Jump to content
GoguMic

BlackHat USA 2013 [all PDF+VIDEO]

By GoguMic, in Tutoriale in engleza

Recommended Posts

GoguMic Newbie

GoguMic

Posted
Posted (edited)

Blackploit [PenTest]: [blackHat USA 2013] Presentaciones y Diapositivas

Presentaciones de BlackHat USA 2013 |


    Day One Keynote July 31
        us-13-Alexander-keynote.pdf
        us-13-Alexander-keynote.m4v
    A Practical Attack against MDM Solutions
        US-13-Brodie-A-Practical-Attack-against-MDM-Solutions-WP.pdf
        US-13-Brodie-A-Practical-Attack-against-MDM-Solutions-Slides.pdf
    Above My Pay Grade: Cyber Response at the National Level
        US-13-Healey-Above-My-Pay-Grade-WP.pdf
        US-13-Healey-Above-My-Pay-Grade-Slides.pdf
    Android: one root to own them all
        US-13-Forristal-Android-One-Root-to-Own-Them-All-Slides.pdf
    BinaryPig – Scalable Malware Analytics in Hadoop
        US-13-Hanif-Binarypig-Scalable-Malware-Analytics-in-Hadoop-WP.pdf
        US-13-Hanif-Binarypig-Scalable-Malware-Analytics-in-Hadoop-Slides.pdf
        US-13-Hanif-Binarypig-Scalable-Malware-Analytics-in-Hadoop-Code.tar.gz
    BIOS Security
        US-13-Butterworth-BIOS-Security-WP.pdf
        US-13-Butterworth-BIOS-Security-Slides.pdf
        US-13-Butterworth-BIOS-Security-Code.zip
    Black-Box Assessment of Pseudorandom Algorithms
        US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-WP.pdf
        US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-Slides.pdf
        US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-Code.zip
    Bugalyze.com – Detecting Bugs Using Decompilation and Data Flow Analysis
        US-13-Cesare-Bugalyze.com-Detecting-Bugs-Using-Decompilation-WP.pdf
        US-13-Cesare-Bugalyze.com-Detecting-Bugs-Using-Decompilation-Slides.pdf
    Buying into the Bias: Why Vulnerability Statistics Suck
        US-13-Martin-Buying-Into-The-Bias-Why-Vulnerability-Statistics-Suck-WP.pdf
        US-13-Martin-Buying-Into-The-Bias-Why-Vulnerability-Statistics-Suck-Slides.pdf
    Combating the Insider Threat at the FBI: Real World Lessons Learned
        US-13-Reidy-Combating-the-Insider-Threat-At-The-FBI-Slides.pdf
    Compromising Industrial Facilities From 40 Miles Away
        US-13-Apa-Compromising-Industrial-Facilities-From-40-Miles-Away-WP.pdf
        US-13-Apa-Compromising-Industrial-Facilities-From-40-Miles-Away-Slides.pdf
    CreepyDOL: Cheap, Distributed Stalking
        US-13-OConnor-CreepyDOL-Cheap-Distributed-Stalking-WP.pdf
        US-13-OConnor-CreepyDOL-Cheap-Distributed-Stalking-Slides.pdf
    Defending Networks with Incomplete Information: A Machine Learning Approach
        US-13-Pinto-Defending-Networks-with-Incomplete-Information-A-Machine-Learning-Approach-WP.pdf
        US-13-Pinto-Defending-Networks-with-Incomplete-Information-A-Machine-Learning-Approach-Slides.pdf
    End-to-End Analysis of a Domain Generating Algorithm Malware Family
        US-13-Geffner-End-To-End-Analysis-of-a-Domain-Generating-Algorithm-Malware-Family-WP.pdf
        US-13-Geffner-End-To-End-Analysis-of-a-Domain-Generating-Algorithm-Malware-Family-Slides.pdf
    Energy Fraud and Orchestrated Blackouts: Issues with Wireless Metering Protocols (wM-Bus)
        US-13-Brunschwiler-Energy-Fraud-and-Orchestrated-Blackouts-Issues-with-Wireless-Metering-Protocols-WP.pdf
