HITB Armory (Security Tools)

May 9th & 10th

What is The HITB Armory?

Organized in collaboration with Opposing Force, HITB Armory is a dedicated area for independent researchers to show of their projects, run their demos, and allow you to play around with their awesome security tools!

Diversity Matters!

HITB Armory CFT is committed to creating a conference that is as inclusive as possible. We want to showcase the best security tools available around the world.

We are also committed to ensure the conference is a place where ideas are exchanged, old friends get together, new friends meet and harassment is not tolerated. We expect speakers, attendees and sponsor representatives to be professional and courteous to each other. We reserve the right to remove, without refund, ANY attendee (speaker or otherwise) who is unable to adhere to this policy.

Schedule - May 9th

  • 09:00 - 12:00 STATION 1: Unlocking the Secrets of ProxMark RDV4 again - iceman

    Iceman will show you the latest revision of proxmark3 tool, RDV40, a successful kickstarter that brought NFC analysis to the next level. Identifying common issues in the Proxmark community. RRG formed to produce new hardware like the proxmark3 RVD4

    What’s so special about the PM3 RDV4?

    Onboard storage

    SIM interface

    Improved HF + LF antennna

    Improved HF antenna

    Improved ‘capsule’ LF antenna

    QC process

    Covert + discreet

    Current capabilities of offical firmware and popular forks.

  • 09:00 - 12:00 STATION 2: A Monitoring Tool for Kubernetes Cluster Security - Valentine Mairet

    Kubernetes is an open-source system for the deployment, scaling, and management of containerized applications. Common implementations of Kubernetes are not secure by default and a lot of information about the hardening of Kubernetes intrinsic security is not known to the public. Since version 1.7 though, the security level has increased and the common security risks have been mitigated. More information about Kubernetes attack and defense methodologies has become available. However, none of these published resources lay the focus on the logging mechanisms of Kubernetes and the possibility for detection of active threats.

    The system we created is a combination of existing tools for a centralized audit system for Kubernetes instances. This system, named K8sCop, serves as a data analysis tool for the monitoring of cluster activity and detection of potentially malicious events. The talk contains several demonstrations, where attacks are conducted against a Kubernetes instance, which are made visible in the Kubernetes Security Dashboard (K8SD) in Kibana.

    The presentation will describe how to set up the existing tools the following way:

    – How to store audit logs in Kubernetes instances

    – How to set up Elasticsearch with Kubernetes using the Fluent daemon

    – How to run the K8sCop analyzer for static or streaming analysis on Kubernetes log data

    – What types of Kubernetes incidents are labelled by K8sCop

    – How to import and view the Kubernetes Security Dashboard in Kibana

    We will show how to use the dashboard and demonstrate attacks on Kubernetes in real-time and how they are caught by our system.

    All project material is opensource, such that organizations and individuals that require visibility over their Kubernetes infrastructure can use and adapt these tools to suit their own needs. The sources can be found at https://github.com/k8scop/k8s-security-dashboard.

  • 09:00 - 12:00 STATION 3: 802.11 Secret Distributed Chat System - Yago Hansen

    The talk demonstrates how to deliver a distributed chat system that creates a way for communicating peers by using a covert channel hiding its network traffic in 802.11 management frames ciphered through AES encryption.

    To achieve greater network coverage, each of the nodes participating in the chat acts also as a repeater of the received messages, thus extending the range of operation. The chat also allows sending data files in order to exfiltrate information from high security locations. Thanks to the type of covert communications used, it is very difficult to detect and fight.

  • 09:00 - 12:00 STATION 4: Muraena - Michele Orru / Giuseppe Trotta

    Two-factor authentication is considered “the solution” to prevent phishing.

    In reality, only Universal Two-factor (U2F) is somehow useful once hardware keys are deployed, while the rest of 2FA solutions fail miserably, including SMS, Push, SoftwareAuthenticators, OTP and others.

    If there is no HTTP Origin verification and the second factor token is sent via web, phishing can be performed pretty much transparently performing MiTM by using a reverse proxy solution.

    Moreover, once valid sessions are collected, they can be impersonated via browser instrumentation with a farm of dockerized Chrome headless instances. Such instances are useful not only to keep alive the stolen sessions but also to scrape and extrude data from hijacked accounts, as well as performing any action on user behalf.

