19th-20th November 2011 - Melbourne, Australia
The Ruxcon Team have established monthly meetings in Melbourne and Sydney. The aim of the meetings is to encourage individuals to perform a short presentation on computer security or a related topic in front of a small audience. The monthly meetings are open to everyone and free to attend.
The presentations are intended to be short (between 5-20 minutes), a projector and screen will be provided. We encourage participation from everyone and hope to see a variety of presentations over the coming months. Any topic is welcome, a presentation could be as simple as speaking for 5 minutes about a project you are currently working on, or day to day work tasks within your given field.
We would like to thank the following for making Ruxmon possible:
Attention Sydney Ruxmon attendees: The Google office requires that all visitors wear name-tags and therefore registration is required prior to attendance. Please follow the registration instructions below and make sure you register at least two days prior to Ruxmon. Basic catering will be provided.
* Ruxmon reserves the right to refuse registration and entry to this event at its sole discretion.
| Info | Melbourne | Sydney |
|---|---|---|
| When: | Friday, September 30th, 2011 | Friday, October 7th, 2011 |
| Where: | RMIT, City Campus: Building 8, Level 9, Room 41 | Google Sydney, 5/48 Pirrama Road, Pyrmont. |
| Time: | 6:00PM | 6:00PM |
| Registration: | No registration required | E-mail syd-ruxmon-register@ruxcon.org.au with your name to reserve entry for the upcoming Ruxmon |
Android Security and Getting your Mum's Number - Slash
This talk introduces Android, security models and some real world vulnerabilities then concludes with an overview on how to assess Android devices and applications. Sash will (hopefully) provide demo's using the emulator and the eclipse SDK such that the audience will become familiar with identifying low hanging fruit that can be used to compromise application data, and perhaps gain system execution.
Insecurities of HTML5 Client Side Storage - Luke Jahnke
This talk is on the recently expanded attack surface of modern browsers due to HTML5. The talk will have a strong focus on the possible vulnerabilities introduced by the various objects added to EMCAScript, more commonly called JavaScript, that provides methods of client-side data storage.
Code Auditors Quizzicle - Dan
This 15 minute talk will cover a variety of common security issues that plague code written for server side and client side software. It's aimed to have audience participation in spotting the vulnerability, and a bit of discussion on mitigations. Whoever calls the vulnerability gets a free frappa, or core dump, your choice, so come along and have fun :-)
EXOTIC ON-LINE AUCTION SITES - CAN THEY EVER BE ABOVE SUSPICION? - Paul Ducklin
Pay-to-bid, or "penny auction", websites, are all the rage. But they almost entirely unregulated, even though it's trivial for the operators to rort unsuspecting users. Those of us who care should really be advising friends and family to avoid them at all costs. Find out why.
Ruxcon 2011 Update - Matt
Big update about what's coming up in November at Ruxcon: speakers & presentations (many more about to be released), the parties, the capture the flag, travel/accommodation information, etc.
RMIT Building 8 entrance is off Swanston Street (just past Swanston and La Trobe). Please take the lift to Level 9 and make your way to Room 41. We will have directions posted up in the building.
The Google office is located within the Accenture building at 5/48 Pirrama Road, Pyrmont . The Google office is a short walk from the Star City Metro Light Rail stop. Attendees should either walk up to level 5 or take elevator. There will be a registration desk where name-tags will be handed out (please note the registration requirement above) to attendees.
| Date | Presentation 1 | Presentation 2 |
|---|---|---|
| August 2011 | Introduction to Malware Analysis - James Wakefield [ coming soon ] | iSniff: SSL man-in-the-middle tool targeting iOS devices - Hubert [ code ] |
| July 2011 | Abrupt, WebApp Pentest Framework - Thiébaud Weksteen [ code ] | Drop it Like it's Hot - Aggertron2000 [ coming soon ] |
| June 2011 (2) | Max Kilger (Honeynet Project) | Jason Scott (TEXTFILES.COM) |
| June 2011 | Common Malware Techniques - Ash Fox | Defcon CTF quals - [_] |
| May 2011 | Sifting through Twitter - MattJ [ tool | slides ] | iPwn your iPhone - Hubert Seiwert [ slides ] |
| April 2011 | Backdooring like its 1999 - Fionnbharr Davies | Hostile Exploitation under win32 - Steven Seeley [ slides ] |
| March 2011 | Simple Bugs and Vulnerabilities in Linux Distributions - Silvio Cesare [ slides ] | Turning SMB Client Side Bug To Server Side - Laurent Gaffie [ coming soon ] |
| Date | Presentation 1 | Presentation 2 |
|---|---|---|
| September 2011 | DNS Tunnelling with Metasploit - Peter Danhieux [ coming soon ] | A Blackhatters Guide to Internet Marketing - Mark Blaszczyk [ coming soon ] |
| August 2011 | Observations and Analysis of Mobile Phone Malware - Jason Solomon | Sifting through Twitter - MattJ [ tool | slides ] |
| July 2011 | Proprietary Protocols RCE : Research leads - Jonathan Brossard [ slides ] | Backdooring like its 1999 - Fionnbharr Davies |