Pues ahora le toca el turno a DEF CON, en este caso la edición 25 que se acaba de celebrar y ya tienes también acceso a las presentaciones :

• 5A1F/
  • 5A1F-Demystifying-Kernel-Exploitation-By-Abusing-GDI-Objects-WP.pdf
  • 5A1F-Demystifying-Kernel-Exploitation-By-Abusing-GDI-Objects.pdf
• Cheng Lei/
  • Cheng-Lei-The-Spear-to-Break-the-Security-Wall-of-S7CommPlus-WP.pdf
  • Cheng-Lei-The-Spear-to-Break-the-Security-Wall-of-S7CommPlus.pdf
• Denton Gentry/
  • Denton-Gentry-I-Know-What-You-Are-By-The-Smell-Of-Your-Wifi-WP.pdf
  • Denton-Gentry-I-Know-What-You-Are-By-The-Smell-Of-Your-Wifi.pdf
• Dimitry Snezhkov/
  • Dimitry Snezhkov - Extras/
  • Dimitry-Snezhkov-Abusing-Web-Hooks.pdf
• Dor Azouri/
  • Dor-Azouri-BITSInject-WP.pdf
  • Dor-Azouri-BITSInject.pdf
• Duncan Woodbury and Nicholas Haltmeyer/
  • Woodbury-and-Haltmeyer-Linux-Stack-Based-V2X-Framework-Hack-Connected-Vehicles-WP.pdf
  • Woodbury-and-Haltmeyer-Linux-Stack-Based-V2X-Framework-Hack-Connected-Vehicles.pdf
• Itzik Kotler and Amit Klein/
  • Itzik-Kotler-and-Amit-Klein-The-Adventures-of-AV-and-the-Leaky-Sandbox-WP.pdf
  • Itzik-Kotler-and-Amit-Klein-The-Adventures-of-AV-and-the-Leaky-Sandbox.pdf
• Josh Pitts/
  • Josh Pitts - Extras/
  • Josh-Pitts-Teaching-Old-Shellcode-New-Tricks.pdf
• Mark Newlin Logan Lamb and Christopher Grayson/
  • Newlin-Lamb-Grayson-CableTap-Wirelessly-Tapping-Your-Home-Network.pdf
• Matt Knight and Marc Newlin/
  • Matt-Knight-and-Marc-Newlin-Radio-Exploitation-WP.pdf
  • Matt-Knight-and-Marc-Newlin-Radio-Exploitation.pdf
• Matt Suiche/
  • Matt-Suiche-Porosity-Decompiling-Ethereum-Smart-Contracts-WP.pdf
  • Matt-Suiche-Porosity-Decompiling-Ethereum-Smart-Contracts.pdf
• Morten Schenk/
  • Morten-Schenk-Taking-Windows-10-Kernel-Exploitation-to-the-next-level-Leveraging-vulns-in-Creators-Update-WP.pdf
  • Morten-Schenk-Taking-Windows-10-Kernel-Exploitation-to-the-next-level-Leveraging-vulns-in-Creators-Update.pdf
• Phillip Tully and Michael Raggo/
  • Phillip-Tully-Michael-Raggo-A-Picture-is-Worth-a-Thousand-Words-Literally-WP.pdf
  • Phillip-Tully-Michael-Raggo-A-Picture-is-Worth-a-Thousand-Words-Literally.pdf
• Romain Coltel and Yves Le Provost/
  • Coltel-LeProvost-WSUSpendu-How-To-Hang-Its-Clients-WP.pdf
  • Coltel-LeProvost-WSUSpendu-How-To-Hang-Its-Clients.pdf
• Steinthor Bjarnason and Jason Jones/
  • Steinthor-Bjarnason-and-Jason-Jones-The-Call-Is-Coming-From-Inside-The-House-WP.pdf
  • Steinthor-Bjarnason-and-Jason-Jones-The-Call-Is-Coming-From-Inside-The-House.pdf
• Tomer Cohen/
  • Tomer-Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-WP.pdf
  • Tomer-Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions.pdf
• 0ctane-Untrustworthy-Hardware.pdf
• Alvaro-Munoz-JSON-attacks.pdf
• Andrew-Robbins-and-Will-Schroeder-An-Ace-Up-The-Sleeve.pdf
• Artem-Kondratenko-Cisco-Catalyst-Exploitation.pdf
• Ayoul3-Dealing-the-Perfect-Hand-Shuffling-memory-blocks-on-zOS.pdf
• Caleb-Madrigal-IOT-Hacking-With-SDR.pdf
• Chris-Thompson-MS-Just-Gave-The-Blue-Teams-Tactical-Nukes.pdf
• Christopher-Domas-Breaking-The-x86-ISA.pdf
• Cincvolflt-Inside-The-Meet-Desai-Attack.pdf
• Damien-Cauquil-Weaponizing-the-BBC-MicroBit.pdf
• Daniel-Bohannon-and-Lee-Holmes-Revoke-Obfuscation.pdf
• Datko-and-Quartier-Breaking-Bitcoin-Hardware-Wallets.pdf
• Dhia-Mahjoub-and-Thomas-Mathew-Malicious-CDNs-Identifying-Zbot-Domains-en-Masse.pdf
