Presentaciones de la BlackHat USA 2012

August 2, 2012
tuxotron
Seguridad, Hacking

Ya están disponibles para descarga el material de las charlas que se dieron en la BlackHat USA 2012 pasado mes de julio en Las Vegas:

A Scientific (But Non Academic) Study of How Malware Employs Anti-Debugging, Anti-Disassembly and Anti-Virtualization Technologies
- BH_US_12_Branco_Scientific_Academic_WP.pdf
- BH_US_12_Branco_Scientific_Academic_Slides.pdf
A Stitch in Time Saves Nine: A Case of Multiple Operating System Vulnerability
- BH_US_12_Wojtczuk_A_Stitch_In_Time_WP.pdf
- BH_US_12_Wojtczuk_A_Stitch_In_Time_Slides.pdf
Adventures in Bouncerland
- BH_US_12_Percoco_Adventures_in_Bouncerland_WP.pdf
- BH_US_12_Percoco_Bouncerland_Slides.pdf
AMF Testing Made Easy!
- BH_US_12_Carettoni_AMF_Testing_WP.pdf
- BH_US_12_Carettoni_AMF_Testing_Slides.pdf
Source.zip
Are You My Type? - Breaking .NET Sandboxes Through Serialization
- BH_US_12_Forshaw_Are_You_My_Type_WP.pdf
- BH_US_12_Forshaw_Are_You_My_Type_Slides.pdf
Blended Threats and JavaScript: A Plan for Permanent Network Compromise
- BH_US_12_Purviance_Blended_Threats_WP.pdf
- BH_US_12_Purviance_Blended_Threats_Slides.pdf
Clonewise - Automated Package Clone Detection
- BH_US_12_Cesare_Clonewise_WP.pdf
- BH_US_12_Cesare_Clonewise_Slides.pdf
Confessions of a WAF Developer: Protocol-Level Evasion of Web Application Firewalls
- BH_US_12_Ristic_Protocol_Level_WP.pdf
- BH_US_12_Ristic_Protocol_Level_Slides.pdf
Control-Alt-Hack(TM): White Hat Hacking for Fun and Profit (A Computer Security Card Game)
- BH_US_12_Kohno_Control_Alt_Hack_WP.pdf
- BH_US_12_Kohno_Control_Alt_Hack_Slides.pdf
DE MYSTERIIS DOM JOBSIVS: Mac EFI Rootkits
- BH_US_12_LoukasK_De_Mysteriis_Dom_Jobsivs_WP.pdf
- BH_US_12_LoukasK_De_Mysteriis_Dom_Jobsivs_Slides.pdf
Digging Deep Into The Flash Sandboxes
- BH_US_12_Sabanal_Digging_Deep_WP.pdf
- BH_US_12_Sabanal_Digging_Deep_Slides.pdf
Don't Stand So Close To Me: An Analysis of the NFC Attack Surface
- BH_US_12_Miller_NFC_attack_surface_WP.pdf
- BH_US_12_Miller_NFC_attack_surface_Slides.pdf
- BH_US_12_Miller_NFC_attack_surface_Code.zip
Easy Local Windows Kernel Exploitation
- BH_US_12_Cerrudo_Windows_Kernel_WP.pdf
- BH_US_12_Cerrudo_Windows_Kernal_Slides.pdf
Errata Hits Puberty: 13 Years of Chagrin
- BH_US_12_Jericho_Errata_Slides.pdf
Exchanging Demands
- BH_US_12_Hannay_Exchanging_Demands_WP.pdf
- BH_US_12_Hannay_Exchanging_Demands_Slides.pdf
- BH_US_12_Hannay_Exchanging_Demands_Code.zip
Exploit Mitigation Improvements in Win 8
- BH_US_12_Miller_Exploit_Mitigation_Slides.pdf
Exploiting the jemalloc Memory Allocator: Owning Firefox's Heap
- BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_WP.pdf
- BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_Slides.pdf
- BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_Code.zip
File disinfection framework: Striking back at polymorphic viruses
- BH_US_12_Vuksan_Pericin_Disinfection_Framework_WP.pdf
Flowers for Automated Malware Analysis
- BH_US_12_Song_Royal_Flowers_Automated_WP.pdf
- BH_US_12_Song_Royal_Flowers_Automated_Slides.pdf
From the Iriscode to the Iris: A New Vulnerability of Iris Recognition Systems
- BH_US_12_Galbally_Iris_Reconstruction_WP.pdf
- BH_US_12_Galbally_Iris_Reconstruction_Slides.pdf
Ghost is in the Air(traffic)