        US-13-Brunschwiler-Energy-Fraud-and-Orchestrated-Blackouts-Issues-with-Wireless-Metering-Protocols-Slides.pdf
    Exploiting Network Surveillance Cameras Like a Hollywood Hacker
        US-13-Heffner-Exploiting-Network-Surveillance-Cameras-Like-A-Hollywood-Hacker-WP.pdf
        US-13-Heffner-Exploiting-Network-Surveillance-Cameras-Like-A-Hollywood-Hacker-Slides.pdf
    Evading deep inspection for fun and shell
        US-13-Opi-Evading-Deep-Inspection-for-Fun-and-Shell-WP.pdf
        US-13-Opi-Evading-Deep-Inspection-for-Fun-and-Shell-Slides.pdf
        US-13-Opi-Evading-Deep-Inspection-for-Fun-and-Shell-Code.zip
    The Factoring Dead: Preparing for the Cryptopocalypse
        us-13-Stamos-The-Factoring-Dead.pdf
    Fully Arbitrary 802.3 Packet Injection: Maximizing the Ethernet Attack Surface
        US-13-Barisani-Fully-Arbitrary-802-3-Packet-Injection-WP.pdf
        US-13-Barisani-Fully-Arbitrary-802-3-Packet-Injection-Slides.pdf
    Funderbolt: Adventures in Thunderbolt DMA Attacks
        US-13-Sevinsky-Funderbolt-Adventures-in-Thunderbolt-DMA-Attacks-Slides.pdf
    Hacking like in the Movies: Visualizing Page Tables for Local Exploitation
        US-13-Wicherski-Hacking-like-in-the-Movies-Visualizing-Page-Tables-WP.pdf
        US-13-Wicherski-Hacking-like-in-the-Movies-Visualizing-Page-Tables-Slides.pdf
        US-13-Wicherski-Hacking-like-in-the-Movies-Visualizing-Page-Tables-Pictures.zip
    Hacking, Surveilling, and Deceiving victims on Smart TV
        US-13-Lee-Hacking-Surveilling-and-Deceiving-Victims-on-Smart-TV-Slides.pdf
    Home Invasion v2.0 – Attacking Network-Controlled Hardware
        US-13-Crowley-Home-Invasion-2-0-WP.pdf
        US-13-Crowley-Home-Invasion-2-0-Slides.pdf
        US-13-Crowley-HomeInvasion2-0-Source-Code.zip
    Hot Knives Through Butter: Bypassing Automated Analysis Systems
        US-13-Singh-Hot-Knives-Through-Butter-Evading-File-based-Sandboxes-WP.pdf
        US-13-Singh-Hot-Knives-Through-Butter-Evading-File-Based-Sandboxes-Slides.pdf
    HOW CVSS is DOSsing YOUR PATCHING POLICY (and wasting your money)
        US-13-Allodi-HOW-CVSS-is-DOSsing-Your-Patching-Policy-WP.pdf
        US-13-Allodi-HOW-CVSS-is-DOSsing-Your-Patching-Policy-Slides.pdf
    How to Build a SpyPhone
        US-13-McNamee-How-To-Build-a-SpyPhone-WP.pdf
        US-13-McNamee-How-To-Build-a-SpyPhone-Slides.pdf
    How to Grow a TREE (Taint-enabled Reverse Engineering Environment) From CBASS (Cross-platform Binary Automated Symbolic-execution System)
        US-13-Li-How-to-Grow-a-TREE-Code.zip
    Hunting the Shadows: In Depth Analysis of Escalated APT Attacks
        US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-WP.pdf
        US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-Slides.pdf
    Is that a government in your network or are you just happy to see me?
        US-13-Fiterman-Is-that-a-Government-in-Your-Network-Slides.pdf
    Java Every-Days: Exploiting Software Running on 3 Billion Devices
        US-13-Gorenc-Java-Every-Days-Exploiting-Software-Running-on-3-Billion-Devices-WP.pdf
        US-13-Gorenc-Java-Every-Days-Exploiting-Software-Running-on-3-Billion-Devices-Slides.pdf
