Presentaciones de Black Hat USA 2017

• July 28, 2017
• tuxotron
• Hacking, Seguridad, Conferencia

• Facebook
• Twitter
• Reddit
• LinkedIn

Ya están disponible las presentaciones de Black Hat USA 2017:

• Stepping Up Our Game: Re-focusing the Security Community on Defense and Making Security Work for Everyone
• ‘Ghost Telephonist’ Link Hijack Exploitations in 4G LTE CS Fallback
  • Yuwei-Ghost-Telephonist-Link-Hijack-Exploitations-In-4G-LTE-CS-Fallback.pdf
• (in)Security in Building Automation: How to Create Dark Buildings with Light Speed
  • Brandstetter-insecurity-In-Building-Automation-How-To-Create-Dark-Buildings-With-Light-Speed.pdf
  • Brandstetter-insecurity-In-Building-Automation-How-To-Create-Dark-Buildings-With-Light-Speed-wp.pdf
• A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
  • Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf
• Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
• Adventures in Attacking Wind Farm Control Networks
  • Staggs-Adventures-In-Attacking-Wind-Farm-Control-Networks.pdf
• All Your SMS & Contacts Belong to ADUPS & Others
  • Johnson-All-Your-SMS-&-Contacts-Belong-To-Adups-&-Others.pdf
  • Johnson-All-Your-SMS-&-Contacts-Belong-To-Adups-&-Others-wp.pdf
• An ACE Up the Sleeve: Designing Active Directory DACL Backdoors
  • Robbins-An-ACE-Up-The-Sleeve-Designing-Active-Directory-DACL-Backdoors.pdf
  • Robbins-An-ACE-Up-The-Sleeve-Designing-Active-Directory-DACL-Backdoors-wp.pdf
• And Then the Script-Kiddie Said Let There be No Light. Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
  • Keliris-And-Then-The-Script-Kiddie-Said-Let-There-Be-No-Light-Are-Cyberattacks-On-The-Power-Grid-Limited-To-Nation-State-Actors-wp.pdf
• Attacking Encrypted USB Keys the Hard(ware) Way
• Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
• Automated Testing of Crypto Software Using Differential Fuzzing
  • Aumasson-Automated-Testing-Of-Crypto-Software-Using-Differential-Fuzzing.pdf
• AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
  • Jung-AVPASS-Leaking-And-Bypassing-Anitvirus-Detection-Model-Automatically.pdf
• Behind the Plexiglass Curtain: Stats and Stories from the Black Hat NOC
• Betraying the BIOS: Where the Guardians of the BIOS are Failing
  • Branco-Firmware-Is-The-New-Black-Analyzing-Past-Three-Years-Of-BIOS-UEFI-Security-Vulnerabilities
• Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game
  • Shortridge-Big-Game-Theory-Hunting-The-Peculiarities-Of-Human-Behavior-In-The-Infosec-Game.pdf
• Blue Pill for Your Phone
• Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking
  • Jurczyk-Bochspwn-Reloaded-Detecting-Kernel-Memory-Disclosure-With-X86-Emulation-And-Taint-Tracking.pdf
• Bot vs. Bot for Evading Machine Learning Malware Detection
  • Anderson-Bot-Vs-Bot-Evading-Machine-Learning-Malware-Detection.pdf
  • Anderson-Bot-Vs-Bot-Evading-Machine-Learning-Malware-Detection-wp.pdf
• Break
• Breakfast (Sponsored by FireEye McAfee Qualys & Tenable Network Security)
• Breaking Electronic Door Locks Like You’re on CSI: Cyber
  • OFlynn-Breaking-Electronic-Locks.pdf
• Breaking the Laws of Robotics: Attacking Industrial Robots
  • Quarta-Breaking-The-Laws-Of-Robotics-Attacking-Industrial-Robots.pdf