- BH_US_12_Costin_Ghosts_In_Air_WP.pdf
- BH_US_12_Costin_Ghosts_In_Air_Slides.pdf
Google Native Client - Analysis Of A Secure Browser Plugin Sandbox
- BH_US_12_Rohlf_Google_Native_Client_WP.pdf
- BH_US_12_Rohlf_Google_Native_Client_Slides.pdf
Hacking the Corporate Mind: Using Social Engineering Tactics to Improve Organizational Security Acceptance
- BH_US_12_Philput_Hacking_The_Corporate_Mind_WP.pdf
- BH_US_12_Philput_Hacking_The_Corporate_Mind_Slides.pdf
Hacking with WebSockets
- BH_US_12_Shekyan_Toukharian_Hacking_Websocket_Slides.pdf
Hardware backdooring is practical
- BH_US_12_Brossard_Backdoor_Hacking_WP.pdf
- BH_US_12_Brossard_Backdoor_Hacking_Slides.cpgz
Here Be Backdoors: A Journey Into The Secrets Of Industrial Firmware
- BH_US_12_Santamarta_Backdoors_WP.pdf
Hookin' ain't easy: BeEF injection with MITM
- BH_US_12_Ocepek_Linn_BeEF_MITM_WP.pdf
- BH_US_12_Ocepek_Linn_BeEF_MITM_Slides.pdf
How many bricks does it take to crack a microcell?
- BH_US_12_Rowley_Microcell_Bricks_WP.pdf
- BH_US_12_Rowley_Microcell_Bricks_Slides.pdf
How the Analysis of Electrical Current Consumption of Embedded Systems Could Lead to Code Reversing?
- BH_US_12_Allain_Current Consumption-WP.pdf
- BH_US_12_Allain_Current Consumption-Slides.pdf
- BH_US_12_Allain_Current Consumption-Code.zip
HTML5 Top 10 Threats – Stealth Attacks and Silent Exploits
- BH_US_12_Shah_Silent_Exploits_WP.pdf
- BH_US_12_Shah_Silent_Exploits_Slides.pdf
iOS Application Security Assessment and Automation: Introducing SIRA
- BH_US_12_Engler_SIRA_WP.pdf
- BH_US_12_Engler_SIRA_Slides.pdf
iOS Kernel Heap Armageddon Revisited
- BH_US_12_Esser_iOS_Kernel_Heap_Armageddon_WP.pdf
- BH_US_12_Esser_iOS_Kernel_Heap_Armageddon_Slides.pdf
Legal Aspects of Cyberspace Operations
- BH_US_12_Clark_Legal_Aspects_Slides.pdf
Looking Into The Eye Of The Meter
- BH_US_12_Weber_Eye_of_the_Meter_WP.pdf
- BH_US_12_Weber_Eye_of_the_Meter_Slides.pdf
My Arduino Can Beat Up Your Hotel Room Lock
- BH_US_12_Brocious_Hotel_Key_WP.pdf
- BH_US_12_Brocious_Hotel_Key_Slides.pdf
Owning bad guys {and mafia} with javascript botnets
- BH_US_12_Alonso_Owning_Bad_Guys_WP.pdf
- BH_US_12_Alonso_Owning_Bad_Guys_Slides.pdf
Probing Mobile Operator Networks
- BH_US_12_Milliner_Probing Mobile Operating_WP.pdf
- BH_US_12_Milliner_Probing Mobile Operating_Slides.pdf
SexyDefense - Maximizing the Home-Field Advantage
- BH_US_12_Amit_Sexy_Defense_WP.pdf
- BH_US_12_Amit_Sexy_Defense_Slides.pdf
SQL Injection to MIPS Overflows: Rooting SOHO Routers
- BH_US_12_Cutlip_SQL_Exploitation_WP.pdf
- BH_US_12_Cutlip_SQL_Exploitation_Slides.pdf
- BH_US_12_Cutlip_SQL_Exploitation_Code.zip
SSRF vs. Business Critical Applications
- BH_US_12_Polyakov_SSRF_Business_WP.pdf
- BH_US_12_Polyakov_SSRF_Business_Slides.pdf
State of Web Exploit Toolkits
- BH_US_12_Jones_State_Web_Exploits_WP.pdf
- BH_US_12_Jones_State_Web_Exploits_Slides.pdf
Still Passing the Hash 15 Years Later? Using the Keys to the Kingdom to Access All your Data
- BH_US_12_Duckwall_Campbell_Still_Passing_WP.pdf
- BH_US_12_Duckwall_Campbell_Still_Passing_Slides.pdf
- BH_US_12_Duckwall_Campbell_Still_Passing_Code.zip
Targeted Intrusion Remediation: Lessons From The Front Lines
- BH_US_12_Aldridge_Targeted_Intrustion_WP.pdf
- BH_US_12_Aldridge_Targeted_Intrustion_Slides.pdf
