Experience at X0RC0NF, 2015 – A security conference
Being a technology focused company, TO THE NEW has always made its presence felt in major conferences around the world. This time, it was X0RC0NF in Cochin, India. I was invited to present my talk there and attend the conference as a speaker. The topic of my talk was “Anatomizing online payment systems: hack to shop“, majorly focusing on some of the critical vulnerabilities that we discovered in e-commerce applications and payment gateways as a part of penetration testing.
It was easy to locate and reach the venue. The conference started at around 9:30 AM in the morning with the first talk being on Windows Management Instrumentation followed by a talk on Radare2 Framework. All the talks were very technical and presented in a very good way. The list of all the talks can be found here on the official website of X0RC0NF, Schedule
We at TO THE NEW always like visiting conferences because you get to meet new people and learn a lot from them. We got to meet some very interesting people in Information Security domain. A little glossary of what my talk was about can be found on the official website:
“Online payment is not a new concept, from shopping to ticket booking to buying groceries, we have been using it daily (if not every hour). This presentation will talk about the security mechanism that some of the newest online retailers apply, the technology they rely upon and obviously the ways to hack all this. This research paper will focus on understanding the whole online payment process and the vulnerabilities associated with them.” – Find the glossary here.
It was a great experience attending the conference, out of all great talks below are the ones that I liked the most:
-
A Pentester’s Methodology to Discover, Automate and Exploit Windows Privilege Escalation flaws
-
Popping shells in Droid
-
Creating web sandboxes for secure process isolation using docker
Below are the details of my talk. I have also uploaded the presentation on Slideshare which you can download from the link below. Please have a look at it and let me know in case you have any questions.
Talk: Anatomizing online payments systems: Hack to shop
Speaker: Abhinav Mishra
Presentation:
We will try to update this blog with the link of other presentations as we get. For now, please feel free to download and have a look at my presentation. Thanks.