Cyberhades

A Graduate Course in Applied Cryptography, libro gratuito

A Graduate Course in Applied Cryptography es el título de un libro que podemos descargarnos en formato PDF de forma totalmente gratuita.

Como su nombre indica, dicho libro trata sobre criptografía aplicada. Todavía no está terminado y seguramente sufra algunos cambios/correcciones.

Los autores del mismo: Dan Boneh y Victor Shoup. A muchos os sonara el nombre de Dan Boneh, éste el profesor del tan popular curso Cryptography I en Coursera y del tan esperado Cryptography II, el que tantos retrasos a sufrido. Me pregunto cuanta culpa ha tenido este libro :), el cual, posiblemente se use como material de referencia en sus cursos.

Curso sobre ingeniería inversa de aplicaciones Android impartido en Defcon 23

Como de costumbre, en la mayoría de las conferencias sobre seguridad, además de las charlas, siempre se ofrecen talleres y cursos.

En la pasada Defcon 23, miembros Red Naga (@jcase, CalebFenton y @timstrazz), impartieron un curso sobre ingeniería inversa en aplicaciones Android, cuyo contenido han publicado en Github.

En dicho repositorio podemos encontrar un PDF bastante extenso (214 diapositivas), además algunos de los retos/talleres que se usaron en dicho curso.

Se asume que debes tener un mínimo conocimiento sobre conceptos de ingeniería inversa y se recomienda el uso de una de las siguientes herramientas (aunque no es un requisito):

Curso sobre ingeniería inversa de hardware

Gracias de nuevo al Instituto Politécnico de Renssselaer en Troy, Nueva York, podemos acceder al contenido de otro de sus cursos sobre seguridad informática, en este caso sobre ingeniería inversa de hardware, éste correspondiente al año anterior.

El curso se impartió con el siguiente temario:

Lecture 1: Course overview, motivation, legal issues, switch model of CMOS logic Lecture 2: Package construction Quiz 1: CMOS schematics, packaging Quiz 1a: Makeup exam Lecture 3: Depackaging Quiz 2: Depackaging Lecture 4: CMOS layout Download the example layouts Quiz 3: CMOS layout Homework 1 out Homework 1 images More homework 1 images Lecture 5: Fabrication processes Lecture 6: Deprocessing Quiz 4: Process ID and deprocessing Lecture 7: CPLD architecture Quiz 5: CPLD architecture Lecture 8: Microscopy and Imaging Files for in-class exercise Quiz 6: Microscopy and imaging Lecture 9: Mask ROM layout Lecture 10: PROM/EPROM/EEPROM/efuse/Flash layout Lecture 11: SRAM layout Quiz 7: Memory technology Lecture 12: Non-invasive attacks on logic Prof. Yener’s slides Brennan’s slides Lecture 14: Invasive and semi-invasive attacks Quiz 8: Attacks Lecture 15: PCB RE: Component ID, block diagram extraction Lecture 16: Guest lecture by Danny Walters (MITRE) on electromagnetic side-channel attacks Lecture 17: Anti-tamper / anti-analysis techniques Lecture 18: PCB RE: Fab, deprocessing, netlist extraction Quiz 9: PCB RE Lecture 19: Programmable logic: FPGAs Lecture 20: Machine vision, automated RE tools

Modern Windows Exploit Development (Libro)

Ya hemos hablado de esta serie de tutoriales titulada Exploi Development Course anteriormente.

El autor de la misma a puesto a disposición de todos y de forma totalmente gratuita un libro titulado Modern Windows Exploit Development con el contenido de dicha serie.

El libro está en formato PDF y contiene 529 páginas.

Vídeos del Chaos Communication Camp 2015

Para cualquier profesional en el campo de la seguridad informática, el verano no es precisamente la temporada para desconectar, si no todo lo contrario, es la época del año en la que te tienes que poner las botas y absorber toda la información que puedas, sobre todo de las grandes conferencias sobre seguridad que acontecen alrededor del mundo.

En este caso hablamos de Chaos Communication Camp, una conferencia veraniega organizada por miembros del CCC (Chaos Communication Club), que cómo sabemos, éste se celebra una de las mejores conferencias del mundo a finales de diciembre.

Material de USENIX 24 y sus talleres: WOOT, CSET, FOCI, HealthTech, 3GSE, HotSet y JETS

La organización sobre computación avanzada USENIX, celebra su 24 simposio sobre seguridad. Dicho evento termina hoy, pero el contenido de las charlas ya se encuentran disponibles:

