BSides CDMX is possible thanks to the community participation and the people around the globe willing to share his knowledge and experience; that said, meet the speakers’ and facilitators’ work for the very frist edition of BSides at Mexico City!

Francisco Leon Gil
Mexican, security enthusiast,music lover, curious from the first compiled, gamer... like to know new places/people/things/anything, like to learn.
Sap Netweaver - Information disclosure vulnerability
Talk to expose a vulnerability already reported for a long time to the manufacturer and that is still latent without an official solution, with a script to identify it and possible live or video demonstration, as it would be in the wild.

Ezra Caltum
Cyber-security practitioner, with a passion for reverse engineering, data analysis, and exploitation. He is the leader of the Tel Aviv DC9723 Defcon group and a co-founder and organizer of BSidesTlv. Currently, he works as a Security Research Manager at Intel.
Path Of LeAst Resistance - Accelerating the search for vulnerable functions
When developing exploits for complex platforms, finding a function relationships between dynamically compiled binaries is of utmost importance to focus the exploitation efforts. By modeling the relationships as a Graph, and leveraging the power of Graph Databases we can quickly identify these relationships and answer some critical questions:
  • Are known vulnerable/problematic functions in use?
  • Which binary uses a vulnerable function inside a library?
  • What (unidentified) function imports a vulnerable function in a binary?
In this talk, I'll discuss Reverse Engineering, Graphs, Binary Relationships and Vulnerable Functions.

Steven Seeley
Is a freelance security researcher and has discovered over 1000 critical security vulnerabilities in software products developed by vendors such as Microsoft, Oracle, Dell, Hewlett Packard, Adobe, Foxit, Trend Micro, Cisco, Apple, IBM, Symantec, SAP and many others. Previously, Steven was the lead trainer at BlackHat USA for the Advanced Web Attacks and Exploitation (AWAE) class and has presented at conferences such as HiTB (Netherlands) and Ruxcon (Australia).
Foxes Among Us - Foxit Reader Vulnerability Discovery and Exploitation
This talk will cover the discovery and exploitation of two memory corruption vulnerabilities in Foxit Reader that were chained together to defeat modern operating system mitigations such as address space layout randomization (aslr) and data execution prevention (dep). It will include the release of a bridgit, a windbg plugin to help discover a certain class of vulnerability, a full exploit and two live demos!
Martin Hron
Martin Hron is a Security Researcher at Avast. Martin leads research across various disciplines such as dynamic binary translation, hardware-assisted virtualization and malware analysis. Martin is devoted to technology and is a true software and hardware reverse engineer, game programmer, tinkerer, AI and IoT mantras practitioner. Martin held the position of artificial intelligence and game programmer, working on the MAFIA II (AAA game title) project, and as a Windows kernel software engineer with encryption file system drivers.
Welcome Home! - how to be a hacker in few minutes
Do you really need to be a skilled hacker to get complete control of someone’s smart home? Consumers would probably expect that, or might even think their smart home is completely secure. But the sad truth is that in reality, many “doors” in today’s smart homes are open. If there are closed doors, certainly you would be able to find a key under the mat, an open window, or at least a cat door. The common denominator is still the same: a lack of security, which is partially the fault of vendors, but also of users themselves. This talk is mainly, but not only, about the automation protocol MQTT widely used for interconnecting home automation devices and systems. I will demonstrate also how you how easy it is to get full access to someone’s connected home. Commonly used systems such as OpenHAB, HomeAssistant, MQTT Dash and others are quite often badly or not at all configured in terms of security. Even if there is a password set you can usually find another vulnerability at the same IP address that allows you to intrude the smart home.

Daniel Regalado (DanUx)
Co-author of the book Gray Hat Hacking, Reverse Engineer, Security Researcher and Pen Tester for Symantec, FireEye and recently for Zingbox. He has presented a conference on Defcon IoT village, BSidesLV and RECon. Discoverer of the most devastating virus in ATMs in Latin America - Ploutus.
Reversing and Exploiting Telepresence Robots
We all have heard of the existence of Robots to assemble cars, to clean your house, to deactivate bombs, for telepresence and even with its own autonomy as if it was a real human! It is a fantastic technology that involves multiple components to see, hear, speak and move, however, evidence of penetration to these humanoids is very limited, most likely because it is expensive to acquire these devices. During this talk you will know the technology behind these robots, techniques for reverse engineering and remote debugging, description of vulnerabilities found, one of which allowed remote access as root and demonstration of different scenarios where an attacker is able to steal information or monitor conversations, and last but not least ... Live Demo!

