My Experience at Black Hat Europe 2021

What is Black Hat Europe 2021?

Black Hat is an internationally recognized cybersecurity event series providing the most technical and relevant information security research. Grown from a single annual conference to the most respected information security event series internationally, these multi-day events provide the security community with the latest cutting-edge research, developments, and trends.

Black Hat Briefings and Training are driven by the needs of the global security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Today, Black Hat Briefings and Training are held annually in the United States, Europe, and Asia, providing premier venues for elite security researchers and trainers to find their audience. This year’s event took place on November 8–11 with hybrid sessions (online and onsite).

How do I get the Black Hat Europe 2021 pass?

Sequel to my spotlight on Maltego Technologies #womeninosint which I got through SheSecures, I got a wonderful connection with Matt Treadwell who has been mentioning me for different opportunities.
Jane Frankland wanted to give IN SECURITY SCHOLARSHIP & BLACK HAT EUROPE 2021 pass to #womenincybersecurity. My connection Matt Treadwell mentioned me and I applied. I was one of the 30 favored winners. The pass was worth £1,699.00

Sessions at Black Hat Europe 2021

I intentionally attended more arsenal sessions than briefing sessions as I want to learn more about tools especially for threat hunting and intelligence.

The first arsenal session I attended was Wireshark Forensics ToolKit by Rishikesh Bhide; this was a refresher session for me as I have been using Wireshark a lot in my job role, yet I got a new reason for using it which is for Asset classification and data tagging with the aid of threat intelligence Indicator of compromise.

Sessions took place simultaneously, but I was able to see The vulnerability complete definition library by Wish Wu a security expert (Tian Qiong Security lab of Ant group). He did a wonderful presentation on malware analysis.

The next is one of my favorite sessions with Roberto Aranda on aDLL: adventure of dynamic link library. It is a tool to detect DLL hijacking in a windows environment. (I will do a training shot on it later).

I was able to attend briefly Laifu: a modern protocol fuzzing framework based on scapy. A tool that allows testers to use scapy to specify the protocol of the mass directory.

Another favorite session I attended was Git Wild Hunt: A tool for hunting leaked credentials by Rod Soto and Jose Hernandez. It is a tool used to discover leaked credentials in Github. It is an essential threat hunting tool for any CTI analyst. It helps to check if your organization’s GCP or AWS credentials are on Github. I love this session.

I made a digress to Pygoat arsenal session. Pygoat is a vulnerable application developed in python to teach developers and web application pentesters about OWASP top 10 and how to avoid them, it is a must grab for any application security tester.

Another favorite arsenal session I attended was fueled by my love for the OSINT tool, I can’t trade it for anything. That was iKY ; an OSINT tool that works similarly to Maltego. It was delivered by Kenn Bro (watch out for a tutorial on this too).

The last arsenal session I attended was the RAT Exploitation tool for social networks delivered by Omar Alibrahim. I must explore this too.

Briefing sessions

The need to strike a balance with the sessions made me attend a couple of briefings. I attended Building Better CSIRTs using behavioral psychology by Daniel Shore Ph.D. This is one of the best briefings I attended. It detailed goal setting and engagement, the role of action diagram, celebrating achievements of goals, and introduction of 3 levels which is individual, team, and organization goals.

The second session I attended was It is more than phishing, how to supercharge your security awareness training. This session caught my attention because I am a trainer. There are salient points mentioned: providing the right information, context is key, branding, more awareness less training, sharing stories from the top, and so on.

Conclusion

It was fun learning and networking at the same time. I met many interesting cybersecurity professionals that are ready to give back to the community. I am so thrilled to have participated in the event and looking forward to attending onsite next year.