• Foofus-Secret-Tools-Learning-About-Gov-Surveillance-Software.pdf
• Gabriel-Ryan-Advanced-Wireless-Attacks-Against-Enterprise-Networks-Course-Guide.pdf
• Gabriel-Ryan-Advanced-Wireless-Attacks-Against-Enterprise-Networks-Lab-Setup-Guide.pdf
• Gabriel-Ryan-Advanced-Wireless-Attacks-Against-Enterprise-Networks.pdf
• Gerald-Steere-and-Sean-Metcalf-Hacking-the-Cloud.pdf
• Gil-Cohen-Call-The-Plumber-You-Have-A-Leak-In-Your-(named)-Pipe.pdf
• Gus-Frischie-and-Evan-Teitelman-Backdooring-the-Lottery.pdf
• Hanno-Boeck-Abusing-Certificate-Transparency-Logs.pdf
• Haoqi-Shan-and-Jian-Yuan-Man-in-the-NFC.pdf
• Hernandez-Richards-MacDonald-Evoy-Tracking-Spies-in-the-Skies.pdf
• Hyrum-Anderson-Evading-Next-Gen-AV-Using-AI.pdf
• Ilja-van-Sprundel-BSD-Kern-Vulns.pdf
• Inbar-and-Eden-Story-of-Early-Israeli-Hacking-Community.pdf
• Jason-Staggs-Breaking-Wind-Hacking-Wind-Farm-Control-Networks.pdf
• Jesse-Michael-and-Mickey-Shkatov-Driving-Down-the-Rabbit-Hole.pdf
• Jhaddix-HUNT-Data-Driven-Web-Hacking-and-Manual-Testing.pdf
• Jim-Nitterauer-DNS-Devious-Name-Services-Destroying-Privacy-Anonymity-Without-Your-Consent.pdf
• Joe-Rozner-Wiping-Out-CSRF.pdf
• Karit-ZX-Security-Using-GPS-Spoofing-To-Control-Time.pdf
• Konstantinos-Karagiannis-Hacking-Smart-Contracts.pdf
• Lee-Holmes-Attacking-Battle-Hardened-Windows-Server.pdf
• Marina-Simakov-and-Igal-Gofman-Here-to-stay-Gaining-persistence-by-abusing-auth-mechanisms.pdf
• Matt-Wixey-See-No-Evil-Hear-No-Evil.pdf
• Max-Bazaliy-Jailbreaking-Apple-Watch.pdf
• Mikhail-Sosonkin-Hacking-Travel-Routers-Like-1999.pdf
• Min-Spark-Zheng-macOS-iOS-Kernel-Debugging.pdf
• Nathan-Seidle-Open-Source-Safe-Cracking-Robots.pdf
• Omar-Eissa-Attacking-Autonomic-Networks.pdf
• Orange-Tsai-A-New-Era-of-SSRF-Exploiting-URL-Parser-in-Trending-Programming-Languages.pdf
• Owen-Snide-Phone-System-Testing-and-other-fun-tricks.pdf
• Patrick-DeSantis-From-Box-to-Backdoor-Using-Old-School-Tools.pdf
• Patrick-Wardle-Offensive-Malware-Analysis-Fruit-Fly.pdf
• Plore-Popping-a-Smart-Gun.pdf
• Professor-Plum-Digital Vengeance-Exploiting-Notorious-Toolkits.pdf
• Roger-Dingledine-Next-Generation-Tor-Onion-Services.pdf
• Ryan-Baxendale-Microservices-and-FaaS-for-Offensive-Security.pdf
• Salvador-Mendoza-Exploiting-0ld-Magstripe-Info-with-New-Technology.pdf
• Scott-Behrens-and-Jeremy-Heffner-Starting-The-Avalanche-Application-DoS-In-Microservice-Architectures.pdf
• Slava-Makkaveev-and-Avi-Bashan-Unboxing-Android.pdf
• Stephan-Huber-and-Seigfried-Rasthofer-Password-Manager-Investigation.pdf
• Suggy-Sumner-Rage-Against-The-Weaponized-AI-Propaganda-Machine.pdf
• Svea-Eckert-Andreas-Dewes-Dark-Data.pdf
• Tess-Schrodinger-Total-Recall.pdf
• Tomer-Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-WP.pdf
• Tomer-Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions.pdf
• Vasillios-Mavroudis-Trojan-Tolerant-Hardware.pdf
• Weston-Hecker-Opt-Out-or-Deauth-Trying.pdf
• Whitney-Merrill-and-Terrell-McSweeny-Tick-Tick-Boom-Tech-and-the-FTC.pdf
• William-Knowles-Persisting-With-Microsoft-Office.pdf
• XlogicX-Assembly-Language-Is-Too-High-Level.pdf
• Yuwei-Zheng-UnicornTeam-Ghost-Telephonist.pdf
• chaosdata-Ghost-in-the-Droid-ParaSpectre.pdf
• r00killah-and-securelyfitz-Secure-Tokin-and-Doobiekeys.pdf
• skud-and-Sky-If-You-Give-A-Mouse-A-Microchip.pdf
• spaceB0x-Exploiting-Continuous-Integration.pdf
• zerosum0x0-alephnaught-Koadic-C3.pdf

