BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//fwd-cloudsec-2026//speaker//8K7Z33
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-fwd-cloudsec-2026-GUVJYH@pretalx.com
DTSTART;TZID=PST:20260601T114000
DTEND;TZID=PST:20260601T120000
DESCRIPTION:Oracle Cloud Infrastructure (OCI) offers a unique format with r
 egards to IAM when compared to other cloud providers that introduces chall
 enges in tooling and parsing. While learning OCI from a penetration-testin
 g perspective\, I encountered architectural and tooling gaps that hindered
  effective assessment. This talk presents a suite of open-source tools bui
 lt to close those gaps\, including an ANTLR-based OCI IAM policy parser\, 
 a Burp Suite extension for signing OCI API requests\, an OCI reconnaissanc
 e framework with different execution modules\, and an OpenGraph graph mode
 l that visualizes privilege escalation paths like BloodHound. Attendees wi
 ll leave with a practical understanding of some OCI IAM attack-path analys
 is and how to use these tools.
DTSTAMP:20260502T113340Z
LOCATION:Room 1
SUMMARY:OCInferno: An Offensive Security Toolkit for OCI - Scott Weston
URL:https://pretalx.com/fwd-cloudsec-2026/talk/GUVJYH/
END:VEVENT
END:VCALENDAR