Alejandro Hernández (nitr0us) & Diego Bauche (dex)
Diego and Alejandro have had presence in the Mexican security scene for over 15 years and nowadays work as security consultants for IOActive, where they have had the chance to work in Fortune 500 companies in different countries including Mexico, South Africa, Germany, China, Netherlands, United States, South Corea and England.
Beyond 'grep strcpy' in code review
There's a well-known list of low-hanging fruits when it comes to bug hunting in low level code (mostly C). Nevertheless, there are other type of bugs that are undetectable by automated static analysis tools, and it's here where the human expertise comes handy. In this talk we'll share some unconventional security bugs that we've come across in our last code audits. Despite most of these bugs are related to low level programming, some of them apply to high level languages that could be oriented to web or embedded systems.
Amongst the list of bugs to be shown are:
  • Dead store optimizations
  • Structure padding info leaks and type confusion bugs
  • Arithmetic overflows leading to critical problems
  • Wrong logical operators in conditional expressions
  • Unchecked/Wrongly checked return values of critical functions
  • Off-by-ones - Uninitialized data info leaks and memory corruptions
  • Screwing up the order of your parameters on basic function calls
  • Unchecked return values leading to mem corruptions / overflows
  • Undefined behavior and security: Pointer arithmetic problems, Zero-size memory allocations
  • Calloc/fread/fwrite arithmetic (a.k.a don't do arithmetic on the second argument)
  • assert(), the best friend and worst enemy of developers
  • Case sensitivity/insensitivity bugs

Raphael L. Molina
Criminology Degree, Informatics Engineer, Access Granted CEO, computer expert, Pentester, creator of SMOLPION and fervent enthusiast of computer security and Ethical Hacking
Hacking with Smolpion.
This talk will cover the topic of physical attacks with HID human interface devices. The SMOLPION tool and framework was designed for me in order to make it easy for pentesters to perform their work easily. In the talk you will see interesting demonstrations about fast attacks such as: running remote code in 3 seconds, hijacking with Ransomware, infiltrating a keylogger with high speed on the computer, and more: /

Gordon MacKay
Gordon MacKay, Software/Systems Guru with a dash of security hacking, serves as CTO for Digital Defense, Inc. Gordon has presented at many conferences including BSides Boston 2017, ISSA International Conference 2016, ISC2 Security Summit 2016, BSides DC 2016, Cyber Texas 2016, RSA and more, and has been featured by top media outlets such as Fox News, CIO Review, Softpedia and others. He holds a Bachelor's in Computer Engineering from McGill University Montreal Canada, and is a Distinguished Ponemon Institute Fellow.
Murder Mystery – How Vulnerability Intelligence is Poisoning your Information Security Program.
In order to solve many modern information security use-cases, organizations have evolved from making decisions based on information gleaned from silo-ed security solutions, towards making more intelligent decisions based upon shared security intelligence. However, integrating vulnerability scanning results into one’s security ecosystem involves a serious hidden challenge resulting in heinous consequences, thereby killing your InfoSec program. This session shares clues on this challenge, step by step, in the form of a Murder Mystery game, ultimately revealing the culprit and strategies to overcome it. Learn, participate, play, and interact! Try to guess “who-dunnit,” and how to avoid similar InfoSec crimes.