Ya están disponible las presentaciones de Black Hat USA 2017 :

• Stepping Up Our Game: Re-focusing the Security Community on Defense and Making Security Work for Everyone
• ‘Ghost Telephonist’ Link Hijack Exploitations in 4G LTE CS Fallback
  • Yuwei-Ghost-Telephonist-Link-Hijack-Exploitations-In-4G-LTE-CS-Fallback.pdf
• (in)Security in Building Automation: How to Create Dark Buildings with Light Speed
  • Brandstetter-insecurity-In-Building-Automation-How-To-Create-Dark-Buildings-With-Light-Speed.pdf
  • Brandstetter-insecurity-In-Building-Automation-How-To-Create-Dark-Buildings-With-Light-Speed-wp.pdf
• A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
  • Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf
• Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
• Adventures in Attacking Wind Farm Control Networks
  • Staggs-Adventures-In-Attacking-Wind-Farm-Control-Networks.pdf
• All Your SMS & Contacts Belong to ADUPS & Others
  • Johnson-All-Your-SMS-&-Contacts-Belong-To-Adups-&-Others.pdf
  • Johnson-All-Your-SMS-&-Contacts-Belong-To-Adups-&-Others-wp.pdf
• An ACE Up the Sleeve: Designing Active Directory DACL Backdoors
  • Robbins-An-ACE-Up-The-Sleeve-Designing-Active-Directory-DACL-Backdoors.pdf
  • Robbins-An-ACE-Up-The-Sleeve-Designing-Active-Directory-DACL-Backdoors-wp.pdf
• And Then the Script-Kiddie Said Let There be No Light. Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
  • Keliris-And-Then-The-Script-Kiddie-Said-Let-There-Be-No-Light-Are-Cyberattacks-On-The-Power-Grid-Limited-To-Nation-State-Actors-wp.pdf
• Attacking Encrypted USB Keys the Hard(ware) Way
• Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
• Automated Testing of Crypto Software Using Differential Fuzzing
  • Aumasson-Automated-Testing-Of-Crypto-Software-Using-Differential-Fuzzing.pdf
• AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
  • Jung-AVPASS-Leaking-And-Bypassing-Anitvirus-Detection-Model-Automatically.pdf
• Behind the Plexiglass Curtain: Stats and Stories from the Black Hat NOC
• Betraying the BIOS: Where the Guardians of the BIOS are Failing
  • Branco-Firmware-Is-The-New-Black-Analyzing-Past-Three-Years-Of-BIOS-UEFI-Security-Vulnerabilities
• Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game
  • Shortridge-Big-Game-Theory-Hunting-The-Peculiarities-Of-Human-Behavior-In-The-Infosec-Game.pdf
• Blue Pill for Your Phone
• Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking
  • Jurczyk-Bochspwn-Reloaded-Detecting-Kernel-Memory-Disclosure-With-X86-Emulation-And-Taint-Tracking.pdf
• Bot vs. Bot for Evading Machine Learning Malware Detection
  • Anderson-Bot-Vs-Bot-Evading-Machine-Learning-Malware-Detection.pdf
  • Anderson-Bot-Vs-Bot-Evading-Machine-Learning-Malware-Detection-wp.pdf
• Break
• Breakfast (Sponsored by FireEye McAfee Qualys & Tenable Network Security)
• Breaking Electronic Door Locks Like You’re on CSI: Cyber
  • OFlynn-Breaking-Electronic-Locks.pdf
• Breaking the Laws of Robotics: Attacking Industrial Robots
  • Quarta-Breaking-The-Laws-Of-Robotics-Attacking-Industrial-Robots.pdf
  • Quarta-Breaking-The-Laws-Of-Robotics-Attacking-Industrial-Robots-wp.pdf
• Breaking the x86 Instruction Set
  • Domas-Breaking-The-x86-ISA.pdf
  • Domas-Breaking-The-x86-Instruction-Set-wp.pdf
• Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom’s Wi-Fi Chipsets
• Bug Collisions Meet Government Vulnerability Disclosure
  • Ablon-Bug-Collisions-Meet-Government-Vulnerability-Disclosure-Zero-Days-Thousands-Of-Nights-RAND.pdf
  • [Herr-Bug-Collisions-Meet-Government-Vulnerability-Disclosure-Taking Stock - Vulnerability-Rediscovery-HKS.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Herr-Bug-Collisions-Meet-Government-Vulnerability-Disclosure-Taking Stock - Vulnerability-Rediscovery-HKS.pdf)
