Talks will take place at the main stage during the saturday 20th from 9:30 AM until 8 PM. See the planning for more information.


at 10:00 AM

Zone 1

with Guillaume Poupard

Guillaume Poupard

Guillaume Poupard is the director of the National Agency Information Systems Security (ANSSI). This organisation was created in 2009 and is the umbrella protection organisation for state institutions and operators of vital importance in France.

Trash Robotic Router Platform, Reloaded

at 10:30 AM

Zone 1

Building a drone is a challenging business. Even more if you want to build it with almost spare parts and SOHO hardware. To accomplish this journey, a Linux embedded stability control system is developed entirely from scratch. In the presentation, David Melendez will show this journey starting from the hardware choosing (a home WIFI router), to a stable and real flight. Unconventional implementations is one of the topics about this presentation, like using WiFi as communication between drone and pilot, HTML5 and COMET to show telemetry from the router web server, and implementing a entirely new protocol based on 802.11 Beacon Frames to prevent deauth attacks to access point, taking care about all problems involving spoofing and "man in the middle" threats, making this way, a side channel apart of conventional WiFi communications.

The audience is anyone interested in drones and how can be implemented from scratch using almost entirely a embedded linux system, taking advantage of a very affordable hardware. Topics such as real-time scheduling, PID control systems, signal filters, telemetry via AJAX/COMET and hardware hacking like I2C bitbanging. Audience interested in WiFi security will appreciate a full custom implementation of a side channel communication between pilot and drone using 802.11 beacon frames, and how can transport encrypted data in their payload avoiding all WiFi attack types.

with David Melendez

David Melendez

David Melendez was born in 1983 in Zaragoza, Spain. He has a Bachellor Computer Degree by Wales University. Nowadays works as R&D software engineer for TV Studio manufacturer company, Albalá Ingenieros in Madrid. He has won several prices in robotic tournamens at Campus Party Spain 2010 and 2012, and has been a speaker in several conferences in Spain, RootedCON 2013, NavajaNegra 2013, OSWHCon 2014, 8.8 Security Conference in Chile 2014 and NoConName 2014 in Barcelona, Spain, and Codemotion Rome 2015.

Kindleberry, Internet of Things and Public Administration : can you hack your way into building a state ?

at 11:15 AM

Zone 1

It has never been easier to build a civil administrative system from the ground up, for three main reasons. First, the tools to organize such a system have become cheap, abundant, and dependable. With a raspberry pi and a e-ink display, you have a computer requiring low energy, using free open-source softwares, and harsh-conditions proof. Second, network are getting easier to set up. While Google and Facebook are think of drones and air balloons to provide internet access to the masses over large areas, common antennas are now cheap, efficient and easily movable. Third, people in developing countries are massively equipped with basic yet reliable mobile phones.

Meanwhile, many regions of the world are currently undergoing endemic violence. Most of the undertaking conflicts will eventually come to an end, leaving those territories with broken infrastructures and often without sound any public organisation. The question we will be exploring is to what extent, using modern yet cheap technology, by tying bits and pieces together, new governments could hack their way into building a state.

with Guillaume Levrier

Guillaume Levrier

Guillaume Levrier graduated from Sciences Po en 2014. He is currently preparing public administrations exams.

Criminal Profiling: Android Malware

at 0:00 PM

Zone 1

Statistics over 1,000,000 Android malware! That's what you get in this talk. This work is unique - and the unique must be fulfilled ;) - because of the amount of samples analyzed, and also because it provides detailed information of how Android malware are implemented (habits, frequent tricks etc).

The research refreshes the results of the Android Malware Genome project, which dates back to 2011, and shows the evolution of the Android malware scene. Compared to PlayDrone (SIGMETRICS 14) or Andrubis (BADGERS'14), it focuses exclusively on malware with statistics on code-level properties.

From this data, we draw up a profile for Android malware and debunk false impressions. For example, contrary to general belief, use of root-level exploits is not particularly more frequent in malware (2%) than in clean applications.

Of course, I explain how I compute those stats, and the limits of this study.

