• Over 30 Speakers

    Featuring keynotes from
    security experts
  • 2 Day Event

    24-25 April, 2021
  • Location

    Virtual on Twitch.TV
  • Capture The Flag

    Featuring over
    50 challenges


Raising Money for a Good Cause

We’re raising money this year for an awesome cause, Child’s Play a game industry charity dedicated to improving the lives of children with toys and games in a network of over 185 hospitals worldwide.

3-Track Virtual Conference

Featuring speakers from various security disciplines sharing expertise on a variety of topics covering Red, Blue, and Purple teams. We also have some awesome keynotes lined up!

Capture The Flag

Test your skills on Day 2 during our CTF, featuring more than 50 unique challenges developed especially for IsolationCon. We have some awesome prizes up for grabs from our sponsors. Register

Last April The Many Hats Club hosted our very first conference, that saw over 2,500 people attend. Three tracks were delivered with an amazing set by YT Cracker and ultimately raised over £10,000.00 for Médecins Sans Frontières (MSF). This year, we are taking everything we learnt from both IsolationCon and conINT to put on an even bigger and better virtual conference. Speakers, unique CTF, workshops, competitions, and an amazing after party. We know that everyone is probably thinking “not another virtual conference”, but this is going to be one show you really don’t want to miss.

There will be no charge to attend the talks, but there will be a small donation charge for the CTF which will all go to our chosen charity. Our objective is to raise money for good causes and once again will set a fundraising target of £10,000. This year our chosen charity is Childs Play.



Featured Speakers


  14:00 - 14:05 UTC
  Opening Ceremony

Opening Comments Stu

Stu will open the IsolationCon and set out the agenda for the day, and will be introducing our opening keynote TJ Null.
  14:05 - 14:55 UTC
  Opening Keynote: TJ Null

How Not to Suck at Cloud Pentesting

It’s 2021 and we still have “testers” printing vuln reports to submit to clients as their cloud pentest report! There are numerous findings that go untouched in these cloud environments. In this presentation TJ will cover some key components that pentesters miss when they are assessing AWS cloud environments and explain the importance of manually testing these cloud environments.
  15:00 - 15:25 UTC

Gone Phishing

A curious mix of social engineering, osint and human vulnerabilities to leave the office as a millionaire. On site red teaming using spiced up techniques to bypass systems and people. My talk will be based on personal experience in the workplace of how systems, processes and people are at risk and how to upskill employees and employers.
  15:30 -16:25 UTC
  Keynote: Cal Leeming

Trillions: Part 2

Have you ever wondered what it takes to build a Cyber Security company? This talk is about our journey of becoming the Google of Cyber Security, with lots of juicy tech detail.
  17:45 - 17:55 UTC
  Travis Eriksen - Childs Play

Childs Play Talk

Travis Eriksen, Executive Director of Child’s Play to talk about the charity.
  18:00 - 18:55 UTC
  White Hat Inspector

Can’t find it the e-mail address of your target? Just…guess it!

Sometimes OSINT investigators can't easily find an e-mail address of their targets. But e-mail addresses are important as they are one of the most valuable leads to pivot from. This talk will show ways that OSINT investigators can use to try and guess an e-mail address of their target. We are going to use names and surnames, birth dates, usernames, flaws in platforms and more that can lead an OSINT investigator to drastically increase his chances of "guessing" the target's e-mail address.
  19:00 - 19:40 UTC
  K "Turb0Yoda" Singh

Introduction to Car Hacking Basics

Ever wanted to learn about the basics of car hacking but don't have a car or don't want to break your only car? This presentation will give a quick overview of basic car hacking and where to start as a beginner.
  21:00 - 21:55 UTC
  Keynote: Phillip Wylie