Miguel Bautista
Research Engineer with Cisco Talos and Full Member and Chief Workshop Office of The Honeynet Project. Miguel is a Computer Engineer from the National Autonomous University of Mexico (UNAM) with 7 years of experience in information security topics and almost 11 years of experience on IT, computers and networking.
He was part of the UNAM-CERT, from 2011 to 2014, where he was part of the incident response team that was in charge of taking care of all the information security incidents affecting the network of the university. In that time he joined the Honeynet Project as part of the UNAM Chapter, where he had the chance to collaborate with other members of the Honeynet Project around the world, either via email and remotely, or every year as part of the Annual Honeynet Project Workshop. He has attended the Annual Honeynet Project Workshop since 2012 and in 2016 he was a co-instructor of also an introductory honeypots training. Also, since 2014 he has been a volunteer to run the Annual Honeynet Project Workshop and currently he holds the Chief Workshop Officer position within the Honeynet Project.
In 2015 he joined the Global TAC Security team with Cisco Mexico City, where he used to help customers to configure and troubleshoot network security devices such as firewalls and content filtering devices. In July of 2017 he joined the Detection Response Team with Talos (formerly known as Sourcefire VRT), also as part of Cisco, now in the US. As part of his daily job he works closely with Snort on the development of detection rules for this popular IDS and also with the development of antivirus signatures for ClamAV, among other Cisco security features and products.
On his spare time he loves to play video games, learn something new, go to music festivals and travel around the world.
Honeypots 101
Introduce the attendee to what are the honeypots, how they are used and understand their benefits in the threats landscape. The attendee will also learn what are the most common types of Honeypots, the existing tools, the environments where a Honeypot can be deployed and, last but not least, learn the basic requirements to create a Honeypot.

Luis Raul Valencia Larios
Advisor and enthusiast in Cybersecurity with experience in reverse engineering, cyber-operations, penetration tests, forensic analysis, among others. Interested in mobile security, IoT, drones, SCADA, NFC and exploit development
ARM Assambly Basics
This workshop is designed for people who want to learn the ARM assembler basics. Especially for those who are interested in writing exploits for that platform. ARM is susceptible to bad input validation that can cause buffer overflow and given the large number of ARM devices that currently exist the impact of an attack is quite high.

Hernan Jesus Olguin Garcia
Mexican Cybernetic Engineer who started working in InfoSec field while he was still in the college as a Network Infrastructure and Information Security Manager at La Salle University in Mexico City.
He studied a MSc. in Microelectronic Engineering at IPN (Mexico City) and made a research stay at the University of Electrocommunications (Tokyo). In IPN, he studied InfoSec with a specialization about Steganography and Steganalysis, and in the University of Electrocommunications, he made his research about how to apply it inside network infrastructures. He has published 3 international scientific articles regarding Steganography and Steganalysis, has given many conferences about it, and is still researching about the field.
Jesus currently works in a worldwide acknowledged company in Information Security, Trustwave Inc, in Mexico City as a Security Researcher and is part of the SpiderLabs Database Security Team as a QA Engineer. He is a contributor in the Trustwave SpiderLabs blog talking about Steganography and Steganalysis.
What is Steganography and how to eat it?
In the XX century, the research about the steganography and steganalysis was not considered as a priority field, however in the XXI century, after the USA-9/11 attack, the study of this field has grown exponentially. During last decade, a large amount of methods have been proposed in the literature. In many cases, steganography is used to hide different types of information, such as a medical, business and personal information, for privacy purpose. However, steganography is also used for illegal purposes, such as pornography, people trade, counterintelligence, or to share confidential information among different government sectors, which may cause immense damages to society.
The Steganography is the art or science to hide information into digital cover files, such as audio, images, videos, etc. Its main goal is to achieve an undetectable communication between a transmitter and a receiver. The principal issues to be considered in this field of study are embedding capacity or payload, distortion or imperceptibility, robustness and tamper-resistance.
In this workshop, I will teach you the basis of steganography and how to code one of the most common and famous methods – LSB-R method – into images using JAVA.
It is not necessary to have any previous knowledge about the field, but you should have knowledge about basic JAVA coding. In this blog post, you can find some theory that will be given in the workshop:

Hugo Gonzalez
PhD from the University of New Brunswick, member of "The Honeynet project", I am currently working on a project where radare2 is "the tool" to extract the required information from the malware to analyze. The objective is to share the knowledge acquired and promote the use of this great tool (which apart is open source).
Radare2 & cutter first steps through examples
Radare2 is a very powerful framework commonly used to perform reverse engineering. In this workshop the participant will be guided to familiarize with the graphic interface "cutter" solving some "crackmes". The workshop will end with the development of a script (using r2pipe) to automate some tasks in the reversing. This workshop aims to provide the assistant with the minimum knowledge necessary to use radare2 in reversing tasks.