From BruCON 2012

Jump to: navigation, search


Katie Moussouris

Katie Moussouris leads the Security Community Outreach and Strategy team at Microsoft. Her team’s work encompasses industry-leading programs such as Microsoft's BlueHat Prize ( the industry's first and largest prize for defensive security research), the BlueHat conference, security researcher outreach, and Microsoft's Vulnerability Disclosure Policies. Ms. Moussouris also founded and runs Microsoft Vulnerability Research, which is responsible for Microsoft’s research and reporting of vulnerabilities in 3rd party software. Ms. Moussouris recently was voted the editor of a new draft ISO standard on Vulnerability Handling Processes, following her work over the past 4 years as the lead expert in the US National Body on an ISO draft standard on Vulnerability Disclosure.

Prior to working for Microsoft, Katie Moussouris was an application penetration tester for several Fortune 500 companies, as a senior security architect for @stake when it was acquired by Symantec. At Symantec, Ms. Moussouris founded and ran Symantec Vulnerability Research.

Ms. Moussouris has spoken at several security conferences including BlackHat AbuDhabi 2011, BlackHat USA 2011, 2010, and 2008, Hack In The Box Amsterdam 2011, GOVCERT.NL 2010, RSA2012, RSA2011, and RSA2010, SOURCEBoston, Shmoocon, Toorcon Seattle, and she was a keynote speaker at ShakaCon in June 2008. Katie Moussouris is the recipient of the 2011 CSO Magazine and Executive Women's Forum Women of Influence Award in the category of One to Watch.

Ed Skoudis

Ed Skoudis is a founder and senior security consultant with Counter Hack and the founder of Counter Hack Challenges, a company that creates Capture the Flag challenges for professionals, college students, and high school kids. Ed's expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues, with over fifteen years of penetration testing and incident response experience and the scars to show for it. Ed authored and regularly teaches the SANS courses on network penetration testing (Security 560) and incident response (Security 504). Ed has conducted exhaustive anti-virus, anti-spyware, Virtual Machine, and IPS research; and responded to computer attacks for clients in financial, high technology, healthcare, and other industries.

Ed conducted a demonstration of hacker techniques against financial institutions for the United States Senate and is a frequent speaker on issues associated with hacker tools and defenses. He has published numerous articles on these topics as well as the best selling books Counter Hack Reloaded and Malware: Fighting Malicious Code. Ed was also awarded 2004-2012 Microsoft MVP awards for Windows Server Security and is an alumnus of the Honeynet Project. Previous to Counter Hack and CHC, Ed served as a security consultant with InGuardians, International Network Services (INS), Global Integrity, Predictive Systems, SAIC, and Bell Communications Research (Bellcore). Ed also blogs about command line tips.

Georgia Weidman

Georgia Weidman is a penetration tester, security researcher, and trainer. She holds a Master of Science degree in computer science, secure software engineering, and information security as well as holding CISSP, CEH, NIST 4011, and OSCP certifications. Her work in the field of smartphone exploitation has been featured in print and on television internationally. She has presented her research at conferences around the world including Shmoocon, Hacker Halted, Security Zone, and Bsides. Georgia has delivered highly technical security training for conferences, schools, and corporate clients to excellent reviews. Building on her experience, Georgia recently founded Bulb Security LLC (, a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security.

Robert McArdle

Robert is currently working as the manager of Trend Micro's Advanced Threat Research team in Europe, where he is involved in analyzing the latest malware threats, specializing in researching the future threat landscape, criminal underground and coordinating investigations with international law enforcement. Robert is a regular presenter for the press and at security conferences. He also lectures in Malware Analysis and Cybercrime Investigations on MSc module at Cork IT and UCD, and is a trainer for several SANS qualifications. He worries that his hobby and job are one and the same, and constantly wonders if "normal" people have that problem.

Raul Siles

Raul Siles is founder and senior security analyst with Taddong. His more than 10 years of expertise performing advanced security services and solutions in various worldwide industries include security architecture design and reviews, penetration tests, incident handling, forensic analysis, security assessments, and information security research in new technologies, such as Web applications, wireless, honeynets, virtualization, mobile devices, and VoIP. Raul is one of the few individuals who have earned the GIAC Security Expert (GSE) designation. He is a SANS Institute author and instructor of penetration testing courses, a regular speaker at security conferences (Black Hat, OWASP, RootedCON...), author of security books and articles, and contributes to research and open-source projects (Samurai-WTF, OWASP ZAP, BeEF...). He loves security challenges, is a member of international organizations, such as the Honeynet Project, and is a handler for the Internet Storm Center (ISC). Raul holds a master's degree in computer science from UPM (Spain) and a postgraduate in security and e-commerce. More information can be found at

Andreas Bogk

Andreas Bogk has been a member of the Chaos Computer Club for more than two decades, and has served the Club as member of the board, CEO and press speaker. He got involved in compiler and language theory after realizing that strict language semantics are the only way to eliminate classes of bugs like buffer overflows completely. He is making a living doing regular boring IT security consulting, but has been known to work for compiler manufacturers too.

