PHDays — Positive Hack Days. Photo gallery 2017
PHDays video

POSITIVE HACK DAYS



ORGANIZER

Photo gallery 2017

A minute to start PHDays

Biohacking at PHDays

Near reality

Cheers

Infotecs stand

PHDays' buddy

Foyer

Plenary session "Information security today: the splendor and misery of corporate security"

Ilya Sachkov (Group-IB) and Kirill Kertsenbaum (Kaspersky Lab)

Denis Baranov (Positive Technologies) discussing application security issues

Discussion "Developing secure homebrewed products"

Mona Arkhipova speaking about ransomware

Participants of "IoT (in)security"

Oleg Boyko speaking about a smart city

Session "Security practice"

Critical infrastructure of The Standoff

Watching The Standoff progress

Sharpening hacker skills at Hardware Village

Work hard, play hard

Gaming lounge

Victoria Alexeeva, PHDays Director

5,000+ participants this year

People come, people go

Hacker's arsenal

Stickers speak louder than words

"Injecting security into web apps in the runtime" by Ajin Abraham

Anto Joseph and Clarence Chio

Fernando Gont conducting a hands-on lab

Patrick Wardle

Sebastian Schreiber explaining how hackers bypass security systems

Young Hak Lee demonstrating a new real time memory auto analysis system (Malware Analyst)

Alexey Lukatsky moderating the session "IoT (in)security"

Andrey Masalovich about the army of smart bots

Dmitry Manannikov brought up the problem of security evolution

Hacking a car

HackBattle championship

HackBattle participant

ARinteg stand

$natch'ing

2drunk2hack

Keen fight in 2drunk2hack

PHDays participants

Automotive Village exposing a car's electronics

Lock picking

The contest "Automotive Village: CarPWN"

Fernando Gont's hands-on lab "IPv6 network reconnaissance"

Awarding The Standoff winners

The Standoff participants

PHDays VI keychains and program leaflets

Our information desk could even answer what a speaker really meant

Participants of PHDays CityF: The Standoff

The morning before the battle

Waiting for the start

Victoria Alekseeva, PHDays Director

Crowdsourced Malware Triage by Sergey Frankoff and Sean Wilson

—No viruses? I wouldn't be so sure by Olga Zinenko

The talk Memory Protection Based Anti-Cheat for Computer Games

Black suits and t-shirts, sofas and bean bags

The section Face to Face: the Arbiters of Security

Hacking a BMW in the CAN4ALL contest

The Press on Information Security: TS or Breaking News?

Hijacking our Syma X8C drone

Python + Django are hacker’s best friends

Neural interfaces at PHDays

NFC: Naked Fried Chicken by Matteo Beccaro

The section Why We Hack: The Truth

The talk Targeted Attacks: Be the First to Aim

PHDays’ buddy — a robot with a warm heart

Game zone in the Congress Hall

Participants of PHDays CityF

Paul Vixie speaking about DNS as a Defense Vector

Mona Arkhipova during her talk Enterprise Forensics 101

Khalil Bijjou speaking about Web Application Firewall Bypassing

BMS & SmartHouse Attack

The contest EAST 4 SCADA

Free punch in the contest Trick a Barmaid Robot

Almost 3,000 visitors on the first day only

Sewing machines have smartened up too

The section Another Round of the Standoff: IS Services as a Response to New Threats and Challenges

Jeff Katz while speaking about Privacy and Security in the Internet of Things

Babak Javadi during his talk Janitor to CISO in 360 Seconds: Exploiting Mechanical Privilege Escalation

Olga Kochetova and Alexey Osipov speaking about attacks on ATMs

Interim results of the standoff

Special police force’s intrusion added to the reality of hacking

The first day is nearing its end

The hacker teams yet cannot outplay the defenders

Our HPP has just gone broken flooding the city

But to make this happen, the security level was lowered

Anirudh Duggal speaking about Fingerprinting and Attacking a Healthcare Infrastructure

