Monday, 26 June 2017

My Experience At AfricHackon 2017 #AH2017 #AH4

AfricHackon 2017 #AH2017 #AH4


AfricaHackon is one of the best information security conference in Kenya and every year everyone from the InfoSec community attends it. I have a great interest in Security and hacking ( though software devt is all i do.) and yes I too look forward to the conference. Every year most of my friends who are into security attend AfricaHackon. It has been running the last 4 years and this year it was greater bigger and different.

The Tickets

The getting of tickets wasn't hard .Safaricom ,staunch supporters of AfricaHackon ,were the platinum sponsors and also provided a mobile payment platform ,Paybill which made it easy to pay for the tickets. Jambo pay (a sponsor) provided the ticketing and online purchase of the tickets .Two tickets types were available Corporate and student pass . There was an offer for students to a minimum of 2k. This time tickets were available for purchase  to the last day.Being a Kenyan we love the last minute purchase of tickets.The conference was being hosted in one of the big five hotels in the city under the sun -Nairobi. 5 minutes from the CBD about 3km. The serene was amazing.

Conference


Before the AfricaHackon conference ,there was a conference a week before Organised by CIO Africa and it was more of a talk and presentation Information Security conference, being a techy ,i shifted my focus to AfricaHackon conference.Through the  AfricaHackon website (https://africahackon.com/) the schedule of speakers was available and the topics of discussion were amazing.

Most of the talk in AfricaHackon were great and was very informative;

Day 1


  1. A 13 year old doing a presentation on  Internet Safety from a 13-year-old  -Joseph Kyalo (Moi Education Centre)
  2. A talk by Michael Mbuthia – CIO KBA-IPSL 
  3. PLENARY: Next level of Cyber Security for Africa: Thinking Proactively - this session opened our minds and man did we ask alot of questions regarding the enacted ICT Bill
  4. The Enterprise Immune System – Darktrace: Eleanor Weaver She did the best presentation on the Daktrace system .The use of AI in IDS systems
  5. Phoenix SIEM (Security Information and Event Management) by Samuel Wachira-this is a kenyan home based system by a local enterprenuer and techy who used to work at Rapid7
  6. Naked in Cyberspace: The Corporate CyberSpace Menace you don’t know by Jimmy Wayans- Jimmy as always reminding us how if we dont configure our systems well we gonna cry.
  7. Breaking the Core (The troubles of Mobile Banking) by Charles Muiruri (icrackthecode):well he brought the concept of secure software development of mobile apps.more in case the Banking Mobile Apps.
  8. Fuzzing BaseBand (Trigger Remote Actions on phone within 100m) by Jade Solomon (http://blog.0x7678.com/).jade a firend of many years .he did best at what he does a good engineer in the GSM field he took everything to the next level.He should have been a comedian but well that jade for you.He showcased how  Dynamic Binary Instrumentation can be used to access the memory of an application and get  details of a mobile app user.Will go back to using a scrambler no smart phone hehehehehe.


Day 2

The day to was more of a practical session and without wait the sessions started straight at (.00 am.


  1. Anatomy of a Targeted Attack (Kill-chain From Infection to ExFiltration) by Gabriel Mathenge & Trune
  2. Hiding in Plain Sight: Dropbox Command and Control by Vince Obilo
  3. “HoneyHouse: A Damn Vulnerable Home Automation System” by  Peter Ouma -This dude is one innovative guy. He showcased IOT hacks 
  4. Launching AfricaHackOn SecOps by Sam Gichuru & Dr. Bright G. Mawudor.-- The AHSecOps this will be a platform with meetups where people with interest in infosec will learn and share skills.It will be hosted at Nailab ,an ICT  incubation center.
  5. The Art of Boot-loader Unlocking: Exploiting Samsung Sboot by  Nitay Artenstein
  6. The Making of the AfricaHackon Badge by Chrispus Kamau.A friend who loves network and anything that has waves and bandwidth. His presentation was on use of conference badges and wireless spoofing (mdk)

The AH Badge

Finally met these awesome people

It was a great experience,meeting and networking I met a lot of people whom i earlier met online.like Essenkey ,the guy online he sounds like a mafia but face to face he is a chilled guy,Munir (alien-within),he looks more of a literature professor ,chilled.One john ( @me ) ......that a story for another day.
Joe Wambugu from Hotmall ,that guy is an entrepreneur,the last time i saw him(6 months ago) he was talking he needs to understand info-sec ,now he is working on a DNS tool he want to launch end of July.waiting for the better version.



I did not attend much talks as i was busy meeting new people, networking and eating. A lot of companies who are related to security came to AfricaHackon and it was a great opportunity to know what is the latest things that are going on in security. Also job offers by few of the companies that visited AfricaHackon eg Daktrace are opening an office in Kenya .

I know a lot of people online who are into security and AfricaHackon was the best platform to meet them in person also I made lots of friends there.






Conclusion

It was a great experience. Many people say that we can watch the talk online too why to spend so much money going to conference? the thing is the experience that we get when we visit conferences like is something that cannot be get just by watching the talk videos. I would like to thank all the awesome people of AfricaHackon to make the conference such a success.

THANK YOU