• Business Hall Welcome Reception (Sponsored by Forcepoint McAfee LogRhythm & Tenable Network Security)
• Challenges of Cooperation Across Cyberspace
• Champagne Toast (Sponsored by ESET North America Fidelis Cybersecurity Fortinet Leidos Palo Alto Networks Raytheon & Symantec)
• Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
  • Fratantonio-Cloak-And-Dagger-From-Two-Permissions-To-Complete-Control-Of-The-UI-Feedback-Loop.pdf
  • Fratantonio-Cloak-And-Dagger-From-Two-Permissions-To-Complete-Control-Of-The-UI-Feedback-Loop-wp.pdf
• Coffee Service
• Cracking the Lens: Targeting HTTP’s Hidden Attack-Surface
  • Kettle-Cracking-The-Lens-Exploiting-HTTPs-Hidden-Attack-Surface.pdf
  • Kettle-Cracking-The-Lens-Exploiting-HTTPs-Hidden-Attack-Surface-wp.pdf
  • Kettle-Cracking-The-Lens-Exploiting-HTTPs-Hidden-Attack-Surface-tool.zip
• Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
  • Nichols-Cyber-Wargaming-Lessons-Learned-In-Influencing-Stakeholders-Inside-And-Outside-Your-Organization.pdf
  • Nichols-Cyber-Wargaming-Lessons-Learned-In-Influencing-Stakeholders-Inside-And-Outside-Your-Organization-wp.pdf
• Datacenter Orchestration Security and Insecurity: Assessing Kubernetes Mesos and Docker at Scale
• Defeating Samsung KNOX with Zero Privilege
  • Shen-Defeating-Samsung-KNOX-With-Zero-Privilege.pdf
  • Shen-Defeating-Samsung-KNOX-With-Zero-Privilege-wp.pdf
• Delivering Javascript to World+Dog
  • Randolph-Delivering-Javascript-to-World-Plus-Dog.pdf
  • Randolph-Delivering-Javascript-to-World-Plus-Dog-wp.pdf
• Developing Trust and Gitting Betrayed
• Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
  • Grange-Digital-Vengeance-Exploiting-The-Most-Notorious-C&C-Toolkits.pdf
  • Grange-Digital-Vengeance-Exploiting-The-Most-Notorious-C&C-Toolkits-wp.pdf
• Don’t Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
  • Lekies-Dont-Trust-The-DOM-Bypassing-XSS-Mitigations-Via-Script-Gadgets.pdf
• Electronegativity - A Study of Electron Security
  • Carettoni-Electronegativity-A-Study-Of-Electron-Security.pdf
  • Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf
• Escalating Insider Threats Using VMware’s API
  • Ziv-Escalating-Insider-Threats-Using-Vmware’s-Api.pdf
• Evading Microsoft ATA for Active Directory Domination
  • Mittal-Evading-MicrosoftATA-for-ActiveDirectory-Domination.pdf
• Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
• Evilsploit – A Universal Hardware Hacking Toolkit
  • Chui-Evilsploit-A-Universal-Hardware-Hacking-Toolkit.pdf
  • Chui-Evilsploit-A-Universal-Hardware-Hacking-Toolkit-wp.pdf
• Evolutionary Kernel Fuzzing
  • Johnson-Evolutionary-Kernel-Fuzzing
• Exploit Kit Cornucopia
• Exploiting Network Printers
  • Mueller-Exploiting-Network-Printers.pdf
• Fad or Future? Getting Past the Bug Bounty Hype
• Fighting Targeted Malware in the Mobile Ecosystem
  • Ruthven-Fighting-Targeted-Malware-In-The-Mobile-Ecosystem.pdf
• Fighting the Previous War (aka: Attacking and Defending in the Era of the Cloud)
• Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
• FlowFuzz - A Framework for Fuzzing OpenFlow-Enabled Software and Hardware Switches
  • Gray-FlowFuzz-A-Framework-For-Fuzzing-OpenFlow-Enabled-Software-And-Hardware-Switches.pdf
• Fractured Backbone: Breaking Modern OS Defenses with Firmware Attacks
• Free-Fall: Hacking Tesla from Wireless to CAN Bus
  • Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus.pdf
  • Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus-wp.pdf
• Friday the 13th: JSON Attacks
  • Munoz-Friday-The-13th-Json-Attacks.pdf
  • Munoz-Friday-The-13th-JSON-Attacks-wp.pdf
• Game of Chromes: Owning the Web with Zombie Chrome Extensions
  • Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-wp.pdf
  • Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-wp.pdf
