Past Events
UCT GSB Conference Center
V & A Waterfront
Talks
- Keynote: Impose Cost – Our defences eventually fail and we need to take the fight to the criminals – Singe
- Fun with GPON – Denver Abrey
- Securing A Derivatives Platform With Over $25b Volume – Kyle Riley
- Outsmarting cyber villains on a shoestring budget – Roshan Harneker
- How to sink a UBoot: Understanding bootloader attack surface – Keith Makan
- Embracing Dystopia: Building Secure Web Applications in the Age of Fast Development + Vulnerabilities – Jessie Auguste
- LPE in enterprise software – Reino Mostert
- Hacking “AAA” Unreal Engine Games with…Python? – Ross Simpson
- Attacking Microsoft Exchange: Fusing LightNeuron with Cobalt Strike – Leon
- The Wide World of Consent – Jonathon Everatt
- Dystopian much: The Rise of the Influence Machines – Nea Paw
- A Practical Supply Chain Hack: Blinking RGBs for fun & profit – Dale Nunns
- Let the Children play – Leveraging AD CS for persistance and profit in Parent-Child configured forests – Tinus
- Performance Hacking – how to hack your tools to go faster – Singe
- Forging Chains: The Java Blacksmith – Fabian Yamaguchi, David Baker Effendi
- Noooooooooo touch! – Michael Rodger
- 2023 Year in Review: Threads of nation-state dystopia – Jared Naude
- Oops!!!…did I reveal something? – Javan Mnjama
- ed2root – how ancient IPC mechanisms can benifit you today – Conner
- Hack South: Home of the ubiquitous South – Charles “AngusRed” Wroth
- The cyber-pirate’s guide to C2 development – Gerhard Botha
Workshops
- API security workshop – Colin Domoney
- Avoiding the API security apocalypse – Colin Domoney
- Defender’s Den: Building a Reproducible Environment to Verify Cyber Defense Skills – Mikhail
- Elastic Security Capture The Flag – Marvin Ngoma
Talks
- Keynote: Made in SA – For the World – Haroon Meer
- ALL BARK, NO BYTE – Amy Manià
- Smart Watch Lobotomy – Dale Nunns
- XXX astroturfing campaign – Roelof Temmingh
- Home Alone isn’t scary, it’s inspiration – Dev Dua, Tyron Kemp, Denver Abrey
- The Russia-Ukraine War: A retrospective – Jared Naude
- An IOT War Story – Jason Spencer
- Securing a cloud native open source microservice based core banking system – Ntando Mngomezulu
- Abusing AWS Permissions – Teach an old dog new tricks – Jason Kessel
- An Investigation into the State of Web Based Crypto-Mining – Robert Len
- Permanently bricking smart contracts for fun and profit – Ashiq Amien
- Final Keynote: Deception via Perception – Jayson E Street
Old Biscuit Mill, Cape Town
BSides Cape Town 2021 No event.
BSides Cape Town 2020 No event.
Dimension Data, Cape Town
Talks
- Keynote:The Woman Who Squashed Terrorists When an Embassy gets Hacked – Chris Kubeka
- Hacking satellites with Software Defined Radio (SDR) – Gerard de Jong
- Macabre stories of a hacker in the public health sector (Chile)- Philippe Delteil
- Meticulously Modern Mobile Manipulations – Leon Jacobs
- Hashing the $#!+ out of firmware – Brent Shaw
- Put Words In My Mouth – Amy Manià
- Web Application Vulnerability Scanners: An Intro & Discussion – Robert Feeney
- How machine learning and AI can help reduce the cyber- attacks – Silent Dzikiti
- Natural Language Processing & Anomaly detection in Sys call logs – Christo Goosen
- Authentication is Broken. Can We Try Fix It? – Kgothatso Ngako
- The Nation State Actor Ate My Homework! – Liam Smit
- Gollum: One anti-phish bot to rule them all – Byron Rudman
- Multiple – Lightning talks
Talks
- Liam Smit – Welcome and opening remarks
- Michael Rodgers – Badge Talk
- Darin Morris – DevOps and the future of infosec
- Caillan Sacks – Making defense sexy again
- Rogan Dawes – Mallet – an intercepting proxy for arbitrary protocols
- Brent Shaw and Sean Davenport – Hearing the internet background radiation
- Ross Simpson and Dale Nunns – Shall we play a game
- Jared Naude – A retrospective
- Multiple – Lightning talks
Dimension Data, Cape Town
Dimension Data, Cape Town
Talks
- Grant Ongers – Opening Remarks
- Mike Davis – Badge Talk
Track 1:
- Ross Simpson – Docker for Hackers
- Masande Mtintsilana – Junk Hacking to skill up – Exploiting a Personal Cloud Storage and Media Streamer
- Brent Shaw – Securing the Industrial Internet of Things
- Mary Racter – Vault on DC/OS: Secure Secret Management on Budget
- Dale Nunns – PEEK’ing and POKE’ing hardware – Hacking a ZX Spectrum
- Veronica Schmidtt – Advancements of Security on Medical Implantable Devices is the IoT the Next Step to Rooting the Human Being.
