FRHACK's official speakers list is not available yet.
Please register to our RSS to be informed when available.
NOTE: If you are interested to do a training or a talk at FRHACK (The Best IT Security Conference in France ever); please see the Call For Papers section.
Social Engineering, Hacking brains
- Bruno Kerouanton
Reverse engineering and cryptographic errors
- Philippe Oechslin (Objectif Sécurité)
Because any programmer can use a good crypto library to write crypto
software it is often easier to crack a system by finding programming
errors through reverse engineering rather than to cryptanalyse the
algorithms used. We show this with three compelling examples:
- The MXI-stealth FIPS 140-3 level 2 certified key, were a poorly
implemented "enterprise" feature allowed to extract unsalted hashes
prior to authentication, before it got patched.
- A version of the E-capsule Private Safe software, where the
manipulation of two bytes allows to use any of the admin, public,
private or even panic password to access all data.
- The DataBecker PrivateSafe software, where a checksum ruins all the
efforts of the blowfish key setup algorithm
All browsers MITM keylogging on remote
- p3lo (French)
GSM/GPRS/UMTS (in)security, Forensic on GSM mobiles phone
- PaTa
LockPicking
- Alexandre Triffault
Wireless Sensor Networking as an Asset and a Liability
- Travis Goodspeed
HostileWRT - Abusing Embedded Hardware Platforms for Covert Operations
- HostileWRT Team
HostileWRT: Turn Your Friendly Wireless Access Point into an Autonomous, Curious, Standalone, Malicious & Really Annoying Device
Have you ever imagined what a recalcitrant access point would look like? Well… neither do we. So we're going to show you what REAL love is all about. HostileWRT tends to make love to your antennas thanks to the 802.11 protocol suite. Then, sharing the love is more than natural. No wonder then that HostileWRT, despite its very blackhat touch, is the most desirable item in one's sado-(techno)-masochist outfit.
Mystification de la prise d'empreinte (OS Fingerprinting Defeating)
- Guillaume Prigent
Web Application Firewalls
- Sebastien Gioria (OWASP France)
The FRHACK Team (TFT) is proud to announce that Mister Richard Matthew Stallman was invited for a talk at FRHACK 01. Richard Matthew Stallman (born March 16, 1953), often abbreviated "rms", is an American software freedom activist, hacker (programmer), and software developer. In September 1983, he launched the GNU Project to create a free Unix-like operating system, and has been the project's lead architect and organizer. With the launch of the GNU Project, he started the free software movement and, in October 1985, set up the Free Software Foundation.
Stallman pioneered the concept of copyleft and is the main author of several copyleft licenses including the GNU General Public License, the most widely used free software license. Since the mid-1990s, Stallman has spent most of his time advocating for free software, as well as campaigning against both software patents and what he sees as excessive extension of copyright laws. Stallman has also developed a number of pieces of widely used software, including the original Emacs, the GNU Compiler Collection, and the GNU Debugger. He co-founded the League for Programming Freedom in 1989. [Wikipedia]
Please note that unfortunately, due to his agenda, Mister Stallman actually can't assure that he'll be available for FRHACK 01.
The FRHACK Team (TFT) is proud to announce that Mister David Hulton (h1kari) will have a talk at FRHACK 01. David Hulton has been in the security field for the past 5 years and currently specializes in 802.11b Wireless Security development specifically to exploit its various inherent design weaknesses. He is the main developer of the bsd-airtools project, a complete 802.11b penetration testing and auditing toolset, that implements all of the current methods of detecting access points as well as breaking wep on them and doing basic protocol analysis and injection. David is also the founder of Nightfall Security Solutions, LLC and one of the founding members of Dachb0den Research Labs, a non-profit southern california based security research think-tank. He's also currently the chairman of ToorCon Computer Security Conference and has helped start many of the security and unix oriented meetings in San Diego, CA.
David Hulton is one of the founding members of Pico Computing, Inc., a manufacturer of compact embedded FPGA computers and dedicated to developing revolutionary open source applications for FPGA systems.
The FRHACK Team (TFT) is proud to announce that Mister Cesar Cerrudo (Argeniss) will have a talk at FRHACK 01.
Cesar is a security researcher and consultant specialized in application security. Regarded as a leading application security researcher, Cesar is credited with discovering and helping fix dozens of vulnerabilities in applications including Microsoft SQL Server, Oracle database server, IBM DB2, Microsoft BizTalk Server, Microsoft Commerce Server, Microsoft Windows, Yahoo! Messenger, etc. Cesar has authored several white papers on database, application security, attacks and exploitation techniques and he has been invited to present at a variety of companies and conferences including Microsoft, Black Hat, Bellua, CanSecWest, EuSecWest and WebSec. Cesar collaborates and he is regulary quoted on online publications such as eWeek, ComputerWorld, etc.
The FRHACK Team (TFT) is proud to announce that Mister Rodrigo Rubira Branco (BSDaemon) is invited to have a talk at FRHACK 01.
- Rodrigo Rubira Branco (BSDaemon) is a Senior Vulnerability Researcher
at the Vulnerability Research Lab (VRL) of COSEINC. He worked as a
software Engineer at IBM, member of the Advanced Linux Response Team
(ALRT), part of the IBM Linux Technology Center (IBM/LTC). He is the
maintainer of many open-source projects and has talks at the most
important security-related conferences in the world. Rodrigo is also a
member of the RISE Security (www.risesecurity.org).
Jerome Athias (securinfos.info) will open FRHACK 01 with an introduction.
Jerome is a french IT security researcher. He's active in many computer security mailing-lists and forums. He also contributes to various security related projects (ie: the Metasploit Framework, freerainbowtables.com).
