2012
- QtDD12 - Welcome - Kalle Dalheimer
- QtDD12 - Accessible Applications with Qt - Frederik Gladhorn
- QtDD12 - Accessing middleware from Qt, QML or HTML5 - Dr. Eva Brucherseifer
- QtDD12 - BlackBerry 10 Cascades UI Framework: A Different Take - Markus Landin
- QtDD12 - CMake with Qt - Stephen Kelly
- QtDD12 - Connecting your BlackBerry 10 app to the network - Peter Hartmann
- QtDD12 - Creating Mac GUIs with Qt - James Turner
- QtDD12 - Creating Window Compositors with the QtWayland module - Andy Nichols
- QtDD12 - Creator 101 - Tobias Hunger
- QtDD12 - Debugging multithreaded Qt programs - David Faure
- QtDD12 - Desktop Components for QtQuick - Jens Bache-Wiig
- QtDD12 - Developing with Qt for the BlackBerry 10 - Vladimir Minenko
- QtDD12 - Domain Specific Debugging Tools - Volker Krause
- QtDD12 - Effective QML: Best practices for Developing with Qt Quick - Adenilson Calvacanti
- QtDD12 - How Qt Helped RIM Build BlackBerry 10 - Jeff Kehres
- QtDD12 - In Depth - QMetaType and QMetaObject - Stephen Kelly
- QtDD12 - Innovating in Automotive Infotainment with QtQuick - Johan Thelin
- QtDD12 - Intentions good, warranty void: Using Qt in unexpected ways - Till Adam + Mirko Boehm
- QtDD12 - Making the correct license choice when developing with Qt - Topi Ruotsalainen
- QtDD12 - Modern Shader-based OpenGL Techniques - Dr. Sean Harmer
- QtDD12 - OpenGL with Qt 5 - Dr. Sean Harmer
- QtDD12 - Panel discussion: The Future of Qt
- QtDD12 - Porting an existing Qt Windows App to Mac - Sven Bergner
- QtDD12 - Porting Qt 5 to embedded hardware - Thomas Senyk
- QtDD12 QML Coding, Performance and Debugging: Usage of Tools - Aurindam Jana
- QtDD12 - Qt 5 Roadmap - Lars Knoll
- QtDD12 - Qt addons for everyone: KDE Frameworks 5 - David Faure
- QtDD12 - Qt and Cloud Services - Sami Makkonen
- QtDD12 - Qt and the Google APIs - Roland Krause
- QtDD12 - Qt and the upcoming BlackBerry 10 Platform - Alec Saunders
- QtDD12 - Qt and WebServices - Dr. Tim Dewhirst
- QtDD12 - QtCore in Depth - Olivier Goffart
- QtDD12 - Qt on Raspberry Pi - Jeff Tranter
- QtDD12 - QtQuick under the hood - Thomas McGuire
- QtDD12 - Qt Surprises - Eirik Chambe-Eng
- QtDD12 - Serving QML applications over the network - Jeremy Laine
- QtDD12 - SoDeclarative - Helmut Sedding and Michael T. Wagner
- QtDD12 - The middleware problem: a tale of abstraction - Dario Freddi
- QtDD12 - The project that brings you Qt - Thiago Macieira
- QtDD12 - The Qt partnership program - Kristen Tveter
- Using C++11 to speed up your Qt 5 programs Marc Mutz
- QtDD12 - Using Qt as mobile cross-platform system - Tam Hanna
- QtDD12 - Using SSL the right way with Qt - Richard J. Moore
- QtDD12 - What's New in QtWebKit in 5.0 - Simon Hausmann
- QtDD12 - Why you should be excited by Qt 5 - Thiago Macieira
- QtDD12 - The Future of Qt on Embedded Linux - Lars Knoll
- Textadept - Behind the Scenes Slides Video
- Crazy Ivan - Lua Driven Robots Video
- Gemini - An Open Source Library for Game Development on iOS Using Lua Slides Video
- picoDB: a no-SQL database tool for eLua Slides Video
- Luerl, a Lua VM written in Erlang Video
- LuaFlow - An Open Source Lua OpenFlow Controller Video
- Lua multi VM system for home automation Slides Video
- Building a Lua Based Platform (Luvit) Slides Video
- Small Team, Huge Game, and Lua Video
- What is Next for Lua? A Personal Perspective Slides Video
- Incrementally developing and implementing Hirschberg's longest common subseqence algorithm using Lua Slides Video
- Adding an Lua-based integrated character-based menu system into the SciTE editor Slides Video
- Integrating Lua for fun and profit: Vim's if_lua and PostgreSQL's PL/Lua Video
- Make Your Own M2M Application, in a 1/2 Hour, with Lua Video
- Using Lua for Integration with a specialized IDE Slides Slides Video
- Lua Q&A Session with Roberto Ierusalimschy Video
- RootedForge: Alternet - Borja Berastegui
- Raúl Siles y José A. Guasch - Seguridad Web de aplicaciones basadas en DNI-e
- Manu Quintans y Frank Ruiz - All Your Crimeware Are Belong To Us!
