skip to Main Content
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the privacy policy. To learn more or withdraw consent please click on Learn More. By continued use of this website you are consenting to our use of cookies.

LevelUp 0x04

Team Work
Makes the Dream Work

LevelUp is a free series of online security conferences with content for the hacker and security researcher community. Each event features presenters streaming their talks LIVE to YouTube, with a wide array of topics covered throughout the conference.

The Speakers

LevelUp 0x04 features two days of content on all things android hacking, penetration testing, collaborative hacking, OWASP, car hacking, and leveraging Frida for mobile. Meet our esteemed speakers!

Louis Nyffeneger

Louis (@snyff/@pentesterlab) is a security engineer based in Melbourne, Australia. He is the founder of PentesterLab, a learning platform for web penetration testing.

BusesCanFly

BusesCanFly is a Bugcrowd ambassador, and hardware hacker. BusesCanFly loves tinkering, making, rock climbing, car hacking, and hardware hacking in general. A self-titled "Pretty ok Moderate Amateur," he is always happy to chat!

Matt Szymanski

Matthew Szymanski is a Senior Security Engineer who leverages over a decade of experience as a programmer to discover and help remediate vulnerabilities. He has developed and taught secure coding workshops as well as presented talks to increase security awareness.

Chloé Messdaghi

Chloé Messdaghi is the VP of Strategy at Point3 Security. She is an ethical hacker advocate who strongly believes that information security is a humanitarian issue. Besides her passion to keep people safe and empowered online & offline, she is driven to fight for hacker rights. She is the founder of WomenHackerz & he President and cofounder of Women of Security (WoSEC) and heads the SF Bay Area chapter.

Josh Schwartz

Josh Schwartz, aka FuzzyNop, is an alleged computer who knows how to computer. He currently is the Director of Proactive Engagement overseeing red team, security engagement, phishing, and behavioral engineering for the Paranoids at Verizon Media.

Rhys Elsmore

Rhys Elsmore is a self-deputised internet mall cop who has a passion for breaking computers in weird and wonderful ways. By day he helps secure a large blue cloud, and by night he hunts bugs in other people's clouds. Outside of the internet he likes to overdo it at CrossFit (People who do CrossFit are legally required to tell you that they do CrossFit), gets his butt kicked at Brazilian Jiu-Jitsu, cooks new and exciting food, looks after two Australian…

Sebastian Porst

Sebastian is an engineering manager on Google Play Protect, Google’s program for keeping Google Play free of malware and vulnerable apps. He has been working as a malware analyst, software engineer, and manager on the Google Play Protect team for 8 years

Thomas Dullien

Thomas Dullien is a security researcher and entrepreneur well-known for his contributions to the theory and practice of vulnerability development and software reverse engineering. He won Germany's biggest privately financed research prize in the natural sciences in 2006 (the Horst-Goertz Prize) for work on graph-based code similarity then started and ran a company to commercialize this research that was then acquired by Google. After a few years of Google Project Zero, he is now co-founder of a startup called http://optimyze.cloud…

Jay Turla

Jay Turla is a Manager, Security Operations (PH) at Bugcrowd, and one of the goons of ROOTCON. He has been acknowledged and rewarded by Facebook, Adobe, Microsoft, etc. for his responsible disclosures, and has also contributed auxiliary and exploit modules to the Metasploit Framework. He has presented at ROOTCON, HITCON, PEHCON, DEFCON, DragonCon, Bsides Myanmar, Nullcon and TCON. His main interest/research right now is car hacking and is currently one of the main organizers of the Car Hacking Village of…

Katie Paxton-Fear

Katie is a Ph.D. student in machine learning and cybersecurity. During her free time, she is a bug bounty hunter and cybersecurity Youtuber. Having only started bug bounty in 2019, she's still a bit of a noob, but always learning. Katie is really passionate about giving back to the community who helped her by producing videos on the basics of bug bounty and how to find your first bug. You can find her on twitter @InsiderPhD and on YouTube as…

Speaker - JasmineJackson

Jasmine Jackson

Self-proclaimed information security unicorn and cool nerd, Jasmine's interest in infosec started when she was 16 years old after she stumbled into a Yahoo! Group on Cryptography. Jasmine later earned her Masters in Computer Science and Graduate Certificate in Information Security and Privacy from University of North Carolina at Charlotte (UNCC). Jasmine also has an assortment of security certifications - GSEC, GSSP-Java, GWAPT.