Post-Mortem of a Zombie: Conficker Cleanup After Six Years - Paper
Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World - Paper
Measuring the Longitudinal Evolution of the Online Anonymous Marketplace Ecosystem - Paper
Under-Constrained Symbolic Execution: Correctness Checking for Real Code - Paper
TaintPipe: Pipelined Symbolic Taint Analysis - Paper
Type Casting Verification: Stopping an Emerging Attack Vector - Paper
All Your Biases Belong to Us: Breaking RC4 in WPA-TKIP and TLS - Paper
Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS - Paper
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network - Paper
Compiler-instrumented, Dynamic Secret-Redaction of Legacy Processes for Attacker Deception - Paper
Control-Flow Bending: On the Effectiveness of Control-Flow Integrity - Paper
Automatic Generation of Data-Oriented Exploits - Paper
Protocol State Fuzzing of TLS Implementations - Paper
Verified Correctness and Security of OpenSSL HMAC - Paper
Not-Quite-So-Broken TLS: Lessons in Re-Engineering a Security Protocol Specification and Implementation - Paper
To Pin or Not to Pin—Helping App Developers Bullet Proof Their TLS Connections - Paper
De-anonymizing Programmers via Code Stylometry - Paper
RAPTOR: Routing Attacks on Privacy in Tor - Paper
Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Services - Paper
SecGraph: A Uniform and Open-source Evaluation System for Graph Data Anonymization and De-anonymization - Paper
Dismantling Megamos Crypto: Wirelessly Lockpicking a Vehicle Immobilizer - Paper
Trustworthy Whole-System Provenance for the Linux Kernel - Paper
Securing Self-Virtualizing Ethernet Devices - Paper
EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning - Paper
Marionette: A Programmable Network Traffic Obfuscation System - Paper
CONIKS: Bringing Key Transparency to End Users - Paper
Investigating the Computer Security Practices and Needs of Journalists - Paper
Constants Count: Practical Improvements to Oblivious RAM - Paper
Raccoon: Closing Digital Side-Channels through Obfuscated Execution - Paper
M2R: Enabling Stronger Privacy in MapReduce Computation - Paper
Measuring Real-World Accuracies and Biases in Modeling Password Guessability - Paper
Sound-Proof: Usable Two-Factor Authentication Based on Ambient Sound - Paper
Android Permissions Remystified: A Field Study on Contextual Integrity - Paper
Phasing: Private Set Intersection Using Permutation-based Hashing - Paper
Faster Secure Computation through Automatic Parallelization - Paper
The Pythia PRF Service - Paper
EVILCOHORT: Detecting Communities of Malicious Accounts on Online Services - Paper
Trends and Lessons from Three Years Fighting Malicious Extensions - Paper
Meerkat: Detecting Website Defacements through Image-based Object Recognition - Paper
Recognizing Functions in Binaries with Neural Networks - Paper
Reassembleable Disassembling - Paper
How the ELF Ruined Christmas - Paper
Finding Unknown Malice in 10 Seconds: Mass Vetting for New Threats at the Google-Play Scale - Paper
You Shouldn’t Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps - Paper
Boxify: Full-fledged App Sandboxing for Stock Android - Paper
Cookies Lack Integrity: Real-World Implications - Paper
The Unexpected Dangers of Dynamic JavaScript - Paper
ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities - Paper
Anatomization and Protection of Mobile Apps’ Location Privacy Threats - Paper
LinkDroid: Reducing Unregulated Aggregation of App Usage Behaviors - Paper
PowerSpy: Location Tracking Using Mobile Device Power Analysis - Paper
In the Compression Hornet’s Nest: A Security Study of Data Compression in Network Services - Paper
Bohatei: Flexible and Elastic DDoS Defense - Paper
Boxed Out: Blocking Cellular Interconnect Bypass Fraud at the Network Edge - Paper
GSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies - Paper
Thermal Covert Channels on Multi-core Platforms - Paper
Rocking Drones with Intentional Sound Noise on Gyroscopic Sensors - Paper
Cache Template Attacks: Automating Attacks on Inclusive Last-Level Caches - Paper
A Placement Vulnerability Study in Multi-Tenant Public Clouds - Paper
A Measurement Study on Co-residence Threat inside the Cloud - Paper
Towards Discovering and Understanding Task Hijacking in Android - Paper
Cashtags: Protecting the Input and Display of Sensitive Data - Paper
SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps - Paper
UIPicker: User-Input Privacy Identification in Mobile Applications - Paper
Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents - Paper
WebWitness: Investigating, Categorizing, and Mitigating Malware Download Paths - Paper
Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits - Paper
Needles in a Haystack: Mining Information from Public Dynamic Analysis Sandboxes for Malware Intelligence - Paper

A este evento le preceden una serie de talleres enfocados en temas más específicos, también dentro del ámbito de la seguridad informática: WOOT, CSET, FOCI, HealthTech, 3GSE, HotSet y JETS.

Cada uno de dichos talleres, a excepción de HotSet, también han publicado el contenido de sus sesiones, aunque en el caso the HealthTech sólo tienen publicada una de ellas.

Kali Linux 2.0

Hoy ha sido lanzada la nueva versión de Kali Linux. Este es sin duda el sistema más usado en auditorias de seguridad. No necesita presentación alguna y todas sus novedades las podéis encontrar en su blog oficial.

Las diferentes imágenes de descarga las tenéis aquí, aunque se recomienda el uso de torrents para no saturar el servidor.

Aquí os dejo el vídeo de presentación:

Linux Inside

Hace un tiempo publicamos aquí una entrada con una serie de tutoriales sobre arranque e inicialización en sistemas operativos con el núcleo de Linux.

El autor de las mismas ha seguido escribiendo sobre interrupciones, manejo de la memoria y conceptos varios, y además a creado un libro en Gitbook llamado Linux Inside con todo el contenido que ha ido escribiendo y que está escribiendo.

Dicho libro lo puedes leer online de forma gratuita, e incluso lo puedes descargar en formato PDF, EPUB o MOBI.

Material de Defcon 23

Y después de Black Hat, llega Defcon. Ya podemos acceder a las presentaciones de la edición 23 de la conferencia más grande sobre seguridad informática.