- RootedForge: LoadBalancer Finder - Alejandro Nolla
- RootedPanel - Fuerzas y Cuerpos de Seguridad del Estado
- Jaime Peñalba y Javier Rodríguez - Live Free or Die Hacking
- Eloi Sanfélix y Javier Moreno - Hardware hacking on your couch
- RootedForge: Fingerprinting Tor – Pablo Carballude
- RootedForge: OFAMIS - Pablo González
- RootedForge: RootedBabel – Organización Rooted
- RootedForge: Yet Another Repetitive Rootkit – David Luengo
- José Picó y David Pérez - Nuevos escenarios de ataque con estación base falsa GSM/GPRS
- Hugo Teso - Inguma 0.5 Red Wagon
- Sebastián Guerrero - Pimp Your Android
- RootedPanel - Congreso de seguridad No cON Name
- Gerardo García Peña - Enfoque práctico a la denegación de servicio
- Ricardo J. Rodríguez - Mejora en el Proceso de Desempacado usando Técnicas DBI
- Pablo San Emeterio - WHF: Windows Hooking Framework
- Lorenzo Martínez - Welcome to your secure /home, $user
- Organización RootedCON - Charla inaugural
- Carlos Díaz y Fco. Jesús Gómez - CMD: Look who's talking too
- Chema Alonso y Manu "The Sur" - Owning “bad” guys {and mafia} with Javascript botnets
- Yago Jesús - Applied Cryptography FAILs
- Pedro Sánchez -Hospital Central. Historia de una extorsión
- José Miguel Esparza y Mikel Gastesi - Social Engineering in Banking Trojans: Attacking the weakest link ]
- Guillermo Grande y Alberto Ortega - Building an IP reputation engine, tracking the miscreants
- Luis Delgado - XMPP, algo más que chat
- Lord Epsylon - XSSer, the cross site scripting framework
- Juan Garrido - Corporate Forensics. Saca partido a tu arquitectura
- Hackers: Responsibility and Reality - Jack Daniel
- Using Information Superiority to win the Cybersecurity Battle - Matt Watchinski
- Strategies for Web Application Security at Scale - Jeremiah Grossman
- Active Defense - David Willson
- Building a Cyber Range - Kevin Cardwell
- Hacking The Big 4 Databases - Josh Shaul
- Attacking Apache Reverse Proxy - Prutha Parikh
- Breaking SAP Portal - Dmitry Chastuhin
- Bring Your Own Destruction - Aamir Lakhani
- How to successfully get your Cloud through FedRAMP, PCI, & HIPAA - Tom McAndrew & Hemma
- Prafullchandra
- Riding on Cloud 9 – Holistic Security for a Euphoric Cloud Experience - Freddie Beaver
- Architecting and Building a Secure Virtual Infrastructure and Private Cloud - Rob Randell
- FedRAMP - How the Feds Plan to Manage Cloud Security Risks - Steven Fox
- Security and Software-Defined Networks - Michael Berman
- Advanced Industrial Espionage Attacks - Gianni Gnesa
- Bulletproof IT Security - Gary Miliefsky
- Go with the Flow: Strategies for Successful Social Engineering - Chris Silvers
- House of Cards - How not to collapse when bad things happen - Rafal Los
- Physical Drive-by Downloads – An Android Modders Weakness - Kyle Osborn
- The Persistent Threat of Mobile Apps – Why Continuous Testing is Key - John Weinschenk
- Zombie Browsers, spiced with rootkit extensions - Zoltan Balazs
- Military Targeting Adapted for Hacking - Rock Stevens
- Own the Network – Own the Data - Paul Coggin
- Advanced Persistent Pentesting: Fighting Fire with Fire - Jonathan Cran
- DGAs and Cyber-Criminals: A Case Study - Christopher Elisan
- Spawnning Reverse Shell With Any IP, Any Time! - Merchant Bhaumik
- Hacking SCADA Systems - 2011 Year in Review - Jonathan Pollet
- Soldatov, gotz how to catch your “hacker” or makeshift security
- Yarochkin, kropotov, chetvertakov tracking surreptitious malware distribution channels
- Sobolev typical information security flaws in corporations and large enterprises
- Samosadny mass csrf attacks via flash ads
- Kupreev 3 g modem infection
- Chastukhin, cherbov where is my car dude
- Evdokimov python arsenal for re
- Solar designer new developments in password hashing
- Troshichev i os mitm attack
- Tarakanov the art of binary diffing
- Sorokin mac os x malware overview
- Sintsov advanced exploitation in win32
- Shay chen the diviner - digital clairvoyance breakthrough - gaining access to the source code & server side memory structure of any application
- Reutov, yunusov, nagibin random numbers take ii
- Potapenko, vyukov forewarned is forearmed. a san and tsan
- Polyakov how i will break your enterprise. esb security and more
- Noseevich, petukhov no locked doors no windows barred. hacking open am infrastructure
- Matrosov, rodionov win32 flamer. reverse engineering and framework reconstruction
- Lyamin beyond the botnet
- Keynote the grugq opsec for russians
- Keynote fx try harder 2 be yourself
- Kettunen, miaubiz fuzzing at scale and in style
- Karasikov android behind the scenes
- Jurczyk windows kernel reference count vulnerabilities. case study
- Gregoire that's why i love xml hacking
- Firstov attacking mongo db
- Costin, francillon ghost is in the air(traffic)
- Boutin reversing banking trojan. an in-depth look into gataka
- Belenko, sklyarov dark and bright sides of i cloud (in)security