    Javascript Static Security Analysis made easy with JSPrime
        US-13-Patnaik-Javascript-Static-Security-Analysis-made-Easy-with-JSPrime-WP.pdf
        US-13-Patnaik-Javascript-Static-Security-Analysis-made-easy-with-JSPrime-Slides.pdf
    Just-In-Time Code Reuse: The more things change, the more they stay the same
        US-13-Snow-Just-In-Time-Code-Reuse-Slides.pdf
    Legal Aspects of Full Spectrum Computer Network (Active) Defense
        US-13-Clark-Legal-Aspects-of-Full-Spectrum-Computer-Network-Active-Defense-Slides.pdf
    Mactans: Injecting Malware into iOS Devices via Malicious Chargers
        US-13-Lau-Mactans-Injecting-Malware-into-iOS-Devices-via-Malicious-Chargers-WP.pdf
        US-13-Lau-Mactans-Injecting-Malware-into-iOS-Devices-via-Malicious-Chargers-Slides.pdf
    Mainframes: The Past Will Come Back to Haunt You
        US-13-Young-Mainframes-The-Past-Will-Come-Back-to-Haunt-You-WP.pdf
        US-13-Young-Mainframes-The-Past-Will-Come-Back-to-Haunt-You-Slides.pdf
    Maltego Tungsten as a collaborative attack platform
        US-13-Temmingh-Maltego-Tungsten-as-a-Collaborative-Attack-Platform-WP.pdf
        US-13-Temmingh-Maltego-Tungsten-as-a-Collaborative-Attack-Platform-Slides.pdf
    Multiplexed Wired Attack Surfaces
        US-13-Ossmann-Multiplexed-Wired-Attack-Surfaces-WP.pdf
    OptiROP: hunting for ROP gadgets in style
        US-13-Quynh-OptiROP-Hunting-for-ROP-Gadgets-in-Style-WP.pdf
    Out of Control: Demonstrating SCADA device exploitation
        US-13-Forner-Out-of-Control-Demonstrating-SCADA-WP.pdf
        US-13-Forner-Out-of-Control-Demonstrating-SCADA-Slides.pdf
    Owning the Routing Table – Part II
        US-13-Nakibly-Owning-the-Routing-Table-Part-II-WP.pdf
        US-13-Nakibly-Owning-the-Routing-Table-Part-II-Slides.pdf
    Pass-The-Hash 2: The Admin’s Revenge
        US-13-Duckwall-Pass-the-Hash-WP.pdf
        US-13-Duckwall-Pass-the-Hash-Slides.pdf
        US-13-Duckwall-Pass-The-Hash-2-The-Admins-Revenge-Code.zip
    Pixel Perfect Timing Attacks with HTML5
        US-13-Stone-Pixel-Perfect-Timing-Attacks-with-HTML5-WP.pdf
    Post Exploitation Operations with Cloud Synchronization Services
        US-13-Williams-Post-Exploitation-Operations-with-Cloud-Synchronization-Services-WP.pdf
        US-13-Williams-Post-Exploitation-Operations-with-Cloud-Synchronization-Services-Slides.pdf
    Power Analysis Attacks for Cheapskates
        US-13-OFlynn-Power-Analysis-Attacks-for-Cheapskates-WP.pdf
        US-13-OFlynn-Power-Analysis-Attacks-for-Cheapskates-Slides.pdf
    Predicting Susceptibility to Social Bots on Twitter
        US-13-Sumner-Predicting-Susceptibility-to-Social-Bots-on-Twitter-Slides.pdf
    Press ROOT to continue: Detecting OSX and Windows bootkits with RDFU
        US-13-Vuksan-Press-ROOT-to-Continue-Detecting-MacOS-and-Windows-Bootkits-with-RDFU-WP.pdf
        US-13-Vuksan-Press-ROOT-to-Continue-Detecting-MacOS-and-Windows-Bootkits-with-RDFU-Slides.pdf
    Revealing Embedded Fingerprints: Deriving intelligence from USB stack interactions
        US-13-Davis-Deriving-Intelligence-From-USB-Stack-Interactions-Slides.pdf
    RFID Hacking: Live Free or RFID Hard
        US-13-Brown-RFID-Hacking-Live-Free-or-RFID-Hard-Slides.pdf
        US-13-Brown-RFID-Hacking-Live-Free-or-RFID-Hard-Code.zip
