Underground Hacks

Hey everyone,
Join us for an Offensive Night focused on how attackers actually think, move, and break things—and how we respond.

This evening brings together creative red teaming tactics and a hands-on vulnerability demo, designed for security engineers, developers, and anyone curious about the offensive side of security.

Agenda

• 17:00 Doors open
• 17:30 Live virtual speaker: Steve Borosh
  Continuous Offensive Recon: Tightening the OODA Loop with AI-Driven Data Enrichment for Red Team Operations
  Traditional penetration tests, assumed-compromise assessments, and red team engagements still treat reconnaissance as a discrete, time-boxed phase at the beginning of the assessment. In reality, modern environments change hourly, files change, credentials rotate, people join and leave, and defensive controls evolve. Static recon snapshots quickly go stale, forcing operators to restart the intelligence cycle under pressure. This talk presents Continuous Offensive Recon as the solution: a persistent, closed-loop intelligence capability that provides offensive operators with actionable intelligence at every phase of the assessment.
  Raw data from passive recon, active scanning, file share searching, C2 exfiltration, user behavior, and open-source intelligence is abundant. What separates elite operators is the ability to continuously enrich that data, surface hidden relationships between obscure technical and human data points, and convert noise into prioritized, high-fidelity attack paths in near real time.
  We will walk through exactly how to build and operate this capability using a practical, open-source-heavy stack that the audience can start implementing immediately:
  With the industry moving towards more “Continuous Penetration Testing” as BHIS has adopted, offensive operators are moving from periodic assessments to a living, intelligence-gathering assessment that paired with the OODA loop decision cycle, and continuous reconnaissance, keeps operators ahead of their target networks.
• 18:30 intermission
• 19:00 in-person speaker: Julian B. Let Him Cook! Hacking the Meatmeet BBQ Probe
  With grilling season upon us, each and every grillmaster is eagerly preparing their tools… but little do some know, their “smart” meat probes may have some glaring vulnerabilities that could leave them cooked. In this presentation we will disassemble, dump the flash, and decompile the mobile application of the Meatmeet BBQ probes to find countless vulnerabilities. From an open S3 bucket with the profile photo of every grill master, poorly salted passwords, to never-before-seen devices, and even remote code execution, Julian will walk you through the platter of vulnerabilities he found. This will illustrate the importance of IoT security, because the last thing you want is for your beautiful BBQ to be burnt to a crisp! As a Senior Penetration Tester at Software Secured, Julian hunts for vulnerabilities across a range of clients and products. Off hours, he spends his time performing vulnerability research against IoT devices and FOSS, amassing over 50 CVEs in the past several years. Previous work includes exploiting the Furbo devices, to find 20+ vulnerabilities, discovering more than 130,000 Claude, Grok, ChatGPT, and Other LLM Chats Readable on Archive.org (https://www.404media.co/more-than-130-000-claude-grok-chatgpt-and-other-llm-chats-readable-on-archive-org/), as well as being featured by 404Media in the article: Grok Exposes Underlying Prompts for Its AI Personas: ‘EVEN PUTTING THINGS IN YOUR ***’ (https://www.404media.co/grok-exposes-underlying-prompts-for-its-ai-personas-even-putting-things-in-your-ass/)

Come curious, leave sharper - RSVP Now