Directions for HIP22

• Yet more hacking
• No bullshit
• No commercial influence: only the best technical topics
• Open-source software, hardware and publications prioritized
• Live demonstrations and side activities required

Important: It’s absolutely pre required to any speakers/trainers to have a complete and valid health pass (covid-19) to be able to participate at the event.

CFP – Papers (Talks)

Contents

We are looking for submissions on the topic of infosec: crispy research, techniques, tools or feedbacks…

Below are some examples of fields that we expect:

• offensive security, penetration testing, OPSEC / red team
• defensive security, blue team
• forensics

The rule of thumb is to introduce practical knowledge to the audience, this is why we have the following prerequisites:

1. Presentations on technical topics
2. Live demonstration required
3. Hands-on expertise that can be useful for the audience - when possible, followed by tools publications
4. Good skills in pedagogy, popularizing complex topics
5. No commercial presentations

Regarding the last item, we mean to only accept the demonstration of open-source software, publicly released before or during the talk.

Screening

Important: Submit your information to our platform in the Markdown format. Make it readable and well organized. Videos and slides (PDF format only) can be linked in Markdown to the platform of your choice.

We would like you to submit the following items:

1. Profile / portfolio
2. A short introduction to explain what motivates your submission
3. Your presentation materials (as external links, in PDF)
4. A video of the technical demonstration, required as a fallback of the live demonstration (external link)
5. Links to the software repositories that you might plan to present, along with the related open-source licensing information.

During the screening, the committee will review these items.

Additionally, you might be asked to carry out the workshop session through a web conference session.

We won’t review any papers with missing information

CFT - Trainings

Contents

Any topic related to infosec, with technical or organizational focus, can be submitted as a training course. There is no specific theme expected, as long as it adds value to hacking and security topics.

A training should last 1, 2 or 3 days.

We particularly expect that the training contains:

• loads of hand-on exercises (at least 70% practicing)
• good quality materials, enabling students to review and replay learned stuff at home
• provided tools and software: virtual machines, hardware, scripts and other pieces of software.

The committee will give priority to studies based on open-source software and hardware.

Screening

Important: Submit your information to our platform in the Markdown format. Make it readable and well organized. Videos and slides (PDF format only) can be linked in Markdown to the platform of your choice.

We would like you to submit the following items:

1. Profile / portfolio
2. A short introduction to explain what motivates your submission
3. Your presentation materials, slides or study book (external link in PDF)
4. Links to the software repositories that you might plan to present, along with the related open-source licensing information.

During the screening, the committee will review these items.

Additionally, you might be asked to carry out the workshop session through a web conference session.

We won’t review any papers with missing information

CFW - Workshops

Contents

The goal of a workshop is to give the key points, outline some techniques and risk outcomes during short sessions.

This year, we offer two types of workshops:
• The first one should last 45 minutes long, besides the talks, with predefined slots for each day, in a private room. You should make it short, straight to the point, with practicing materials available to at least 5 attendees at a time; • The second one allows free access to all attendees, without slots. Some workshops will be in the same room, at the same time. A workshop must be repeated many times in the same day or during two days.

Use screens and slides to make clear explanations for the attendees, before they can practice by themselves.

These points are just given as an indicative basis: feel free to suggest a different format if you need to.

Most importantly, you need to be very pedagogic to popularize your topic for various profiles of attendees.

We would like to have workshops on the following topics:

• IoT: demonstrations of the typical tooling, attack methods, etc.
• Penetration testing or Red Team: showing off new tools, techniques, etc.
• Lock picking (traditional or NFC related)
• Abilities of new detection and defense tools against known attacks (SIEM, AI, …)

Feel free to suggest other topics if you think they can meet our expectations.

Screening

Important: Submit your information to our platform in the Markdown format. Make it readable and well organized. Videos and slides (PDF format only) can be linked in Markdown to the platform of your choice.

We would like you to submit the following items:

1. Profile / portfolio
2. A short introduction to explain what motivates your submission
3. Your presentation materials (external links in PDF)
4. Links to the software repositories that you might plan to present, along with the related open-source licensing information.

During the screening, the committee will review these items.

Additionally, you might be asked to carry out the workshop session through a web conference session.

We won’t review any papers with missing information.