3alarmlampscooter
- 3alarmlampscooter-DIY-Nukeproofing.pdf
Alessandro Di Federico
- Alessandro-Di-Federico-Leakless-How-The-ELF-ruined.pdf
Amit Ashbel & Maty Siman
- Amit-Ashbel-Maty-Siman-Game-of-Hacks-Play-Hack-and.pdf
AmmonRa
- ammonRA-How-to-hack-your-way-out-of-home-detention.pdf
Andres Blanco & Andres Gazzoli
- Andres-Blanco-802.11-Massive-Monitoring.pdf
Atlas
- Atlas-Fun-With-Symboliks.pdf
Bart Kulach
- Bart-Kulach-Hack-the-Legacy-IBMi-revealed.pdf
Brent White
- Brent-White-Hacking-Web-Apps-WP.pdf
Brian Gorenc & Abdul Aziz Hariri & Jason Spelman
- Hariri-Spelman-Gorenc-Abusing-Adobe-Readers-JavaSc.pdf
Bruce Potter
- Bruce-Potter-Hackers-Guide-to-Risk.pdf
Chris Domas
- Chris-Domas-REpsych.pdf
Chris Rock
- Chris-Rock-I-Will-Kill-You-How-to-Get-Away-with-Mu.pdf
Chris Sistrunk
- Chris-Sistrunk-NSM-101-for-ICS.pdf
Colby Moore
- Colby-Moore-Spread-Spectrum-Satcom-Hacking.pdf
Colin O'Flynn
- Colin-O'Flynn-Dont-Whisper-My-Chips.pdf
Collin Anderson & Tom Cross
- Collin-Anderson-Tom-Cross-Export-Controls-on-Intru.pdf
Collin Cassidy & Robert Lee & Eireann Leverett
- Cassidy-Leverett-Lee-Switches-Get-Stitches.pdf
Craig Young
- Extras/
- Craig-Young-How-To-Train-Your-RFID-Hacking-Tools.pdf
Dakahuna & Satanklawz
- DaKahuna-Satanlawz-Introduction-to-SDR-and-Wifi-Vi.pdf
Damon Small
- Damon-Small-Beyond-the-Scan.pdf
Daniel Crowley & Damon Smith
- Daniel-Crowley-Damon-Smith-Bugged-Files.pdf
Daniel Selifonov
- Daniel-Selifonov-Drinking-from-LETHE.pdf
David An
- David-An-When-the-Secretary-of-State-says-Stop-Hac.pdf
David Huerta
- David-Huerta-Alice-and-Bob-are-Really-Confused.pdf
David Mortman
- David-Mortman-Docker.pdf
Eijah
- Eijah-Crypto-for-Hackers.pdf
Eric (XlogicX) Davisson
- Eric-XlogicX-Davisson-ReDoS.pdf
Eric Van Albert & Zack Banks
- Eric-Van-Albert-Zack-Banks-Looping-Surveillance-Ca.pdf
Etienne Martineau
- Etienne-Martineau-Inter-VM-Data-Exfiltration.pdf
Evilrob & Xaphan
- Evilrob-Xaphan-TLS-Canary-Keeping-Your-Dick-Pics-S.pdf
Fatih Ozavci
- Fatih-Ozavci-The-Art-of-VoIP-Workshop.pdf
Fernando Arnaboldi
- Fernando-Arnaboldi-Abusing-XSLT-for-Practical-Atta.pdf
- Fernando-Arnaboldi-Abusing-XSLT-for-Practical-_002.pdf
Gerard Laygui
- Gerard-Laygui-Forensic-Artifacts-Pass-The-Hash-Att.pdf
Grant Bugher
- Grant-Bugher-Obtaining-and-Detecting-Domain-Persis.pdf
Gregory Pickett
- Extras/
- Gregory-Pickett-Staying-Persistant-in-Software-Def.pdf
Ian Kline
- Ian-Kline-LTE-Recon-and-Tracking-with-RTLSDR.pdf
Ian Latter
- Ian-Latter-Remote-Access-the-APT.pdf
Ionut Popescu
- Ionut-Popescu-NetRipper-WP.pdf
- Ionut-Popescu-NetRipper.pdf
Jason Haddix
- Jason-Haddix-How-Do-I-shot-Web.pdf
Jeremy Dorrough
- Jeremy-Dorrough-USB-Attack-to-Decrypt-Wi-Fi-Commun.pdf
John Menerick
- John-Menerick-Backdooring-Git.pdf
John Seymour
- John-Seymour-Quantum-Classification-of-Malware-WP.pdf
- John-Seymour-Quantum-Classification-of-Malware.pdf
Jose Selvi
- Jose-Selvi-Breaking-SSL-Using-Time-Synchronisation.pdf
Joshua Smith
- Joshua-Smith-High-Def-Fuzzing-Exploitation-Over-HD.pdf
Justin Engler
- Justin-Engler-Secure-Messaging-For-Normal-People-W.pdf
- Justin-Engler-Secure-Messaging-For-Normal-People.pdf
Ken Westin
- Ken-Westin-Confessions-of-a-Cyberstalker.pdf
Lance Butters (Nemus)
- Lance-Buttars-Nemus-SQLi-on-LAMP.pdf
Li Jun & Yang Qing
- Li-Jun-Yang-Qing-I-AM-A-NEWBIE-YET-I-CAN-HACK-ZIGB.pdf
Lin Huang & Qing Yang
- Lin-Huang-Qing-Yang-GPS-Spoofing.pdf
Luke Young
Mahdi Namazifar
- Mahdi-Namazifar-Detecting-Random-Strings-Language-.pdf
Maiubiz
- Miaubiz-Put-on-Your-Tinfo_t-Hat.pdf