• Garbage In Garbage Out: How Purportedly Great Machine Learning Models can be Screwed Up by Bad Data
  • Sanders-Garbage-In-Garbage-Out-How-Purportedly-Great-ML-Models-Can-Be-Screwed-Up-By-Bad-Data.pdf
  • Sanders-Garbage-In-Garbage-Out-How-Purportedly-Great-ML-Models-Can-Be-Screwed-Up-By-Bad-Data-wp.pdf
• Go Nuclear: Breaking Radiation Monitoring Devices
  • [Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices.pdf]( https://www.blackhat.com/docs/us-17/wednesday/us-17-Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices.pdf)
  • [Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices-wp.pdf]( https://www.blackhat.com/docs/us-17/wednesday/us-17-Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices-wp.pdf)
• Go to Hunt Then Sleep
  • Bianco-Go-To-Hunt-Then-Sleep.pdf
• Hacking Hardware with a $10 SD Card Reader
  • Etemadieh-Hacking-Hardware-With-A-$10-SD-Card-Reader.pdf
  • Etemadieh-Hacking-Hardware-With-A-$10-SD-Card-Reader-wp.pdf
• Hacking Serverless Runtimes: Profiling AWS Lambda Azure Functions and More
  • Krug-Hacking-Severless-Runtimes.pdf
  • Krug-Hacking-Severless-Runtimes-wp.pdf
• Honey I Shrunk the Attack Surface – Adventures in Android Security Hardening
• How We Created the First SHA-1 Collision and What it Means for Hash Security
• Hunting GPS Jammers
  • Gostomelsky-Hunting-GPS-Jammers.pdf
• Ice Cream Social (Sponsored by Code42 Software Core Security Cybereason Darktrace F5 Networks iboss Malwarebytes & Optiv Security)
• Ichthyology: Phishing as a Science
  • Burnett-Ichthyology-Phishing-As-A-Science.pdf
  • Burnett-Ichthyology-Phishing-As-A-Science-wp.pdf
• Industroyer/Crashoverride: Zero Things Cool About a Threat Group Targeting the Power Grid
  • Lee-Industroyer-Crashoverride-Zero-Things-Cool-About-A-Threat-Group-Targeting-The-Power-Grid.pdf
• Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
  • Dods-Infecting-The-Enterprise-Abusing-Office365-Powershell-For-Covert-C2.pdf
• Influencing the Market to Improve Security
  • Nakibly-Automated-Detection-of-Vulnerabilities-in-Black-Box-Routers.pdf
  • Nakibly-Automated-Detection-of-Vulnerabilities-in-Black-Box-Routers-wp.pdf
• Intel AMT Stealth Breakthrough
  • Evdokimov-Intel-AMT-Stealth-Breakthrough.pdf
  • Evdokimov-Intel-AMT-Stealth-Breakthrough-wp.pdf
• Intel SGX Remote Attestation is Not Sufficient
  • Swami-SGX-Remote-Attestation-Is-Not-Sufficient-wp.pdf
  • Swami-SGX-Remote-Attestation-Is-Not-Sufficient-wp.pdf
• Intercepting iCloud Keychain
  • Radocea-Intercepting-iCloud-Keychain.pdf
• IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
  • Luo-Iotcandyjar-Towards-An-Intelligent-Interaction-Honeypot-For-IoT-Devices.pdf
  • Luo-Iotcandyjar-Towards-An-Intelligent-Interaction-Honeypot-For-IoT-Devices-wp.pdf
• kR^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
  • [Pomonis-KR^X- Comprehensive- Kernel-Protection-Against-Just-In-Time-Code-Reuse.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Pomonis-KR^X- Comprehensive- Kernel-Protection-Against-Just-In-Time-Code-Reuse.pdf)
• Lies and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
  • Giuliano-Lies-And-Damn-Lies-Getting-Past-The-Hype-Of-Endpoint-Security-Solutions.pdf
• Lunch Break (Sponsored by Cisco Forcepoint LogRhythm & RSA)
• Many Birds One Stone: Exploiting a Single SQLite Vulnerability Across Multiple Software
  • Feng-Many-Birds-One-Stone-Exploiting-A-Single-SQLite-Vulnerability-Across-Multiple-Software.pdf
• Mimosa Bar (Sponsored by AlienVault Arbor Networks Carbon Black CrowdStrike Cylance DarkMatter Digital Guardian & IBM)
• Network Automation is Not Your Safe Haven: Protocol Analysis and Vulnerabilities of Autonomic Network
  • Eissa-Network-Automation-Isn’t-Your-Safe-Haven-Protocol-Analysis-And-Vulnerabilities-Of-Autonomic-Network.pdf
