Level Up Sample Submission
Note to reader: This talk is mostly made up for a general example. It's designed to provide ideas of information to include the lowest level of detail to use, and overall flow of a good submission. The Detailed Outline (#9) doesn’t need to be formatted as it is in this sample, but it should contain enough information to convince us of the merits of your talk. This should be above and beyond the information contained in the Short Abstract (#8).
1. Email address
2. Name or Handle
3. Talk Title
4. Talk options are Level Up, Story Mode, and Training Mode
5. Twitter Handle
6. Speaker Bio(s)
Name is an Offensive Security Engineer who enjoys breaking code and mitigating risks. In her spare time she volunteers in the local security community.
7. Length of Talk or Training
8. Short Abstract
Who I Am
All About Kubernetes In Docker (Kind)
Leveraging Kind To Create Attack Scenarios And Ranges
Current Open Source Configuration Guide
Open Source Docker Systems That Can Be Used
Future Use And Revolutions
9. Detailed Outline
Who I Am - I am a person. I am a metal head and overall nerd whose hobbies include (D&D, war-gaming, reading, video games, Go, and learning new things)
All About Kubernetes In Docker (KinD) - Kubernetes in Docker aka KinD is an open source tool created to run Kubernetes clusters locally using docker containers. It can be used to locally host an attack range to improve hacking skills and learn new technologies on the fly.
Leveraging KinD To Create Attack Scenarios And Ranges -One of the unique things the KinD does is spin up containers without the need for cloud access. This allows for the potential for cloud noobs to avoid running up unnecessary fees while learning how things work. One of the major blockers for industry newcomers is finding the time to learn new technologies in a cost-effective way. This approach can empower anyone to start hacking with a simple walk through and container guide as well as the complete use of open source software. Another major blocker to those who wish to pentest is when they have a low risk appetite. Running exploitable systems in order to execute and practice attack scenarios on a personal computer does indeed make it more vulnerable. By creating a local cluster that remains only accessible to the other containers on the localhost and not to the internet and outside world mitigates this concern.
Current Open Source Configuration Guide - Written by a person in GitHub (and prettier in GitBook. This configuration guide was created as a walkthrough for any OS to install all KinD dependencies and provide a vulnerable system and attack container which can access it. For the system a simple webserver is created to practice XSS. The attack system consists of running a browser in docker to launch the attack. Each scenario of the configuration guide ends with common hardening steps and best practices that mitigate the attack used.
Open Source Docker Systems That Can Be Used - Fortune has it that there are not only containers which run browsers, but there are also some which run attack tools such as Burp Suite.
List various sources - Provide github link to various docker containers. Show how to find images on docker hub. Highlight entry-level vulnerable containers available for practice from the hundreds out there.
Future use and revolutions - There are endless possibilities to create local vulnerable systems and attack boxes and practice hacking skills.
10. Past Speaking/Training Experience (if any)
Aside from giving presentations on security tools during college I have none.
11. Have you given this Talk or Training anywhere before?
12. Special Requirements