  • Quarta-Breaking-The-Laws-Of-Robotics-Attacking-Industrial-Robots-wp.pdf
• Breaking the x86 Instruction Set
  • Domas-Breaking-The-x86-ISA.pdf
  • Domas-Breaking-The-x86-Instruction-Set-wp.pdf
• Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom’s Wi-Fi Chipsets
• Bug Collisions Meet Government Vulnerability Disclosure
  • Ablon-Bug-Collisions-Meet-Government-Vulnerability-Disclosure-Zero-Days-Thousands-Of-Nights-RAND.pdf
  • [Herr-Bug-Collisions-Meet-Government-Vulnerability-Disclosure-Taking Stock - Vulnerability-Rediscovery-HKS.pdf](https://www.blackhat.com/docs/us-17/thursday/us-17-Herr-Bug-Collisions-Meet-Government-Vulnerability-Disclosure-Taking Stock - Vulnerability-Rediscovery-HKS.pdf)
• Business Hall Welcome Reception (Sponsored by Forcepoint McAfee LogRhythm & Tenable Network Security)
• Challenges of Cooperation Across Cyberspace
• Champagne Toast (Sponsored by ESET North America Fidelis Cybersecurity Fortinet Leidos Palo Alto Networks Raytheon & Symantec)
• Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
  • Fratantonio-Cloak-And-Dagger-From-Two-Permissions-To-Complete-Control-Of-The-UI-Feedback-Loop.pdf
  • Fratantonio-Cloak-And-Dagger-From-Two-Permissions-To-Complete-Control-Of-The-UI-Feedback-Loop-wp.pdf
• Coffee Service
• Cracking the Lens: Targeting HTTP’s Hidden Attack-Surface
  • Kettle-Cracking-The-Lens-Exploiting-HTTPs-Hidden-Attack-Surface.pdf
  • Kettle-Cracking-The-Lens-Exploiting-HTTPs-Hidden-Attack-Surface-wp.pdf
  • Kettle-Cracking-The-Lens-Exploiting-HTTPs-Hidden-Attack-Surface-tool.zip
• Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
  • Nichols-Cyber-Wargaming-Lessons-Learned-In-Influencing-Stakeholders-Inside-And-Outside-Your-Organization.pdf
  • Nichols-Cyber-Wargaming-Lessons-Learned-In-Influencing-Stakeholders-Inside-And-Outside-Your-Organization-wp.pdf
• Datacenter Orchestration Security and Insecurity: Assessing Kubernetes Mesos and Docker at Scale
• Defeating Samsung KNOX with Zero Privilege
  • Shen-Defeating-Samsung-KNOX-With-Zero-Privilege.pdf
  • Shen-Defeating-Samsung-KNOX-With-Zero-Privilege-wp.pdf
• Delivering Javascript to World+Dog
  • Randolph-Delivering-Javascript-to-World-Plus-Dog.pdf
  • Randolph-Delivering-Javascript-to-World-Plus-Dog-wp.pdf
• Developing Trust and Gitting Betrayed
• Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
  • Grange-Digital-Vengeance-Exploiting-The-Most-Notorious-C&C-Toolkits.pdf
  • Grange-Digital-Vengeance-Exploiting-The-Most-Notorious-C&C-Toolkits-wp.pdf
• Don’t Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
  • Lekies-Dont-Trust-The-DOM-Bypassing-XSS-Mitigations-Via-Script-Gadgets.pdf
• Electronegativity - A Study of Electron Security
  • Carettoni-Electronegativity-A-Study-Of-Electron-Security.pdf
  • Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf
• Escalating Insider Threats Using VMware’s API
  • Ziv-Escalating-Insider-Threats-Using-Vmware’s-Api.pdf
• Evading Microsoft ATA for Active Directory Domination
  • Mittal-Evading-MicrosoftATA-for-ActiveDirectory-Domination.pdf
• Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
• Evilsploit – A Universal Hardware Hacking Toolkit
  • Chui-Evilsploit-A-Universal-Hardware-Hacking-Toolkit.pdf
