Material de la Zero Nights 2013
Disponible el material de las presentaciones dadas en la conferencia rusa Zero Nights 2013:
- Endpoint security via application sandboxing and virtualization — past, present, future
- State of Crypto Affairs
- Practical exploitation of rounding vulnerabilities in internet banking applications
- The Machines that Betrayed their Masters
- Virtually Impossible: The Reality Of Virtualization Security
- DbiFuzz framework
- Windows Kernel Trap Handler and NTVDM Vulnerabilities — Case Study
- IP fragmentation attack on DNS
- HART (in)security
- Exploitation of AVR & MSP microchips
- Filesystem timing attacks practice
- Strike to the infrastructure: a story about analyzing thousands mobile apps
- SCADA deep inside: protocols, security mechanisms, software architecture
- Anatomy and metrology of DoS/DDoS
- TOPGUN multi terabit DPI
- Timing analysis
- An introduction to the use SMT solvers for software security
- BlackBox analysis of iOS apps
- Hacking HTML5
- Physical (In)Security — it’s not –ALL– about Cyber
- Advanced exploitation of Android Master Key Vulnerability (bug 8219321)
- HexRaysCodeXplorer: make object-oriented RE easier
- Practical application of math methods and image recognition in attack detection. With novel case studies :)
- Web under pressure: DDoS as a service
- Hosting dashboard web application logic vulnerabilities
- Session management errors in cloud solutions and in classic hosting systems
- Hesperbot: analysis of a new banking trojan
- NGINX Warhead
- Testing of password policy
- Accounting hacking — arch bugs in MS Dynamics GP
- HR Hacking — bugs in PeopleSoft
- DBO Hacking — arch bugs in BSS
- Business Intelligence hacking – Breaking ICCube
- Dev system hacking — arch bugs in SAP SDM