Vlad Kopp reading out loud the winning stories of the contest Hacked Future

Materializing thoughts and desires at PHDays

The second day starts with the drone hijacking

Exploiting Chrome on a Nexus Phone by Guang Gong

Building Honeypots to Monitor DDoS by Terrence Gareau

Asuka Nakajima explaining how she detects “reproduced” vulnerabilities

Disclosing an attack they conducted during the game PHDays CityF: The Standoff

Old school phreaking as part of the 2600 competition

The flooded city and the Horsemen of the Apocalypse riding bean bags

Tom Van Goethem during his talk Time is Not on Your Side: Exploiting Browser-Based Timing Attacks

Time taken to cipher input data speaks volumes

PHDays Everywhere participants

The section Experts Don’t Need No Education. Information Security and Other Pseudosciences

Rahul Sasi expressing his attitude to artificial intelligence in information security

The section SIEM, or not SIEM: That is the Question

Alexey Lukatsky rounds up leading SIEM vendors

Hacking the city infrastructure: day two

Dave Monnier from Team Cymru speaking about hackonomics

Burp Suite assists in pentesting

2drunk2hack — icing on the cake

Trying to hack web apps protected by WAF

The name of the game — drink if you’ve made a mistake

Arseny Reutov is the organizer of 2drunk2hack

Lucy’s First Job, a music band consisting of Positive Technologies employees

Balalaika Cr3w, a CTF team, is awarded in the nomination Best Bank Robbery

Artur Grigoryev and Oleg Kochev succeed in smart home hacking

Rdot is absolutely one of a kind in competitive intelligence

Tom Van Goethem takes the first prize in 2drunk2hack

Virsov, Cdump, and DarkCat showing the best results in HackQuest

Awarding the Quadro winner

Winners of CAN4ALL

BMW hackers up close

Mikhail Levin awarding the defenders of PHDays CityF: The Standoff

The SOC teams of PHDays CityF: The standoff

The hacker teams of PHDays CityF: The standoff

PHDays V begins

PHDays Congress Hall

John Bambenek on cyberthreat detection

The concept wall breathes and transfers data

The session “Today’s Russia in Unfriendly Cyberworld”

“Jackets” and “t-shirts”, as they should be

Registration of the forum’s participants

Code analysis in full swing

Only female hackers in the Korean CTF team

Nine teams participated in the CTF

Igor Agievich and Pavel Markov on how they developed an alternative to Shodan

Who will hack the electrical substation

DJ Andrey Addison at PHDays V

A robot, too, has a heart

A report on supercomputer file system by Felix Wilhelm and Florian Grunow

Alexander Gostev and Vitaly Kamluk with a research on government spyware

The PHDays V game area

ADAM modules used in the contest on hacking a missile launcher

Trying hard to hack a QIWI terminal

Physical devices can be connected to the terminal

Balazs Bucsay with his report “Chw00t: Breaking Unices’ Chroot Solutions”

I am a hacker, and this is my manifesto

Vladimir Lepikhin on the history of vulnerabilities in SSL/TLS

Dmitry Kuznetsov on undergoing certification with BSI

In the lobby

Among PHDays V sponsors — Sberbank Technology

Cyberspace in Outer Space

Geoffrey Baehr, General Partner at Almaz Capital

Whitfield Diffie, Advisor of Almaz Capital

Establishing an international white hat community

Igor Kotenko on SIEM systems

Cryptography in Russia: Is It All That Bleak?

A concert of the Russian band “Why didn’t I become an astronaut”

Alexey Andreev hosts the final of the short story contest “Hacked Future”

The winner of the Hacked Future contest is Pavel Gubarev

Dmitry Bogutsky took third place in the Hacked Future contest

Fourth place was shared between four participants

The MDS band reading the best stories of the Hacked Future contest

Vlad Kopp at PHDays V

Olga Kochetova preparing an ATM for a hacking contest

“Attacks on SAP Mobile” by Vahagn Vardanyan

Investments in bringing information security companies at the international level

