David Sopas – Web Security Researcher

Meetings

10/08/20 Meetings , My Events # , ,

Our DEF CON 28 day was a blast

Our DEF CON 28 day was a blast

4 portuguese security researchers presented at DEF CON this year. I’m sure that was a record 🙂

  • Paulo Silva and I with API (in)Security TOP 10: Guided tour to the Wild Wild World of APIs (which you can check the recording on Youtube).
  • Pedro Umbelino and João Morais with Android Bug Foraging (check the talk on Youtube)

With this in our mind, we gathered together at Char49 meeting room and saw it together… with drinks and pizza.

The fun was just starting. On Pedro and João talk, they included a never shown video  before regarding Google Camera issue which included myself being a victim of this vulnerability.

We even did the CONs tradition of “Shoot the N00b” for first time speakers – drink a shot before the talk. The poison was Pedro Umbelinos’ homemade firewater. I would lie if I would say that it didn’t hurt going down 🙂

In the end we had lot of fun and I hop enext year we can be together again giving a talk at DEF CON. Who knows?

PS: A new entry on my bucket list can now be checked – be a speaker at DEF CON.

 

no responses
30/07/20 Meetings , My Events # , , ,

DEF CON 28 here I go

Even in safemode, DEF CON 28 will be legendary, specially because for the first time… I’ll be a speaker 🙂
Some of my research was already present at DEF CON but now I’ll be actually speaking at the best security event in the world.

Paulo Silva and I will be talking about API (in)Security TOP 10: Guided tour to the Wild Wild World of APIs at AppSec Village and you can’t miss it.

Check out the agenda and don’t forget also to check Android Bug Foraging from my mates Pedro Umbelino and João Morais.

 

no responses
23/10/18 Meetings , My Events # , , , ,

Semana Informática and BSides Lisbon

So I scheduled my last talks for this year.

At 31 October, I’ll be at FEUP in Semana Informática to present – Breaking IoT!
And for the third time, I’ll have the honor to be at BSides Lisbon on 29th and 30th November giving a talk with my friend and collegue Pedro Umbelino – Exfiltrate all the things!

If by any chance you’ll be in one of these events feel free to approach me and say Hi!

no responses
11/10/17 Meetings , My Events

Guess who’s coming to BSides Lisbon 2017?

… you’re right! This guy 🙂

After my presentation last year, I decided to submit again a talk to the best infosec event in Portugal – BSides Lisbon. My talk GTFO Mr. User will be about:

In this talk, the author will present real case scenarios (aka hacking to PoC) showing the danger of large organizations ignoring high and critical security issues, with repercussions that would affect millions should the security threats fall into the wrong hands. Additionally, this talk will share tips on how to properly disclose bugs to companies without being a real Trump.

I’ll also bring some hardware to play during the event, specially for BLE hacking, and other few surprises in my talk (say what?!).
Don’t forget to check out the other speakers and buy your ticket!

no responses
21/06/17 Meetings # ,

Speaker at C-Days 2017

Speaker at C-Days 2017

I was invited by AP2SI to represent them in this year C-Days event. I talked about “Hacking for fun and profit – bounty style” and the room was packed. It was a pretty cool event specially because I was able to join a couple of friends to trade some new ideas.

no responses
12/11/16 Bug Bounty , Meetings # , ,

BSides Lisbon – The way of the bounty

BSides Lisbon – The way of the bounty

Hey guys for those who want to download my presentation at BSides Lisbon you can do it right here.

Also you can watch the 50min video of the talk – https://www.youtube.com/watch?v=6cWHt-h78yY

I had lot’s of interesting questions at the end of the talk which showed me lots of interest in the bug bounty industry.

I also I would like to thank the BSides Lisbon organization because it was a awesome event. I met so many interesting people and got the opportunity to be with my great friends.
Awesome talks in both tracks and lot’s of networking and hacking on the lounge areas.

Next year I’ll be there again for sure!

no responses
27/08/15 Bug Bounty , Meetings # ,

Bounty ChitChat canceled

Bounty ChitChat canceled

Why? I forgot that’s my grandmother birthday. I could lie and tell something technical or something, but no… It’s true 🙂
I’ll try to post another date next week.

Sorry!

no responses
21/08/15 Bug Bounty , Meetings # , ,

Bounty Chitchat

Bounty Chitchat

On 28th august at 09:00PM (UTC/GMT +1 hour) I’ll create a channel on hack.chat where security researchers working on bounties could talk together and share ideas.
I’m thinking about an hour duration.

The main topic is bounty programs so everything around it could be discussed.
I’ll provide the link to the chat on Twitter 5 minutes ealier so don’t forget to follow me @dsopas.

Remember: Save the date!

no responses