- Antisnatchor all you ever wanted to know about beef
- Abdullin modern payments security. emv, nfc, etc
- Vorontsov, golovko ssrf attacks and sockets. smorgasbord of vulnerabilities
- Alexander Polyakov, SSRF vs business-critical applications.pdf
- Andrei Costin, Ghost is in the Air(Traffic).pdf
- Auriemma & Ferrante, Pwning Multiplayer Online Games.pdf
- Chengyun Chu, Security Improvements in Windows 8.pdf
- Gordeychik, SCADA Strange Love or How I Learned to Start Worrying and Love Nuclear Plants.pdf
- MC & Yaniv Miron, PwN With HW v.10.pdf
- MJ0011,Using a Patched Vulnerability to Bypass Windows 8 x64 Driver Signature Enforcement.pdf
- Tora, Devirtualizing FinSpy.pdf
- Wan Tao, China Hacker.pdf
- Xu Hao & Xiabo Chen,"Find Your Own iOS Kernel Bug.pdf
- flashsky, APT Attack Detection of Vulnhunt.pdf
- redhidden & silverbug, Fun of Firmware Hacking.pdf
- (Keynote) Ed Skoudis - Letting Loose the Dogs of (cyber) War - PPTX
- Georgia Weidman - Introducing the Smartphone Penetration Testing Framework - PDF
- Robert McArdle - HTML5 - A Whole New Attack Vector - ZIP
- Raul Siles - Security of National eID (smartcard-based) Web Applications - PDF
- Josh Corman and Jericho - "Cyberwar" : Not What We Were Expecting - PPTX
- Mathy Vanhoef - New flaws in WPA-TKIP - PDF
- Martin Gallo - Uncovering SAP vulnerabilities: dissecting and breaking the Diag protocol - PDF
- Fernando Gont - Recent Advances in IPv6 Security - PPTX
- Gregory Pickett - pMap, the silent killer - PDF
- Carlos Garcia - How I met your pointer (Hijacking client software for fuzz and profit) - PDF
- Mickey Shkatov - we have you by the gadgets - PPTX
- David Mortman - The Defense RESTs: Automation and APIs for Improving Security - PPTX
- Kyle 'Kos' Osborn & Krzysztof Kotowicz - Advanced Chrome Extension Exploitation (2h) - PDF
- Abraham Aranguren - Introducing OWTF (4hr) - tar.gz - blog post
- De Mysteriis Dom Jobsivs: Mac EFI Rootkits
- Exploiting Internal Network Vulns via the Browser Using BeEF Bind
- Android Malware Detection in the Cloud
- Thar' be Vuln. ID's Here - A Data Mining Case Study
- Practical Attacks on Payment Gateways
- Targeted Malware – Sophisticated Criminals or Babytown Frolics?
- Reverse Engineering a Mass Transit Ticketing System
- FooCodeChu for Software Analysis, Malware Detection, & Vuln Research
- Windows Kernel Fuzzing For Beginners
- Examination of the VMWARE ESXi Binary Protocol Using Canape
- Tracking vulnerable JARs
- Finding Needles in Haystacks (The Size of Countries)
- How To Catch a Chameleon: Its All In Your Heap
- Bluetooth Packet Sniffing Using Project Ubertooth
- Advanced Persistent Response
- Hardware Backdooring is Practical
- Binary Instrumentation for Android
- The Blackhole Exploit Kit Spam Runs
- D1T1 - Barisani and Bianco - Practical Exploitation of Embedded Systems.pdf
- D1T1 - Chris Wysopal - Data Mining a Mountain of Vulnerabilities.pdf
- D1T1 - Lucas Adamski - Firefox OS and You.pdf
- D1T1 - Petko Petkov - History of the JavaScript Security Arsenal.pdf
- D1T1 - Philippe Langlois and Emmanuel Gadaix - 6000 Ways and More.pdf
- D1T2 - Don Bailey - Hackers, The Movie - A Retrospective.pdf
- D1T2 - Haroon Meer - You and Your Research.pdf
- D1T2 - Marc Heuse - IPv6 Insecurity Revolutions.pdf
- D1T2 - Mark Dowd & Tarjei Mandt - iOS6 Security.pdf
- D1T2 - Meder Kydyraliev - Defibrilating Web Security.pdf
- D1T2 - Wes Brown - Supercomputing, Malware and Correlation.pdf
- D1T3 - F Raynal & G Campana - An Attack Path to Jailbreaking Your Home Router.pdf
- D1T3 - John Draper - A Historical Look at the Personal Computer and Phreaking.pdf
- D1T3 - Jose Nazario - Tracking Large Scale Botnets.pdf
- D1T3 - Paul Sebastian Ziegler - Hacking in the Far East.pdf
- D1T3 - The Grugq - OPSEC - Because jail is for wuftpd.pdf
- D2T1 - Chris Evans - Element 1337 in the Periodic Table - Pwnium.pdf
- D2T1 - Katie Moussouris - How to Get Along with Vendors Without Really Trying.pdf
- D2T1 - Ollie Whitehouse - Finding the Weak Link in Binaries.pdf
- D2T1 - Rodrigo Branco - A Scientific Study of Malware Obfuscation Technologies.zip
- D2T2 - Fyodor Yarochkin and Vladimir - Messing up the Kids Playground.pdf
- D2T2 - Jeremiah Grossman - Why Web Security is Fundamentally Broken.pdf
- D2T2 - Raoul Chiesa - Information Warfare and Cyberwar.pdf
- D2T2 - Saumil Shah - Innovative Approaches to Exploit Delivery.pdf
- D2T3 - Emmanuel Gadaix - Something MEGA.pdf
- D2T3 - Felix FX Lindner - Hacking Huawei VRP.pdf
- D2T3 - Mikko Hypponen - Behind Enemy Lines.pdf
- D2T3 - Stefano Zanero - Behaviour-Based Methods for Automated Scalable Malware Analysis.pdf
- A Scientific (But Non Academic) Study of How Malware Employs Anti-Debugging, Anti-Disassembly and Anti-Virtualization Technologies
- A Stitch in Time Saves Nine: A Case of Multiple Operating System Vulnerability
- Adventures in Bouncerland
- AMF Testing Made Easy!