Marina Krotofil & Jason Larsen
- Marina-Krotofil-Jason-Larsen-Rocking-the-Pocke_002.pdf
- Marina-Krotofil-Jason-Larsen-Rocking-the-Pocketboo.pdf
Mark Ryan Talabis
- Mark-Ryan-Talabis-The-Bieber-Project.pdf
Marte L0ge
- Marte-L0ge-I-will-Tell-you-your-Lock-Pattern.pdf
Matt Graeber & Willi Ballenthin & Claudio Teodorescu
- Ballenthin-Graeber-Teodorescu-WMI-Attacks-Defense-.pdf
Matteo Becarro & Matteo Collura
- Matteo-Becarro-Matteo-Collura-Extracting-The-Painf.pdf
Michael Robinson
- Michael-Robinson-Knocking-My-Neighbors-Kids-Drone-.pdf
Michael Schrenk
- Michael-Schrenk-Applied-Intelligence.pdf
Mickey Shkatov & Jesse Michael
- Mickey-Shkatov-Jesse-Michael-Scared-poopless-LTE-a.pdf
Mike Sconzo
- Mike-Sconzo-I-am-packer-and-so-can-you.pdf
Nadeem Douba
- Extras/
- Nadeem-Douba-BurpKit.pdf
Nir Valtman & MosheFerber
- Nir-Valtman-Moshe-Ferber-From-zero-to-secure-in-1-.pdf
Omer Coskun
- Omer-Coskun-Why-Nation-State-Malwares-Target-Telco.pdf
Panel - Comedy Inception
- Panel-Comedy-Inception-Amanda-Berlin-Blue-Team-Hel.pdf
Patrick McNeil
- Patrick-McNeil-Guidelines-For-Securing-Your-VoIP-P.pdf
Patrick McNeil & Snide Owen
- Patrick-McNeil-Owen-Sorry-Wrong-Number.pdf
Patrick Wardle
- Patrick-Wardle-DLL-Hijacking-on-OSX.pdf
- Patrick-Wardle-Stick-that-in-your-(Root)Pipe-and-S.pdf
Paul Amicelli & David Baptiste
- Paul-Amicelli-David-Baptiste-How-to-secure-the-key.pdf
Peter Desfigies, Joshua Brierton & Naveed Ul Islam
- Desfigies-Brierton-Islam-Guests-N-Goblins-Referenc.txt
- Desfigies-Brierton-Islam-Guests-N-Goblins.pdf
Phil Polstra
Phil Young & Chad Rikansrud
- Extras/
- Phil-Young-Chad-Rikansrud-Security-Necromancy-Furt.pdf
Phillip Aumasson
- Phillip-Aumasson-Quantum-Computers-vs-Computers-Se.pdf
Rich Kelley
- Rich-Kelley-Harness-Powershell-Weaponization-Made-.pdf
Richo Healey & Mike Ryan
- Richo-Healey-Mike-Ryan-Hacking-Electric-Skateboard.pdf
Ricky Lawshae
- Extras/
- Rickey-Lawshae-Lets-Talk-About-SOAP.pdf
Rodrigo Almeida
Ronny Bull & Jeanna Matthews
Ryan Castelluci
- Ryan-Castellucci-Cracking-Cryptocurrency-Brainwall.pdf
Ryan Mitchell
- Ryan-Mitchell-Separating-Bots-from-Humans.pdf
Ryan O'Neil
- Ryan-O'Neil-Advances-in-Linux-Forensics-ECFS.pdf
Saif El-Sherei & Etienne Stalmans
- Saif-El-Sherei-Etienne-Stalmans-SensePost-Introduc.pdf
Sam Bowne
- Sam-Bowne-Workshop-Android-Security-Auditing-Mobil.pdf
- Sam-Bowne-Workshop-Violent-Python.pdf
Samy Kamkar
- Extras/
- Samy-Kamkar-README.txt
Sarah Edwards
- Sarah-Edwards-Ubiquity-Forensics.pdf
Sean Metcalf
- Sean-Metcalf-Red-vs-Blue-AD-Attack-and-Defense.pdf
Shawn Webb
- Shawn-Webb-HardenedBSD-Internals.pdf
Tamas Szakaly
- Tamas-Szakaly-Shall-We-Play-A-Game.pdf
Tony Trummer & Tushar Dalvi
- Tony-Trummer-Tushar-Dalvi-QARK.pdf
Topher Timzen & Ryan Allen
Tottenkoph & IrishMASMS
- Tottenkoph-IrishMASMS-Hackers-Hiring-Hacker.pdf
Vivek Ramachadran
- Vivek-Ramachadran-Chellam.pdf
Wesley McGrew
- Wesley-McGrew-I-Hunt-Penetration-Testers-WP.pdf
- Wesley-McGrew-I-Hunt-Penetration-Testers.pdf
Weston Hecker
- Weston-Hecker-Goodbye-Memory-Scraping-Malware.pdf
Xntrik
- xntrik-Hooked-Browser-Meshed-Networks-with-webRTC-.pdf
Yan Shoshitaishvili & Fish Wang
- Yan-Shoshitaishvili-Fish-Wang-Angry-Hacking.pdf
Yaniv Balmas & Lior Oppenheim
- Yaniv-Balmas-Lior-Oppenheim-Key-Logger-Video-Mouse.pdf
Yuwei Zheng & Haoqi Shan
- Yuwei-Zheng-Haoqi-Shan-Build-a-Free-Cellular-Traff.pdf
Zach Allen & Rusty Bower
- Zack-Allen-Rusty-Bower-Malware-In-Gaming.pdf
fluxist
- Fluxist-Unbootable-Exploiting-Paylock-Smartboot.pdf