  • Chui-Evilsploit-A-Universal-Hardware-Hacking-Toolkit-wp.pdf
• Evolutionary Kernel Fuzzing
  • Johnson-Evolutionary-Kernel-Fuzzing
• Exploit Kit Cornucopia
• Exploiting Network Printers
  • Mueller-Exploiting-Network-Printers.pdf
• Fad or Future? Getting Past the Bug Bounty Hype
• Fighting Targeted Malware in the Mobile Ecosystem
  • Ruthven-Fighting-Targeted-Malware-In-The-Mobile-Ecosystem.pdf
• Fighting the Previous War (aka: Attacking and Defending in the Era of the Cloud)
• Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
• FlowFuzz - A Framework for Fuzzing OpenFlow-Enabled Software and Hardware Switches
  • Gray-FlowFuzz-A-Framework-For-Fuzzing-OpenFlow-Enabled-Software-And-Hardware-Switches.pdf
• Fractured Backbone: Breaking Modern OS Defenses with Firmware Attacks
• Free-Fall: Hacking Tesla from Wireless to CAN Bus
  • Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus.pdf
  • Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus-wp.pdf
• Friday the 13th: JSON Attacks
  • Munoz-Friday-The-13th-Json-Attacks.pdf
  • Munoz-Friday-The-13th-JSON-Attacks-wp.pdf
• Game of Chromes: Owning the Web with Zombie Chrome Extensions
  • Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-wp.pdf
  • Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-wp.pdf
• Garbage In Garbage Out: How Purportedly Great Machine Learning Models can be Screwed Up by Bad Data
  • Sanders-Garbage-In-Garbage-Out-How-Purportedly-Great-ML-Models-Can-Be-Screwed-Up-By-Bad-Data.pdf
  • Sanders-Garbage-In-Garbage-Out-How-Purportedly-Great-ML-Models-Can-Be-Screwed-Up-By-Bad-Data-wp.pdf
• Go Nuclear: Breaking Radiation Monitoring Devices
  • [Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices.pdf](https://www.blackhat.com/docs/us-17/wednesday/us-17-Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices.pdf)
  • [Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices-wp.pdf](https://www.blackhat.com/docs/us-17/wednesday/us-17-Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices-wp.pdf)
• Go to Hunt Then Sleep
  • Bianco-Go-To-Hunt-Then-Sleep.pdf
• Hacking Hardware with a $10 SD Card Reader
  • Etemadieh-Hacking-Hardware-With-A-$10-SD-Card-Reader.pdf
  • Etemadieh-Hacking-Hardware-With-A-$10-SD-Card-Reader-wp.pdf
• Hacking Serverless Runtimes: Profiling AWS Lambda Azure Functions and More
  • Krug-Hacking-Severless-Runtimes.pdf
  • Krug-Hacking-Severless-Runtimes-wp.pdf
• Honey I Shrunk the Attack Surface – Adventures in Android Security Hardening
• How We Created the First SHA-1 Collision and What it Means for Hash Security
• Hunting GPS Jammers
  • Gostomelsky-Hunting-GPS-Jammers.pdf
• Ice Cream Social (Sponsored by Code42 Software Core Security Cybereason Darktrace F5 Networks iboss Malwarebytes & Optiv Security)
• Ichthyology: Phishing as a Science
  • Burnett-Ichthyology-Phishing-As-A-Science.pdf
  • Burnett-Ichthyology-Phishing-As-A-Science-wp.pdf
• Industroyer/Crashoverride: Zero Things Cool About a Threat Group Targeting the Power Grid
  • Lee-Industroyer-Crashoverride-Zero-Things-Cool-About-A-Threat-Group-Targeting-The-Power-Grid.pdf
• Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
  • Dods-Infecting-The-Enterprise-Abusing-Office365-Powershell-For-Covert-C2.pdf