Speaker - PhilllipWylie

Phillip Wylie

Phillip is a Bugcrowd Ambassador, adjuct instructor at Richland College teaching Ethical Hacking and System Defense, and the founder of The Pwn School Project. He has 21 years of experience in infosec and IT and has performed pen tests on networks, wireless networks, applications including thick client, web application and mobile, and also holds the following certifications: CISSP, NSA-IAM, OSCP, GWAPT.

June 01, 2019

Time (PT)

Title

Description

08:20:00 AM

Conference Kickoff & Welcome Address

08:30:00 AM

Ashish Gupta Kickoff

Opening remarks from Ashish Gupta, CEO of Bugcrowd.

09:00:00 AM

OWASP Amass – Discovering Internet Exposure

Today, organizations struggle to maintain visibility of their internet-facing assets. The OWASP Amass project helps perform network mapping of internet exposure to better understand how assets are distributed across networks. This talk will discuss how OWASP Amass can take subdomain enumeration to the next level with additional visibility.

10:00:00 AM

The Diary of an (Inexperienced) Bug Hunter

Mobile application security has received relatively little attention thus far, making it a promising area. In this talk, you’ll learn how Android bug bounty programs work and how you can get involved. We’ll review the structure of Android applications and introduce you to tools that can be used for penetration testing, including Android Tamer, Burp Suite, and Android Studio.

11:00:00 AM

Hacking in Group =

Research and an idea spun up at 8PM in a small room with two friends led to the discovery of an internet wide vulnerability on more than 25 bug bounty programs. This talk will cover how we approached the situation, how we planned and managed our tests, and the reporting processes, from writing the report to having a good PoC.

12:00:00 PM

How to Use Zap + using Zap HUD in your browser

Two talks in one! This talk is designed for folks who are familiar with Burp, but who want to learn how to use ZAP for testing web apps. We’ll also showcase the new Heads Up Display (HUD) feature of ZAP to bring all the same features found in ZAP (or Burp) directly into your browser.

01:00:00 PM

End of Day 1

Thanks for attending day one!
We’ll see you tomorrow for day two of LevelUp 0x04!

June 02, 2019

Time (PT)

Title

Description

08:30:00 AM

1 Hacker is Good, 2 Hackers are Better – Bug Hunting as a Team

In this presentation we will discuss how we got into bug bounties as a team in 2012 and some of the problems we faced along the way. Back then, we had to ask ourselves: How do you organize and share information? How do you split bounties? How do you…. ? Bug hunting as a team has a lot of potential, and we hope our insights will be helpful for future teams.

09:30:00 AM

Fun with Frida on Mobile

Black-box analysis of mobile applications can be slow and painful. This talk will explore simple ways to leverage Frida to build lightweight analysis tools that can be easily customized. Practical examples will be presented for various use cases, including tracing library functions, examining application memory and runtime state, and circumventing common security controls.

10:30:00 AM

So You Want to Be a Pentester?

In this presentation, Phillip Wylie shares the blueprint for becoming a pen tester. It combines Phillip’s own experience as a pen tester and ethical hacking instructor, providing attendees with the helpful tips and next steps to pursue pen testing as a career.

11:30:00 AM

Forget ME, Remember WE. How to hack better with a group

This presentation will cover best practices to finding a group of skilled colleagues to work together in teams to maximize skills against a target. John will provide some background and some tips/tricks on how best to 1. find others who can help, 2. what to look for in potential teammates, 3. best practices in working together as a team, and 4. tools and tricks to help maximize teamwork.

12:00:00 PM

Car Hacking: A College Student’s Perspective

In this presentation, Neiko will provide an overview of targets and show some car hacks! We’ll also go through common tools we can all use to accomplish our goals!

01:00:00 PM

End of Day 2

Thanks for attending!
Please stay tuned for details on LevelUp 0x05!

levelup0x03
FEATURED WEBINAR

LevelUp 0x03

LevelUp 0x03 is a free online conference offered to the security researcher community. Join LevelUp to learn from some of the best hackers & researchers in the world as they share their hacking methodology and techniques.
Learn More
Back To Top