Material de Black Hat USA 2015

Ya tenemos disponible la mayoría de las presentaciones de la Black Hat USA 2015.

La lista es la siguiente:

The Lifecycle of a Revolution us-15-Granick-The-Lifecycle-Of-A-Revolution.pdf
Abusing Silent Mitigations - Understanding Weaknesses Within Internet Explorers Isolated Heap and MemoryProtection us-15-Gorenc-Abusing-Silent-Mitigations-Understanding-Weaknesses-Within-Internet-Explorers-Isolated-Heap-And-MemoryProtection.pdf us-15-Gorenc-Abusing-Silent-Mitigations-Understanding-Weaknesses-Within-Internet-Explorers-Isolated-Heap-And-MemoryProtection-wp.pdf
Abusing Windows Management Instrumentation (WMI) to Build a Persistent Asynchronous and Fileless Backdoor us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent Asynchronous-And-Fileless-Backdoor.pdf us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent Asynchronous-And-Fileless-Backdoor-wp.pdf us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent Asynchronous-And-Fileless-Backdoor-WMIBackdoor.ps1
Abusing XSLT for Practical Attacks us-15-Arnaboldi-Abusing-XSLT-For-Practical-Attacks.pdf us-15-Arnaboldi-Abusing-XSLT-For-Practical-Attacks-wp.pdf
Advanced IC Reverse Engineering Techniques: In Depth Analysis of a Modern Smart Card us-15-Thomas-Advanced-IC-Reverse-Engineering-Techniques-In-Depth-Analysis-Of-A-Modern-Smart-Card.pdf
Adventures in Femtoland: 350 Yuan for Invaluable Fun
Ah! Universal Android Rooting is Back us-15-Xu-Ah-Universal-Android-Rooting-Is-Back.pdf us-15-Xu-Ah-Universal-Android-Rooting-Is-Back-wp.pdf
Android Security State of the Union
API Deobfuscator: Resolving Obfuscated API Functions in Modern Packers us-15-Choi-API-Deobfuscator-Resolving-Obfuscated-API-Functions-In-Modern-Packers.pdf
Assessing and Exploiting BigNum Vulnerabilities
Attacking ECMAScript Engines with Redefinition us-15-Silvanovich-Attacking-ECMA-Script-Engines-With-Redefinition us-15-Silvanovich-Attacking-ECMA-Script-Engines-With-Redefinition-wp.pdf
Attacking Hypervisors Using Firmware and Hardware
Attacking Interoperability - An OLE Edition us-15-Li-Attacking-Interoperability-An-OLE-Edition.pdf
Attacking Your Trusted Core: Exploiting Trustzone on Android us-15-Shen-Attacking-Your-Trusted-Core-Exploiting-Trustzone-On-Android.pdf us-15-Shen-Attacking-Your-Trusted-Core-Exploiting-Trustzone-On-Android-wp.pdf
Automated Human Vulnerability Scanning with AVA us-15-Bell-Automated-Human-Vulnerability-Scanning-With-AVA.pdf
Back Doors and Front Doors Breaking the Unbreakable System
Battle of the SKM and IUM: How Windows 10 Rewrites OS Architecture
Behind the Mask: The Agenda Tricks and Tactics of the Federal Trade Commission as they Regulate Cybersecurity us-15-Daugherty-Behind-The-Mask-The-Agenda-Tricks-And-Tactics-Of-The-Federal-Trade-Commission-As-They-Regulate-Cybersecurity.pdf
BGP Stream
Big Game Hunting: The Peculiarities of Nation-State Malware Research us-15-MarquisBoire-Big-Game-Hunting-The-Peculiarities-Of-Nation-State-Malware-Research.pdf
Breaking Access Controls with BLEKey
Breaking Honeypots for Fun and Profit
Breaking HTTPS with BGP Hijacking us-15-Gavrichenkov-Breaking-HTTPS-With-BGP-Hijacking.pdf us-15-Gavrichenkov-Breaking-HTTPS-With-BGP-Hijacking-wp.pdf
Breaking Payloads with Runtime Code Stripping and Image Freezing us-15-Mulliner-Breaking-Payloads-With-Runtime-Code-Stripping-And-Image-Freezing.pdf us-15-Mulliner-Breaking-Payloads-With-Runtime-Code-Stripping-And-Image-Freezing-wp.pdf
Bring Back the Honeypots
Bringing a Cannon to a Knife Fight
Broadcasting Your Attack: Security Testing DAB Radio in Cars
Bypass Control Flow Guard Comprehensively us-15-Zhang-Bypass-Control-Flow-Guard-Comprehensively.pdf us-15-Zhang-Bypass-Control-Flow-Guard-Comprehensively-wp.pdf
Bypass Surgery Abusing Content Delivery Networks with Server-Side-Request Forgery (SSRF) Flash and DNS
Certifi-gate: Front-Door Access to Pwning Millions of Androids us-15-Bobrov-Certifi-Gate-Front-Door-Access-To-Pwning-Millions-Of-Androids.pdf us-15-Bobrov-Certifi-Gate-Front-Door-Access-To-Pwning-Millions-Of-Androids-wp.pdf
Cloning 3G/4G SIM Cards with a PC and an Oscilloscope: Lessons Learned in Physical Security us-15-Yu-Cloning-3G-4G-SIM-Cards-With-A-PC-And-An-Oscilloscope-Lessons-Learned-In-Physical-Security.pdf us-15-Yu-Cloning-3G-4G-SIM-Cards-With-A-PC-And-An-Oscilloscope-Lessons-Learned-In-Physical-Security-wp.pdf
Commercial Mobile Spyware - Detecting the Undetectable us-15-Dalman-Commercial-Spyware-Detecting-The-Undetectable.pdf us-15-Dalman-Commercial-Spyware-Detecting-The-Undetectable-wp.pdf