Track 2:
- Ibraheem Frieslaar – Using Electromagnetic Emissions to Intercept AES-128 Cryptographic Keys from a Raspberry
- Nathi Mogomotsi – Attack Simulations and Hunting Made Easy
- James Stephenson – Teaching old malware new tricks also why are ATM hackers working with German malware authors to deliver North Korean nation state malware
- Christo Goosen – TODO: “Secure(r) Cloud Development”
- Frank Allenby – Breach huffing; a culinary exploration of data breaches
- Kyle Riley Smarter – Contracts: A Brief Look at Smart Contract Security
Main:
- Multiple – Lightning Talks
- Grant Ongers – Closing Ceremonies
Workshops
- Nclose – Capture the Flag
Talks
- Grant Ongers – Opening And Welcome
- Andrew MacPherson & Mike Davis – The Bsides Badge
- Neil Roebert – Mi -> NFC -> TM: How to proxy NFC comms using Android
- Chris Le Roy – What the Dll? Finding and Exploiting DLL preloading vulnerabilities.
- Charl van der Walt – Love triangles in cyberspace. A tale about trust in 5 chapters.
- Robert Len – (In)Outsider Trading – Hacking stocks using public information and (influence)
- Ion Todd – Password Security for humans
- Thomas Underhay & Darryn Cull – SensePost XRDP Tool
- Michael Rodger – Opening the Black Box – Software Security from a Hardware Perspective
- Grant Ongers – Closing
Workshops
- Paul Richards & Paterva – Maltego
- Riccardo Spagni – Blockchains for Hackers – Understanding the Attack Surface
- Wicus Ross – Antennae Building Workshop
Dimension Data, Cape Town
Dimension Data, Cape Town
Talks
- Grant Ongers – Opening And Welcome
- Mike Davis & Ross Simpson – About The Bsides Badge
- Dane Goodwin – Automating The Process Of Mapping And Compromising Internal Networks
- Kyle Riley – Ode To The Node
- Caitlin Harrison – Mobile Security Overview
- Christo Goosen – Hot (Hack All Things) – Exploiting And Fixing Iot
- Timo Goosen – Running A Secure Tor Hidden Service
- Keiran Dennie – Sharepoint Hacking
- Grant Ongers – Closing
Workshops
- Paul Richards & Paterva – Maltego
- Mike Davis & Ross Simpson – Build A Badge
- Dane Goodwin & SensePost – Hacking Internal Networks
- Joani Reynders, Kyle Riley & MWR InfoSecurity – Password Cracking 101
Talks
- Istvan Berko – Welcome and introductions
- Robert Miller – Insecure out of the box: Leveraging Android manufacturer’s mistakes to attack corporate networks
- Kyle Riley – iOS Penetration Testing for Developers
- David Hartley – Hybrid Mobile Applications
- Johan Snyman – Advanced footprinting techniques using Yeti
- Bernard Coetzee – Vulnerabilty Management – “who is swimming naked” ?
- Hendrik Visage – A proposed model for explaining and educating Information and Computer Security principle
- Leave the lights on: Home automation users left in the dark.
- Norman Hooper – Securing the internet with the block chain ledger
- Istvan Berko – Conclusion and thanks
Workshops
- David Hartley – SAP Slapping “Zero to Hero”
- Matt Marx – crack all the hashes
- Craig Swan – Thinking like a hacker
Talks
- Istvan Berko – Welcome and introductions
- Tyrone Erasmus – Mercury – Android exploitation framework
- Bevan Lane – Hacktivism – What’s different about the new generation?
- Georg-Christian Pranschke – Security Threats to Machine Clouds
- Jacques Louw – Offensive Software Defined Radio
- Anna Collard – Security Awareness Training
- Ross Simpson – Hacking Games (or “why client side logic is bad”)
- Lightning talks – Riccardo Spagni, Ross Simpson
- Istvan Berko – Conclusion and thanks
Workshops
- David Hartley – SAP Slapping “Zero to Hero”
- Matt Marx – crack all the hashes
- Craig Swan – Thinking like a hacker
Talks
- Pieter Blaauw – Opening & Welcome
- Barry Irwin – Keynote #1 Sun Tzu & the Honeypot
- Ian de Villiers – Keynote #2 SAP protocol goodness
- Dash Shendy – Secure CMS
- Jeremy De Bruyn – Hashing Fun
- Etienne Staalmans – Using DNS as Anti-virus
- Pieter Blaauw – Social Engineering for Airtime
- Bevan Lane & David Jackson – Legislation: Should we give a s***?
- Lightning Talks – Sam, Rosh, Hein
- Pieter Blaauw & Barry Irwin – Closing