“RFID/NFC for the Masses” by Nahuel Grisolía

“Social Engineering for Fun and Profit” by Chris Hadnagy

An attack on the ATM

The $natch contest’s final

The HackQuiz contest

A hands-on lab from TOOOL

It’s not easy to find a master key to handcuffs

Oleg Kupreev on unknown Wi-Fi features

Marina Krotofil speaking about attacks on chemical process

Not only hackers were allowed to play

Deciding the winner of the contest organized by Almaz Capital

Tens of specialists ensure the stable operation of PHDays V network infrastructure

A developer from SMTDP Tech gets a $1,5 million grant from Almaz Capital

The MiTM Mobile contest’s stand

The Choo Choo Pwn contest’s stand

CTF virtual currency

The 2600 contest’s stand

Clarence Chio on machine learning techniques used in network intrusion detection systems

The session “Information Security: Careers of the Future”

The session “Compromises in Large Infrastructures”

Vladimir Kropotov, Fedor Yarochkin, Kevin Williams

Nikita Tarakanov

The last minutes of the forum

Andrey Masalovich: Zero Shades of Grey

2drunk2hack

The forum’s attendees root for 2drunk2hack participants

The YesYes! band on the stage

Arseny Reutov hosts the contest

Congratulations from the organizers and sponsors

Vladimir Daschenko wins in в Choo Choo Pwn

Digital Substation Takeover winners

Andrew Gein wins in Leave ATM Alone

Ready for PHDays VI? YesYes!

PHDays V CTF participants

Congratulations to the PHDays V CTF winners!

Vlad Raskov receives a reward after winning the contest

Stas Povolotsky takes second place in $natch, drawing 3,200 rubles from the bank

Gleb Cherbov takes first place in MiTM Mobile

HackQuiz winners

Artsploit is the winner of the 2drunk2hack contest

Hashcat wins the Hash Runner contest

Best hackers together on one stage

Critical Infrastructure Attack or How to Hack a Whole City

Olga Kochetova setting up the ATM for the contest Leave ATM Alone

The second day of PHDays IV CTF begins

PPP from the US, the winners in 2011

Hands-on Lab is in full swing

The round table “State and Cybersecurity”

Maria Garnaeva and Sergey Lozhkin speaking about botnets

Alisa Esage (Shevchenko)

Critical Infrastructure Attack

A beanbag chair is a hacker’s best friend

The more the merrier

Alexander Peslyak (Solar Designer) speaking about password hashing

Smart TV Insecurity

What are “compromise indicators” and what are they for?

Eric Filiol on contemporary history of cryptography

David Oswald speaking about side-channel attacks

What will happen if the signal lights and boom barrier stop working?

Impressioning attacks by Toool

Trying to hack the QIWI terminal

Dragon Sector, the winners of CTF

Sergey Gordeychik, the forum’s director

Vladimir Dubrovin from Mail.Ru going to smash the prize MacBook Air

The MacBook Air survives and goes to the winner of the contest Huck Me

John-users, the contestants of Hash Runner

The winners of Survive Hacking

The PHDays IV CTF award ceremony

The registration counter, the first day of the forum

Participants getting ready for the start of PHDays IV

The first presentation is about to start

Kirill Kertsenbaum discussing MDM, BYOD etc.

Robert Griffin about attack prevention

Fabricating keys

Critical Infrastructure Security

Tom Van Goethem telling about vulnerabilities in WordPress

Dave Chronister presenting his report “Give Me Your Data!”

Dave discovering very important data on devices and hard drives bought on eBay

Old School: trying to hack the soviet coin-operated telephone

SCADA Strangelove telling about new vulnerabilities in ICS

Ignacio Paredes presenting his report “Industrial Cybersecurity and Critical Infrastructure Protection in Europe”

Alexander Sverdlov’s four-hour workshop on incident investigation

Participants of the workshop “How to React to Security Incidents: Investigation of a Cyber-Attack”

The report “Big Data on Social Networks: No Need for NSA’s Special Surveillance to Keep Track of You”. The hall is packed