CrackLord: Maximizing Password Cracking Boxes us-15-Morris-CrackLord-Maximizing-Password-Cracking.pdf us-15-Morris-CrackLord-Maximizing-Password-Cracking-wp.pdf us-15-Morris-CrackLord-Maximizing-Password-Cracking-src.zip
Crash & Pay: How to Own and Clone Contactless Payment Devices us-15-Fillmore-Crash-Pay-How-To-Own-And-Clone-Contactless-Payment-Devices.pdf us-15-Fillmore-Crash-Pay-How-To-Own-And-Clone-Contactless-Payment-Devices-wp.pdf
Dance Like Nobodys Watching Encrypt Like Everyone Is: A Peek Inside the Black Hat Network
Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing
Deep Learning on Disassembly us-15-Davis-Deep-Learning-On-Disassembly.pdf
Defeating Machine Learning: What Your Security Vendor is Not Telling You
Defeating Pass-the-Hash: Separation of Powers us-15-Moore-Defeating Pass-the-Hash-Separation-Of-Powers.pdf us-15-Moore-Defeating Pass-the-Hash-Separation-Of-Powers-wp.pdf
Distributing the Reconstruction of High-Level Intermediate Representation for Large Scale Malware Analysis
Dom Flow - Untangling the DOM for More Easy-Juicy Bugs us-15-Nafeez-Dom-Flow-Untangling-The-DOM-For-More-Easy-Juicy-Bugs.pdf
Emanate Like a Boss: Generalized Covert Data Exfiltration with Funtenna
Exploiting Out-of-Order Execution for Covert Cross-VM Communication us-15-DAntoine-Exploiting-Out-Of-Order-Execution-For-Covert-Cross-VM-Communication.pdf us-15-DAntoine-Exploiting-Out-Of-Order-Execution-For-Covert-Cross-VM-Communication-wp.pdf
Exploiting the DRAM Rowhammer Bug to Gain Kernel Privileges us-15-Seaborn-Exploiting-The-DRAM-Rowhammer-Bug-To-Gain-Kernel-Privileges.pdf us-15-Seaborn-Exploiting-The-DRAM-Rowhammer-Bug-To-Gain-Kernel-Privileges-wp.pdf
Exploiting XXE Vulnerabilities in File Parsing Functionality us-15-Vandevanter-Exploiting-XXE-Vulnerabilities-In-File-Parsing-Functionality.pdf us-15-Vandevanter-Exploiting-XXE-Vulnerabilities-In-File-Parsing-Functionality-tool.zip
Faux Disk Encryption: Realities of Secure Storage on Mobile Devices us-15-Mayer-Faux-Disk-Encryption-Realities-Of-Secure-Storage-On-Mobile-Devices-wp.pdf
FileCry - The New Age of XXE us-15-Wang-FileCry-The-New-Age-Of-XXE.pdf us-15-Wang-FileCry-The-New-Age-Of-XXE-ie-wp.pdf us-15-Wang-FileCry-The-New-Age-Of-XXE-java-wp.pdf
Fingerprints on Mobile Devices: Abusing and Leaking us-15-Zhang-Fingerprints-On-Mobile-Devices-Abusing-And-Leaking.pdf us-15-Zhang-Fingerprints-On-Mobile-Devices-Abusing-And-Leaking-wp.pdf
Forging the USB Armory an Open Source Secure Flash-Drive-Sized Computer
From False Positives to Actionable Analysis: Behavioral Intrusion Detection Machine Learning and the SOC us-15-Zadeh-From-False-Positives-To-Actionable-Analysis-Behavioral-Intrusion-Detection-Machine-Learning-And-The-SOC.pdf us-15-Zadeh-From-False-Positives-To-Actionable-Analysis-Behavioral-Intrusion-Detection-Machine-Learning-And-The-SOC-wp.pdf
Fuzzing Android System Services by Binder Call to Escalate Privilege us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege.pdf us-15-Gong-Fuzzing-Android-System-Services-By-Binder-Call-To-Escalate-Privilege-wp.pdf
GameOver Zeus: Badguys and Backends us-15-Peterson-GameOver-Zeus-Badguys-And-Backends.pdf us-15-Peterson-GameOver-Zeus-Badguys-And-Backends-wp.pdf
Graphic Content Ahead: Towards Automated Scalable Analysis of Graphical Images Embedded in Malware us-15-Long-Graphic-Content-Ahead-Towards-Automated-Scalable-Analysis-Of-Graphical-Images-Embedded-In-Malware.pdf
Harnessing Intelligence from Malware Repositories us-15-Lakhotia-Harnessing-Intelligence-From-Malware-Repositories.pdf
HI THIS IS URGENT PLZ FIX ASAP: Critical Vulnerabilities and Bug Bounty Programs us-15-Price-Hi-This-Is-Urgent-Plz-Fix-ASAP-Critical-Vulnerabilities-And-Bug-Bounty-Programs.pdf
Hidden Risks of Biometric Identifiers and How to Avoid Them us-15-Keenan-Hidden-Risks-Of-Biometric-Identifiers-And-How-To-Avoid-Them.pdf us-15-Keenan-Hidden-Risks-Of-Biometric-Identifiers-And-How-To-Avoid-Them-wp.pdf
How to Hack Government: Technologists as Policy Makers
How to Implement IT Security After a Cyber Meltdown us-15-Kubecka-How-To-Implement-IT-Security-After-A-Cyber-Meltdown.pdf
How Vulnerable are We to Scams? us-15-Jakobsson-How-Vulnerable-Are-We-To-Scams.pdf us-15-Jakobsson-How-Vulnerable-Are-We-To-Scams-wp.pdf
Information Access and Information Sharing: Where We are and Where We are Going