    Depending on the instrumented portal, activities can be different, such as: backdooring a GitHub account by adding an SSH key, searching for credentials over an OWA webmail, chaining bugs in WordPress and automating RCE and what not.

    The whole process is automated by Muraena and Necrobrowser. The first is a custom target-agnostic reverse proxy solution (written in golang). The latter, takes care of the instrumentation and session riding.

    This approach minimizes the complexity of handling phishing with 2FA, while drastically reducing the time needed to perform post-phishing activities, allowing the phisherman to focus on data analysis and scenario planning.

    There will be demos performing phishing and session instrumentation on a number of portals like GitHub, OWA, Google Docs, LinkedIn, protected by different authentication types.

    Muraena and Necrobrowser will be released after the talk.

  • 12:30 - 14:00 Lunch Break
  • 14:00 - 16:00 STATION 1: Remote Timing Attacks on IoT - Cristofaro Mune

    Remote timing attacks have been often researched in the past. They have been applied to breaking cryptographic algorithms, inferring web server secrets and even in recent cache timing attacks.

    Research has shown the feasibility of inferring time differences down to 1us for remote and down to 100ns in LAN environments.
    Although very small, such timescales do not allow for practical inference of instruction-level decisions on fast CPUs, such as in remote password guessing performed via memcmp() timing. In facts, timing attacks become much more feasible (and common) at larger timescales (i.e. SQL injections).

    While true for fast servers, the opportunities provided by IoT devices, with fast Internet connections and slower CPUs, are currently unexplored.
    In order to support our ongoing research, a dedicated tool has been developed for performing automated remote timing attacks.

    The tool is modular and implements techniques from research state of the art.
    It supports a choice of target’s timing strategies, also available in a distributed configuration, useful for remote measurements.
    Multiple statistical classifiers and offline analysis are also available.
    Feedback between the modules allows for completely automated attacks.
    Even though the main research is still ongoing and the tool may enjoy further refinement, we are able to demonstrate the tools and preliminary results.
    During the presentation, we will show the tools’ features and potentials, while demo’ing remote extraction of a 8-digits PIN from a very common IoT platform.

  • 14:00 - 16:00 STATION 2: PatrOwl - Nicolas Mattiocco

    A company, regardless of its size and market power, may go out of business or lose a lot of value because of a security incident on its information system.

    The number of vulnerabilities and the interest of cyber-attackers is only increasing. With the advent of the monetization of botnet cyber attacks or the installation of crypto-miners for example, the threats are going more varied and intensified, but less targeted. The vast majority of companies are digital and increasingly exposed on the Internet. The level of cyber exposure is also higher. The “Cyber” risk has become vital. Today, everything has changed and tomorrow everything will change even faster. Where manual analysis was sufficient, paradigms of risk assessment are moving towards more automation. But we need intelligent automation.

    The technological offer is not lacking, but after more than 10 years of experience, our observation is indisputable:

    1. The best tools are only satisfactory in part of their capacities
    2. It remains difficult to have a realistic and continuous visibility on the risks borne by the assets exposed by an organization.
    3. Business processes tend to adapt to the tool capabilities rather than using these tools to support their cyber surveillance strategy.

    This automation strategy also tends to address the drastic lack of competent cyber security resources and retention of talents. The automation of recurrent, time-consuming and low-value-added tasks will allow teams to focus on more complex and therefore more motivating topics. PatrOwl is a solution for automating calls to commercial or open source tools that perform checks. To date, around 40 tools or online services are supported. Beyond centralizing the results obtained, the PatrOwl analysis engine compares these results with its knowledge base and other third-party services to determine scenarios of attacks (predictive analysis) or to trigger actions.

  • 14:00 - 16:00 STATION 3: Farady - Emilio Couto

    The idea behind Faraday is to help you to share all the information that is generated during a pentest, vulnerability assessment or scan without changing the way you work.
    You run a command, import a report, and Faraday will normalize the results and share them with the rest of the team in real-time. Faraday has
    more than 70 plugins available (and counting), including the most popular commercial and open-source tools.
    If you use a tool that Faraday doesn’t have a plugin for, you can create your own!
    Come check it out!

