Talks

DEF CON

• DEF CON 32 (2024) - Reverse Engineering MicroPython Frozen Modules: Data Structures, Reconstruction, and Reading Bytecode
  • Video
  • Slides
• DEF CON 31 (2023) - Retro Exploitation: Using Vintage Computing Platforms as a Vulnerability Research Playground and Learning Environment
  • Video
  • Slides
• DEF CON 26 (2018) - An Attacker Looks at Docker: Approaching Multi-Container Applications
  • Video
  • Whitepaper
  • Slides
• DEF CON 24 (2016) - Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Materials and Tools
  • Video
  • Whitepaper
  • Slides
• DEF CON 23 (2015) - I Hunt Penetration Testers! More Weaknesses in Tools and Procedures
  • Video
  • Whitepaper
  • Slides
• DEF CON 22 (2014) - Instrumenting Point-of-Sale Malware: A Case Study in Communicating Malware Analysis More Effectively
  • Video
  • Whitepaper
  • Slides
• DEF CON 21 (2013) - Pwn the Pwn Plug: Analyzing and Counter-Attacking Attacker-Implanted Devices
  • Video
  • Whitepaper
  • Slides
• DEF CON 20 (2012) - SCADA HMI and Microsoft Bob: Modern Authentication Flaws With a 90’s Flavor
  • Video
• DEF CON 19 (2011) - Covert Post-Exploitation Forensics With Metasploit
  • Video
  • Whitepaper
  • Slides

Black Hat USA

• Black Hat USA 2018 - An Attacker Looks at Docker: Approaching Multi-Container Applications
  • Video
  • Whitepaper
  • Slides
• Black Hat USA 2017 - Protecting Pentests: Recommendations for Performing More Secure Tests
  • Video
• Black Hat USA 2016 - Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools
  • Video
  • Whitepaper
  • Slides
• Black Hat USA 2011 - Covert Post-Exploitation Forensics With Metasploit
  • Video

National Cyber Summit

• NCS 2024 - Malware Autopsy: Iran’s Remote Access Trojans
• NCS 2023 - Malware Autopsy: Tools and Tradecraft of North Korean Ransomware Operators
• NCS 2022 - Malware Autopsy: Russian Cyber Operations During the Invasion of Ukraine
• NCS 2021 - Malware Autopsy: Reverse Engineering a COVID-19 Email Attack

BSides

• BSides DFW 2019 - Getting Started With Ghidra
• BSides DFW 2018 - Reverse Engineering Ransomware - A Guided Tour
• BSides DFW 2017 - The Long Con - Lessons From Early 20th Century Con Artists for Modern Hackers
• BSides Jackson 2016 - The Year in Penetration Testing Trends
• BSides Jackson 2014 - Confessions of a WiFi Pineapple Hunter

A Selection of Other Speaking Engagements

• Scholarship for Service Job Symposium (2012) - Tracking Online Hacker Groups Through Social Media
• IEEE Software Technology Conference (2010) - Demonstrated Cases of Insecurity in Control Systems
• SANS Process Control and SCADA Security Summit (2009) - Vulnerabilities in SCADA Human-Machine Interface Software