- Source.zip
- Are You My Type? - Breaking .NET Sandboxes Through Serialization
- Blended Threats and JavaScript: A Plan for Permanent Network Compromise
- Clonewise - Automated Package Clone Detection
- Confessions of a WAF Developer: Protocol-Level Evasion of Web Application Firewalls
- Control-Alt-Hack(TM): White Hat Hacking for Fun and Profit (A Computer Security Card Game)
- DE MYSTERIIS DOM JOBSIVS: Mac EFI Rootkits
- Digging Deep Into The Flash Sandboxes
- Don't Stand So Close To Me: An Analysis of the NFC Attack Surface
- Easy Local Windows Kernel Exploitation
- Errata Hits Puberty: 13 Years of Chagrin
- Exchanging Demands
- Exploit Mitigation Improvements in Win 8
- Exploiting the jemalloc Memory Allocator: Owning Firefox's Heap
- File disinfection framework: Striking back at polymorphic viruses
- Flowers for Automated Malware Analysis
- From the Iriscode to the Iris: A New Vulnerability of Iris Recognition Systems
- Ghost is in the Air(traffic)
- Google Native Client - Analysis Of A Secure Browser Plugin Sandbox
- Hacking the Corporate Mind: Using Social Engineering Tactics to Improve Organizational Security Acceptance
- Hacking with WebSockets
- Hardware backdooring is practical
- Here Be Backdoors: A Journey Into The Secrets Of Industrial Firmware
- Hookin' ain't easy: BeEF injection with MITM
- How many bricks does it take to crack a microcell?
- How the Analysis of Electrical Current Consumption of Embedded Systems Could Lead to Code Reversing?
- HTML5 Top 10 Threats – Stealth Attacks and Silent Exploits
- iOS Application Security Assessment and Automation: Introducing SIRA
- iOS Kernel Heap Armageddon Revisited
- Legal Aspects of Cyberspace Operations
- Looking Into The Eye Of The Meter
- My Arduino Can Beat Up Your Hotel Room Lock
- Owning bad guys {and mafia} with javascript botnets
- Probing Mobile Operator Networks
- SexyDefense - Maximizing the Home-Field Advantage
- SQL Injection to MIPS Overflows: Rooting SOHO Routers
- SSRF vs. Business Critical Applications
- State of Web Exploit Toolkits
- Still Passing the Hash 15 Years Later? Using the Keys to the Kingdom to Access All your Data
- Targeted Intrusion Remediation: Lessons From The Front Lines
- The Defense RESTs: Automation and APIs for Improving Security
- The Info Leak Era on Software Exploitation
- The Myth of Twelve More Bytes: Security on the Post-Scarcity Internet
- The subway line 8 - Exploitation of Windows 8 Metro Style Apps
- Torturing OpenSSL
- Trust, Security, and Society
- We have you by the Gadgets
- Web Tracking for You
- Windows Phone 7 Internals and Exploitability
- Windows 8 Heap Internals
- Advanced Chrome Extension Exploitation - Leveraging API Powers for the Better Evil
- Code Reviewing Web Application Framework Based Applications (Struts 2, Spring MVC, Ruby on Rails (Groovy on Grails), .NET MVC)
- Lessons Of Binary Analysis
- Linux interactive exploit development with GDB and PEDA
- Ruby for Pentesters: The Workshop
- HTExploit Bypassing Htaccess Restrictions
- libinjection: A C library for SQLi detection and generation through lexical analysis of real world attacks
- ModSecurity as Universal Cross-platform Web Protection Tool
- Passive Bluetooth Monitoring in Scapy
- Stamp Out Hash Corruption, Crack All The Things
- SYNful Deceit, Stateful Subterfuge
- The last gasp of the industrial air-gap...
- When security gets in the way: PenTesting mobile apps that use certificate pinning
- Backside optical analysis hardware/software running on ICs - Slides (application/pdf - 3.2 MB)
- Be Social. Use Rewoltke. - Slides (application/pdf - 4.9 MB)
- Bootkit Threats: In-Depth Reverse Engineering & Defense - Slides (application/pdf - 3.9 MB)
- Compiler Internals: Exceptions and RTTI - Scripts (application/zip - 44.5 KB)Slides (application/pdf - 872.3 KB)
- Cryptographic Function Identification in Obfuscated Binary Programs - Slides (application/pdf - 3.7 MB)
- Designing a minimal operating system to emulate 32/64bits x86 code snippets, shellcode or malware in Bochs - Slides (application/pdf - 957.8 KB)
- Dynamic Binary Instrumentation Frameworks: I know you're there spying on me - Slides (application/pdf - 1.8 MB)
- Extraordinary String Based Attacks - Slides (application/pdf - 3 MB)
- Facedancer USB: Exploiting the Magic School Bus - Slides (application/pdf - 16.2 MB)
- GPUs for Mobile Malware, Mitigation and More - Slides (application/pdf - 831.7 KB)
- Thinking outside-the-CPU - Slides (application/pdf - 831.7 KB)
- Injecting custom payload into signed Windows executables - Slides (application/octet-stream - 3.7 MB)
- Analysis of the CVE-2012-0151 vulnerability - Slides (application/octet-stream - 3.7 MB)
- Inside AVM - Slides (application/pdf - 1.2 MB)
- Modern static security checking of C / C++ programs - Slides (application/pdf - 1.3 MB)
- Predicting English keywords from Java Bytecodes using Machine Learning - Slides (application/pdf - 401.5 KB)
- Recognition of binary patterns by Morphological analysis - Slides (application/pdf - 4.6 MB)
- Reverse engineering of binary programs for custom virtual machines - Slides (application/pdf - 554.6 KB)
- The Case for Semantics-Based Methods in Reverse Engineering - Slides (application/pdf - 763.8 KB)
- reversing dwarf fortress for !!fun!! and ruby - Slides (application/pdf - 448.2 KB)
- Opening, Welcome
- Keynote
- PostgreSQL when it is not your job.
