Sep 2, 2013

The Notes about my USA Trip: Defcon, Blackhat and Cluecon

I have been USA for 2 weeks. I have presented my VoIP research and Viproy VoIP Penetration Testing Kit at Blackhat Arsenal 2013, Defcon 21 and Cluecon 2013. My presentation is below, VoIP Wars: Return of the SIP and you can get Viproy from I'll share my USA experience in this blog entry, my plans about Viproy and its new modules/features will be explained in an another blog entry. 

This trip was really interesting experience for me, especially Defcon Conference. It was my first USA trip and I was excited because of conferences. Me and my wife have visited a few places before the conferences, such as outlet shopping centers of Las Vegas, Fry's Electronics and Universal Studios at Los Angeles. I bought many electronic gadgets from Fry's, it was a gadget heaven. Also I suggest that you should visit Universal Studios and see Transformers The Ride, it was really awesome. I shared a few photos from there, but the ride experience of Transformers cannot be explained, you should see it. 

First day of Blackhat, I have visited the Blackhat Arsenal Hall and met with Nabil Ouchn (@toolswatch). He was really cool guy and he did a great work with Black Arsenal. You should check his notes (1, 2) for Blackhat Arsenal USA. Blackhat Arsenal was really amazing, my favorite tools were Drozer and Armitage. Second day was my presentation and tool demo day at station 6. I started my presentation with a video of Viproy, after this I explained its features and usages of modules. I had Turkish Delight for audience and I invite them to my station 6. I have presented Viproy's usages with demos and I answered their questions at my station. Also I have met with Raphael Mudge (@armitagehacker), his turbo presentation was really cool and we talked a little bit about my plans about Viproy and its integration of Armitage. I really wanted to be there next year.

Defcon 21 was just like a dream for me, I didn't believe it's happening before I took my badge and speaker materials from registration desk. When I visited the Tracks, I saw that almost ~2000 people were watching a presentation. I checked-in to the speakers room and I reviewed my presentation. I have assisted by a staff to the stage and they helped me to prepare the presentation area. During the presentation, a few guys were behind me and they stopped the presentation. I was shocked because I didn't join any session before my session, I checked-in to the speakers room immediately. It's a tradition that Defcon guys try to get you drunk during your first presentation. Learning this fact on the stage was not awesome, but it helped :) Audience said "drink! drink! drink!" and I finished my first Jack Daniel's shot. Everything was clear after the shot :)

I have finished my presentation, I learned that audience did not hear me clearly during the second demo after the session. I had no idea and feedback during the presentation, next year I will be louder :) I have promised a Turkish Rakı as a gift for best question, I gave it to a good guy for his a few questions after the presentation. At last part of my session, Peiter Zatko (Mudge @dotmudge) came and he congratulates me for my session. He was my hero because of L0pht, we have a photo on the stage now. Also I had a chance to chat with my friends, Max Sobell (@msobell), Jurriaan Breemer (@skeir_t) and Jason Olstrom (@justiceguy). I will attend Defcon 22 definitely, as a speaker or audience it doesn't matter.

We have gone to Chicago after Blackhat and Defcon, for Cluecon 2013. Cluecon is a VoIP conference organized by FreeSwitch team. Many good guys presented their tools, research and experience about FreeSwitch and SIP services. I have attended only second day of the conference, because I was really tired and I have flu. I had a speech at Security Birds of a Feather session and I presented my VoIP research. I had a chance to meet and chat with Phil Zimmermann, Jon Callas and Travis Cross. 

I have a few photos from this USA trip, I shared them below with short description.

Photos from Las Vegas and Los Angeles

Eiffel Tower Restaurant - Las Vegas

Luxor Sphinx - Las Vegas

Slash and Me :)

Preparing to the trip for Los Angeles

Of course traffic is everywhere

Me and my wife - Universal Studios

Transformers The Ride 3D - Universal Studios


DeLorean DMC 12 a.k.a. Time Machine (BTTF)

DeLorean DMC 12 a.k.a. Time Machine (BTTF)

Photos from Blackhat USA 2013 

I'm at Blackhat Arsenal Turbo Presentation

Audience of my turbo presentation.

Station 6 - I'm sharing Turkish Delight

Blackhat Arsenal Stations

Raphael Mudge (@armitagehacker) - Turbo Presentation

General Alexander is speaking about Security vs Surveillance

Blackhat Sponsors Hall

CDMA Interception warning for Femtocell Presentation

Slide from Femtocell Presentation

Slide from Femtocell Presentation

Me, Anıl Pazvant (@pazwant) and Kadir Altan (@kadiraltan)

Rapid7 - Blackhat After Party

Rapid7 Party - Graffiti Wall

Photos from Defcon 21

Defcon 21

My Badge and Brief of my presentation

The audience at Track 2

Preparing for Presentation at Speakers Room 

Turkish Rakı for best question, warming up at speakers room

Turkish Rakı, 5 years old, oak aged.

Left side of my audience were waiting my presentation

Me and Mudge at Stage

Lucky guy who asked smartest questions :)

Me and Jason Olstrom (@justiceguy)

Me and Max Sobell (@msobell)

Me and Raphael Mudge (@armitagehacker)

Real Voodoo Babes for Real Penetration Testing at Defcon Hall
I  Tested, It Worked!

Photo from Defcon Hall

Raphael Mudge is explaining features of Armitage and Cobalt Strike

RFIdeas Tools 

Defcon Cafe

Photo from Defcon Hall

Zeyna at Defcon Hall

Hardware Hacking Hall

Monkey the Hardware Hacker

Closing Ceremony of Defcon 21

Photos from Cluecon 2013, Chicago

Cluecon 2013

Mouse Pad from Cluecon

Audience of Cluecon

Phil Zimmermann is speaking

Travis and Phil answer questions at Security BoF

Phil Zimmermann, Me and Travis Cross.

Photos from Chicago, the last day of the trip