    The SCADA That Didn’t Cry Wolf- Who’s Really Attacking Your ICS Devices- Part Deux!
        US-13-Wilhoit-The-SCADA-That-Didnt-Cry-Wolf-Whos-Really-Attacking-Your-ICS-Devices-Slides.pdf
    Smashing The Font Scaler Engine in Windows Kernel
        US-13-Chan-Smashing-The-Font-Scaler-Engine-in-Windows-Kernel-WP.pdf
        US-13-Chan-Smashing-The-Font-Scaler-Engine-in-Windows-Kernel-Slides.pdf
    SSL, gone in 30 seconds – a BREACH beyond CRIME
        US-13-Prado-SSL-Gone-in-30-seconds-A-BREACH-beyond-CRIME-WP.pdf
        US-13-Prado-SSL-Gone-in-30-seconds-A-BREACH-beyond-CRIME-Slides.pdf
    TLS ‘secrets’
        US-13-Daigniere-TLS-Secrets-WP.pdf
        US-13-Daigniere-TLS-Secrets-Slides.pdf
    UART THOU MAD?
        US-13-Kohlenberg-UART-Thou-Mad-WP.pdf
        US-13-Kohlenberg-UART-Thou-Mad-Slides.pdf
    Universal DDoS Mitigation Bypass
        US-13-Lee-Universal-DDoS-Mitigation-Bypass-WP.pdf
        US-13-Lee-Universal-DDoS-Mitigation-Bypass-Slides.pdf
        US-13-Lee-Universal-DDoS-Mitigation-Bypass-Code.zip
    USING ONLINE ACTIVITY AS DIGITAL FINGERPRINTS TO CREATE A BETTER SPEAR PHISHER
        US-13-Espinhara-Using-Online-Activity-As-Digital-Fingerprints-WP.pdf
        US-13-Espinhara-Using-Online-Activity-As-Digital-Fingerprints-Slides.pdf
    Virtual Deobfuscator – a DARPA Cyber Fast Track funded effort
        US-13-Raber-Virtual-Deobfuscator-A-DARPA-Cyber-Fast-Track-Funded-Effort-WP.pdf
        US-13-Raber-Virtual-Deobfuscator-A-DARPA-Cyber-Fast-Track-Funded-Effort-Slides.pdf
        US-13-Raber-Virtual-Deobfuscator-A-DARPA-Cyber-Fast-Track-Funded-Effort-Code.zip
    What’s on the Wire? Physical Layer Tapping with Project Daisho
        US-13-Spill-Whats-on-the-Wire-WP.pdf
        US-13-Spill-Whats-on-the-Wire-Slides.pdf
    With BIGDATA comes BIG responsibility: Practical exploiting of MDX injections
        US-13-Chastuhin-With-BIGDATA-comes-BIG-responsibility-WP.pdf
        US-13-Chastuhin-With-BIGDATA-comes-BIG-responsibility-Slides.pdf
    ‘) UNION SELECT `This_Talk` AS (‘New Optimization and Obfuscation Techniques’)
        US-13-Salgado-SQLi-Optimization-and-Obfuscation-Techniques-WP.pdf
        US-13-Salgado-SQLi-Optimization-and-Obfuscation-Techniques-Slides.pdf
    Embedded Devices Security and Firmware Reverse Engineering
        US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-WP.pdf
        US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-Slides.pdf
    JTAGulator: Assisted discovery of on-chip debug interfaces
        US-13-Grand-JTAGulator-Assisted-Discovery-of-On-Chip-Debug-Interfaces-Slides.pdf
        US-13-Grand-JTAGulator-Assisted-Discovery-of-On-Chip-Debug-Interfaces-Code.zip
    Methodologies for Hacking Embedded Security Appliances
        US-13-Bathurst-Methodologies-for-Hacking-Embdded-Security-Appliances-Slides.pdf
    Mo Malware Mo Problems – Cuckoo Sandbox to the rescue
        US-13-Bremer-Mo-Malware-Mo-Problems-Cuckoo-Sandbox-WP.pdf
        US-13-Bremer-Mo-Malware-Mo-Problems-Cuckoo-Sandbox-Slides.pdf
    PDF Attack: A Journey from the Exploit Kit to the shellcode
        US-13-Esparza-PDF-Attack-A-journey-from-the-Exploit-Kit-Slides.pdf
        US-13-Esparza-PDF-Attack-A-journey-from-the-Exploit-Kit-Slides-Source.zip