  • 14:00 - 16:00 STATION 4: RFQuack - Federico Maggi

    Overview of the tool 
    RFQuack is a versatile RF-hacking tool that allows you to sniff, analyze, and transmit data over the air. Consider it as the modular version of the great YardStick One, which is based on the CC1111 radio chip. Similarly to RFCat for the YardStick One, RFQuack has a console-based and Python-scriptable client that allows you to set parameters on the radio, receive, transmit, and so on.

    Another RF-hacking dongle? RFQuack is midway between software-defined radios (SDRs), which offer great flexibility at the price of a fatter code base, and RF dongles, which offer great speed and a plug-and-play experience at the price of less flexibility (you can’t change the radio chip). So, if you need to analyze a weird RF protocol with that special packet format or that very special modulation scheme, with mixed symbol encodings, with RFQuack you just swap the radio shield and you can just start working right away. And if we don’t support that special radio chip yet, you can just craft your shield and add support to the software!

    RFQuack is unique in some ways. First, it supports multiple embedded radio chips (e.g., RF69, RF95, CC1120), basically all the chips supported by RadioHead (which we forked to create RadioHAL, a more hackable radio hardware abstraction layer), and we’re adding more. Secondly, it does not require a wired connection to the host computer: the serial port is used only to display debugging messages, but the interaction between the client and the node is over TCP using WiFi (via Arduino WiFi) or via GPRS (via TinyGSM library) as networking layers. Third, the Python client allows both high-level operations (e.g., change frequency, change modulation) as well as to interact with the radio chip at a very low level (read or write registers). So, you have the power of an embedded radio chip driven by native code running on the MCU, but you can program in it Python via a simple API! Last, the firmware and the API implement the concept of in-flight packet-filtering and packet-modification rules (it’s like a tiny firewall), which means that you can instruct the firmware to listen for a packet matching a given signature (in addition to the usual sync-word- and address-based filtering, which you can disable for full promiscuous mode), optionally modify it right away, and re-transmit it with under a few milliseconds delay, because all the processing happens on the MCU.

    RFQuack has a modular software and hardware architecture comprising a radio chip, a micro-controller unit (MCU, a network adapter (e.g., WiFi or cellular). The communication layers are organized as follows. The Python client encodes the message for the RFQuack dongle with Protobuf: this ensures data-type consistency across firmware (written in C) and client (written in Python), a bit of data validation, and low development effort. The serialized messages are transported over MQTT (which allows multi-node and multi-client scenarios) or just serial (when you need minimal latency). The connectivity layer is just a thin abstraction over various cellular modems and the Arduino/ESP WiFi.

Schedule - May 10th

  • 09:00 - 12:00 STATION 1: Remote Timing Attacks on IoT - Cristofaro Mune

    Remote timing attacks have been often researched in the past. They have been applied to breaking cryptographic algorithms, inferring web server secrets and even in recent cache timing attacks.

    Research has shown the feasibility of inferring time differences down to 1us for remote and down to 100ns in LAN environments.
    Although very small, such timescales do not allow for practical inference of instruction-level decisions on fast CPUs, such as in remote password guessing performed via memcmp() timing. In facts, timing attacks become much more feasible (and common) at larger timescales (i.e. SQL injections).

    While true for fast servers, the opportunities provided by IoT devices, with fast Internet connections and slower CPUs, are currently unexplored.
    In order to support our ongoing research, a dedicated tool has been developed for performing automated remote timing attacks.

    The tool is modular and implements techniques from research state of the art.
    It supports a choice of target’s timing strategies, also available in a distributed configuration, useful for remote measurements.
    Multiple statistical classifiers and offline analysis are also available.
    Feedback between the modules allows for completely automated attacks.
    Even though the main research is still ongoing and the tool may enjoy further refinement, we are able to demonstrate the tools and preliminary results.
    During the presentation, we will show the tools’ features and potentials, while demo’ing remote extraction of a 8-digits PIN from a very common IoT platform.

  • 09:00 - 12:00 STATION 2: PatrOwl - Nicolas Mattiocco

    A company, regardless of its size and market power, may go out of business or lose a lot of value because of a security incident on its information system.

    The number of vulnerabilities and the interest of cyber-attackers is only increasing. With the advent of the monetization of botnet cyber attacks or the installation of crypto-miners for example, the threats are going more varied and intensified, but less targeted. The vast majority of companies are digital and increasingly exposed on the Internet. The level of cyber exposure is also higher. The “Cyber” risk has become vital. Today, everything has changed and tomorrow everything will change even faster. Where manual analysis was sufficient, paradigms of risk assessment are moving towards more automation. But we need intelligent automation.

