Vídeos de Black Hat USA 2016
Ya también están disponibles de los vídeos de Black Hat USA 2016, así como el material presentado:
- Why This Internet Worked How We Could Lose It and the Role Hackers Play
- A Journey From JNDI/LDAP Manipulation to Remote Code Execution Dream Land
- The Art of Defense - How Vulnerabilities Help Shape Security Features and Mitigations in Android
- Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud
- Applied Machine Learning for Data Exfil and Other Fun Topics
- Canspy: A Platform for Auditing Can Devices
- Dangerous Hare: Hanging Attribute References Hazards Due to Vendor Customization
- Over the Edge: Silently Owning Windows 10's Secure Browser
- How to Make People Click on a Dangerous Link Despite Their Security Awareness
- Certificate Bypass: Hiding and Executing Malware From a Digitally Signed Executable
- Pay No Attention to That Hacker Behind the Curtain: A Look Inside the Black Hat Network
- Drone Attacks on Industrial Wireless: A New Front in Cyber Security
- Hackproofing Oracle Ebusiness Suite
- Using Undocumented CPU Behavior to See Into Kernel Mode and Break Kaslr in the Process
- Gattacking Bluetooth Smart Devices - Introducing a New BLE Proxy Tool
- Measuring Adversary Costs to Exploit Commercial Software
- Removing Roadblocks to Diversity
- HEIST: HTTP Encrypted Information Can Be Stolen Through TCP-Windows
- Memory Forensics Using Virtual Machine Introspection for Cloud Computing
- Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools
- Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
- Towards a Holistic Approach in Building Intelligence to Fight Crimeware
- Subverting Apple Graphics: Practical Approaches to Remotely Gaining Root
- The Remote Malicious Butler Did It!
- Xenpwn: Breaking Paravirtualized Devices
- PWNIE
- An Open Collaborative Effort to Ameliorate Android N-Day Root Exploits
- Understanding HL7 2.X Standards, Pen Testing, and Defending HL7 2.X Messages
- 1000 Ways to Die in Mobile Oauth
- A Retrospective on the Use of Export Cryptography
- Windows 10 Segment Heap Internals
- Abusing Bleeding Edge Web Standards for Appsec Glory
- AMSI: How Windows 10 Plans to Stop Script-Based Attacks and How Well It Does It
- Analysis of the Attack Surface of Windows 10 Virtualization-Based Security
- Augmenting Static Analysis Using Pintool: Ablation
- An Insider's Guide to Cyber-Insurance and Security Guarantees
- Cunning With Cng: Soliciting Secrets From Schannel
- Beyond the Mcse: Active Directory for the Security Professional
- Does Dropping Usb Drives in Parking Lots and Other Places Really Work?
- Demystifying the Secure Enclave Processor
- I Came to Drop Bombs: Auditing the Compression Algorithm Weapon Cache
- Breaking Payment Points of Interaction (POI)
- Into the Core: In-Depth Exploration of Windows 10 IoT Core
- Hacking Next-Gen Atms: From Capture to Cashout
- Can You Trust Me Now? An Exploration Into the Mobile Threat Landscape
- Investigating DDOS - Architecture Actors and Attribution
- Intra-Process Memory Protection for Applications on ARM and X86: Leveraging the ELF ABI
- Capturing 0Day Exploits With Perfectly Placed Hardware Traps
- Next-Generation of Exploit Kit Detection By Building Simulated Obfuscators
- HTTP/2 & Quic - Teaching Good Protocols to Do Bad Things
- Pwning Your Java Messaging With Deserialization Vulnerabilities
- Language Properties of Phone Scammers: Cyberdefense At the Level of the Human
- Recover a RSA Private Key From a TLS Session With Perfect Forward Secrecy
- The Linux Kernel Hidden Inside Windows 10
- O-Checker: Detection of Malicious Documents Through Deviation From File Format Specifications
- The Tao of Hardware the Te of Implants
- Access Keys Will Kill You Before You Kill the Password
- Hell on Earth: From Browser to System Compromise
- Discovering and Exploiting Novel Security Vulnerabilities in Apple Zeroconf
- BadWPAD
- Breaking Kernel Address Space Layout Randomization (Kaslr) With Intel TSX
- Airbnbeware: Short Term Rentals Long Term Pwnage
- Account Jumping Post Infection Persistency & Lateral Movement in AWS
- Captain Hook: Pirating Avs to Bypass Exploit Mitigations
- Hardening AWS Environments and Automating Incident Response for AWS Compromises
- Crippling HTTPs With Unholy PAC
- Horse Pill: A New Type of Linux Rootkit
- Design Approaches for Security Automation
- Greatfet: Making Goodfet Great Again
- SGX Secure Enclaves in Practice: Security and Crypto Review
- Using EMET to Disable EMET
- Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter
- Viral Video - Exploiting Ssrf in Video Converters
- AVLeak: Fingerprinting Antivirus Emulators for Advanced Malware Evasion
- Windows 10 Mitigation Improvements
- Brute-Forcing Lockdown Harddrive Pin Codes
- Building a Product Security Incident Response Team: Learnings From the Hivemind
- Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions
- Cyber War in Perspective: Analysis From the Crisis in Ukraine
- Breaking Fido: Are Exploits in There?
- Security Through Design - Making Security Better By Designing for People
- Iran's Soft-War for Internet Dominance
- Side-Channel Attacks on Everyday Applications
- The Risk From Power Lines: How to Sniff the G3 and Prime Data and Detect the Interfere Attack
- Unleash the Infection Monkey: A Modern Alternative to Pen-Tests
- OSS Security Maturity: Time to Put on Your Big Boy Pants!
- Watching Commodity Malware Get Sold to a Targeted Actor
- PanGu 9 Internals
- A Lightbulb Worm?
- BadTunnel: How Do I Get Big Brother Power?
- PLC-Blaster: A Worm Living Solely in the PLC
- A Risk-Based Approach for Defining User Training and Awarding Administrative Privileges
- Dungeons Dragons and Security
- The Year in Flash
- Dark Side of the DNS Force
- VoIP Wars: the Phreakers Awaken
- Keystone Engine: Next Generation Assembler Framework
- Pindemonium: A DBI-Based Generic Unpacker for Windows Executable
- Web Application Firewalls: Analysis of Detection Logic
- Defense At Hyperscale: Technologies and Policies for a Defensible Cyberspace
Libros
Buscar
Entradas Recientes
- Posts
- Reemplazando la bateria del AirTag
- OpenExpo Europe décima edición, 18 de mayo: El Epicentro de la Innovación y la Transformación Digital
- Docker Init
- Kubernetes para profesionales
- Agenda: OpenExpo Europe 2022 llega el 30 de junio en formato presencial
- Libro 'Manual de la Resilencia', de Alejandro Corletti, toda una referencia para la gestión de la seguridad en nuestros sistemas
- Mujeres hackers en ElevenPaths Radio
- Creando certificados X.509 caducados
- Generador de imágenes Docker para infosec