Botconf 2018 – Day 2 Wrap Up

The second day of botconf was an interesting day. The presentations were on the quite diverse topics. Here is the write up of what I will remember.

Malicious Documents

From a social engineering point of view the presentation on the topic of malicious documents by Dr. Nimal Singh and Deepen Desai was very interesting. We all know it is a classic in the malicious arsenal but malicious documents have been an issue since the second half of the 1990’s and thus an update view on the issue was welcome.

Sysmon and Powershell

Tom Ueltchi is a regular speaker on botconf. This year he had another very interesting talk prepared for us on how he goes and hunt in his network with sysmon and powershell. It is not the first talk I saw on the topic but the way Tom explained was different, he talked about his experience implementing it.

Lighting Talks

The lightning talks was a challenge set by the botconf organization at the end of day 1. If you had a slide deck and was able to present on an interesting topic the floor was yours and the audience would vote on the most impressive talk. I wrote down the names of a couple of tools people presented but the one that stood out for me was somebody basically taking over a botnet and explaining how he figured out who the actual botnet herder was.

Although in a sense different from all the other botnet-take down presentations, it was the speed of the story and the way it was brought that was refreshing. No screenshots of IDA Pro but straight to the “mistake” and how the researcher was able to exploit it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s