Ya están disponibles para descarga el material de las charlas que se dieron en la BlackHat USA 2012 pasado mes de julio en Las Vegas:
- A Scientific (But Non Academic) Study of How Malware Employs Anti-Debugging, Anti-Disassembly and Anti-Virtualization Technologies
- A Stitch in Time Saves Nine: A Case of Multiple Operating System Vulnerability
- Adventures in Bouncerland
- AMF Testing Made Easy!
- Source.zip
- Are You My Type? - Breaking .NET Sandboxes Through Serialization
- Blended Threats and JavaScript: A Plan for Permanent Network Compromise
- Clonewise - Automated Package Clone Detection
- Confessions of a WAF Developer: Protocol-Level Evasion of Web Application Firewalls
- Control-Alt-Hack(TM): White Hat Hacking for Fun and Profit (A Computer Security Card Game)
- DE MYSTERIIS DOM JOBSIVS: Mac EFI Rootkits
- Digging Deep Into The Flash Sandboxes
- Don't Stand So Close To Me: An Analysis of the NFC Attack Surface
- Easy Local Windows Kernel Exploitation
- Errata Hits Puberty: 13 Years of Chagrin
- Exchanging Demands
- Exploit Mitigation Improvements in Win 8
- Exploiting the jemalloc Memory Allocator: Owning Firefox's Heap
- File disinfection framework: Striking back at polymorphic viruses
- Flowers for Automated Malware Analysis
- From the Iriscode to the Iris: A New Vulnerability of Iris Recognition Systems
- Ghost is in the Air(traffic)
- Google Native Client - Analysis Of A Secure Browser Plugin Sandbox
- Hacking the Corporate Mind: Using Social Engineering Tactics to Improve Organizational Security Acceptance
- Hacking with WebSockets
- Hardware backdooring is practical
- Here Be Backdoors: A Journey Into The Secrets Of Industrial Firmware
- Hookin' ain't easy: BeEF injection with MITM
- How many bricks does it take to crack a microcell?
- How the Analysis of Electrical Current Consumption of Embedded Systems Could Lead to Code Reversing?
- HTML5 Top 10 Threats – Stealth Attacks and Silent Exploits
- iOS Application Security Assessment and Automation: Introducing SIRA
- iOS Kernel Heap Armageddon Revisited
- Legal Aspects of Cyberspace Operations
- Looking Into The Eye Of The Meter
- My Arduino Can Beat Up Your Hotel Room Lock
- Owning bad guys {and mafia} with javascript botnets
- Probing Mobile Operator Networks
- SexyDefense - Maximizing the Home-Field Advantage
- SQL Injection to MIPS Overflows: Rooting SOHO Routers
- SSRF vs. Business Critical Applications
- State of Web Exploit Toolkits
- Still Passing the Hash 15 Years Later? Using the Keys to the Kingdom to Access All your Data
- Targeted Intrusion Remediation: Lessons From The Front Lines
- The Defense RESTs: Automation and APIs for Improving Security
- The Info Leak Era on Software Exploitation
- The Myth of Twelve More Bytes: Security on the Post-Scarcity Internet
- The subway line 8 - Exploitation of Windows 8 Metro Style Apps
- Torturing OpenSSL
- Trust, Security, and Society
- We have you by the Gadgets
- Web Tracking for You
- Windows Phone 7 Internals and Exploitability
- Windows 8 Heap Internals
- Advanced Chrome Extension Exploitation - Leveraging API Powers for the Better Evil
- Code Reviewing Web Application Framework Based Applications (Struts 2, Spring MVC, Ruby on Rails (Groovy on Grails), .NET MVC)
- Lessons Of Binary Analysis
- Linux interactive exploit development with GDB and PEDA
- Ruby for Pentesters: The Workshop
- HTExploit Bypassing Htaccess Restrictions
- libinjection: A C library for SQLi detection and generation through lexical analysis of real world attacks
- ModSecurity as Universal Cross-platform Web Protection Tool
- Passive Bluetooth Monitoring in Scapy
- Stamp Out Hash Corruption, Crack All The Things
- SYNful Deceit, Stateful Subterfuge
- The last gasp of the industrial air-gap...
- When security gets in the way: PenTesting mobile apps that use certificate pinning