Jason Shirk is a Principal Security Strategist at Microsoft and runs their Bug Bounty Program (aka.ms/bugbounty). He has spent a number of years in both the software security & user data privacy spaces with roles from owning Microsoft’s Fuzzing Strategy and toolkit to the Security Architect for Bing, penetration test and endpoint security at Bell Labs/Avaya, to now driving overall Security Ecosystem Strategy for Microsoft. Jason speaks regularly at external Security & Privacy conferences, as well as advising program owners across Microsoft and the industry on the evolving nature of building secure software, with user privacy in the forefront.
Microsoft Bug Bounty Program: Data Behind the Scenes
[ Read More ]
Funny Wei is a core member of XFocus Team, XCon speaker，Ph.D. He is mainly dig into software vulnerability analysis, industrial-control systems security and SDN security. He has many years of experience on vulnerabilities detection of OS、smart devices、cloud computing platform and engaged in the study and implementation of symbolic execution, fuzzing, massively distributed parallel detection techniques. Recently he is focusing his research on industrial-control system, SDN and Internet of vehicle security issues.
Construction of software vulnerability analysis infrastructure
[ Read More ]
Zhong Chenming (Cos)
Cos (Zhong Chenming) is the Technical Vice President of Beijing Knownsec Information Technology Co., Ltd., head of 404 Security Team. With a long-term focus on Web2.0 hacking, he has an all-around knowledge and practices of cyber-attack/defense skills, particularly good at taking over targets with stealthy techniques. As the industrial practitioner of security and big data, he took the lead in creating the well-known ZoomEye Cyber-space Search Engine and bringing KCon into a brighter future. He is fond of seeking inspirations across different fields and wrote the popular book Web Front-End Hacker’s Handbook.
Hidden Battlefield: Flash-based Web Attacks
[ Read More ]
Ph.D, the current general manager of Antiy Microelectronics and Embedded R&D Center. He is mainly interested in computer and external hardware security, information security of industrial systems, embedded systems and internet of things and etc. He is a geek who is addicted to technologies, all his working and hobbies are DIY hardware and hack. He and his team have rich experience in showing their work related to hardware security on XCon.
Evil Cleaning Maid, the Information Security Risks by Floor-sweeping Robots
[ Read More ]
Xiaobo Chen (DM557)
Xiaobo Chen is a member of the Pangu Team. He used to work as a senior research scientist at FireEye and McAfee. He has participated in network security field since 2000, and has over 15 years experience in network security, and now he focus is on innovative research on software vulnerability and exploitation on Microsoft and Apple systems.
Review and Exploit Neglected Attack Surfaces in iOS 8
[ Read More ]
Lyon Yang is a senior security consultant at Vantage Point Security with a research focus on embedded systems hacking and exploitation. He is from sunny Singapore, the world’s first smart city. His regular discoveries of zero days in a variety of router models has earned him a reputation as the go-to guy for router hacking in Singapore, where he has been hired to do firmware source code reviews on popular router models. He is currently working on a comprehensive testing framework for ARM and MIPS based routers as well as shell code generation and post-exploitation techniques.
Advanced SOHO Router Exploitation
[ Read More ]
nEINEI is one of the core members of ByteHero team, he is a security researcher of Intel Security/McAfee Labs. One of designers of Bytehero Heuristic Detection Engine, he provided the BDV engine with Virustotal/OPSWAT platform. He has many years of experiences on Anti-virus techniques research and be interested in virus research/anti-virus engine design, vulnerability research, network attacks, reverse engineering and has spoken at security conferences such as Xcon2014,XCon2013, XCon2010,AVAR2012, and CanSecWest2014.
Application Level's Persistence of Attack Technology[ Read More ]
Yang Qing (Ir0nSmith)
He is the manager of 360 Unicorn Team, who first reported the vulnerability of subway WirelessNet and NFC card in China. He leaded his team made 360SkyScan-WIPS, NFC card protection, security charger and some other geek protection productions. He is the speaker of Defcon 23. Besides, his team is also going to make three speeches on Defcon 23 , which are GPS Spoofing, Zigbee Hack, and GPRS Hijack.
Hacking GPS - Generate fake GPS signal step by step[ Read More ]
He has been engaged in researching computer viruses, software protection and cryptology for many years；BBS Moderator of pediy.com and currently works as CTO in NAGA. He has spoken at security conferences such as Xcon, Xkungfoo
Network ID：Hannibal. Co-founder of team509 security technology research team. He has focused on the field of Reverse Engineering and Computer forensics over ten years. Translator of surreptitious software (simplified Chinese version), and speaker of xkungfoo 2008 (raid5 internals) 2013 (From 1day to forensic)and XCon2012（File Analysis Vs File System Analysis）
The Imitation Game[ Read More ]
ID：yuange who is well-known as one of the elites representative of Chinese network security and hacking technology, the first finder of Windows9X share password using underlying analysis of Microsoft Windows system and first one who digging IIS Unicode system vulnerabilities. He has worked for many famous security companies such as Nsfocus and 360.