- Round Pegs and Square Holes: Django and MongoDB
- Class-based Generic Views: patterns and anti-patterns
- Django and the Real-time Web
- Building secure Django websites
- Implementing Domain-specific Languages in Django Applications
- I Hate Your Database
- Lightning Talk: Rebinding Selenium.
- Lightning Talk: How to make your own Django sprint
- How do we log into admin
- PyCon Poland 2012
- Lightning Talk: PyCharm
- Lightning Talk: Tree.io
- Lightning Talk: Django On Platform as a Service providers
- Lightning Talk: Scripting your development environment
- Keynote: Fostering Community
- LFS - Lightning Fast Shop
- Using CSS preprocessors effectively
- Arkestra: semantic information publishing for organisations
- Django Chuck - Your powerful project punch button (part 1)
- Django Chuck - Your powerful project punch button (part 2)
- It's about time!
- Healthy Webapps Through Continuous Introspection
- Lightning Talks: Django-IDS Intrusion detection system
- Lightning Talks: Django Template Coverage
- Lightning Talks: Glue, a command line tool to create CSS sprites
- Schemaless SQL
- Lightning Talks: PyCon Connecting The Python Community
- Lightning Talks: Ponystrap
- Lightning Talks: Three Weeks w/o Django (Nepal)
- Lightning Talks: bitbucket
- Facebook Apps with Django
- Keynote: Make me make good choices
- Adding Tests to an Uncovered Application
- Implementing real time web applications with Django
- Lightning Talks: Sync-Models
- Lightning Talks: VIM text editor, performance matters...
- Lightning Talks: CBV based navigation
- How Heroku Uses Heroku To Build Heroku
- Lightning Talks: people.djangoproject.com
- Involving women in the community
- Flasky Goodness (or Why Django Sucks?)
- Django Core Panel and closing session
- CLOSING KEYNOTE - Ms Jaya Baloo - Identity Privacy and Security.pdf
- D1 SIGINT - Marinus Kuivenhoven - Hack to the Future.pdf
- D1 SIGINT - Ralf- Philip Weinmann - NO SLIDES.pdf
- D1 SIGINT - Xavier Mertens - Pastebinmon and Leakedin.pdf
- D1T1 - Arnauld Mascret - Whistling Over The Wire.zip
- D1T1 - Claudio Guarnieri - One Flew Over the Cuckoos Nest.pdf
- D1T1 - Ivo Pooters - Turning Android Inside Out.pdf
- D1T1 - Juan-Pablo Echtegoyen - Attacking the SAP Solution Manager.pdf
- D1T1 - Roberto Suggi and Scott Bell - Browser Bug Hunting in 2012.pdf
- D1T2 - Adam Gowdiak - Security Threats in Digital Sat Televisions.pdf
- D1T2 - Adam Gowdiak - Security Vulnerabilities of DVB Chipsets.pdf
- D1T2 - Itzhak Zuk Avraham and Nir Goldshlager - Killing a Bug Bounty Program - Twice.pdf
- D1T2 - MuscleNerd - Evolution of iPhone Baseband and Unlocks.pdf
- D1T2 - Sebastien Renaud and Kevin Szkudlapski - WinRT.pdf
- D1T3 - Didier Stevens - Whitehat Shellcode.zip
- D1T3 - Gal Diskin - Hacking Using Dynamic Binary Instrumentation.pdf
- D1T3 - Jurriaan Bremer - Binary Obfuscation the SSE Way.pdf
- D2 SIGINT - Elger Jonker - Close-Up of Three Technical Hackerspace Projects.pdf
- D2 SIGINT - Rory Breuk and Albert Spruyt - Integrating DMA Attacks in Metasploit.pdf
- D2T1 - Alex Bazhanyuk and Nikita Tarakanov - Automatically Searching for Vulnerabilities.pdf
- D2T1 - Andrei Costin - Postscript Dangers Ahead - Hacking MFPCs.pdf
- D2T1 - Georgia Weidman - Bypassing the Android Permission Model.pdf
- D2T1 - Kenneth White - A Deep Analysis of Amazon Web Services.pdf
- D2T1 - Marco Balduzzi - SatanCloud.pdf
- D2T2 - Jailbreak Dream Team - Absinthe Jailbreak for iOS 5.0.1.pdf
- D2T2 - Jailbreak Dream Team - Corona Jailbreak for iOS 5.0.1.pdf
- D2T2 - Nicolas Gregoire - Attacking XML Processing.pdf
- D2T2 - Rahul Sasi - CXML VXML Auditing for IVR Pentesters.zip
- D2T2 - Steven Seeley - Ghost In the Windows 7 Allocator.pdf
- D2T3 - Chema Alonso and Manu The Sur - Power of FOCA 3.pdf
- D2T3 - Enno Rey Daniel Mende Pascal Turbing Matthias Luft - Smashing VMDK Files for Fun and Profit.pdf
- D2T3 - Mario Vuksan and Tomislav Pericin - Titan Engine 3.pdf
- KEYNOTE 1 - Andy Ellis - Staying Ahead of the Security Poverty Line.pdf
- KEYNOTE 2 - Bruce Schneier - Trust, Security and Society - NO SLIDES.pdf
- [Keynote #1] by Cedric Blancher /PDF Slides
- [Keynote #2] by Fyodor Yarochkin /PDF Slides
- [Keynote #3] by Marc “van Hauser” Heuse /PDF Slides
- [Lockpickito Ergo Sum] by Walter Bergers /PDF Slides
- ["Secure Password Managers" and "Military-Grade Encryption" on Smartphones: Oh Really?] by Andrey Belenko & Dmitry Sklyarov /PDF Slides
- [Hardware backdooring is practical] by Jonathan Brossard & Florentin Demetrescu /PDF Slides
- [Cryptographic Function Identification in Obfuscated Binary Programs] by Joan Calvet /PDF Slides
- [Recent Advances in IPv6 Security] by Fernando Gont /PDF Slides
- [Hacking the NFC credit cards for fun and debit ; )] by Renaud Lifchitz /PDF Slides
- ["The System of Automatic Searching for Vulnerabilities or how to use Taint Analysis to find security bugs"] by Nikita Tarakanov & Alex Bazhanyuk /PDF Slides
- [Exploiting a Coalmine: Abusing Complex Bugs in Webkit's RenderArena] by Georg Wicherski/PDF Slides
- Axelle Apvrille - Guillaume LovetAn Attacker's Day into Virology: Human vs Computer
- Antonios Atlasis - Attacking IPv6 Implementation Using Fragmentation
- Michael BakerFinding Needles in Haystacks (The Size of Countries)
- Andrey Belenko - Dmitry Sklyarov"Secure Password Managers" and "Military-Grade Encryption" on Smartphones: Oh Really?