Internet Plumbing for Security Professionals: The State of BGP Security us-15-Remes-Internet-Plumbing-For-Security-Professionals-The-State-Of-BGP-Security.pdf us-15-Remes-Internet-Plumbing-For-Security-Professionals-The-State-Of-BGP-Security-wp.pdf
Internet-Facing PLCs - A New Back Orifice us-15-Klick-Internet-Facing-PLCs-A-New-Back-Orifice.pdf us-15-Klick-Internet-Facing-PLCs-A-New-Back-Orifice-wp.pdf
Internet-Scale File Analysis us-15-Hanif-Internet-Scale-File-Analysis.pdf us-15-Hanif-Internet-Scale-File-Analysis-wp.pdf
Is the NSA Still Listening to Your Phone Calls? A Surveillance Debate: Congressional Success or Epic Fail
Mobile Point of Scam: Attacking the Square Reader us-15-Mellen-Mobile-Point-Of-Scam-Attacking-The-Square-Reader.pdf us-15-Mellen-Mobile-Point-Of-Scam-Attacking-The-Square-Reader-wp.pdf
Most Ransomware Isnt as Complex as You Might Think us-15-Kirda-Most-Ransomware-Isn’t-As-Complex-As-You-Might-Think.pdf us-15-Kirda-Most-Ransomware-Isn’t-As-Complex-As-You-Might-Think-wp.pdf
My Bro the ELK: Obtaining Context from Security Events us-15-Smith-My-Bro-The-ELK-Obtaining-Context-From-Security-Events.pdf us-15-Smith-My-Bro-The-ELK-Obtaining-Context-From-Security-Events-wp.pdf
Optimized Fuzzing IOKit in iOS us-15-Lei-Optimized-Fuzzing-IOKit-In-iOS.pdf us-15-Lei-Optimized-Fuzzing-IOKit-In-iOS-wp.pdf
Panel: Getting It Right: Straight Talk on Threat & Information Sharing
Panel: How the Wassenaar Arrangements Export Control of Intrusion Software Affects the Security Industry
Pen Testing a City us-15-Conti-Pen-Testing-A-City.pdf us-15-Conti-Pen-Testing-A-City-wp.pdf
Red vs Blue: Modern Active Directory Attacks Detection and Protection us-15-Metcalf-Red-Vs-Blue-Modern-Active-Directory-Attacks-Detection-And-Protection.pdf us-15-Metcalf-Red-Vs-Blue-Modern-Active-Directory-Attacks-Detection-And-Protection-wp.pdf
Remote Exploitation of an Unaltered Passenger Vehicle
Remote Physical Damage 101 - Bread and Butter Attacks us-15-Larsen-Remote-Physical-Damage-101-Bread-And-Butter-Attacks.pdf
Repurposing OnionDuke: A Single Case Study Around Reusing Nation State Malware us-15-Pitts-Repurposing-OnionDuke-A-Single-Case-Study-Around-Reusing-Nation-State-Malware.pdf us-15-Pitts-Repurposing-OnionDuke-A-Single-Case-Study-Around-Reusing-Nation-State-Malware-wp.pdf
Return to Where? You Cant Exploit What You Cant Find
Review and Exploit Neglected Attack Surfaces in iOS 8 us-15-Wang-Review-And-Exploit-Neglected-Attack-Surface-In-iOS-8.pdf
Rocking the Pocket Book: Hacking Chemical Plant for Competition and Extortion us-15-Krotofil-Rocking-The-Pocket-Book-Hacking-Chemical-Plant-For-Competition-And-Extortion.pdf us-15-Krotofil-Rocking-The-Pocket-Book-Hacking-Chemical-Plant-For-Competition-And-Extortion-wp.pdf
ROPInjector: Using Return Oriented Programming for Polymorphism and Antivirus Evasion us-15-Xenakis-ROPInjector-Using-Return-Oriented-Programming-For-Polymorphism-And-Antivirus-Evasion.pdf us-15-Xenakis-ROPInjector-Using-Return-Oriented-Programming-For-Polymorphism-And-Antivirus-Evasion-wp.pdf
Securing Your Big Data Environment us-15-Gaddam-Securing-Your-Bigdata-Environment.pdf us-15-Gaddam-Securing-Your-Bigdata-Environment-wp.pdf
Server-Side Template Injection: RCE for the Modern Web App us-15-Kettle-Server-Side-Template-Injection-RCE-For-The-Modern-Web-App-wp.pdf
SMBv2: Sharing More than Just Your Files us-15-Brossard-SMBv2-Sharing-More-Than-Just-Your-Files-wp.pdf
Social Engineering the Windows Kernel: Finding and Exploiting Token Handling Vulnerabilities
Spread Spectrum Satcom Hacking: Attacking the GlobalStar Simplex Data Service us-15-Moore-Spread-Spectrum-Satcom-Hacking-Attacking-The-GlobalStar-Simplex-Data-Service.pdf us-15-Moore-Spread-Spectrum-Satcom-Hacking-Attacking-The-GlobalStar-Simplex-Data-Service-wp.pdf
Stagefright: Scary Code in the Heart of Android
Staying Persistent in Software Defined Networks us-15-Pickett-Staying-Persistent-In-Software-Defined-Networks.pdf us-15-Pickett-Staying-Persistent-In-Software-Defined-Networks-wp.pdf us-15-Pickett-Staying-Persistent-In-Software-Defined-Networks-tool.py
Stranger Danger! What is the Risk from 3rd Party Libraries?
Subverting Satellite Receivers for Botnet and Profit us-15-Talmat-Subverting-Satellite-Receivers-For-Botnet-And-Profit.pdf us-15-Talmat-Subverting-Satellite-Receivers-For-Botnet-And-Profit-wp.pdf
Switches Get Stitches us-15-Cassidy-Switches-Get-Stitches.pdf
Take a Hacker to Work Day - How Federal Prosecutors Use the CFAA us-15-Bailey-Take-A-Hacker-To-Work Day-How-Federal-Prosecutors-Use-The-CFAA.pdf