Inside The Mind of a Threat Actor: Beyond Pentesting

Red team is a commonly misunderstood offensive security discipline. Red team has been used as a general term for all areas of offensive security just as blue team for defensive security. True red teaming goes Beyond Pentesting and into more adversarial emulation. While there are overlapping skills, there are differences that will be discussed as Phillip shares his experience of going from a pentester to a red teamer. In this talk, you will learn about the different areas that make up red team operations, common tools, and the path to becoming a red teamer. In this presentation, you will learn about resources helpful for a path into red teaming.
  22:00 - 22:40 UTC
  Josephine Windsor-Lewis

Smart phone to medical device in five (not so) easy steps

As smartphones become more advanced, more and more opportunities to use them to solve big global issues emerge. One of these issues is neonatal jaundice, or liver failure in new born infants. This relatively common condition affects up to 80% of premature births. Treatment relies on early diagnosis, and lack of treatment can be disabling and potentially fatal. Traditionally diagnosis has been based on the skin colour of infants, a technique which is less effective for infants with darker skin tones, and the alternatives have been prohibitively expensive. In this talk I will present a novel technique to diagnose liver dysfunction using an app based on the android camera2 API, a little creativity and a lot of Java. This smartphone application uses RAW image data to perform subtracting colorimetric analysis on the white of the eye. This talk is perfect for anyone interested in app development, image analysis or the power of creative coding and will be beginner friendly!
  22:45 - 23:25 UTC
  Chloe Seaton

What it takes the be an Ethical Hacker – A journey into a technical role

Chloe’s talk will focus on cyber industry demographics, what the industry currently looks like and how we can target more children to encourage them into careers in technology. Chloe will discuss her experience of joining the industry and challenges she faced having a non technical background including imposter syndrome and technical confidence. Her talk will also cover the topics covered in her Ethical Hacking training programme to highlight what skills individuals (both children and adults) can build upon in order to enter the industry. Finally, Chloe will address her future hopes for both her own career and in her awareness campaigns.
  14:00 - 14:05 UTC
  Opening Ceremony

Opening Comments Stu

Stu will open the IsolationCon and set out the agenda for the day, and will be introducing our opening keynote TJ Null.
  14:05 - 14:55 UTC
  Opening Keynote: TJ Null

How Not to Suck at Cloud Pentesting

It’s 2021 and we still have “testers” printing vuln reports to submit to clients as their cloud pentest report! There are numerous findings that go untouched in these cloud environments. In this presentation TJ will cover some key components that pentesters miss when they are assessing AWS cloud environments and explain the importance of manually testing these cloud environments.
  15:00 - 15:55 UTC
  Sam Stepanyan

Using OWASP Nettacker For Recon and Vulnerability Scanning

OWASP Nettacker Project, one of OWASP's "Unsung Hero" projects. Nettacker is a little-known yet awesome and powerful 'swiss-army-knife' type tool for information gathering, vulnerability scanning and automated pentesting fully written in Python. This talk will feature featuring live demo of the tool and practical usage examples including the latest features just released in 2021
  17:45 -18:55 UTC
  Keynote: Becky Pinkard & Dr Victoria Baines

Cybersecurity’s image problem

Cybersecurity vendors routinely describe themselves as ‘cyber defenders’ engaged in ‘hand to hand combat’ with criminals and threats. Our industry is suffused with military terminology, impenetrable acronyms, fantasy references, and apocalyptic imagery. It’s time we considered the impact of that on the public we’re trying to protect, and the people we want to attract into the workforce. Bec and Vic poke a friendly stick at cybersecurity’s image, and ask whether we might be able to do things differently….and more inclusively
  19:00 - 19:55 UTC
  Dan Conn