    The technological offer is not lacking, but after more than 10 years of experience, our observation is indisputable:

    1. The best tools are only satisfactory in part of their capacities
    2. It remains difficult to have a realistic and continuous visibility on the risks borne by the assets exposed by an organization.
    3. Business processes tend to adapt to the tool capabilities rather than using these tools to support their cyber surveillance strategy.

    This automation strategy also tends to address the drastic lack of competent cyber security resources and retention of talents. The automation of recurrent, time-consuming and low-value-added tasks will allow teams to focus on more complex and therefore more motivating topics. PatrOwl is a solution for automating calls to commercial or open source tools that perform checks. To date, around 40 tools or online services are supported. Beyond centralizing the results obtained, the PatrOwl analysis engine compares these results with its knowledge base and other third-party services to determine scenarios of attacks (predictive analysis) or to trigger actions.

  • 09:00 - 12:00 STATION 3: Faraday - Emilio Couto

    The idea behind Faraday is to help you to share all the information that is generated during a pentest, vulnerability assessment or scan without changing the way you work.
    You run a command, import a report, and Faraday will normalize the results and share them with the rest of the team in real-time. Faraday has
    more than 70 plugins available (and counting), including the most popular commercial and open-source tools.
    If you use a tool that Faraday doesn’t have a plugin for, you can create your own!
    Come check it out!

  • 09:00 - 12:00 STATION 4: RFQuack - Federico Maggi

    Overview of the tool 
    RFQuack is a versatile RF-hacking tool that allows you to sniff, analyze, and transmit data over the air. Consider it as the modular version of the great YardStick One, which is based on the CC1111 radio chip. Similarly to RFCat for the YardStick One, RFQuack has a console-based and Python-scriptable client that allows you to set parameters on the radio, receive, transmit, and so on.

    Another RF-hacking dongle? RFQuack is midway between software-defined radios (SDRs), which offer great flexibility at the price of a fatter code base, and RF dongles, which offer great speed and a plug-and-play experience at the price of less flexibility (you can’t change the radio chip). So, if you need to analyze a weird RF protocol with that special packet format or that very special modulation scheme, with mixed symbol encodings, with RFQuack you just swap the radio shield and you can just start working right away. And if we don’t support that special radio chip yet, you can just craft your shield and add support to the software!

    RFQuack is unique in some ways. First, it supports multiple embedded radio chips (e.g., RF69, RF95, CC1120), basically all the chips supported by RadioHead (which we forked to create RadioHAL, a more hackable radio hardware abstraction layer), and we’re adding more. Secondly, it does not require a wired connection to the host computer: the serial port is used only to display debugging messages, but the interaction between the client and the node is over TCP using WiFi (via Arduino WiFi) or via GPRS (via TinyGSM library) as networking layers. Third, the Python client allows both high-level operations (e.g., change frequency, change modulation) as well as to interact with the radio chip at a very low level (read or write registers). So, you have the power of an embedded radio chip driven by native code running on the MCU, but you can program in it Python via a simple API! Last, the firmware and the API implement the concept of in-flight packet-filtering and packet-modification rules (it’s like a tiny firewall), which means that you can instruct the firmware to listen for a packet matching a given signature (in addition to the usual sync-word- and address-based filtering, which you can disable for full promiscuous mode), optionally modify it right away, and re-transmit it with under a few milliseconds delay, because all the processing happens on the MCU.

    RFQuack has a modular software and hardware architecture comprising a radio chip, a micro-controller unit (MCU, a network adapter (e.g., WiFi or cellular). The communication layers are organized as follows. The Python client encodes the message for the RFQuack dongle with Protobuf: this ensures data-type consistency across firmware (written in C) and client (written in Python), a bit of data validation, and low development effort. The serialized messages are transported over MQTT (which allows multi-node and multi-client scenarios) or just serial (when you need minimal latency). The connectivity layer is just a thin abstraction over various cellular modems and the Arduino/ESP WiFi.

  • 12:30 - 14:00 Lunch Break
  • 14:00 - 16:00 STATION 1: Unlocking the Secrets of ProxMark RDV4 again - iceman

    Iceman will show you the latest revision of proxmark3 tool, RDV40, a successful kickstarter that brought NFC analysis to the next level. Identifying common issues in the Proxmark community. RRG formed to produce new hardware like the proxmark3 RVD4

    What’s so special about the PM3 RDV4?