• Influencing the Market to Improve Security
  • Nakibly-Automated-Detection-of-Vulnerabilities-in-Black-Box-Routers.pdf
  • Nakibly-Automated-Detection-of-Vulnerabilities-in-Black-Box-Routers-wp.pdf
• Intel AMT Stealth Breakthrough
  • Evdokimov-Intel-AMT-Stealth-Breakthrough.pdf
  • Evdokimov-Intel-AMT-Stealth-Breakthrough-wp.pdf
• Intel SGX Remote Attestation is Not Sufficient
  • Swami-SGX-Remote-Attestation-Is-Not-Sufficient-wp.pdf
  • Swami-SGX-Remote-Attestation-Is-Not-Sufficient-wp.pdf
• Intercepting iCloud Keychain
  • Radocea-Intercepting-iCloud-Keychain.pdf
• IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
  • Luo-Iotcandyjar-Towards-An-Intelligent-Interaction-Honeypot-For-IoT-Devices.pdf
  • Luo-Iotcandyjar-Towards-An-Intelligent-Interaction-Honeypot-For-IoT-Devices-wp.pdf
• kR^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
  • [Pomonis-KR^X- Comprehensive- Kernel-Protection-Against-Just-In-Time-Code-Reuse.pdf](https://www.blackhat.com/docs/us-17/thursday/us-17-Pomonis-KR^X- Comprehensive- Kernel-Protection-Against-Just-In-Time-Code-Reuse.pdf)
• Lies and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
  • Giuliano-Lies-And-Damn-Lies-Getting-Past-The-Hype-Of-Endpoint-Security-Solutions.pdf
• Lunch Break (Sponsored by Cisco Forcepoint LogRhythm & RSA)
• Many Birds One Stone: Exploiting a Single SQLite Vulnerability Across Multiple Software
  • Feng-Many-Birds-One-Stone-Exploiting-A-Single-SQLite-Vulnerability-Across-Multiple-Software.pdf
• Mimosa Bar (Sponsored by AlienVault Arbor Networks Carbon Black CrowdStrike Cylance DarkMatter Digital Guardian & IBM)
• Network Automation is Not Your Safe Haven: Protocol Analysis and Vulnerabilities of Autonomic Network
  • Eissa-Network-Automation-Isn’t-Your-Safe-Haven-Protocol-Analysis-And-Vulnerabilities-Of-Autonomic-Network.pdf
• New Adventures in Spying 3G and 4G Users: Locate Track & Monitor
  • Borgaonkar-New-Adventures-In-Spying-3G-And-4G-Users-Locate-Track-And-Monitor.pdf
• Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev
• Offensive Malware Analysis: Dissecting OSX/FruitFly via a Custom C&C Server
  • Wardle-Offensive-Malware-Analysis-Dissecting-OSXFruitFly-Via-A-Custom-C&C-Server.pdf
• OpenCrypto: Unchaining the JavaCard Ecosystem
  • Mavroudis-Opencrypto-Unchaining-The-JavaCard-Ecosystem.pdf
• Orange is the New Purple - How and Why to Integrate Development Teams with Red/Blue Teams to Build More Secure Software
  • Wright-Orange-Is-The-New-Purple.pdf
  • Wright-Orange-Is-The-New-Purple-wp.pdf
• PEIMA: Harnessing Power Laws to Detect Malicious Activities from Denial of Service to Intrusion Detection Traffic Analysis and Beyond
• Practical Tips for Defending Web Applications in the Age of DevOps
  • [Lackey-Practical Tips-for-Defending-Web-Applications-in-the-Age-of-DevOps.pdf](https://www.blackhat.com/docs/us-17/thursday/us-17-Lackey-Practical Tips-for-Defending-Web-Applications-in-the-Age-of-DevOps.pdf)
• Protecting Pentests: Recommendations for Performing More Secure Tests
  • McGrew-Protecting-Pentests-Recommendations-For-Performing-More-Secure-Tests.pdf
  • McGrew-Protecting-Pentests-Recommendations-For-Performing-More-Secure-Tests-wp.pdf
