CypherCon 2025
| CARVIEW |
Select Language
HTTP/2 200
server: nginx
date: Sat, 11 Oct 2025 14:23:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache-enabled: True
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
link: ; rel=shortlink
x-httpd-modphp: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: EXPIRED
x-proxy-cache-info: 0 NC:000000 UP:
content-encoding: gzip
Optimal Offensive Security Programs – CypherCon Skip to main content 
Optimal Offensive Security Programs
Phillip Wylie
Abstract:
Offensive security is a critical component of cybersecurity, as it involves identifying and exploiting system vulnerabilities from a threat actor’s perspective. This approach to security assessments can reveal vulnerabilities that may not be detected through vulnerability scanning alone. However, offensive security can be complex and is often misunderstood, which can hinder organizations from achieving their security assessment objectives. Additionally, current offensive security assessment practices often contain gaps that reduce the effectiveness of these assessments. In this presentation, experienced offensive security professional and educator Phillip Wylie will explore the various types of assessments that constitute offensive security, examine common gaps encountered during pentests, and offer strategies to enhance offensive security efforts. This session aims to provide attendees with a better understanding of offensive security, insight into different offensive security assessment types, guidance on addressing common gaps associated with offensive security, and information on how it integrates with vulnerability management programs.
Phillip Wylie
Dr. Pepper!
Phillip Wylie is a cybersecurity professional with over 27 years of industry experience in IT and cybersecurity. He is also a former Dallas College Adjunct Instructor and the founder of The Pwn School Project and DEFCON Group 940. Phillip has diverse experience in multiple cybersecurity disciplines, including network security, application security, and pentesting. As an offensive security professional with over a decade of experience, he has conducted pentests of networks, Wi-Fi networks, applications, red team operations, and social engineering.
Phillip’s contributions to the cybersecurity industry extend beyond his work as a pentester. He is the concept creator and co-author of “The Pentester BluePrint: Starting a Career as an Ethical Hacker,” a highly regarded book inspired by a lecture he presented to his class at Dallas College, which later became a conference talk. Phillip hosts “The Phillip Wylie Show” and “The Hacker Factory Podcast,” where he interviews guests on how they got started in cybersecurity and their advice for aspiring cybersecurity professionals. Additionally, he is a frequent conference speaker, workshop instructor, and mentor.
Close Menu
- Register
- Topics
- AerospaceCypherCon’s Aerospace Hacking community consists of hackers, cybersecurity professionals, aviation engineers, and pilots coming from local public and private sectors. We believe in protecting human life by ensuring the skies are safe, reliable, and trustworthy which is dependent on secure aviation and space operations. Aerospace hackers & Cybersecurity researchers have been testing and securing the skies & space. At the CypherCon the Aerospace community speaks on what it takes to secure aviation, aerospace, defense, transportation and manufacturing industries. In addition, we have a close relationship with Oshkosh’s EAA, the experimental aircraft associates and annual air show and gathering of aviation enthusiasts held each summer at Wittman Regional Airport and adjacent Pioneer Airport in Oshkosh, Wisconsin, United States.
- Application Security (AppSec)CypherCon’s Application Security (AppSec) community consists of hackers from the red team (attackers – works to break into systems), the blue team (defenders – works to keep the systems safe) and the purple team (Mix of both red teams and blue teams working to improve collaboration) Application Security (AppSec) members come together to learn how to exploit software vulnerabilities and other weaknesses in software. Software is everywhere and in everything. The software attack surface continues to grow and is attractive for abuse.
- Artificial Intelligence (AI)Artificial Intelligence (AI) hacking is a growing communnity here at CypherCon. AI and machine learning is vulnerable to cyber attacks with it’s core of modern AI—are rife with vulnerabilities. Attack code to exploit these vulnerabilities has already proliferated across the community while defensive techniques are young, limited, and struggling to keep up. Machine learning vulnerabilities permit hackers and attackers to manipulate the machine learning systems’ integrity (causing them to make mistakes), confidentiality (causing them to leak information), and availability (causing them to cease functioning). Where can hackers come into play to protect AI systems?
- AutomotiveAutomotive or Car Hacking has become critically important. We all drive and ride in vehicles with an incredible number of computers and connectivity. Today all new cars are connected through V2X technologies. Manufacturers are coming out with new technologies for Vehicle industries and business tracking like Fleet management systems, diagnosis toolset, etc. These systems belong to third-party vendors full of vulnerabilities. To better tackle these flaws, a particular set of skills for the automotive and car hacking professionals is required.