    Onboard storage

    SIM interface

    Improved HF + LF antennna

    Improved HF antenna

    Improved ‘capsule’ LF antenna

    QC process

    Covert + discreet

    Current capabilities of offical firmware and popular forks.

  • 14:00 - 16:00 STATION 2: A Monitoring Tool for Kubernetes Cluster Security - Valentine Mairet

    Kubernetes is an open-source system for the deployment, scaling, and management of containerized applications. Common implementations of Kubernetes are not secure by default and a lot of information about the hardening of Kubernetes intrinsic security is not known to the public. Since version 1.7 though, the security level has increased and the common security risks have been mitigated. More information about Kubernetes attack and defense methodologies has become available. However, none of these published resources lay the focus on the logging mechanisms of Kubernetes and the possibility for detection of active threats.

    The system we created is a combination of existing tools for a centralized audit system for Kubernetes instances. This system, named K8sCop, serves as a data analysis tool for the monitoring of cluster activity and detection of potentially malicious events. The talk contains several demonstrations, where attacks are conducted against a Kubernetes instance, which are made visible in the Kubernetes Security Dashboard (K8SD) in Kibana.

    The presentation will describe how to set up the existing tools the following way:

    – How to store audit logs in Kubernetes instances

    – How to set up Elasticsearch with Kubernetes using the Fluent daemon

    – How to run the K8sCop analyzer for static or streaming analysis on Kubernetes log data

    – What types of Kubernetes incidents are labelled by K8sCop

    – How to import and view the Kubernetes Security Dashboard in Kibana

    We will show how to use the dashboard and demonstrate attacks on Kubernetes in real-time and how they are caught by our system.

    All project material is opensource, such that organizations and individuals that require visibility over their Kubernetes infrastructure can use and adapt these tools to suit their own needs. The sources can be found at https://github.com/k8scop/k8s-security-dashboard.

  • 14:00 - 16:00 STATION 3: 802.11 Secret Distributed Chat System - Yago Hansen

    The talk demonstrates how to deliver a distributed chat system that creates a way for communicating peers by using a covert channel hiding its network traffic in 802.11 management frames ciphered through AES encryption.

    To achieve greater network coverage, each of the nodes participating in the chat acts also as a repeater of the received messages, thus extending the range of operation. The chat also allows sending data files in order to exfiltrate information from high security locations. Thanks to the type of covert communications used, it is very difficult to detect and fight.

  • 14:00 - 16:00 STATION 4: Muraena - Michele Orru / Giuseppe Trotta

    Two-factor authentication is considered “the solution” to prevent phishing.

    In reality, only Universal Two-factor (U2F) is somehow useful once hardware keys are deployed, while the rest of 2FA solutions fail miserably, including SMS, Push, SoftwareAuthenticators, OTP and others.

    If there is no HTTP Origin verification and the second factor token is sent via web, phishing can be performed pretty much transparently performing MiTM by using a reverse proxy solution.

    Moreover, once valid sessions are collected, they can be impersonated via browser instrumentation with a farm of dockerized Chrome headless instances. Such instances are useful not only to keep alive the stolen sessions but also to scrape and extrude data from hijacked accounts, as well as performing any action on user behalf.

    Depending on the instrumented portal, activities can be different, such as: backdooring a GitHub account by adding an SSH key, searching for credentials over an OWA webmail, chaining bugs in WordPress and automating RCE and what not.

    The whole process is automated by Muraena and Necrobrowser. The first is a custom target-agnostic reverse proxy solution (written in golang). The latter, takes care of the instrumentation and session riding.

    This approach minimizes the complexity of handling phishing with 2FA, while drastically reducing the time needed to perform post-phishing activities, allowing the phisherman to focus on data analysis and scenario planning.

    There will be demos performing phishing and session instrumentation on a number of portals like GitHub, OWA, Google Docs, LinkedIn, protected by different authentication types.

    Muraena and Necrobrowser will be released after the talk.