• Protecting Visual Assets: Digital Image Counter-Forensics
  • Mazurov-Brown-Protecting-Visual-Assets-Digital-Image-Counter-Forensics.pdf
• Pwnie Awards
• Quantifying Risk in Consumer Software at Scale - Consumer Reports’ Digital Standard
• RBN Reloaded - Amplifying Signals from the Underground
• Real Humans Simulated Attacks: Usability Testing with Attack Scenarios
  • Cranor-Real-Users-Simulated-Attacks.pdf
• Redesigning PKI to Solve Revocation Expiration and Rotation Problems
  • Knopf-Redesigning-PKI-To-Solve-Revocation-Expiration-And-Rotation-Problems.pdf
  • Knopf-Redesigning-PKI-To-Solve-Revocation-Expiration-And-Rotation-Problems-wp.pdf
• Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
  • [Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science.pdf](https://www.blackhat.com/docs/us-17/thursday/us-17-Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science.pdf)
  • [Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science-wp.pdf](https://www.blackhat.com/docs/us-17/thursday/us-17-Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science-wp.pdf)
• rVMI: A New Paradigm for Full System Analysis
  • Pfoh-rVMI-A-New-Paradigm-For-Full-System-Analysis.pdf
• ShieldFS: The Last Word in Ransomware Resilient File Systems
  • Continella-ShieldFS-The-Last-Word-In-Ransomware-Resilient-Filesystems.pdf
  • Continella-ShieldFS-The-Last-Word-In-Ransomware-Resilient-Filesystems-wp.pdf
• Skype & Type: Keystroke Leakage over VoIP
  • Lain-Skype-&-Type-Keystroke-Leakage-Over-VoIP.pdf
• Smoothie Social (Sponsored by Bromium Proofpoint Inc. Rapid7 SentinelOne Trend Micro Webroot StackPath & Tanium)
• So You Want to Market Your Security Product…
  • Alva-So-You-Want-To-Market-Your-Security-Product.pdf
• Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
  • Wang-Sonic-Gun-To-Smart-Devices-Your-Devices-Lose-Control-Under-Ultrasound-Or-Sound.pdf
• Splunking Dark Tools - A Pentesters Guide to Pwnage Visualization
  • Bates-Splunking-Dark-Tools-A-Pentesters-Guide-To-Pwnage-Visualization.pdf
• SS7 Attacker Heaven Turns into Riot: How to Make Nation-State and Intelligence Attackers’ Lives Much Harder on Mobile Networks
  • Kacer-SS7-Attacker-Heaven-Turns-Into-Riot-How-To-Make-Nation-State-And-Intelligence-Attackers-Lives-Much-Harder-On-Mobile-Networks.pdf
  • Kacer-SS7-Attacker-Heaven-Turns-Into-Riot-How-To-Make-Nation-State-And-Intelligence-Attackers-Lives-Much-Harder-On-Mobile-Networks-wp.pdf
• Taking DMA Attacks to the Next Level: How to do Arbitrary Memory Reads/Writes in a Live and Unmodified System Using a Rogue Memory Controller
• Taking Over the World Through MQTT - Aftermath
  • Lundgren-Taking-Over-The-World-Through-Mqtt-Aftermath.pdf
• Taking Windows 10 Kernel Exploitation to the Next Level – Leveraging Write-What-Where Vulnerabilities in Creators Update
  • Schenk-Taking-Windows-10-Kernel-Exploitation-To-The-Next-Level–Leveraging-Write-What-Where-Vulnerabilities-In-Creators-Update.pdf
  • Schenk-Taking-Windows-10-Kernel-Exploitation-To-The-Next-Level–Leveraging-Write-What-Where-Vulnerabilities-In-Creators-Update-wp.pdf
• The Active Directory Botnet
  • Miller-The-Active-Directory-Botnet
• The Adventures of AV and the Leaky Sandbox
  • Kotler-The-Adventures-Of-Av-And-The-Leaky-Sandbox.pdf
