Burning River Cyber Con logo
Slide decks & resources

Burning River Cyber Con

Slide Deck Archive

Browse talks from Burning River Cyber Con, view slides inline, and grab shareable links for your team.

Showing 8 of 8 talks

The Art of Compromising Passwords: Lessons Learned from Security Assessments

Joel Coakley

This session highlights five common categories of weak passwords frequently seen during password audits and pentests and provides concrete examples and mitigation steps analysts and administrators can use: Password Reuse, Breach Credentials, Accounts with Weak Policies, Tenant-specific Predictable Passwords, and Onboarding/Reset Schemes.

PasswordsOffensive SecurityPentesting
November 15, 2025
PDF slides · Shareable linkView talk

I'm not actually an SCCM admin...I just implied it

Garrett Foster (@unsigned_sh0rt)

Microsoft Configuration Manager (SCCM) remains a core endpoint management tool for many enterprises and carries significant legacy complexity. In this talk Garrett demonstrates real-world techniques attackers use to abuse SCCM assumptions and dependencies to escalate privileges, impersonate administrative roles, or achieve persistence. The session includes concrete case examples, an attacker's methodology, and practical mitigations administrators can apply to reduce exposure.

SCCMActive DirectoryOffensive Security
November 15, 2025
PDF slides · Shareable linkView talk

Net-NTLMv1: The Easy Path for Red Teamers

Nic Losby (blurbdust)

This session explains the project's background, the engineering challenges of building distributed rainbow tables at scale, and the practical implications for pentesters and red teams. Attendees will learn where to obtain the tables, trade-offs when using them, and methods for checking whether NTLMv1 is present in an environment.

NTLMv1Red TeamPassword Cracking
November 15, 2025
PDF slides · Shareable linkView talk

Cheating My Way To Valhalla: Unity Hacking for Vikings

Gr1mmie (Victor)

This talk walks through learning Unity game hacking using the mono framework by building a cheat pack for Valheim. It covers how to get started, common cheat types, techniques to hijack existing game functionality, and how to safely prototype and test modules. Content is presented for educational and research purposes only.

Game HackingReverse EngineeringUnity
November 15, 2025
PDF slides · Shareable linkView talk

Just Enough Tradecraft: Rethinking C2 on Assumed Breaches

Skyler Knecht & Kevin Clark

Many red-team engagements use a full C2 implant by default. This presentation argues that for assumed-breach scenarios, a lighter operational footprint is often preferable: the presenters will show alternatives to deploying persistent implants, discuss trade-offs, and present operational workflows that accomplish objectives with less noisy tooling.

C2Red TeamTradecraft
November 15, 2025
PDF slides · Shareable linkView talk

Hiding in Plain Sight: Weaponizing Developer Applications and Interpreted Languages to Evade Modern EDR

Annika Clarke

This talk demonstrates how trusted developer applications and interpreted languages can be weaponized to evade modern EDR. Attendees will see examples of backdoor techniques implemented via Node.js, Python, and VS Code/Electron extensions, how attackers leverage legitimate developer workflows and packaging to decrease detection surface, case studies from engagements showing escalation and persistence achieved without traditional native implants, and practical mitigations defenders can apply to reduce risk while preserving developer productivity.

EDR EvasionDeveloper ToolsOffensive Security
November 15, 2025
PDF slides · Shareable linkView talk

An OffSec Adventure Through Modern CI/CD Systems

Jonn Callahan

For many organizations, long gone are the days of poorly managed Jenkins servers. For OffSec practitioners, so are the easy script-console pivot points. The modern development landscape is a complicated system of third-party SaaS platforms, custom integrations, complex control planes, and bespoke development processes. This talk explores these modern systems, the controls they expose, and inherent weaknesses. It addresses the problem from a high-level design perspective and maps exploitation primitives and controls to popular source-forge providers. Rather than rehashing OIDC or pwn request talks, it focuses on how even well-designed systems provide opportunities for full production takeovers from a single compromised developer account.

CI/CDOffensive SecurityDevOps
November 15, 2025
PDF slides · Shareable linkView talk

Controlled burn: managing forest ecosystems by reducing excess vegetation

reava & Julius Garza

This short presentation frames threat remediation as an ecosystem problem: rather than treating every IoC individually, the talk outlines AI-assisted strategies to identify and clear recurring malicious infrastructure at scale. Topics include prioritization heuristics, automation patterns for coordinated takedowns, and measures to protect native ecosystem services.

Supply ChainThreat IntelligenceIncident Response
November 15, 2025
PDF slides · Shareable linkView talk