- BiohackingBiohacking can be described as hacker citizens or do-it-yourself biology. For many “biohackers,” this consists of making small-medium or incremental changes to one’s lifestyle to make small improvements in your health and well-being. However there are many categories of biohacking: • Biotechnology • BioArt • DNA • Bioinformatics • CRISPR • Human Sexuality • Grinders • Citizen-Scientists & DIY Research • Culture • 3D Printing • Biomedical • Engineering • Implants • Coatings • Magnets • Robotics • Augmentation • Neurotech • InfoSec • BioTech • BioSecurity • BioTerrorism • iGEM • Public Health • Health Hacking • Bio Law • Bioethics • Design • BioBricks • Synthetics • Healthcare • Food & Diet & Nutrition Hacks • Mind Hacks • Tissue Engineering (medical & non-medical) • Biochemical Synthesis • Biohacking 101 • Biosafety • Neuro-Informatics • Nootropics • Aging and Life Extension • Transhumanism • Epigenetics • Archeology • Biophilic Architecture
- Blue TeamNot everything is offensive, many hackers work on the defensive side. Blue Team is a community built for and by defenders. It’s a place to gather, talk, share, and learn from other blue team hackers about the latest tools, technologies, and tactics that our community can use to detect attackers and prevent them from achieving their goals. Many times, our defenders are providing our organizations from nation states!
- CareersWe all have skills sought after in the market place. Do you want a meaningful career with great benefits and security? CypherCon blends a career “fair” and mentorship/coaching from a hackers perspective. CypherCon’s hacker career village brings together students, professionals, and employers for networking, recruiting and career conversations. Find your future direction.
- CloudCloud hacking is the act of checking for security vulnerabilities and weaknesses in an organization’s cloud infrastructure. CypherCon’s Cloud Hacking village offers an open space to meet Wisconsin hackers interested in offensive and defensive aspects of cloud security. Cloud Hacking Topics include offensive techniques, tools, threat and vulnerability sharing, and general knowledge related to cloud security. Defensive knowledge is also welcome at cloud hacking village! At the end of the day the primary goal is to make clouds safer, and both red teamers and blue teamers are welcome to submit content. Get involved!
- Cold WarInformation has always been a key commodity. The cold war hacking or espionage village blends the historical Cold War espionage that was focused on gaining an advantage in information about the enemies’ capabilities, especially related to atomic weaponry. Has that ever really changed as we entered into cyberwar? Learn from our history to guide you into the future at the cold war hacking village.
- CryptocurrencyMaking sense of bitcoin, cryptocurrency and blockchain can be challenging. CypherCon Hackers will help answer your questions. What is it? How does it work? How it can be used? What cryptography is used in the underlying technology? How will blockchain evolve technology? Learn more from our hackers at the cryptocurrency and blockchain village.
- DatabasesEver wonder what database hacking methods exist? How do you know if the database is vulnerable? The best way to make sure your database is secure from bad actors is to think like a hacker. Database hacking at CypherCon dives into the numerous types of databases and many different ways to compromise them. Can you crack the database root password or run a known database exploit?
- Encryption & CyphersThe bread and butter of CypherCon! Cyphers or more commonly, Ciphers, also called encryption algorithms, are systems for encrypting and decrypting data. A cipher converts the original message, called plaintext, into ciphertext using a key to determine how it is done. We are actually a Cryptography conference disguised as a hacker conference, we strive for 20% of our talks to be related to Cryptography.
- Executive
- Forensics
- Game Hacking
- Hacker Culture & Music
- Hacking 101
- Hardware & Soldering
- Healthcare
- ICSIndustrial control system (ICS) is a collective term used to describe different types of control systems and associated instrumentation, which include the devices, systems, networks, and controls used to operate and/or automate industrial processes.
- Incident Response
- Internet of Things (IoT)
- Keynote
- Locks & Safes
- Malware
- Mobile
- Open Source
- Password Cracking
- Privacy
- Red Team
- Risk
- Social Engineering
- Threat Intelligence
- Vintage Hacking
- Wireless
- News
- Party
- Run.exe
- Travel
- FAQ
- Participate
- About Us
- Contact