- Andy DavisHDMI - Hacking Displays Made Interesting
- Stephen de Vries - Beyond Scanning: Automating Web Application Security Tests
- Tyrone Erasmus - The Heavy Metal That Poisoned the Droid
- Takahiro Haruyama - Hiroshi SuzukiOne-byte Modification for Breaking Memory Forensic Analysis
- Marcia Hofmann - Seth SchoenDefending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices
- Jeff Jarmoc - SSL/TLS Interception Proxies and Transitive Trust
- Ling Chuan Lee - Chan Lee YeeGDI Font Fuzzing in Windows Kernel For Fun
- Steve Lord - Drop It Like It's Hotspot: Hacking Mifi Routers For Nefarious Purposes
- Rafal Los - Shane MacDougallOffensive Threat Modeling for Attackers: Turning Threat Modeling on its Head
- Matias Madou - Secure in 2010? Broken in 2011!
- Mariano Nunez Di Croce - Cyber-Attacks & SAP systems: Is Our Business-Critical Infrastructure Exposed?
- Phil Polstra - Preventing "Oh Shit!" Moments for 20 Euros or Less
- Jerome Radcliffe - Issues with Embedded Device Disclosures: Helping the Vendors and Recognizing the End-Users
- Enno Rey - Daniel MendeAll Your Calls Are Still Belong to Us: How We Compromised the Cisco VoIP Crypto Ecosystem
- Simon Roses Femerling - Smartphone's Apps Are Not That Smart: Insecure Development Practices
- Paul Royal - Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis
- Rahul Sasi - IVR Security- Internal Network Attack via Phone Lines
- Justin Searle - Dissecting Smart Meters
- Slides
- Shreeraj Shah - HTML5 Top 10 Threats: Stealth Attacks and Silent Exploits
- Sumit Siddharth - Tom ForbesHacking XPATH 2.0
- Alexey Sintsov - Lotus Domino: Penetration Through the Controller
- Didier Stevens - Malicious PDF Analysis
- Ben Williams - They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
- Chris Wysopal - Data Mining a Mountain of Zero Day Vulnerabilities
- Justin Searle - Workshop: SamuraiWTF
- Graph Processing in Python
- How to make your websites more accessible
- Introduction and Welcome
- DevOps for Python: Doing More With Less
- Documenting Your Project With Sphinx
- High Performance Python I
- High Performance Python II
- Introduction to Game Development
- Introduction to Interactive Predictive Analytics in Python with scikit-learn
- Optimize Performance and Scalability with Parallelism and Concurrency
- Plotting with matplotlib
- Python Epiphanies
- Social Network Analysis with Python
- Bayesian statistics made (as) simple (as possible)
- Data analysis in Python with pandas
- Django in Depth
- Faster Python Programs through Optimization
- How to get the most out of your PyPy
- Introduction to Django
- IPython in-depth: high-productivity interactive and parallel python
- Web scraping: Reliably and efficiently pull data from pages that don't expect it
- Writing a Pyramid application
Vídeos del Qt Developers Day Berlín 2012
Qt Developer Days Berlín 2012 es la novena conferencia celebrada en Europa. Esta conferencia se enfoca en todo lo que envuelve a Qt. Para los despistados, Qt son las librerías sobre las que está construido KDE o MeeGo entre otros.
Esta es la lista de vídeos disponible:
Material del Lua workshop 2012
Aquí tenemos algunos vídeos y diapositivas de la mayoría de las presentaciones dadas en el Lua Workshop 2012:
Vídeos de la RootedCON
Ya están disponibles los vídeos del archiconocido congreso de seguridad RootedCON. Éste celebró en Madrid entre 1 y 3 de marzo. Ya han pasado unos meses, pero más vale tarde que nunca y para los que no tuvimos el privilegio de asistir ahora podemos disfrutar de dichas charlas:
Diapositivas de las Hacker Halted USA 2012
Ya están disponible para descarga las presentaciones de la Hacker Halted USA 2012 celebrada en Miami el pasado mes de octubre.
