skip to Main Content

LevelUp 0x04

Team Work
Makes the Dream Work

LevelUp is a free series of online security conferences with content for the hacker and security researcher community. Each event features presenters streaming their talks LIVE to YouTube, with a wide array of topics covered throughout the conference.

The Speakers

LevelUp 0x04 features two days of content on all things android hacking, penetration testing, collaborative hacking, OWASP, car hacking, and leveraging Frida for mobile. Meet our esteemed speakers!

Speaker - JasmineJackson

Jasmine Jackson

Self-proclaimed information security unicorn and cool nerd, Jasmine's interest in infosec started when she was 16 years old after she stumbled into a Yahoo! Group on Cryptography. Jasmine later earned her Masters in Computer Science and Graduate Certificate in Information Security and Privacy from University of North Carolina at Charlotte (UNCC). Jasmine also has an assortment of security certifications - GSEC, GSSP-Java, GWAPT.

Speaker - PhilllipWylie

Phillip Wylie

Phillip is a Bugcrowd Ambassador, adjuct instructor at Richland College teaching Ethical Hacking and System Defense, and the founder of The Pwn School Project. He has 21 years of experience in infosec and IT and has performed pen tests on networks, wireless networks, applications including thick client, web application and mobile, and also holds the following certifications: CISSP, NSA-IAM, OSCP, GWAPT.

Speaker - JeffFoley

Jeff Foley

Jeff Foley is the founder and project leader of the OWASP Amass project. Jeff has spent nearly 20 years as an innovative technologist and technical leader taking on challenges in the area of cyber warfare. He started the Amass project after noticing the need for robust and practical OSINT tools that aid infosec professionals in mapping complex networks.

Speaker - JohnFreeman

John Freeman

In his own words, John is strange combination of ethical hacker mixed with the law. How many lawyers do you know who have an OSCP? John tries to act as bridge between the security community and the legal community. Being an ethical hacker, John also provides IT security and compliance reviews along with offensive security for numerous e-commerce clients (including crypto based businesses).

Speaker - SebastrianNeef

Sebastian Neef

Sebastian is currently a M.S. computer science student at the Technische Universität Berlin and a freelancer in the IT security field. He has been interested in IT security since his teenage years, hacking and breaking things as well as researching vulnerabilities and sharing his knowledge in presentations and meetups from an early start. Together with Tim, he co-founded the project Internetwache.org in 2012.

Speaker- TimePhilippSchafers

Tim Philipp Schäfers

Tim is a two-time author of German IT-security books (Hacking im Web / WLAN Hacking). He works as an IT security consultant and lectures in the field of IT-security and risk management. In 2017, he was named a "junior fellow" by the German Informatics Society. He cofounded the project Internetwache.org together with Sebastian in 2012.

Speaker - DavidScrobonia

David Scrobonia

David Scrobonia is part of the Security Engineering team at Segment, working to secure modern web apps and AWS infrastructure. He contributes to open source in his spare time and is a core team member of the OWASP ZAP project. He has spoken about his work on the ZAP Heads Up Display at conferences including AppSec California, AppSec USA, OWASP BeNeLux, and BSidesSF.

Speaker - DawnIsabel

Dawn Isabel

Dawn Isabel is a Senior Security Consultant with IOActive, specializing in iOS and web application testing. She has over 15 years of experience in infosec, informed by her former role as a web application developer.

Speaker - RojanRijal

Rojan Rijal

Rojan Rijal has been doing bug bounty for about three years now. He has also worked as Application Security Intern at Tinder, Inc.

Speaker - Specter

Neiko Rivera

Neiko is a car hacking college student, who mostly finds himself hacking for research purposes, and in his words, lulz.

June 01, 2019

Time (PT)

Title

Description

08:20:00 AM

Conference Kickoff & Welcome Address

08:30:00 AM

Ashish Gupta Kickoff

Opening remarks from Ashish Gupta, CEO of Bugcrowd.

09:00:00 AM

OWASP Amass – Discovering Internet Exposure

Today, organizations struggle to maintain visibility of their internet-facing assets. The OWASP Amass project helps perform network mapping of internet exposure to better understand how assets are distributed across networks. This talk will discuss how OWASP Amass can take subdomain enumeration to the next level with additional visibility.

10:00:00 AM

The Diary of an (Inexperienced) Bug Hunter

Mobile application security has received relatively little attention thus far, making it a promising area. In this talk, you’ll learn how Android bug bounty programs work and how you can get involved. We’ll review the structure of Android applications and introduce you to tools that can be used for penetration testing, including Android Tamer, Burp Suite, and Android Studio.

11:00:00 AM

Hacking in Group =

Research and an idea spun up at 8PM in a small room with two friends led to the discovery of an internet wide vulnerability on more than 25 bug bounty programs. This talk will cover how we approached the situation, how we planned and managed our tests, and the reporting processes, from writing the report to having a good PoC.

12:00:00 PM

How to Use Zap + using Zap HUD in your browser

Two talks in one! This talk is designed for folks who are familiar with Burp, but who want to learn how to use ZAP for testing web apps. We’ll also showcase the new Heads Up Display (HUD) feature of ZAP to bring all the same features found in ZAP (or Burp) directly into your browser.

01:00:00 PM

End of Day 1

Thanks for attending day one!
We’ll see you tomorrow for day two of LevelUp 0x04!

June 02, 2019

Time (PT)

Title

Description

08:30:00 AM

1 Hacker is Good, 2 Hackers are Better – Bug Hunting as a Team

In this presentation we will discuss how we got into bug bounties as a team in 2012 and some of the problems we faced along the way. Back then, we had to ask ourselves: How do you organize and share information? How do you split bounties? How do you…. ? Bug hunting as a team has a lot of potential, and we hope our insights will be helpful for future teams.

09:30:00 AM

Fun with Frida on Mobile

Black-box analysis of mobile applications can be slow and painful. This talk will explore simple ways to leverage Frida to build lightweight analysis tools that can be easily customized. Practical examples will be presented for various use cases, including tracing library functions, examining application memory and runtime state, and circumventing common security controls.

10:30:00 AM

So You Want to Be a Pentester?

In this presentation, Phillip Wylie shares the blueprint for becoming a pen tester. It combines Phillip’s own experience as a pen tester and ethical hacking instructor, providing attendees with the helpful tips and next steps to pursue pen testing as a career.

11:30:00 AM

Forget ME, Remember WE. How to hack better with a group

This presentation will cover best practices to finding a group of skilled colleagues to work together in teams to maximize skills against a target. John will provide some background and some tips/tricks on how best to 1. find others who can help, 2. what to look for in potential teammates, 3. best practices in working together as a team, and 4. tools and tricks to help maximize teamwork.

12:00:00 PM

Car Hacking: A College Student’s Perspective

In this presentation, Neiko will provide an overview of targets and show some car hacks! We’ll also go through common tools we can all use to accomplish our goals!

01:00:00 PM

End of Day 2

Thanks for attending!
Please stay tuned for details on LevelUp 0x05!

levelup0x03
FEATURED WEBINAR

LevelUp 0x03

LevelUp 0x03 is a free online conference offered to the security researcher community. Join LevelUp to learn from some of the best hackers & researchers in the world as they share their hacking methodology and techniques.
Learn More
Learn More About Security Testing Unlocked From a Joint Webinar With Bugcrowd And IOActive Register Now
+
Back To Top