0 to h3r0 |
Marcio Almeida |
Not available |
Friday 30th June 2017 |
Not available | ||
Friday 26th May 2017 |
Advancements in p455w0rd cr4ck1n6 |
John Gerardos |
Not available |
Friday 26th May 2017 |
Not available | ||
Friday 28th April 2017 |
The Application security aspect of cyber is very, very tough |
Louis Nyffenegger and Ash Fox |
Not available |
Friday 28th April 2017 |
Not available | ||
Friday 31st March 2017 |
UniFi'd Ownage - Centralised and Automated Network Management |
Tim Noise |
Not available |
Friday 31st March 2017 |
Not available | ||
Friday 26th August 2016 |
Making GDB fun again |
Chris Alladoum |
Not available |
Friday 26th August 2016 |
Not available | ||
Friday 27th May 2016 |
The Devopsification of IT Security |
Barry Anderson |
Not available |
Friday 27th May 2016 |
Uncaging Faraday |
Ulisses Albuquerque |
Not available |
Friday 29th April 2016 |
Swimming drunk in a croc infested billabong: Practical Exploitation of DROWN |
Tim Noise |
Slides |
Friday 29th April 2016 |
Enterprise Wi-Fi Recon: rEAPing the benefits |
Luke McDonnell |
Slides |
Friday 18th March 2016 |
American Fuzzy Lop - fuzzing like there's no tomorrow |
Joaquim Espinhara |
Not available |
Friday 18th March 2016 |
Web Application Security |
Louis Nyffenegger |
Slides |
Friday 25th September 2015 |
What's your Zodiac Sign? |
Kayne Naughton |
Not available |
Friday 25th September 2015 |
Not available | ||
Friday 28th August 2015 |
Hacking Web Apps like a pimp |
Chris Alladoum |
Not available |
Friday 28th August 2015 |
You probably DO need a cryptographic hash function |
Michael Samuel |
Not available |
Friday 31st July 2015 |
Security Anti-Patterns |
Barry Anderson |
Slides |
Friday 31st July 2015 |
Journey from research to exploit |
Tim Noise |
Not available |
Friday 12th June 2015 |
Hacking trends, types of attacks, cool and interesting technical details |
Mike Smith - CTO Akamai Technologies |
Not available |
Friday 12th June 2015 |
Not available | ||
Friday 29th May 2015 |
QEMUing up a storm: why QEMU is awesome for doing embedded stuff |
Peter Fillmore |
Not available |
Friday 29th May 2015 |
BitcoinCTF II - The Shadow and the Flame |
Luke Jahnke |
Not available |
Friday 24th April 2015 |
Introduction to security code review for the web |
Louis Nyffenegger |
Slides |
Friday 24th April 2015 |
Opening garage doors with an iPhone and HackRF: Adventures in Software-defined Radio |
Hubert Seiwert |
Not available |
Friday 27th March 2015 |
Building an FPGA-based Glitcher to Defeat Hardware |
Silvio Cesare |
Not available |
Friday 27th March 2015 |
Bug Bounties -- What's the Story? |
Nathaniel Wakelam |
Not available |
Friday 1st August 2014 |
Why would a geek leak? |
Thomas Drake & Jesselyn Radack |
Not available |
Friday 1st August 2014 |
Not available | ||
Friday 27th June 2014 |
Post-Snowden OpenSSH |
Damien Miller |
Not available |
Friday 27th June 2014 |
Rogue Containers – A Virtual Disk Escape |
Shanon Olsson |
Not available |
Friday 30th May 2014 |
Git Money: Snatching Source Trees |
Tim Noise |
Not available |
Friday 30th May 2014 |
B.R.E.A.M. (A.K.A the Blockchain Ruins Everything Around Me) |
Kayne Naughton |
Not available |
Friday 28th March 2014 |
Avocent Virtual Media Pwnage |
Michael Sameul |
Not available |
Friday 28th March 2014 |
Pager Security |
Andrew Horton |
Slides |
Friday 28th February 2014 |
RuxLox |
Topy |
Not available |
Friday 28th February 2014 |
Goto Fail: Apple SSL broken again |
Hubert Seiwert |
Not available |