Here is a list of all recorded presentations, talks, workshops, and training that our team has given.
2023
Kubernetes Hacking 101
Author: Finn Foulds-Cook ・ Event: Hack.Sydney 2023
This workshop starts with the same presentation from Help I want to attack Kubernetes, but with an additional lab component that explores attacking a real-world cluster.
Workshop guide: Link
Building a Cyber Resilient Business
Author: Alexei Doudkine ・ Event: Holocron Cyber Webinar
Link: https://youtu.be/3UPZeJOu-mo
Cyber threats continue to impact the productivity and desired outcomes of Australian organisations. This webinar presented a comprehensive understanding of how to build a cyber resilient business. Industry experts in the field of cyber security discussed strategies and best practices for protecting your organisation against data breaches.
Help I want to attack Kubernetes
Author: Finn Foulds-Cook ・ Event: SecTalks Brisbane June
Slides: Link
What would you do if you found a Kubernetes cluster on a penetration test? This presentation focuses on how to get valuable information from a cluster, and do a run-through of a real world scenario where Finn achieved Domain Admin all from a kubernetes config.
AV Evasion: The Lazy Hacker’s Guide with Volkis
Author: Max Caminer ・ Event: UTS CSEC
Link: Coming soon
A deep dive into the laziest way of antivirus evasion using Azure pipelines and open source tools. It covers basic antivirus evasion theory and how to use Azure pipelines.
2022
Active Directory Hacking Speedrun
Author: Alexei Doudkine ・ Event: CSECcon 2022
Link: https://youtu.be/AaOd0XJKEyA
An all-demo presentation on 14 of the most common attacks against Active Directory. Take this as a starting point to replicate later in your own lab.
Intro to Capture the Flag (CTF)
Author: Max Caminer (Francis Dong + DUCTF Team)・ Event: CSECcon 2022
Link: https://youtu.be/iU8d37jHKbI
Everything you need to get started in the wonderful world of participating in CTFs. It also covers a little of Max’s CTF journey.
Social engineer your way into your first infosec job
Author: Alexei Doudkine ・ Event: UTS CSEC
Link: https://youtu.be/Jpcj8eyFpTA
What do you need to get your first job in infosec? Alexei talks about what you need and don’t need, what you should put in your CV/resume, and what to expect in interview. A must-watch for anyone looking to break into infosec.
Beg Bounty Hall of Fame
Author: Alexei Doudkine ・ Event: ComfyCon AU 2022
Link: https://youtu.be/uj3O_rm6HuQ?t=26945
A look at some of the best (or worst) bad submissions to our vulnerability disclosure program. Why is this such a widespread problem and what can we do about it?
Pentesting - The first 6 months
Author: Nathan Jarvie ・ Event: ComfyCon AU 2022
Link: https://www.youtube.com/watch?v=_p5RuK0Jmpk&t=21945s
A story about how Nathan got into the world of offensive security, the struggles, and what to expect in the first 6 months.
2020
Zapping bugs in Storage by Zapier
Author: Alexei Doudkine ・ Event: ComfyCon AU 2020
Link: https://youtu.be/jey5xY78Hes?t=12077
Alexei talking about a few vulnerabilities that he discovered in Storage by Zapier. For a bit of fun, he demo’s the worst C2 ever written.
Report Ranger overview
Author: Matt Strahan ・ Event: ComfyCon AU 2020
Link: https://youtu.be/zzovS2FDXe0?t=14246
An overview of Volkis’s Report Ranger tool. Matt goes through how it works, why we designed it and some basic usage example.
DownUnderCTF: One of Australia’s largest CTFs in a nutshell!
Author: Max Caminer (Sam Calamos, Faith + DUCTF Team) ・ Event: ComfyCon AU 2020 Summer Edition
Link: https://youtu.be/zzovS2FDXe0?t=28083
A deep dive of how 13 Australian Cyber Security university societies came together to keep create one of Australia’s largest CTFs.