OPSEC – Overly Presenting Some Erroneous Content

"My rookie BeerCon2 talk on OPSEC as A Way Of Life explained how using OPSEC (Operations Security) helped me convince bouncers I wasn't an underage drinker / DJ growing up and how to keep on the right side of the law when confronted by drug dealers to be a runner. This talk extends that to provide some suggestions on what you can do when you can't completely lockdown your life but you don't want people knowing everything about you either. Social Media is a great example of this need where giving some information is beneficial in building trust, but too much can called problems for your Operations Security with potentially dangerous outcomes. In particular, using OSINT poisoning (could be described as Overly Presenting Some Erroneous Content) has a massive part to play in helping keep a handle on your OPSEC. We will also frame a story from 90s clubland about trying to keep my house clear from afterparties as another OPSEC case study and how Overly Presenting Some Erroneous Content prevented after parties from turning into huge raves in their own right!"
  20:45 - 21:25 UTC

Honeypot WarGames

This talk is about having fun with honeypots. The talk centres around running a honeypot at home for the last 6 months and the adventures that I have had with it. The talk will be about the data the I have gathered, the visualisations of the attacks that I have put together, the threat actors dictionary (which I will release), the types of attacks that we see and what hackers do once they are inside. I will be releasing my crappy code (used to create https://www.youtube.com/watch?v=efB71f87oWI) used to graphically interpret cowrie logs. I will also talk about the good that we can do by catching new malware, feeding community block lists and how businesses can leverage them.
  21:30 - 21:40 UTC
  Kirsten Carlile

Child’s Play Talk

Stu speaks to Child's Play about some of the work they do, and learns more about the cause we are supporting for this con.
  21:45 - 22:25 UTC
  Keynote: Chloé Messdaghi

Burnout is here.

Have you ever felt like no matter how much sleep you get, you feel exhausted? Struggle to concentrate? Having trouble balancing work and personal life? Or perhaps feel your work is your life? Burnout. We all go through it at one point. It feels like you are low on battery and it can cause emotional and physical issues. Mental health is an ongoing issue within infosec before and during COVID-19. There’s a fine balance between hacking and personal life. Majority of the time, they cross over. This talk shares an overview of the warning signs, symptoms, and practices to prevent burnout and how to deal with burnout to keep balanced.
  22:30 - 23:25 UTC

Parting ways with Purdue? – The Effect of Industry 4.0 on Industrial Control Systems Security Architectures

Industrial Control Systems (ICS) security has historically relied on network segmentation and segregation, in order to separate process control from vulnerable internet-facing networks using hierarchical zones separated by firewalls. Industry 4.0 and Industrial Internet of Things (IIoT) rely on 'smart' control devices connecting directly to cloud networks, bypassing the logical hierarchy of reference architectures such as the Purdue Enterprise Reference Architecture. This talk will firstly deliver an overview of the necessity for security in ICS, looking at historic vulnerabilities and risks, which secure reference architectures aim to mitigate. I will also provide an introduction to the Purdue Model, explaining its history and significance to ICS implementations across various sectors. I will then examine the limitations in current ICS security standards in the context of Industry 4.0, and explore new solutions which address these issues, while also discussing their shortcomings. I will finally discuss the relevance of the Purdue Model going forward and attempt to identify areas in which it could be modified to better suit IIoT networks. It is hoped that this talk will provide ICS novices with a solid understanding of the security issues which face these systems, and that more experienced attendees will expand their knowledge of secure control system architectures, particularly those that involve newer technologies.
  23:30 - 23:55 UTC

Complacency Kills – Linux and macOS will break you

In this seemingly never ending focus on Windows exploits and vulnerabilities recently, I seldom get into discussions about the *nix/BSD environment. In my area of research and as a focus in my career, this landscape is forgotten and/or trusted. I would like to highlight some fairly basic and understandable methods of hunting, analysis, and management of these systems, with some wild stories to hopefully keep the attention.
  14:00 - 14:05 UTC
  Opening Ceremony

Opening Comments Stu

Stu will open the IsolationCon and set out the agenda for the day, and will be introducing our opening keynote TJ Null.
  14:05 - 14:55 UTC
  Opening Keynote: TJ Null