Igor Ashmanov’s report became the most quoted in social networks

The presentation is over, but the audience wants more

Beauties from Mail.Ru resting

Alexey Zhukov about cryptography in the Internet of Things

Karsten Nohl presenting “Mobile Network Attack Evolution”

Tin foil hats waiting for their owners (the Survive Hacking contest)

The laboratory of 3D printing. Drawing with a 3D pen

The second day of PHDays IV CTF

Another try at hacking the pay terminal

More than 2,500 people from 18 countries took part in the forum

The payphone holds the field

The Leave ATM Alone contest

Modern 3D printers are not much larger than common printers

William Hagestad II: comparing Iranian, Chinese and North Korean hacking worlds

Unlock the tablet to access the HMI of the “insane home”

Despite the toylike look of the model, the ICSs are used in real life

PHDays IV CTF: last hours, the suspense is terrific

Hacking again!

Andrey Masalovich presenting his report on competitive intelligence

Making themselves comfortable

Maxim Tsoy, one of the leading organizers of PHDays IV CTF (center)

Andrey Petukhov, Dmitry Sklyarov and Andrey Moskvitin (from left to right) at the section “Threats 3.0”

Two hats are better than one

2drunk2hack: kyprizel took first place, second place went to coolzor, and balda took third place

Maxim Kutylov, the permanent moderator of the PHDays forum

2drunk2hack: hackers should be able to overcome any difficulties

Forum’s participants

CTF

Boris Simis tells about real security

Vladimir Zhirinovsky at PHDays

Choo Choo Pwn

Sergey Gordeychik, PHDays architect

Marc Heuse’s talk

Olga Kochetova’s lab

Audience

Miroslav Štampar presenting

Aestetix speaking

Choo Choo Pwn hands-on lab

Round table ‘The Role of the Young of Today on the Information Security Market of Russia’

Nick Galbreath speaking

Tao Wan presenting

TOOOL’s presentation

Travis Goodspeed’s talk

Alexander Gostev speaking

SCADA Strangelove team

Alexander Sverdlov’s talk

Andrey Masalovich presenting

Choo Choo Pwn

Artem Harutyunyan’s presentation

Dmitry Nedospasov and Thorsten Schreder’s talk

Max Goncharov speaking

Audience

Discussion ‘ICS Security — an Oxymoron or the Task of the Decade?’

Michail Yemelyannikov’s talk

Fyodor Yarochkin presenting

Eric Jimmy Anklesarai presenting

Alexander Antukh's presentation

Boris Ryutin's presentation

Vladimir Vorontsov's presentation

Dmitry Ugryumov's presentation

Ilya Trifalenkov's presentation

Olga Kochetova preparing the ATM before the lab

SDLC’s panel discussion ‘Is SDLC a Whim, a Vagary of Fashion, or Regulatory Bodies' Requirement?’