• New Adventures in Spying 3G and 4G Users: Locate Track & Monitor
  • Borgaonkar-New-Adventures-In-Spying-3G-And-4G-Users-Locate-Track-And-Monitor.pdf
• Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev
• Offensive Malware Analysis: Dissecting OSX/FruitFly via a Custom C&C Server
  • Wardle-Offensive-Malware-Analysis-Dissecting-OSXFruitFly-Via-A-Custom-C&C-Server.pdf
• OpenCrypto: Unchaining the JavaCard Ecosystem
  • Mavroudis-Opencrypto-Unchaining-The-JavaCard-Ecosystem.pdf
• Orange is the New Purple - How and Why to Integrate Development Teams with Red/Blue Teams to Build More Secure Software
  • Wright-Orange-Is-The-New-Purple.pdf
  • Wright-Orange-Is-The-New-Purple-wp.pdf
• PEIMA: Harnessing Power Laws to Detect Malicious Activities from Denial of Service to Intrusion Detection Traffic Analysis and Beyond
• Practical Tips for Defending Web Applications in the Age of DevOps
  • [Lackey-Practical Tips-for-Defending-Web-Applications-in-the-Age-of-DevOps.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Lackey-Practical Tips-for-Defending-Web-Applications-in-the-Age-of-DevOps.pdf)
• Protecting Pentests: Recommendations for Performing More Secure Tests
  • McGrew-Protecting-Pentests-Recommendations-For-Performing-More-Secure-Tests.pdf
  • McGrew-Protecting-Pentests-Recommendations-For-Performing-More-Secure-Tests-wp.pdf
• Protecting Visual Assets: Digital Image Counter-Forensics
  • Mazurov-Brown-Protecting-Visual-Assets-Digital-Image-Counter-Forensics.pdf
• Pwnie Awards
• Quantifying Risk in Consumer Software at Scale - Consumer Reports’ Digital Standard
• RBN Reloaded - Amplifying Signals from the Underground
• Real Humans Simulated Attacks: Usability Testing with Attack Scenarios
  • Cranor-Real-Users-Simulated-Attacks.pdf
• Redesigning PKI to Solve Revocation Expiration and Rotation Problems
  • Knopf-Redesigning-PKI-To-Solve-Revocation-Expiration-And-Rotation-Problems.pdf
  • Knopf-Redesigning-PKI-To-Solve-Revocation-Expiration-And-Rotation-Problems-wp.pdf
• Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
  • [Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science.pdf)
  • [Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science-wp.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science-wp.pdf)
• rVMI: A New Paradigm for Full System Analysis
  • Pfoh-rVMI-A-New-Paradigm-For-Full-System-Analysis.pdf
• ShieldFS: The Last Word in Ransomware Resilient File Systems
  • Continella-ShieldFS-The-Last-Word-In-Ransomware-Resilient-Filesystems.pdf
  • Continella-ShieldFS-The-Last-Word-In-Ransomware-Resilient-Filesystems-wp.pdf
• Skype & Type: Keystroke Leakage over VoIP
  • Lain-Skype-&-Type-Keystroke-Leakage-Over-VoIP.pdf
• Smoothie Social (Sponsored by Bromium Proofpoint Inc. Rapid7 SentinelOne Trend Micro Webroot StackPath & Tanium)
• So You Want to Market Your Security Product…
  • Alva-So-You-Want-To-Market-Your-Security-Product.pdf
• Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
  • Wang-Sonic-Gun-To-Smart-Devices-Your-Devices-Lose-Control-Under-Ultrasound-Or-Sound.pdf
• Splunking Dark Tools - A Pentesters Guide to Pwnage Visualization
  • Bates-Splunking-Dark-Tools-A-Pentesters-Guide-To-Pwnage-Visualization.pdf
• SS7 Attacker Heaven Turns into Riot: How to Make Nation-State and Intelligence Attackers’ Lives Much Harder on Mobile Networks
  • Kacer-SS7-Attacker-Heaven-Turns-Into-Riot-How-To-Make-Nation-State-And-Intelligence-Attackers-Lives-Much-Harder-On-Mobile-Networks.pdf
  • Kacer-SS7-Attacker-Heaven-Turns-Into-Riot-How-To-Make-Nation-State-And-Intelligence-Attackers-Lives-Much-Harder-On-Mobile-Networks-wp.pdf
• Taking DMA Attacks to the Next Level: How to do Arbitrary Memory Reads/Writes in a Live and Unmodified System Using a Rogue Memory Controller
• Taking Over the World Through MQTT - Aftermath