How Not to Suck at Cloud Pentesting

It’s 2021 and we still have “testers” printing vuln reports to submit to clients as their cloud pentest report! There are numerous findings that go untouched in these cloud environments. In this presentation TJ will cover some key components that pentesters miss when they are assessing AWS cloud environments and explain the importance of manually testing these cloud environments.
  15:00 - 15:25 UTC

Low Hanging Fruit : Offensive OSINT for Defense

The prevalence and perverseness of search crawlers, data leaks, and social media profiles means that often 80% of the work is done for an attacker. They don't have to do reconnaissance or compromise systems when Google or a companies employees have done the majority of the work for them. I will talk about how you can use OSINT tools (like Dehashed, hunter.io / Google & Linkedin) and techniques to identify where your organizations weak spots are from an offensive perspective to provide a better defense. This will include a case examples from either a company who provides me permission or a random organization with identifiers redacted.
  15:45 - 16:40 UTC
  Keynote: Roelof Temmingh

Lessons learned building OSINT tools (for the last 13 years)

After Roelof Temmingh completed his degree in electronic engineering he worked as a software developer and later as system architect at company that made encryption devices for the South African government. After 4 years he left the company (with @charlvdwalt) to start SensePost from his bedroom. For 7 years he hacked many networks, wrote many books, and spoke at all the conferences. He left the company in 2007 to start Paterva – the company that brought Maltego to the world. Roelof was the inventor and driving force behind Maltego for the first 10 years. Here he made many graphs, spoke at the remaining conferences, and trained many people. When he left Paterva he pondered, painted (bad.rip), made a short film (fliptheverse.com), and baked for a bit before starting a new venture called Vortimo, software that enhances the browsing experience (for investigators, researchers).
  17:30 - 18:10 UTC
  arszilla & berkcgoksel

Hiding Your C2 Traffic Under Discord & Slack Traffic

The presentation will demonstrate how an attacker can use Discord and Slack's APIs in order to establish a reverse shell connection. By doing so, the attacker can easily guise their traffic under Discord or Slack's traffic, staying undetected.
  18:15 - 19:10 UTC
  @CyberRay_ and @reputelligence

Brute force phishing.. (how not, how correctly and why phish)

Rachel and I will talk about phishing. How can you phish effectively and efficient? What type of phishing are you applying? Where do get the best OSINT info for creating deadly personalized phishing emails. But also keep an eye on the risks and dangers of running corporate phishing attacks. We now some of the bad examples from the press i.e. the Godaddy phishing: GoDaddy sent an email to its employees with an announcement of a $650 annual bonus, revealing two days later that it was in fact just a test and the only “bonus” awaiting those who tried to claim it was additional security training. We will do demos based on a tool and deliver on the sides, how you do proper phishing in the corporate world.
  19:15 - 19:25 UTC
  Erick Blandin

Childs Play talk

Erick Blandin, Program Director of Child’s Play to talk about our network hospitals & Gaming Technology Specialists
  19:30 - 20:40 UTC
  Keynote: Nicole Dove


As our world evolves, every aspect of our lives has an increased reliance on technology - especially business. With rapidly growing regulatory, audit and compliance requirements, InfoSec & risk management professionals are often seen as detractors to progress. In this talk, participants learn ways to position InfoSec as an enabler of business innovation, driving trust and collaboration from business partners. Attendees will learn: Strategies to effectively engage business leaders. How to align the goals of your tech teams and your business Why accountability is critical to creating a foundation of trust Ways to transform "no" into a secure, thoughtful "yes".
  20:45 - 21:25 UTC

How to build an appsec program from scratch

Following a long career in developing software, I switched careers into infosec and started building an appsec program at a Somewhat Large Company with many dev teams and products. In my talk I'm sharing my experience and insights of how I started building an appsec program from scratch and how I realized how few of the challenges involved are purely technical (surprising to an engineer!). I'm also presenting some tools and metrics I've built to support our appsec program which I'm releasing as open source.
  21:45 - 22:25 UTC
  James Bore