This talk should be refreshing, with plenty of tweetable data ;P

with Axelle Apvrille

Axelle Apvrille

Axelle Apvrille is a senior antivirus researcher at Fortinet. Senior hopefully meaning she's experienced, but not that old ;) She specifically looks into mobile malware, but is also having fun with Internet of Things.

She enjoyed speaking at various conferences, including VB, EICAR (best paper award), Insomnihack, ShmooCon, BlackHat Europe, Hack.Lu etc.

Known in the community by her more or less mysterious handle "Crypto Girl", she turns red each time someone mentions using MD5 (or CRC...) for hashing.

How to hack an old toy into a Mars rover

at 2:00 PM

Zone 1

We are three friends in the first year of college. Alexander is in engineering school Thomas is in a trade school and Boris is in a license of maths and informatics science. Our common point is that last year we were all in the same final year science class and we were the only and unique three enrolled in computer specialty (ISN new optional). So we had to do a project together year-end. We have transformed an old plastic toy into a multifunction remote control car from a web interface. It is equipped with a GPS chip, a camera, ultrasonic sensors, a voice synthesis system, temperature and humidity sensors, lighting, accelerometers and gyroscopes three axes, a user-friendly web interface that allows viewing of the trip thanks to the Google Maps API as well as all other data collected as well as rendering video. The car is also controllable at sight with a joystick wii! The car is equipped with a data collection system that can make statistics and view them as graphs, for example.

What we would like to show and share if we have the opportunity to welcome beings it is an approach, an attitude and a way of thinking the technology that surrounds us. We would like to share, popularize and explain our definition of Hacking. We are still young, so we do not claim to want to give a lecture to explain sharp technical points or to a course. We would simply help to support, promote and popularize the values ​​of hacking the hack and DIY. In order to show our comrades of our generation what it is because we think we are aware of the issues. We would show through the robots we have achieved; how we learned, how we have progressed and evolved as we not yet know much before starting.

We want to make a DIY approach, ie how from not much and diverting objects around us from their original function we can imagine something interesting. How not necessarily have knowledge "school" and pointed in one area may have come to an unexpected result. We want to show everything he can do with what is our worn daily, that is not much. We want to show that the hacknig is accessible to everyone. We also want to share our passion and motivate young people of our generation to do the same. We also want to promote ISN specialty terminally class.

with Boris Simunovic

Mobile self-defense

at 2:45 PM

Zone 1

We know that mobile networks can — and do — attack us on many fronts. As this talk shows, even 3G is attackable. It’s high time that we upgrade from complaining to self-defense.

This talk demonstrates new attack scenarios — hybrids between local and interconnect abuse — including the passive intercept and decryption of 3G traffic.

Modern phones include all components necessary to block — or at least make visible — a large range of attacks including IMSI catchers, SIM exploits, SMS attacks, and these new hybrid attacks. The talk explains how SnoopSnitch, an Android app, can alert users to many common mobile attacks.

with Karsten Nohl

Karsten Nohl

Karsten is a cryptographer and security researcher. He likes to test security assumptions in proprietary systems and typically breaks them.

Man in the (Android) Middleware

at 3:30 PM

Zone 1

Breaking into android devices through native services and applications has already been done (mostly by malwares) and is well documented. Creating malicious applications and releasing them in Google's Play Store too. What about Android's middleware ?

Android's middleware is a pure mine of gold for who wants to play with it and may provide a lot of advanced features that may be used to create cool tools or impact every android device in a smart and original way. Moreover, middleware attacks are not quite complex to perform and allows anyone to bypass the restrictions added by Google on its well-known operating system.

This talks will present the tools required to perform Android's middleware attacks, the new security watchdogs implemented (and controlled) by Google in order to restrict our freedom and some sample hacks, one of them targetting Android's AppOps service. A specific android application allowing users to send class 0 SMS messages will also be released, working on Android 4.4.2 and higher thanks to one of these hacks.

This talk goes deeper in the internals of Android's middleware layer (mostly written in Java), for a lot of fun and more freedom in this pseudo-opensource operating system.

with Virtualabs (Damien Cauquil)

Virtualabs (Damien Cauquil)

Damien Cauquil is the R&D director of Sysdream and also an experienced reverse-engineer. He started reversing binaries at the age of 17, with some friends and a lot of coke and pizzas, using old tools such as Win32dasm or procdump. Until now (oh wait, maybe with more recent tools). But his tools are not the same anymore, and the platforms he targets are not the same either, as everything moved on mobile devices.