Josh Corman

Joshua Corman is the Director of Security Intelligence for Akamai Technologies. Corman's research cuts to the industry's core security challenges and won him the title of Top Influencer of IT by NetworkWold in 2009. Corman is a coveted speaker for leading industry events such as RSA, DEFCON, Interop, ISACA, and SANS. An advocate for CISOs, Corman also serves as a Ponemon Institute Fellow, on the IANS Faculty, and co-founded Rugged Software.


Jericho has been poking about the hacker/security scene for 18 years (for real), building valuable skills such as skepticism and anger management. As a hacker-turned-security whore, he has a great perspective to offer unsolicited opinion on just about any security topic. A long-time advocate of advancing the field, sometimes by any means necessary, he thinks the idea of 'forward thinking' is quaint (we're supposed to be thinking that way all the time). No degree, no certifications, just the willingness to say things most of the industry is thinking but unwilling to say themselves. He remains a champion of security industry integrity and small misunderstood creatures.

David Mortman

David Mortman is the Chief Security Architect for enStratus and a Contributing Analyst at Securosis. Most recently he was the Director of Security and Operations for C3, LLC. Formerly the Chief Information Security Officer for Siebel Systems, Inc., David and his team were responsible for Siebel's worldwide IT security infrastructure, both internal and external. He also worked closely with Siebel's product groups and the company's physical security team and is leading up Siebel's product security and privacy efforts. Previously, Mr. Mortman was Manager of IT Security at Network Associates, where, in addition to managing data security, he deployed and tested all of NAI's security products before they were released to customers. Before that, Mortman was a Security Engineer for Swiss Bank.

Mr. Mortman is a regular speaker at RSA, Blackhat and Defcon. In the past year, he has presented at RSA, Secure360, Sector, Blackhat and Defcon. Mr. Mortman sits on a variety of advisory boards including Qualys, Lookout and Virtuosi amongst others. He holds a BS in Chemistry from the University of Chicago.

Ally Miller

Allison Miller is Director of the Security & Risk Management team at Tagged, the leading social network for meeting new people. Allison has over 10 years of experience in designing, building and deploying real-time threat detection and prevention systems. Miller is active in the security community and presents research on fraud prevention and account security issues regularly to both industry and government audiences, including the ITWeb Security Summit, Black Hat Briefings, SOURCE Conferences (Boston, Barcelona, Seattle), USENIX/Metricon, and RSA. Prior to joining Tagged, Miller led PayPal's Account Risk & Security team and was Director of Product & Technology Risk at Visa International.

Carlos Garcia Prado

You could say I'm a particle physicist "recycled" into the computer security field.

Mathy Vanhoef

I'm a student doing my master in computer science at Unitversiteit Hasselt. For my bachelor thesis I studied the security of wireless networks. During this work I have found new vulnerabilities in WPA-TKIP. My master thesis is about privacy in databases. In my free time I work on a personal project called Gandanur, which extends the game Halo with new features. It's made by reverse engineering the halo server and programmed in x86 assembly and C++. I'm currently doing an internship on mobile security at a Big4.

Martin Gallo

Martin Gallo is Security Consultant at CORE Security, where he perform application and network penetration testing, conducts code reviews and identifies vulnerabilities in enterprise and third party software. His research interests include enterprise software security, vulnerability research and reverse engineering.

Fernando Gont

Fernando Gont specializes in the field of communications protocols security, working for private and governmental organizations.

Gont has worked on a number of projects for the UK National Infrastructure Security Co-ordination Centre (NISCC) and the UK Centre for the Protection of National Infrastructure (CPNI) in the field of communications protocols security. As part of his work for these organizations, he has written a series of documents with recommendations for network engineers and implementers of the TCP/IP protocol suite, and has performed the first thorough security assessment of the IPv6 protocol suite.

Gont is currently working as a security consultant and researcher for SI6 Networks ( Additionally, he is a member of the Centro de Estudios de Informatica (CEDI) at Universidad Tecnológica Nacional/Facultad Regional Haedo (UTN/FRH) of Argentina, where he works in the area of Internet engineering. As part of his work, he is active in several working groups of the Internet Engineering Task Force (IETF), and has published a number of IETF RFCs (Request For Comments) and Internet-Drafts. Gont is also a member of the Transport Directorate of the IETF (

Gont has been a speaker at a number of conferences and technical meetings about information security, operating systems, and Internet engineering, including: CanSecWest 2005, FIRST Technical Colloquium 2005, Ekoparty 2007, Kernel Conference Australia 2009, Hack In Paris 2011, HACK.LU 2011, DEEPSEC 2011, IETF 83 and LACSEC 2012.

More information about Fernando Gont is available at his personal website:

Gregory Pickett

Gregory Pickett, CISSP, GCIA, GPEN, also known as rogu3ag3nt. Gregory is an Intrusion Analyst for Fortune 100 companies by day and a penetration tester by night. As a penetration tester, his primary areas of focus and occasional research are network and host penetration testing with an interest in using background network traffic to target and exploit network hosts using their own traffic against them. He holds a B.S. in Psychology which is completely unrelated but interesting to know. While it does nothing to contribute to how he makes a living, it does demonstrate how screwed up he actually is.


int0x80 is the rapper of DualCore.