The Defense RESTs: Automation and APIs for Improving Security
- BH_US_12_Mortman_Defense_RESTs_WP.pdf
- BH_US_12_Mortman_Defense_RESTs_Slides.pdf
The Info Leak Era on Software Exploitation
- BH_US_12_Serna_Leak_Era_WP.pdf
- BH_US_12_Serna_Leak_Era_Slides.pdf
The Myth of Twelve More Bytes: Security on the Post-Scarcity Internet
- BH_US_12_Ritter_Stamos_Myth_of_Twelve_More_Bytes_Slides.pdf
The subway line 8 - Exploitation of Windows 8 Metro Style Apps
- BH_US_12_Tsai_Pan_Exploiting_Windows8_WP.pdf
- BH_US_12_Tsai_Pan_Exploiting_Windows8_Slides.pdf
Torturing OpenSSL
- BH_US_12_Bertacco_TorturingOpenSSL_WP.pdf
- BH_US_12_Bertacco_TorturingOpenSSL_Slides.pdf
Trust, Security, and Society
- BH_US_12_Schneier_Liars_and_Outliers_WP.pdf
We have you by the Gadgets
- BH_US_12_Shkatov_Kohlenberg_Blackhat_Have_You_By_The_Gadgets_WP.pdf
- BH_US_12_Shkatov_Kohlenberg_Blackhat_Have_You_By_The_Gadgets_Slides.pdf
Web Tracking for You
- BH_US_12_Fleischer_Implementing_Web_Tracking_gfleischer_WP.pdf
- BH_US_12_Fleischer_Implementing_Web_Tracking_gfleischer_Slides.pdf
- BH_US_12_Fleischer_Implementing_Web_Tracking_gfleischer_Code.zip
Windows Phone 7 Internals and Exploitability
- BH_US_12_Oi_Windows_Phone_WP.pdf
- BH_US_12_Oi_Windows_Phone_Slides.pdf
Windows 8 Heap Internals
- BH_US_12_Atlas_GHZ_Workshop_Slides.pdf
- BH_US_12_Atlas_GHZ_Workshop_Code.zip
Advanced Chrome Extension Exploitation - Leveraging API Powers for the Better Evil
- BH_US_12_Osborn_Kotowicz_Advanced_Chrome_Extension_WP.pdf
- BH_US_12_Osborn_Kotowicz_Advanced_Chrome_Extension_Slides.pdf
- BH_US_12_Osborn_Kotowicz_Advanced_Chrome_Extension_Code.zip
Code Reviewing Web Application Framework Based Applications (Struts 2, Spring MVC, Ruby on Rails (Groovy on Grails), .NET MVC)
- BH_US_12_Kang_Code_Reviewing_WP.pdf
Lessons Of Binary Analysis
- BH_US_12_Rioux_Lessons_Of_Binary_Analysis_Slides.pdf
Linux interactive exploit development with GDB and PEDA
- BH_US_12_Le_Linux_Interactive_Exploit_Development_with_GDB_and_PEDA_Slides.pdf
Ruby for Pentesters: The Workshop
- BH_US_12_Scott_ruby_for_pentesters_the_workshop_Slides.pdf
HTExploit Bypassing Htaccess Restrictions
- BH_US_12_Katz_Soler_HTExploit_WP.pdf
- BH_US_12_Katz_Soler_HTExploit_Slides.pdf
- HTExploit_v0.7b.zip
libinjection: A C library for SQLi detection and generation through lexical analysis of real world attacks
- BH_US_12_Galbreath_Libinjection_Slides.pdf
ModSecurity as Universal Cross-platform Web Protection Tool
- BH_US_12_Wroblewski_ModSecurity_Universal_WP.pdf
- BH_US_12_Wroblewski_ModSecurity_Universal_Slides.pdf
Passive Bluetooth Monitoring in Scapy
- BH_US_12_Holeman_Demo.pdf
- BH_US_12_Holeman_Panda.pdf
- BH_US_12_Holeman_Passive_Bluetooth_Slides.pdf
- source.zip
Stamp Out Hash Corruption, Crack All The Things
- BH_US_12_Reynods_Stamp_Out_Hash_WP.pdf
- BH_US_12_Reynods_Stamp_Out_Hash_Slides.pdf
- BH_US_12_Reynods_Stamp_Out_Hash_Code.zip
SYNful Deceit, Stateful Subterfuge
- BH_US_12_Patten_Steele_SYNful_Deceit_Slides.pdf
The last gasp of the industrial air-gap...
- BH_US_12_Leverett_Last_Gasp_Slides.pdf
When security gets in the way: PenTesting mobile apps that use certificate pinning
- BH_US_12_Diqut_Osborne_Mobile_Certificate_Pinning_Slides.pdf

Fuente

Presentaciones de la BlackHat USA 2012

Libros

Buscar

Entradas Recientes

Categorías

Enlaces