Presentaciones de la ZeroNights 2012
ZeroNights es otra conferencia de seguridad, ésta se celebró en Moscú el 19 y 20 de noviembre y han publicado todas las presentaciones que se dieron. Y para no perder la costumbre, aquí tenéis la lista de las mismas :)
Vídeos de CascadiaJS
CascadiaJS es una conferencia orientada a Javascript que se celebró en Seattle los pasados 8 y 9 de noviembre. Javascript es un lenguaje que cada vez está tomando más relevancia y no sólo en el mundo web sino también en los nuevos sistemas operativos de Microsoft, así que ya no es sólo un lenguaje para desarrolladores web.
Pues nada, aquí tenéis los vídeos de las charlas de CascadiaJS:
Presentaciones de la POC 2012
La POC 2012 (Power Of Community) es una conferencia que se lleva celebrando desde el año 2006 por hackers coreanos y profesionales de la seguridad. Esta edición fue celebrada los pasados 8 y 9 noviembre y ya han publicado las presentaciones que se dieron (no todas):
Presentaciones de la BruCON 2012
Ya se encuentran disponibles las presentaciones de la BruCON 2012 celebrada el pasado mes de septiembre durante los días 26 y 27.
Presentaciones de la Ruxcon 2012
La conferencia sobre seguridad Ruxcon se celbebró en Australia los pasados 20 y 21 de octubre. Ya están disponibles (la mayoría) las presentaciones oficiales. Aquí tenéis la lista:
Microsoft Windows Server 2012 (Infografía)
Vídeos de la DerbyCon 2012
Este era otra de las entradas que tenía pendiente de publicar. Como ya bien anunciaron en Security By Default, en IronGeek estaban subiendo los vídeos de la DerbyCon 2012. Hasta ahora sólo faltan 2 vídeos, el de Kevin Mitnick, pendiente de aprobar y otro titulado “You Can’t Buy Security. Building an Open Sourced Information Security Program”, del cual parece ser tuvieron alguna dificultad técnica. Para que quede registrado por aquí, esta es la lista:
Presentaciones de la HITB 2012 de Malasia
Ya están disponibles las presentaciones de la Hack In The Box celebrada en Malasia los pasados 10 y 11 de octubre. La lista de las mismas:
Diferencia entre el internet actual y el de hace 10 años (Infografía)
Conferencia de desarrolladores noruegos 2012 - Vídeos
NDC (Norwagian Developers Conference) 2012 se celebró el pasado mes de junio. Desde la página de la agenda puedes acceder a todas las charlas que se dieron. Las hay para todos los gustos:
Keynote: A Happy Grain of Sand Getting Agile with Scrum WebGL What? Inside Mono for Android Cut The Rope: from iOS to HTML5 to Windows 8 Decisions, decisions Ideas for efficient BDD with SpecFlow through examples Just cause it’s JavaScript, doesn’t give you a license to write rubbish Making an awesome Open-Source Project Tutorial: Enterprise development with NServiceBus Leading a Self-Organizing Team HTML5 Game Development Patterns of Mobile Application Development Windows 8 Apps with HTML5 and JavaScript: from zero to hero! MicroService Architecture Five Things You Didn’t Know About PostGresSQL Professional Software Development NuGet: Zero to DONE in no time. Tutorial: Enterprise development with NServiceBus Agile Estimating Real World NodeJS - Creating the Tekpub API Mobile, How Do I Develop Thee? Let Me Count the Ways Introduction to XAML in Windows 8/Metro Object Orientation Revisited. Simplicity and power with DCI. Roslyn… hmmmm… what? Building External DSLs for Fun and Profit Hacking .Net Applications: The Black Arts Tutorial: Enterprise development with NServiceBus Advanced Topics in Agile Planning The rise of server-side JavaScript One Service, Any Device, Any Experience: ASP.NET Web API, JSON, and Windows 8, Windows Phone, iOS, and Android Metro Design Principles Modeling Distributed Systems with NServiceBus Studio WCF Extensibility: Tapping into the calls Advances in Code Contracts for .NET Authentication & Authorization in .NET 4.5 - Claims & Tokens become the standard Model VIM for aspiring #ithipsters Scaling Agile to Work with a Distributed Team Learning to love HTML and CSS (for grumpy developers) Windows Phone 7.5 Background workers Bringing Wordfeud to WP7 and Windows 8 Crafting Wicked Domain Models Fakes, Isolating Unit Tests How we do language design at Microsoft: VB and C# Mind Control Your Computer In C#: Natural User Interfaces Through The Power Of Thought NServiceBus Hackathon User Stories for Agile Requirements The Outliers of HTML5 Not a Mobile Developer? Not a Developer! In and out in WinRT The Single Responsibility Principle. Nemerle Programming Language Continuous testing Social Clairvoyance - Data mining the social web When The Wheels Come Off Agile ASP.NET 4.5: What’s in the box? JavaScript All Over - Sticking Your Big Toe in Node.js Developing hybrid solutions with Windows Azure Service Bus, WF and BizTalk Server 2010 Clean Architecture Rediscovering JavaScript The Software Team Leader Manifesto The Process, Technology and Practice of Continuous Delivery Introduction to ASP.NET MVC with ASP.NET MVC 4 Embracing Uncertainty Microsoft’s Modern Web Stack, Starring ASP.NET Web API Learn how to build a modern browser applications using Backbone.js and Service Stack A WIF Of Security In SharePoint And Azure Design Patterns for .NET Programmers BDD: Busting the myths I Can’t Believe It’s Not Roslyn–Using Nemerle Macros to extend the C# Language Continuous Delivery story with FIFA Introduction to ASP.NET MVC with ASP.NET MVC 4 Scaling Agile Teams Securing ASP.NET Web APIs Interactive user experience: natural user interfaces Extending XAML To Overcome Pretty Much Any Limitation Commands, Queries, and