Taking Event Correlation with You us-15-King-Taking-Event-Correlation-With-You.pdf us-15-King-Taking-Event-Correlation-With-You-wp.pdf us-15-King-Taking-Event-Correlation-With-You-tool.tgz
Targeted Takedowns: Minimizing Collateral Damage Using Passive DNS us-15-Vixie-Targeted-Takedowns-Minimizing-Collateral-Damage-Using-Passive-DNS.pdf
Taxonomic Modeling of Security Threats in Software Defined Networking us-15-Hizver-Taxonomic-Modeling-Of-Security-Threats-In-Software-Defined-Networking.pdf us-15-Hizver-Taxonomic-Modeling-Of-Security-Threats-In-Software-Defined-Networking-wp.pdf
The Applications of Deep Learning on Traffic Identification us-15-Wang-The-Applications-Of-Deep-Learning-On-Traffic-Identification.pdf us-15-Wang-The-Applications-Of-Deep-Learning-On-Traffic-Identification-wp.pdf
The Battle for Free Speech on the Internet
The Kali Linux Dojo Workshop #1: Rolling Your Own - Generating Custom Kali Linux 20 ISOs
The Kali Linux Dojo Workshop #2: Kali USB Setups with Persistent Stores and LUKS Nuke Support
The Little Pump Gauge that Could: Attacks Against Gas Pump Monitoring Systems us-15-Wilhoit-The-Little-Pump-Gauge-That-Could-Attacks-Against-Gas-Pump-Monitoring-Systems.pdf us-15-Wilhoit-The-Little-Pump-Gauge-That-Could-Attacks-Against-Gas-Pump-Monitoring-Systems-wp.pdf
The Memory Sinkhole - Unleashing an x86 Design Flaw Allowing Universal Privilege Escalation us-15-Domas-The-Memory-Sinkhole-Unleashing-An-x86-Design-Flaw-Allowing-Universal-Privilege-Escalation.pdf us-15-Domas-The-Memory-Sinkhole-Unleashing-An-x86-Design-Flaw-Allowing-Universal-Privilege-Escalation-wp.pdf
The Nodejs Highway: Attacks are at Full Throttle us-15-Siman-The-Node-Js-Highway-Attacks-Are-At-Full-Throttle.pdf
The NSA Playset: A Year of Toys and Tools us-15-Ossmann-The-NSA-Playset-A-Year-Of-Toys-And-Tools.pdf
The Tactical Application Security Program: Getting Stuff Done
These are Not Your Grand Daddys CPU Performance Counters - CPU Hardware Performance Counters for Security us-15-Herath-These-Are-Not-Your-Grand-Daddys-CPU-Performance-Counters-CPU-Hardware-Performance-Counters-For-Security.pdf
THIS IS DeepERENT: Tracking App Behaviors with (Nothing Changed) Phone for Evasive Android Malware us-15-Park-This-Is-DeepERENT-Tracking-App-Behaviors-With-Nothing-Changed-Phone-For-EvasiveAAndroid-Malware.pdf
ThunderStrike 2: Sith Strike us-15-Hudson-Thunderstrike-2-Sith-Strike.pdf
TrustKit: Code Injection on iOS 8 for the Greater Good us-15-Diquet-TrustKit-Code-Injection-On-iOS-8-For-The-Greater-Good.pdf
Understanding and Managing Entropy Usage us-15-Potter-Understanding-And-Managing-Entropy-Usage.pdf us-15-Potter-Understanding-And-Managing-Entropy-Usage-wp.pdf
Understanding the Attack Surface and Attack Resilience of Project Spartans New EdgeHTML Rendering Engine us-15-Yason-Understanding-The-Attack-Surface-And-Attack-Resilience-Of-Project-Spartans-New-EdgeHTML-Rendering-Engine.pdf us-15-Yason-Understanding-The-Attack-Surface-And-Attack-Resilience-Of-Project-Spartans-New-EdgeHTML-Rendering-Engine-wp.pdf
Unicorn: Next Generation CPU Emulator Framework
Using Static Binary Analysis to Find Vulnerabilities and Backdoors in Firmware us-15-Kruegel-Using-Static-Binary-Analysis-To-Find-Vulnerabilities-And-Backdoors-In-Firmware.pdf
Web Timing Attacks Made Practical us-15-Morgan-Web-Timing-Attacks-Made-Practical.pdf us-15-Morgan-Web-Timing-Attacks-Made-Practical-wp.pdf
When IoT Attacks: Hacking a Linux-Powered Rifle us-15-Sandvik-When-IoT-Attacks-Hacking-A-Linux-Powered-Rifle.pdf
Why Security Data Science Matters and How Its Different: Pitfalls and Promises of Data Science Based Breach Detection and Threat Intelligence us-15-Saxe-Why-Security-Data-Science-Matters-And-How-Its-Different.pdf
Winning the Online Banking War us-15-Park-Winning-The-Online-Banking-War.pdf us-15-Park-Winning-The-Online-Banking-War-wp.pdf
Writing Bad @$$ Malware for OS X us-15-Wardle-Writing-Bad-A-Malware-For-OS-X.pdf
WSUSpect - Compromising the Windows Enterprise via Windows Update us-15-Stone-WSUSpect-Compromising-Windows-Enterprise-Via-Windows-Update.pdf us-15-Stone-WSUSpect-Compromising-Windows-Enterprise-Via-Windows-Update-wp.pdf
ZigBee Exploited the Good the Bad and the Ugly us-15-Zillner-ZigBee-Exploited-The-Good-The-Bad-And-The-Ugly.pdf us-15-Zillner-ZigBee-Exploited-The-Good-The-Bad-And-The-Ugly-wp.pdf

Iremos actualizando la lista con el material que se vaya publicando.