The TAO of .NET and PowerShell Malware Analysis

at 4:15 PM

Zone 1

With the ubiquitous adoption of Microsoft's .NET and PowerShell frameworks, an ever increasing number of software development and IT ninjas have joined a nascent tradition of professionals leveraging these powerful environments for added efficacy in their everyday jobs. With a wide array of libraries and cmdlets at their fingertips, the need to reinvent the wheel is long forgotten.

Of course, malware writers are not far behind --they too have seen the light and are eager to use these convenient tools against us. Whether it's for everyday ransomware or state-sponsored targeted campaigns, cybercriminals are now emboldened by a new arsenal that enables them to adapt with ease and agility. Are you ready to defend yourself against this emerging threat?

It's time to understand our adversaries' capabilities. We'll analyze select in-the-wild malware samples, piecing apart the inner workings of these dastardly creations. We'll introduce the cloaking mechanisms adopted by cybercriminals, moving beyond managed code in executed environments to the devious packers, obfuscators, and crypters leveraged in conjunction with these powerful frameworks in order to baffle malware analysts and forensic investigators.

Knowing is not enough; we must apply. Willing is not enough; we must do. With a plethora of post exploitation and lateral movement tools created and customized everyday in rapid application development environments and high level programming languages, defending against this kind of pervasive opponent is a full time job.

with Santiago Pontiroli

Santiago Pontiroli

Santiago Pontiroli is a security researcher at Kaspersky Lab.

with Roberto Martinez

Roberto Martinez

3D Printing is a threat to your keys

at 5:00 PM

Zone 1

The techniques covered in this talk allow an individual to duplicate any key, even with a moveable element, a spring, a flag...

Starting with molding, we are able to duplicate any standard key in a matter of seconds. When it comes to high security keys, manufacturers have implemented specific designs to deter key copying, including using the molding techniques. We have been able to simulate such specific designs in order to still open the targeted locks.

With the increasing precision of 3D printers and the use of Open-source tools, we have been able to design keys in 3D, giving us the possibility to generate almost any key since it has no specific design.

Last but not least, combining the 2 techniques, we are able to create almost any keys, provided it has no magnet or electronic parts.

with MrJack (Alexandre Triffault)

MrJack (Alexandre Triffault)

Security trainer for locksmiths, computer scientists and the military for 7 years, Alexandre is continuously developing tools and techniques to circumvent physical security devices.

Alexandre formed a company specializing in physical pentesting and training. He has also co-authored the only French-book covering a wide variety of techniques to open locks without leaving traces.

PlagueScanner: An Open Source Multiple AV Scanner Framework

at 5:45 PM

Zone 1

PlagueScanner is an open source framework for organizing any number of AV scanners into one contiguous tool chain. It leverages high speed message queuing along with JSON report output for easy integration into an automated malware analysis lab. An optional ElasticSearch output plugin lets you keep historical data for future searching and further analysis.

This project solves the problem of what to do with a sensitive malicious file that you wish to have multiple AV scanner results for, but you are wary about uploading the file to a public site, and you don’t want to pay the hefty price for a commercial scanner bank.

with Robert Simmons


Utkonos is a Senior Threat Intelligence Researcher for ThreatConnect, Inc. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years.

Utkonos has a background in biology, linguistics, and Russian area studies. He has lived extensively in Russia and Ukraine and has been known to swear profusely and constantly in Russian.

Vulnerability Research on Windows binaries

at 6:30 PM

Zone 1

During the talk I will speak about Windows Vulnerability Research. We will see the current limitations of fuzzing without knowledge of the targeted struct and some answers has been brought by AFL fuzzer. But AFL is available only on Linux and we need the target binary sources to use it.So I developed a personal AFL-like that allows me to fuzz Windows without having binary sources. This allows to fuzz without knowing the format used. So I will introduce how my tool works.

with Stéfan Le Berre (HEURS)

Stéfan Le Berre (HEURS)

Heurs is a security researcher specialized in Windows kernel, bug hunting and exploitation.


at 7:45 PM

Zone 1