ARG and Arson: Weaponising Narratives

Talking through examples of weaponised narratives, whether deliberately or accidentally, and how they can be understood from a game design lens. From the 5G-conspiracy-motivated arson attacks, to QAnon, to committing treason we've seen repeated instances where mis- and disinformation are used opportunistically, or in a planned way, to cause harm. Looking at this from a game design lens helps us understand the construction and evolution of these narratives, and maybe be ready for the next wave of them.
  22:30 - 23:25 UTC
  Keynote: Fred Jennings

V&Life – Avoiding U.S. Cybercrime Prosecution

Despite promises of reform from the Department of Justice, U.S. cybercrime prosecution remains a global threat to security researchers. Attorney Fred Jennings will discuss recent trends, new cases, and – most importantly – what every researcher can do to help keep themselves safe.
  23:30 - 23:55 UTC

Pull your SOC up with continuous validation and optimization

Protecting your organization requires vigilance and skills combined with effective controls and detections, just having a SOC is not enough. SOCs vary in size, scope and staffing across various industries, outsourced and in-house, they exist to monitor, detect, and respond to evolving threats. Guarding against failures in the security architecture is not just about selecting the right tools and suppliers, it requires constant validation of your people processes and technology.
  14:00 - 15:00 UTC
  Opening Keynote: Casey John Ellis

Release The Hounds, Part 2: 9 Years Is A Long Ass Time

Just over 8 years ago bug bounty was a shiny security thing that crazy tech companies did sometimes, the concept of a digital locksmith hadn't been established in the consumer yet, and the Internet was generally a smaller and less politicized place. Casey Ellis decided it might be a good idea to "release the hounds" into the status quo, launching Bugcrowd and kicking off the crowdsourced security as a service market category, and it's safe to say that a fair bit has happened since. This keynote is for infosec practitioners and budding cybersecurity entrepreneurs, talking through what we've learned, what's changed, where I think it's all going next, and where we can position ourselves to continue making the Internet a more resilient place.
  14:00 - 23:00 UTC

IsoCon CTF and Scavenger Hunt

Can you hunt down the adversary, and solve all the challenges in our CTF? While everyone in the world finds themselves socially distanced and in some level of quarantine, we are bringing the Isocon CTF to you. Featuring our very own scavenger hunt, you'll be tasked to find, complete, hack, record and prove, as many items on this list as possible. Straight from the comfort of your home. Grab a ticket and join us on Discord for the very weird weekend. https://www.eventbrite.co.uk/e/isolationcon-2-the-second-wave-tickets-150272289463
  17:00-18:00 UTC
  Group Slides

Slide Roulette

You can win prizes by presenting slides created by the community. These slides can be about anything so be prepared for the most random things ever. Please sign up on TMHC Discord https://discord.com/invite/infosec. 

Register now for our CTF

Test your skills in our unique story driven CTF, where every team affects the outcome.


A ticket is not required to attend talks and workshops on the 24th.  All content will be broadcast on Twitch.TV.

Yes, a ticket is required for the CTF.  Once you have acquired your ticket through EventBrite, we will contact you with your CTF registration code.

Event merch will be made available soon.

You can donate to the GoFundMe page we have set up.  In addition to these donations, 100% of event proceeds (including CTF tickets and profits from merchandise sales) will go to Child’s Play.

The Many Hats Club Ltd. takes your privacy seriously.  Your contact data will not be shared with third parties except as necessary to facilitate prize delivery.  Access to contact information is restricted on a need-to-know basis.

Data will be purged from our on the following schedule after the event:

  • Display names/leaderboard statistics:  30 days after the event
  • Prize winner contact data:   10 days after prize delivery
  • All other contact data: 10 days after the event


The Many Hats Club Ltd. never receives or stores payment data.

For more information, please review our Privacy Policy.

Note:  Data acquired and stored by Event Brite and GoFundMe is governed exclusively by their respective privacy policies.  To exercise your rights, please contact the relevant platform(s) directly.