Paul Marsh

Paul has been working in IT security as a pen-tester since the late 90's. Previously he worked as an AS/400 consultant. In his spare time, he likes to build equipment for satellite signals reception, as well as general electronics and mechanical 'things'. Adding the hobby to work gives an interesting view on security of satellite delivered data, some of which is presented in the 'satellite hacking' talk.

Sergey Bratus


Meredith L. Patterson


Mickey Shkatov

AKA "Laplinker" , A proud DC9723 member, not a mossad agent, breaker of code, researcher of vulnerabilities that will never see the light of day. a lunatic and a fun guy to drink with.

Kyle Osborn

Kyle Osborn, code name Dutchess, has been called the "Jack Bauer" of the cyber security world. He is a pentester at a security firm, and specializes in network and web application security. He moonlights as a bad guy at Western Regional Collegiate Cyber Defense Competition, where he enjoys making college kids cry. Osborn has previously discussed browser and mobile security at conferences such as BlackHat USA, DefCon, BSidesLV, Toorcon, DerbyCon, and TakeDownCon.

Krzysztof Kotowicz

Krzysztof Kotowicz is a Web security researcher specialized in the discovery and exploitation of HTML5 vulnerabilities. He is the author of multiple recognized HTML5/UI redressing attack vectors. Speaker at international IT security conferences & meetings (SecurityByte, HackPra, Hack In Paris, CONFidence). Works as IT security consultant with SecuRing and IT security trainer with Author of the "Hacking HTML5" training program. Takes part in multiple Security Bug Bounty programs (Google Security Bug Bounty, Facebook White Hat, Piwik Security Bug Bounty).

Abraham Aranguren

After an infosec honour mark at university, from 2000 until 2007 Abraham's contact with security was mostly from a defensive point of view: fixing vulnerabilities, source code reviews and vulnerability prevention at the design level as an application and framework architect.

From 2007 forward Abraham focused more on the offensive side of security with special focus on web app security. In his spare time Abraham is the lead developer/architect of OWTF (, an independent security consultant, a GIAC exam question writer and a security blogger ( Abraham also holds a number of information security certifications: CISSP, OSCP, GWEB, OSWP, CPTS, CEH, MCSE:Security, MCSA:Security, Security+

Michael Sikorski

Michael Sikorski is a Technical Director at Mandiant and co-author of the book “Practical Malware Analysis”. His previous employers include the National Security Agency and MIT Lincoln Laboratory. Mike frequently teaches Malware Analysis to a variety of audiences including the FBI and BlackHat.

Willi Ballenthin

William Ballenthin is a Consultant at Mandiant. He has contributed to novel solutions for incident response, malware analysis and computer forensics. He developed the pure Python library for parsing Windows Registry files and was one of the first to study the new ReFS file system in a forensic light.


biosshadow is a web security researcher and web security pentester working for a Startup out of California. He works on hundreds of sites he wishes he could talk about. He is interested in data, passwords, and researching how passwords have and are changing.

Matt Erasmus

Matt is a system engineer for an AV company in Oslo, Norway. In his spare time he likes to break stuff and then try to put the pieces back together. Malware, RFID and random blinky lights make him happy. As do aggressive French barmaids with glasses.


Benson is a professional web developer with a soft spot for security. He’s been breaking computers since he first started using them, and loves to take things apart and figure out how they work.

Didier Stevens

Didier Stevens (Microsoft MVP Consumer Security, CISSP, GSSP-C, MCSD .NET, MCITP, MCSE/Security, RHCT, CCNA Security, OSWP) is an IT Security Consultant currently working at a large Belgian financial corporation. He is employed by Contraste Europe NV, an IT Consulting Services company ( You can find his open source security tools on his IT security related blog at

Vivek Ramachandran

Vivek Ramachandran is the Founder and Chief Trainer at He discovered the Caffe Latte attack, broke WEP Cloaking, a WEP protection schema in 2007 publicly at Defcon and conceptualized enterprise Wi-Fi Backdoors. He is also the author of the book “Backtrack 5 Wireless Penetration Testing“. His book “The Metasploit Megaprimer” focussed on Advanced Metasploit usage for Pentesting and Exploit Development is up for release in June 2012.

Vivek currently runs the SecurityTube Wi-Fi Security Expert (SWSE) and the SecurityTube Metasploit Framework Expert (SMFE) online course and certifications which is currently being taken by students from over 40+ countries around the world. He also conducts in-person trainings in the US, Europe and Asia.

In a past life, he was one of the programmers of the 802.1x protocol and Port Security in Cisco’s 6500 Catalyst series of switches. He was also one of the winners of the Microsoft Security Shootout contest held in India among a reported 65,000 participants. He has also published multiple research papers in the field of DDoS, ARP Spoofing Detection and Anomaly based Intrusion Detection Systems. Vivek’s work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Blackhat USA and Abu Dhabi, Defcon, Hacktivity, Brucon, ClubHack, SecurityByte, SecurityZone, Nullcon, C0C0n etc.