  • Kotler-The-Adventures-Of-Av-And-The-Leaky-Sandbox-wp.pdf
• The Art of Securing 100 Products
  • Valtman-The-Art-Of-Securing-100-Products.pdf
• The Avalanche Takedown: Landslide for Law Enforcement
• The Epocholypse 2038: What’s in Store for the Next 20 Years
  • Hypponen-The-Epocholypse-2038-Whats-In-Store-For-The-Next-20-Years.pdf
• The Future of ApplePwn - How to Save Your Money
  • Yunusov-The-Future-Of-Applepwn-How-To-Save-Your-Money.pdf
• The Industrial Revolution of Lateral Movement
  • Beery-The-Industrial-Revolution-Of-Lateral-Movement.pdf
• The Origin of Array [@@species]: How Standards Drive Bugs in Script Engines
  • Silvanovich-The-Origin-Of-Array-Symbol-Species.pdf
• The Shadow Brokers – Cyber Fear Game-Changers
• They’re Coming for Your Tools: Exploiting Design Flaws for Active Intrusion Prevention
• Tracking Ransomware End to End
  • Invernizzi-Tracking-Ransomware-End-To-End.pdf
• Web Cache Deception Attack
  • Gil-Web-Cache-Deception-Attack.pdf
  • Gil-Web-Cache-Deception-Attack-wp.pdf
• Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
  • Cherny-Well-That-Escalated-Quickly-How-Abusing-The-Docker-API-Led-To-Remote-Code-Execution-Same-Origin-Bypass-And-Persistence.pdf
  • Cherny-Well-That-Escalated-Quickly-How-Abusing-The-Docker-API-Led-To-Remote-Code-Execution-Same-Origin-Bypass-And-Persistence_wp.pdf
• What They’re Teaching Kids These Days: Comparing Security Curricula and Accreditations to Industry Needs
  • Sanders-What-They’re-Teaching-Kids-These-Days-Comparing-Security-Curricula-And-Accreditations-To-Industry-Needs.pdf
• What’s on the Wireless? Automating RF Signal Identification
  • Ossmann-Whats-On-The-Wireless-Automating-RF-Signal-Identification.pdf
  • Ossmann-Whats-On-The-Wireless-Automating-RF-Signal-Identification-wp.pdf
• When IoT Attacks: Understanding the Safety Risks Associated with Connected Devices
  • Rios-When-IoT-Attacks-Understanding-The-Safety-Risks-Associated-With-Connected-Devices.pdf
  • Rios-When-IoT-Attacks-Understanding-The-Safety-Risks-Associated-With-Connected-Devices-wp.pdf
• White Hat Privilege: The Legal Landscape for a Cybersecurity Professional Seeking to Safeguard Sensitive Client Data
  • Osborn-White-Hat-Privilege-The-Legal-Landscape-For-A-Cybersecurity-Professional-Seeking-To-Safeguard-Sensitive-Client-Data.pdf
• Why Most Cyber Security Training Fails and What We Can Do About it
• WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
  • Ventura-Theyre-Coming-For-Your-Tools-Exploiting-Design-Flaws-For-Active-Intrusion-Prevention.pdf
  • Ventura-Theyre-Coming-For-Your-Tools-Exploiting-Design-Flaws-For-Active-Intrusion-Prevention-wp.pdf
  • Vanhoef-WiFuzz-Detecting-And-Exploiting-Logical-Flaws-In-The-Wi-Fi-Cryptographic-Handshake-tools.zip
• Wire Me Through Machine Learning
  • Singh-Wire-Me-Through-Machine-Learning.pdf
• WSUSpendu: How to Hang WSUS Clients
  • Coltel-WSUSpendu-Use-WSUS-To-Hang-Its-Clients.pdf
  • Coltel-WSUSpendu-Use-WSUS-To-Hang-Its-Clients-wp.pdf
• Zero Days Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
  • Ablon-Zero-Days-Thousands-Of-Nights-The-Life-And-Times-Of-Zero-Day-Vulnerabilities-And-Their-Exploits.pdf

• BlackHat
• Presentaciones