Choo Choo Pwn

CTF

CTF

CTF

CTF

CTF

CTF

CTF

CTF

CTF

DJ

Audience

Audience

2600 competition

2600 competition

2600 competition

Choo Choo Pwn competition

Lockpicking

$natch

The Labirinth

The Labirinth

The Labirinth

The Labirinth

The Labirinth

Audience

Audience

Audience

Audience

Audience

The Labyrinth’s start

The morning before the forum

Forum’s participants

Hall atmosphere

Hall atmosphere

TOOL and the bomb

Game Zone

ATM's internals and typical vulnerabilities demonstrated to foreign visitors

The Labyrinth

Lockpicking workshop

Lockpicking contest

The organizers preparing to the forum

The organizers examining the venue

The first stage of the Labyrinth

The winners of the Labyrinth

Registration

Information desk

Visitors

Dumpster Diving

Dumpster Diving

Dumpster Diving

Dumpster Diving

PHDays III

PHDays III

PHDays III

Forum’s participants

Forum’s participants

The Labyrinth final

The Labyrinth final

The bear, widely known in narrow circles

Traditional 2drunk2hack

2drunk2hack

2drunk2hack

2drunk2hack

2drunk2hack — passions are rising

Famous geohot will soon win 2drunk2hack

Geohot at the award ceremony

CTF winners

Eindbazen, the CTF winners

PPP, silver prize winners

The third place is taken by More Smoked Leet Chicken

Choo Choo Pwn winners

$natch winners

Winners

Awarding ceremony

Awarding ceremony

Awarding ceremony

Awarding ceremony

Awarding ceremony

Registration

Press Conference

Bruce Schneier's Speech

Datuk Mohd Noor Amin' Speech

PHDays Guests

Jerry Gamblin's Speech

Maria Garnayeva's Speech

Marcus Niemietz's Speech

Mercy Shelley's Speech

Thibault Koechiln's Speech

Sergey Gordeychik's Speech

Sergey Gordeychik's Speech

Alexey Lukatsky' Speech

Travis Goodspeed's Speech

Andrey Belenko' Speech

Alexander Peslyak's Speach

Vladimir Kochetkov's Speech

Miroslav Stampar's Speech

Fyodor Yarochkin's Speech

Seeing once is better Section

Human Resources Section

Seeing once is better Section

PHDays Guests

PHDays Guests

PHDays Guests

Section on Banking Security

Hands-on Lab by Andres Riancho

Hands-on Lab by Vladimir Lepikhin

Hands-on-Lab by Nikhil Mittal

Hands-on-Lab by Pierre-Marc Bureau

Hands-on-Lab on Remote Banking Security

Hands-on-Lab on Remote Banking Security

$natch

SCADA hands on lab

Hack the RFID

Hack the RFID

2600

Hacking FreeBSD 8.3

Nikita Tarakanov Compiting in Hack2own

Hijacking AR.Drone

AR.Drone

CTF

CTF

root@phdays.ctf aka Dmitry Evteev

CTF. 0daysober, Switzerland

CTF. BIOS, India

CTF. FluxFingers, Germany

CTF. Eindbazen, Netherlands

Dumpster Diving

CTF Rubbish Task

PPP 's Dumpster-Diving

In the Hall

Behind the Scene

Soviet Gaming Machines

In the Lobby

A Positive Employer

The Neuron Hackspace

Famous Speakers in Focus

Bruce Schneier

Bruce Schneier

Mikhail Yemelyannikov and a Camera

AR.Drone Winners

Matt Dickoff - AR.Drone Winner

Taking a Break

Chair Are Not Enough

Too Drunk to Hack

Too Drunk to Hack. Emotions High, Passions Rising

Too Drunk to Hack

Competition Awards

Award Ceremony. $natch Winner

CTF Winners - Leet More, Russia

CTF Silver medalists - 0daysober, Switzerland

CTF grand prize

CTF grand prize in the winner's hands

CTF Bronze Medalists - Int3pids, Spain

CTF Awards

CTF Awards

Underwood Performance

PHD 2011. THAT'S HOW IT WAS.

The weather set a positive mood even before the event began.

The first steps into the Molodaya Gvardiya club made it clear for the attendees: it was the right place.

The rush hour was pretty tough for everyone. The organizers promised to take it into consideration :)

The members of the PPP team, USA, still unaware of their upcoming victory at the PHD CTF 2011…

For 8 hours, the PHD CTF 2011 playground turned into a field of an intensive struggle.

The contestants of the PHD CTF 2011 were overwhelmed with emotions, but there was no single second to get distracted.

The hacker contest was the center of everyone's attention.

A few screens displayed each step of the CTF contestants in the real-time mode.

The organizers promised to enlarge the font size on the scoreboard next time :)

There was no single minute when the playground was empty.

Non-contestants were truly engrossed with the competitions.

The laptop was successfully hacked and awarded to the winner as promised.

The business program was carried out in five sections at the same time.

The mood of the seminars fluctuated from informal…

…up to formal and quite serious.

The end of the day saw the funniest Too Drunk to Hack contest for all comers.

To mark the end of the forum, the attendees cut and ate a cake adorned with the logotype of the event…

….and enjoyed a hilarious and positive performance of a popular Russian band Neschastny Sluchai (The Accident).