Consistency Git and GitHub for Developers on Windows Reinventing software quality A Thousand deliveries a Day at AppHarbor CyberDojo - genuine coding practice Moving from Scrum to Kanban HTML5 WebSockets and Socket.IO Creating User Experiences: Unlocking the Invisible Cage Windows Azure Access Control - Outsourcing Security to the cloud What is OO? Where did it come from? Where is it going? Full-text search with Lucene and neat things you can do with it Dynamic .NET Demystified Six aspects of successful software delivery CyberDojo - genuine coding practice The surprising science behind agile leadership CSS in the 4th dimension: Not your daddy’s CSS animations Designing for Touch on Any Platform Cloud Computing: More Than Just Hosting RavenDB data modeling walkthrough Introduction to Rx Branch-per-Feature in the realm of Agile and .NET development Patterns of Effective Delivery You’re in production. Now what? Mind-blowing Apps with HTML5 Canvas ASP.NET MVC and jQuery Mobile How to think cost when programming Cloud Computing apps? Dealing with Dynamically-Typed Legacy Code Git More Done A Better Way To Learn Refactoring Ten Web Performance Tuning Tricks in 60 Minutes Script your phone on your phone with touchdevelop. How to get productive in a project in 24h Dataflow networks in .NET 4.5 .NET Rocks! Panel - The State of Agile And The Road Ahead The Cloud Security Rules Deep Design Lessons Debugging the Web with Fiddler Revealing the SQL Server Magic SignalR: Awesome in Real-Time with ASP.NET Developers: The Prima Donnas of the 21st Century Hybrid Applications with MongoDB and RDBMS MVVM Applied: From Silverlight to Windows Phone to Windows 8 What’s New in Windows Azure: 10,000 Meter Edition An architecture remake Gamifying testing by accident with pex4fun. Thinking in Functional Style using F# and (some) C# What?!? C# Could Do That?!? GOAL - Game Oriented Agile Learning Agile, Lean, and the Space Between HTML5 and CSS3: does now really mean now? Xamarin - State of the Union Hell has frozen over: writing Node.js apps for Windows Azure Beyond the compiler - going up to 11 with conventions in a statically typed language RabbitMQ Hands On F# in action: playing functional Conway’s game of life Gesture Recognition with Kinect for Windows GOAL - Game Oriented Agile Learning What Does Self-Organizing Team Really Mean? How to Destroy the Web MonoTouch - C# + iOS = Good Times Making your Application Cloud-ready Neo4j in a .NET world Evolution of the Entity Framework NDC 2012 Cage Match: NodeJS vs. ASP.NET How GitHub Works GOAL - Game Oriented Agile Learning Programmer Anarchy Accessibility doesn’t exist! Creating UX with Story Boarding Make Windows Phone games! .NET On a Diet Introduction to OWIN and Gate Clojure for the Web Async Part 1 – new feature in Visual Studio 11 for responsive programming. 10 things you can do to better lead your agile team Responsive Web Design SharePoint, Office 365, JavaScript And Azure Big time: introducing Hadoop on Azure The era of tiny REST with ASP.NET MVC Pure JavaScript Async Part 2 – deep dive into the new language feature of VB/C# You had me at Halo Metaprogramming with Nemerle From Zero to Hero - Get Social With Facebook Using Amazon S3 & CloudFront for Scalable and Secure Distribution Caring about Code Quality No more magical webservices feat. ServiceStack .NET in the physical and meta-physical world Continuous integration - char by char
Presentaciones de la BlackHat USA 2012
Ya están disponibles para descarga el material de las charlas que se dieron en la BlackHat USA 2012 pasado mes de julio en Las Vegas:
Presentaciones de la Recon 2012
Ya están disponibles para descarga las presentaciones de la Recon 2012 celebrada el pasado mes de junio.
Vídeos de la DjangoCon Europe 2012
Ya se encuentran disponibles las charlas de la DjangoCon Europe 2012 celebrada en Zurich.
Presentaciones de la Hack in the box 2012 celebrada en Amsterdam
Ya podemos descargarnos las presentaciones de otra gran conferencia de seguridad en la que ha habido participación hispana. La HITB (Hack in the box) 2012 Amsterdam:
¡Mañana vuelve Cálico Electrónico!
Vuelve el héroe español, no te pierdas mañana 7 de mayo el estreno mundial del primer capítulo de la 4a temporada.
Gracias Niko (y a Informatica64) por traernos al héroe que tantos buenos ratos nos ha hecho pasar.
En CyberHades no nos perderemos ninguno de sus nuevos capítulos.
Material de la conferencia ACK Security 2012 disponible para descargar
Desde este enlace (torrent) o este otro (descarga directa) puedes bajar todo el material más extras del evento ACK Security Conference que se celebró en Colombia del 26 al 30 marzo en la ciudad de Manizales. Aquí puedes ver la relación de ponentes.
No os perdáis el material disponible.
Presentaciones Hackito Ergo Sum 2012
Ya están disponibles algunas de las presentaciones de la tercera edición de Hackito Ergo Sum, evento celebrado los 12, 13 y 14 de abril de 2012.
Material oficial de la Blackhat Europe 2012 disponible
Ya está disponible el material de la recién acabada BlackHat 2012 Europa. Parece que faltan algunas charlas. Si las ponen actualizaremos esta entrada.
PyCon US 2012 - Vídeos
Ya están disponibles los vídeos de la PyCon US 2012:
2012, el año de Alan Turing
Este año se celebra el centenario del nacimiento del genio Alan Turing.
Puedes ver todos los eventos que están programados alrededor del mundo aquí.
Ya sabéis nuestra pasión por este héroe y genio moderno, estaremos atentos y lo celebraremos por todo lo alto, él se lo merece.