  • Lundgren-Taking-Over-The-World-Through-Mqtt-Aftermath.pdf
• Taking Windows 10 Kernel Exploitation to the Next Level – Leveraging Write-What-Where Vulnerabilities in Creators Update
  • Schenk-Taking-Windows-10-Kernel-Exploitation-To-The-Next-Level–Leveraging-Write-What-Where-Vulnerabilities-In-Creators-Update.pdf
  • Schenk-Taking-Windows-10-Kernel-Exploitation-To-The-Next-Level–Leveraging-Write-What-Where-Vulnerabilities-In-Creators-Update-wp.pdf
• The Active Directory Botnet
  • Miller-The-Active-Directory-Botnet
• The Adventures of AV and the Leaky Sandbox
  • Kotler-The-Adventures-Of-Av-And-The-Leaky-Sandbox.pdf
  • Kotler-The-Adventures-Of-Av-And-The-Leaky-Sandbox-wp.pdf
• The Art of Securing 100 Products
  • Valtman-The-Art-Of-Securing-100-Products.pdf
• The Avalanche Takedown: Landslide for Law Enforcement
• The Epocholypse 2038: What’s in Store for the Next 20 Years
  • Hypponen-The-Epocholypse-2038-Whats-In-Store-For-The-Next-20-Years.pdf
• The Future of ApplePwn - How to Save Your Money
  • Yunusov-The-Future-Of-Applepwn-How-To-Save-Your-Money.pdf
• The Industrial Revolution of Lateral Movement
  • Beery-The-Industrial-Revolution-Of-Lateral-Movement.pdf
• The Origin of Array [@@species]: How Standards Drive Bugs in Script Engines
  • Silvanovich-The-Origin-Of-Array-Symbol-Species.pdf
• The Shadow Brokers – Cyber Fear Game-Changers
• They’re Coming for Your Tools: Exploiting Design Flaws for Active Intrusion Prevention
• Tracking Ransomware End to End
  • Invernizzi-Tracking-Ransomware-End-To-End.pdf
• Web Cache Deception Attack
  • Gil-Web-Cache-Deception-Attack.pdf
  • Gil-Web-Cache-Deception-Attack-wp.pdf
• Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
  • Cherny-Well-That-Escalated-Quickly-How-Abusing-The-Docker-API-Led-To-Remote-Code-Execution-Same-Origin-Bypass-And-Persistence.pdf
  • Cherny-Well-That-Escalated-Quickly-How-Abusing-The-Docker-API-Led-To-Remote-Code-Execution-Same-Origin-Bypass-And-Persistence_wp.pdf
• What They’re Teaching Kids These Days: Comparing Security Curricula and Accreditations to Industry Needs
  • Sanders-What-They’re-Teaching-Kids-These-Days-Comparing-Security-Curricula-And-Accreditations-To-Industry-Needs.pdf
• What’s on the Wireless? Automating RF Signal Identification
  • Ossmann-Whats-On-The-Wireless-Automating-RF-Signal-Identification.pdf
  • Ossmann-Whats-On-The-Wireless-Automating-RF-Signal-Identification-wp.pdf
• When IoT Attacks: Understanding the Safety Risks Associated with Connected Devices
  • Rios-When-IoT-Attacks-Understanding-The-Safety-Risks-Associated-With-Connected-Devices.pdf
  • Rios-When-IoT-Attacks-Understanding-The-Safety-Risks-Associated-With-Connected-Devices-wp.pdf
• White Hat Privilege: The Legal Landscape for a Cybersecurity Professional Seeking to Safeguard Sensitive Client Data
  • Osborn-White-Hat-Privilege-The-Legal-Landscape-For-A-Cybersecurity-Professional-Seeking-To-Safeguard-Sensitive-Client-Data.pdf
• Why Most Cyber Security Training Fails and What We Can Do About it
• WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
  • Ventura-Theyre-Coming-For-Your-Tools-Exploiting-Design-Flaws-For-Active-Intrusion-Prevention.pdf
  • Ventura-Theyre-Coming-For-Your-Tools-Exploiting-Design-Flaws-For-Active-Intrusion-Prevention-wp.pdf
  • Vanhoef-WiFuzz-Detecting-And-Exploiting-Logical-Flaws-In-The-Wi-Fi-Cryptographic-Handshake-tools.zip
• Wire Me Through Machine Learning
  • Singh-Wire-Me-Through-Machine-Learning.pdf
• WSUSpendu: How to Hang WSUS Clients
  • Coltel-WSUSpendu-Use-WSUS-To-Hang-Its-Clients.pdf
  • Coltel-WSUSpendu-Use-WSUS-To-Hang-Its-Clients-wp.pdf
• Zero Days Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
  • Ablon-Zero-Days-Thousands-Of-Nights-The-Life-And-Times-Of-Zero-Day-Vulnerabilities-And-Their-Exploits.pdf