Armory Presenters

Christian Herrmann

Co-Founder, RRG

Christian Herrmann (Iceman) is co-founder of RRG, administrator of proxmark3 forum, maintainer of github proxmark3 repo, iceman fork of chameleon mini and proxmark3, Certified MCPD enterprise architect, 12 years of running his own company and wellknown deep knowledge with proxmark3 and attacking all kind of rfid based systems

Read More

Cristofaro Mune

Product Security Consultant, Pulse Security

Cristofaro Mune is a Product Security consultant. He provides support for design and development of secure products. He also performs device-level security testing with advanced SW and HW techniques. He has more than 17 years of experience in (SW & HW) security assessment of highly secure products and device, across different stages of the production…

Read More

Vincent Ruijter

Security Engineer, Openbook

Pacifistic Internetveapon @ Openbook, who thinks he knows Linux. Moderator @ null Amsterdam chapter, with an endless curiosity for all things binary. Knows how to quit Vi ^[ESC!wqwq:wq!

Read More

Valentine Mairet

Red Team, KPN

Star Wars fan @ KPN (Royal Dutch Telco) REDteam, who doesn’t listen to anything but Rock’n’Roll. She likes to break into buildings, both physically and digitally, and will often complain about web hacking. She’s the organizer of WICCA, women-only cybersecurity meetups in the Netherlands.

Read More

Christian Heinrich

Maltego Integrator, TAIA Global

Christian Heinrich has presented at the OWASP Conferences in Australia, Europe and USA and OWASP Chapters in the Netherlands, Singapore, UK, Thailand and Sydney and Melbourne in Australia, ToorCon (USA), Shmoocon (USA), BlackHat (Asia, Europe and USA), DEFCON (China and USA), SecTor (Canada), CONFidence (Europe), Hack In The Box (Europe), SyScan (Singapore), B-Sides (Australia), RUXCON…

Read More

Federico Maggi

Senior Threat Researcher, Trend Micro

Federico Maggi is a Senior Threat Researcher with Trend Micro’s Forward-Looking Threat Research (FTR) team, an elite team of researchers fighting against cyber criminals and scouting the future of the Internet to predict the future evolutions of cybercrime. His research interests, mainly developed during his MSc and PhD, revolve around various topics under the “cyber…

Read More

Marco Balduzzi

Senior Research Scientist, Trend Micro

Dr. Marco Balduzzi holds a Ph.D. in applied security from Télécom ParisTech and a M.Sc. in computer engineering from the University of Bergamo. His interests concern all aspect of computer security, with particular emphasis on real problems that affect systems and networks. Some topics of interest are web and browser security, code analysis, malware detection,…

Read More

Jie Fu

Senior Security Researcher, Qihoo 360

Jie Fu(@fuxuan1234) Senior security researcher in the PegasusTeam security team ,with rich experience in embedded software and hardware security development and reverse development; Research and development of the first active NFC protective equipment –360 saferfid , and obtained a number of NFC security invention patents; International renowned security conference HITB (HackInTheBox) speaker, Blackhat speaker.

Read More

Michele Orru

Security Consultant

Antisnatchor is a security consultant with over ten years of experience in penetration testing, source code auditing and development. During the last five years his focus has been on phishing and client-side exploitation: – Co-author of **The Browser Hacker’s Handbook** – Co-author of the **X41 Browser Security Whitepaper** – Ex-core developer of the **Browser Exploitation…

Read More

Nicolas Mattiocco

CEO, GreenLock Advisory

Expert with 10 years of experience in information security, I have performed various security consulting engagements, from penetration tests to global risk assessments and implementation of security solutions. I’m currently Freelance since 3 years and onboarded in the Red Team of a CERT in a large financial institution. Also founder of PatrOwl, a scalable, free…

Read More

Yago Hansen

CEO, Wifense

Ethical hacker, expert in network engineering and system administration, with extensive experience in network infrastructures of all sizes. During his professional career, he has carried out international projects for large corporations in the banking, insurance, telecommunications and Government security sectors among others. In recent decades he has specialized extensively in wireless technologies, successfully leading numerous…

Read More

Yongtao Wang

Senior Security researcher, Pegasus Team, Qihoo 360

Yongtao Wang (sanr) works in 360 Technology, a senior security researcher in PegasusTeam team.He specializes in penetration testing and wireless security research. He has extensive experience in security research and penetration testing. He is a lecturer at the China Internet Security Conference (ISC) security training camp, Blackhat、POC、CodeBlue, etc. Conference speaker.

Read More

Organizer