Forum: Present and Future of vulnerability & vulnerability mining
Alexander Timorin, Sergey Gordeychik
Sergey Gordeychik is the Director and Scriptwriter of the Positive Hack Days forum, captain of SCADAStrangeLove.org team and Web Application Security Consortium (WASC) contributor. Industrial cyber-disasters researcher and speaker at S4, CCC, POC, Kaspersky SAS, etc.
The main areas of his work are the development of the enterprise security products in Sergey has developed a number of training courses, including "Wireless Networks Security" and "Analysis and Security Assessment of Web Applications", published several dozens of articles in various titles and a book called "Wireless Networks Security".
Alexander Timorin, SCADAStrangeLove network protocols ninja.
Practical security assessment of European SmartGrid[ Read More ]
Beijing Bai Fu Yi Hotel
Adress: No.19 South Erlizhuang Dongzhimen Street Dongcheng District Beijing.
|2015-8-18 Tuesday 1st Day|
|9:40-10:40||FunnyWei||Construction of software vulnerability analysis infrastructure|
|10:40-11:40||NEINEI||Application Level's Persistence of Attack Technology|
|13:30-14:30||YangQing||Hacking GPS - Generate fake GPS signal step by step|
|14:30-15:30||Lyon Yang||Advanced SOHO Router Exploitation|
|15:30-16:00||Rest & Coffee Break|
|16:00-17:00||Cui Xiaochen (Hannibal)||The Imitation Game|
|17:00-18:00||XiaoBo Chen（DM557）||Review and Exploit Neglected Attack Surfaces in iOS 8|
|2015-8-19 Wednesday 2nd Day|
|9:30-10:30||Jason Shirk||Microsoft Bug Bounty Program: Data Behind the Scenes|
|10:30-11:30||Cos||Hidden Battlefield: Flash-based Web Attacks|
|13:30-14:30||Alexander Timorin, Sergey Gordeychik||Practical security assessment of European SmartGrid|
|14:30-15:30||ESoul||Evil Cleaning Maid, the Information Security Risks by Floor-sweeping Robots|
|15:30-16:00||Rest & Coffee Break|
|16:00-17:00||Forum: Present and Future of vulnerability & vulnerability mining|
XCon XFocus Information Security Conferense
AHaving certain influence in the world, XCon Information Security Conference is one of the largest and most authoritative and famous information security conferences in China. For more than a decade, XCon has been upholding its rigorous work style and inviting the information security experts and fans, network security consultants from abroad and home. XCon commits to create a friendly, harmonious platform for communication.
Every summer XCon will come in time and meet you in Beijing--the capital of China. There will be hundreds of information security experts, scholars, researchers and related professionals come from different countries invited to present and give speeches. The meeting covers everything and new fields’ information security technologies. If you have new technologies, new discoveries or successful experiences in some fields and welcome to share with us!
We are only the feasts of technologies. You should be here!
Sending your papers to firstname.lastname@example.org Registration,
XCon2015 Call For Paper
Xfocus is a non-profit and free technology organization, which was founded in 1998 in China. We are devoting to research and demonstration of weaknesses related to network services and communication security.
We hope that we can use new technical tools to achieve our goals, and to broaden our outlook. Also we can communicate and help with each other through this amazing Internet.
From Internet, for Internet!
Go To XFocus Website
XReward – A Return Day
Within many years of grow-up through Internet, we have got so many things from it such as knowledge, friends, career, chances and money. This is time for return to Internet. That’s the real meaning of our slogan：From Internet, For Internet! To express XCon gratitude to Internet and every friends who contribute their efforts to make this virtual world safe, a special event named XReward will be held at the same place of XCon2015 venue on 20th August. Everyone is Free to come in this day for meeting and communicating with XFocus Team members and big shots in famous internet enterprises. Due to the limited space，XCon attendees are in priority. Coming soon for more details!
Go to XReward Website
- Registration fee will include:
- Access to 2 days conference (18th -19th August), coffee breaks and lunch per day and conference souvenirs.
payment before 08/5
|Regular registration |
payment before 08/14
payment at door:
|$700/per person||$750/per person||$800/per person|
- Please use the subject as XCon2015 Registration and send to email@example.com@huayongxingan.com
- Please mail us your registration information and it should cover with: Last name, first name, email address, company, country, city, address and special diet (None, Vegetarian, Muslim).
- he XCon organizing committee could help you book the room of conference hotel at a better price, if you need us help please send email to us use the subject of XCon2015 Room reservation. XCon2015 Room reservation。