Inspirada en la archi conocida distribución Kali Linux , FLARE VM es una distribución basada en Windows para el análisis de malware, respuesta de incidentes y auditorías de seguridad.

Esta distribución se instala sobre Windows 7 o posterior. Todo lo que tienes que hacer es acceder a través de Internet Explorer (otro navegador no sirve) a:

http://boxstarter.org/package/url?[FLAREVM_SCRIPT]

Donde FLAREVM_SCRIPT es el fichero que quieres instalar. Por ejemplo para instalar la edición de análisis de malware (única disponible hasta el momento):

Creo que a estas alturas, Kali Linux no necesita presentación alguna, pero si hay algún despistado por la sala, Kali Linux es la distribución que cualquier profesional que se dedique a la seguridad de alguna forma u otra, debe tener en su arsenal.

Offensive Security , organización que mantiene dicha distribución, ha puesto a disposición del público y sin coste alguno, un curso online que te prepeara para la certificación Kali Linux Certified Professional (KLCP). Ésta, sí cuesta dinero, pero el curso, al que además acompaña un libro (PDF), son gratuitos. Si prefieres el libro impreso, lo puedes comprar en Amazon .

iGoat es un proyecto perteneciente a la fundación OWASP inspirado en WebGoat . Dicho proyecto contiene vulnerabilidades de forma intencionada y no es sólo para el investigador de seguridad, sino también para desarrolladores. Esto es, porque parte del ejercicio no sólo consta de atacar y comprometer la aplicación, sino que también está diseñado para (con comentarios en el código) arreglar las vulnarabilidades, así que puedes atacar, arreglar o ambos.

Hace tiempo que empecé a leer y juguetear con el lenguaje de programación Go , pero por falta de tiempo nunca llegué a programar nada con él, simplemente seguí el tour que tienen online.

Ultimamente, quizás por la popularidad que Go está ganando (éste sí que creo que le puede toser a Java en un futuro cercano), tenía ganas de realmente familiarizarme con él, así que la semana pasada me puse manos a la obra y me voví a hacer el tour y leer algo de documentación. Lo siguiente era escribir código. Pensando que implementar, me dio por mirar Latch de ElevenPath a ver si tenían un SDK para Go, y parece que no, así que a eso me puse y le dediqué la tarde (y la noche) del domingo a crear una librería para Go.

Ada Lovelace

Ada Augusta Byron King, hija del Poeta Lord Byron y apasionada por las matemáticas, hoy en día tiene el honor de ser considerada la primera persona que creó un algoritmo para ser procesado de forma automática por una máquina. Ada nació el 10 de diciembre de 1815 en Londres y murió a los 36 años, el 27 de noviembre de 1852. Poco después de su nacimiento, sus padres se divorciaron, y Ada se iría a vivir con su madre, Annabela. Lo último que Annabela quería es que Ada desarrollara el mismo carácter que su padre e intentó apartarla de la poesía lo máximo posible y para ello usó las matemáticas.

Dependende de la tecnología, sistema, bases de datos, etc a la que nos enfrentemos, los vectores de ataques pueden variar. Por ejemplo, si estamos atacando una aplicación web que está conectada a una base de datos de MySQL, la inyección de código o payload variará si nos enfrentamos a una base de datos de Oracle, PostgreSQL, etc.

Payloads All The Things es un repositorio alojado en Github que almacena una buena cantidad de payloads para aplicaciones web. Desde inecciones genéricas de SQL a ataques más específicos contra tecnologías concretas como Amazon S3, PHP, Apache Struts, etc.

Hace un par de días saltó la “noticia” sobre un nuevo documento filtrado de la NSA con información confidencial sobre el posible ataque de Rusia a máquinas de votos días antes de las elecciones estadounidense. Poco después que la noticia se hiciera pública y el documento fuera publicado, también se convirtió en noticia la detención de la presunta persona que filtró dicho documento.

Por lo visto esta persona identificada con el nombre “Reality Leigh Winner”, contratista de la NSA, fue identificada a través de las marcas o puntos invisibles (son puntos amarillas prácticamente invisible al ojo humano) que algunas impresoras dejan como rastro cuando imprimen. Aunque esta técnica no es nueva, en este caso parece haber sido efectiva.

En España las llamamos chuletas, al menos en el sur. Las cheat sheets son pequeñas notas o apuntes que nos ayudan a recordar los puntos importantes sobre cierto tema. En informática son muy comunes por lo amplía que ésta es.

Cheat.sh es un sitio web que unifica varios repositorios de chuletas. Éste provee de una interfaz web limpia desde la que podemos acceder a un total de 783 chuletas (actualmente) agrupadas en 8 secciones. Dichas secciones cubren comandos de Linux y varios lenguajes de programación.