    Practical Pentesting of ERPs and Business Applications
        US-13-Polyakov-Practical-Pentesting-of-ERPs-and-Business-Applications-WP.pdf
        US-13-Polyakov-Practical-Pentesting-of-ERPs-and-Business-Applications-Slides.pdf
    Abusing Web APIs Through Scripted Android Applications
        US-13-Peck-Abusing-Web-APIs-Through-Scripted-Android-Applications-WP.pdf
        US-13-Peck-Abusing-Web-APIs-Through-Scripted-Android-Applications-Slides.pdf
    Beyond the Application: Cellular Privacy Regulation Space
        US-13-Dudley-Beyond-the-Application-Cellular-Privacy-Regulatory-Space-WP.pdf
        US-13-Dudley-Beyond-the-Application-Cellular-Privacy-Regulatory-Space-Slides.pdf
    Clickjacking Revisited: A Perceptual View of UI Security
        US-13-Akhawe-Clickjacking-Revisited-A-Perceptual-View-of-UI-Security-Slides.pdf
    CMX: IEEE Clean File Metadata Exchange
        US-13-Kennedy-CMX-IEEE-Clean-File-Metadata-Exchange-WP.pdf
    CrowdSource: An Open Source, Crowd Trained Machine Learning Model for Malware Capability Detection
        US-13-Saxe-CrowdSource-An-Open-Source-Crowd-Trained-Machine-Learning-Model-Slides.pdf
    Denial of Service as a Service – asymmetrical warfare at its finest
        US-13-Masse-Denial-of-Service-as-a-Service-Slides.pdf
    Denying service to DDOS protection services
        US-13-Nixon-Denying-Service-to-DDOS-Protection-Services-WP.pdf
        US-13-Nixon-Denying-Service-to-DDOS-Protection-Services-Slides.pdf
    LTE BOOMS WITH VULNERABILITIES
        US-13-Gupta-LTE-Booms-withVulnerabilities-WP.pdf
    Malicious File for Exploiting Forensic Software
        US-13-Haruyama-Malicous-File-For-Exploiting-Forensic-Software-Slides.pdf
    Mobile Malware: Why the traditional AV paradigm is doomed and how to use physics to detect undesirable routines
        US-13-Stewart-Mobile-Malware-Why-the-Traditional-AV-Paradigm-is-Doomed-WP.pdf
        US-13-Stewart-Mobile-Malware-Why-the-Traditional-AV-Paradigm-is-Doomed-Slides.pdf
    New Trends in FastFlux Networks
        US-13-Xu-New-Trends-in-FastFlux-Networks-WP.pdf
        US-13-Xu-New-Trends-in-FastFlux-Networks-Slides.pdf
    OPSEC failures of spies
        US-13-Cole-OPSEC-Failures-of-Spies-Slides.pdf
    Password Hashing: the Future is Now
        US-13-Aumasson-Password-Hashing-the-Future-is-Now-WP.pdf
        US-13-Aumasson-Password-Hashing-the-Future-is-Now-Slides.pdf
    Shattering Illusions in Lock-Free Worlds: Compiler/Hardware Behaviors in OSes and VMs
        us-13-Blanchou-Shattering-Illusions-in-Lock-Free-Worlds.pdf
    TOR… ALL-THE-THINGS!
        US-13-Geffner-Tor…-All-The-Things-WP.pdf
        US-13-Geffner-Tor…-All-The-Things-Slides.pdf
    Truncating TLS Connections to Violate Beliefs in Web Applications
        US-13-Smyth-Truncating-TLS-Connections-to-Violate-Beliefs-in-Web-Applications-WP.pdf
        US-13-Smyth-Truncating-TLS-Connections-to-Violate-Beliefs-in-Web-Applications-Slides.pdf
    The Web IS Vulnerable: XSS Defense on the BattleFront
        US-13-Wroblewski-The-Web-IS-Vulnerable-XSS-Defense-on-the-Battle-Front-Slides.pdf
        US-13-Wroblewski-The-Web-IS-Vulnerable-XSS-Defense-on-the-BattleFront-Code.zip

Edited by hate.me
  • Upvote 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...