0%

Zer0Con

Conference for
Exploit Developers &
Bug Hunters

About

About Zer0Con

Zer0Con is POC’s NEW ‘CLOSED’ international security conference. It focuses on finding, analyzing, and exploiting vulnerabilities. Zer0Con aims to have high-level technical presentations but avoids the commercial ones. Zer0Con doesn’t pursue money, same as POC conference.

∙ It is a high-level and closed conference.
∙ It only focuses on finding, analyzing, exploiting vulnerabilities.
∙ Only speakers, attendees, and sponsors will share vulnerabilities information.
∙ Zer0Con attendees can share various information and establish unique community.
∙ Training courses also focus on finding, analyzing, exploiting vulnerabilities.
∙ If you have certain level of ability to find bugs and make exploit code, you will improve yourself through Zer0Con.

SPEAKERS

Speakers of Zer0Con

Team Member
Ian Beer Google Project Zero
Through the mach portal

Mach ports are one of the most fundamental parts of the XNU kernel. This talk takes a deep-dive into how the user and kernel mach port APIs work, the implicit security guarantees they make and how to leverage those guarantees to build logical exploit primitives. I will discuss the discovery and exploitation of multiple sandbox escape and kernel bugs on iOS.

Team Member
Brian Pak(Cai)         Theori             
Microsoft Patch Analysis and Exploit Development

We take a look at the general process of patch analysis. We walk through each step from downloading the patch to a weaponized exploit. For the case study, we perform the analysis for CVE-2016-0189 (vbscript.dll) & jscript9.dll security bug fixed in MS16-063 for Internet Explorer 11, Edge/chakra.dll bugs (CVE-2016-7200 & CVE-2016-7201), win32k kernel bug fixed in MS16-106, as well as new bugs that are discovered in latest March update. We also talk about ways to bypass mitigation such as CFG and RFG.

Team Member
   bee13oy      CloverSec Labs    

Attacking Antivirus Software's Kernel Driver

Team Member
TBA                             TBA..........                            

tba

Team Member
TBA                             TBA..........                            

tba

Team Member
TBA                             TBA..........                            

tba

Team Member
TBA                             TBA..........                            

tba

Team Member
TBA                             TBA..........                            

tba

Team Member
TBA                             TBA..........                            

tba

Team Member
TBA                             TBA..........                            

tba

SCHEDULE

Schedule of Zer0Con


April 13 ~ 14, 2017, Seoul, Korea

TRAINING

Zer0Con Training Course

The training courses of Zer0Con focus on bug hunting and exploitation.

Regstration will be closed on March 20.

REGISTER

Register Zer0Con

Regstration will be closed on March 31.

Zer0Con registration is a four-step process:

∙ first, you register here, 
∙ then we check if you are eligible or not, 
∙ and finally you will receive a link to pay. 
∙ if you pay, we will send you your ticket. 

You should bring your ticket to get your badge.

Tickets are only allowed for first 100 people.
                               


VENUE

The-K Hotel, Seoul


Crystal Ballroom A, B Hall

- ADDRESS: 70, Baumoe-ro 12-gil, Seocho-gu, Seoul, Korea
- TEL: +82-2-571-8100
- WEB: http://thek-hotel.co.kr/e_seoul/main.asp
- If you want more information, click the map below.

CONTACT

Contact Us

If you have any questions, contact us.

(poc.zer0con @ gmail.com)

* We recommend you to use the pgp key (PGP KEY)




Also, We are looking for sponsors.
There are several benefits for sponsors, so please feel free to contact us

(poc.zer0con @ gmail.com)

Organizer & Sponsor




Copyright(c) Zer0Con All rights reserved.