Jump to content
GoguMic

BlackHat USA 2013 [all PDF+VIDEO]

By GoguMic, in Tutoriale in engleza

Recommended Posts

GoguMic Newbie

GoguMic

Posted
Posted (edited)

Blackploit [PenTest]: [blackHat USA 2013] Presentaciones y Diapositivas

Presentaciones de BlackHat USA 2013 |


    Day One Keynote July 31
        us-13-Alexander-keynote.pdf
        us-13-Alexander-keynote.m4v
    A Practical Attack against MDM Solutions
        US-13-Brodie-A-Practical-Attack-against-MDM-Solutions-WP.pdf
        US-13-Brodie-A-Practical-Attack-against-MDM-Solutions-Slides.pdf
    Above My Pay Grade: Cyber Response at the National Level
        US-13-Healey-Above-My-Pay-Grade-WP.pdf
        US-13-Healey-Above-My-Pay-Grade-Slides.pdf
    Android: one root to own them all
        US-13-Forristal-Android-One-Root-to-Own-Them-All-Slides.pdf
    BinaryPig – Scalable Malware Analytics in Hadoop
        US-13-Hanif-Binarypig-Scalable-Malware-Analytics-in-Hadoop-WP.pdf
        US-13-Hanif-Binarypig-Scalable-Malware-Analytics-in-Hadoop-Slides.pdf
        US-13-Hanif-Binarypig-Scalable-Malware-Analytics-in-Hadoop-Code.tar.gz
    BIOS Security
        US-13-Butterworth-BIOS-Security-WP.pdf
        US-13-Butterworth-BIOS-Security-Slides.pdf
        US-13-Butterworth-BIOS-Security-Code.zip
    Black-Box Assessment of Pseudorandom Algorithms
        US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-WP.pdf
        US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-Slides.pdf
        US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-Code.zip
    Bugalyze.com – Detecting Bugs Using Decompilation and Data Flow Analysis
        US-13-Cesare-Bugalyze.com-Detecting-Bugs-Using-Decompilation-WP.pdf
        US-13-Cesare-Bugalyze.com-Detecting-Bugs-Using-Decompilation-Slides.pdf
    Buying into the Bias: Why Vulnerability Statistics Suck
        US-13-Martin-Buying-Into-The-Bias-Why-Vulnerability-Statistics-Suck-WP.pdf
        US-13-Martin-Buying-Into-The-Bias-Why-Vulnerability-Statistics-Suck-Slides.pdf
    Combating the Insider Threat at the FBI: Real World Lessons Learned
        US-13-Reidy-Combating-the-Insider-Threat-At-The-FBI-Slides.pdf
    Compromising Industrial Facilities From 40 Miles Away
        US-13-Apa-Compromising-Industrial-Facilities-From-40-Miles-Away-WP.pdf
        US-13-Apa-Compromising-Industrial-Facilities-From-40-Miles-Away-Slides.pdf
    CreepyDOL: Cheap, Distributed Stalking
        US-13-OConnor-CreepyDOL-Cheap-Distributed-Stalking-WP.pdf
        US-13-OConnor-CreepyDOL-Cheap-Distributed-Stalking-Slides.pdf
    Defending Networks with Incomplete Information: A Machine Learning Approach
        US-13-Pinto-Defending-Networks-with-Incomplete-Information-A-Machine-Learning-Approach-WP.pdf
        US-13-Pinto-Defending-Networks-with-Incomplete-Information-A-Machine-Learning-Approach-Slides.pdf
    End-to-End Analysis of a Domain Generating Algorithm Malware Family
        US-13-Geffner-End-To-End-Analysis-of-a-Domain-Generating-Algorithm-Malware-Family-WP.pdf
        US-13-Geffner-End-To-End-Analysis-of-a-Domain-Generating-Algorithm-Malware-Family-Slides.pdf
    Energy Fraud and Orchestrated Blackouts: Issues with Wireless Metering Protocols (wM-Bus)
        US-13-Brunschwiler-Energy-Fraud-and-Orchestrated-Blackouts-Issues-with-Wireless-Metering-Protocols-WP.pdf
        US-13-Brunschwiler-Energy-Fraud-and-Orchestrated-Blackouts-Issues-with-Wireless-Metering-Protocols-Slides.pdf
    Exploiting Network Surveillance Cameras Like a Hollywood Hacker
        US-13-Heffner-Exploiting-Network-Surveillance-Cameras-Like-A-Hollywood-Hacker-WP.pdf
        US-13-Heffner-Exploiting-Network-Surveillance-Cameras-Like-A-Hollywood-Hacker-Slides.pdf
    Evading deep inspection for fun and shell
        US-13-Opi-Evading-Deep-Inspection-for-Fun-and-Shell-WP.pdf
        US-13-Opi-Evading-Deep-Inspection-for-Fun-and-Shell-Slides.pdf
        US-13-Opi-Evading-Deep-Inspection-for-Fun-and-Shell-Code.zip
    The Factoring Dead: Preparing for the Cryptopocalypse
        us-13-Stamos-The-Factoring-Dead.pdf
    Fully Arbitrary 802.3 Packet Injection: Maximizing the Ethernet Attack Surface
        US-13-Barisani-Fully-Arbitrary-802-3-Packet-Injection-WP.pdf
        US-13-Barisani-Fully-Arbitrary-802-3-Packet-Injection-Slides.pdf
    Funderbolt: Adventures in Thunderbolt DMA Attacks
        US-13-Sevinsky-Funderbolt-Adventures-in-Thunderbolt-DMA-Attacks-Slides.pdf
    Hacking like in the Movies: Visualizing Page Tables for Local Exploitation
        US-13-Wicherski-Hacking-like-in-the-Movies-Visualizing-Page-Tables-WP.pdf
        US-13-Wicherski-Hacking-like-in-the-Movies-Visualizing-Page-Tables-Slides.pdf
        US-13-Wicherski-Hacking-like-in-the-Movies-Visualizing-Page-Tables-Pictures.zip
    Hacking, Surveilling, and Deceiving victims on Smart TV
        US-13-Lee-Hacking-Surveilling-and-Deceiving-Victims-on-Smart-TV-Slides.pdf
    Home Invasion v2.0 – Attacking Network-Controlled Hardware
        US-13-Crowley-Home-Invasion-2-0-WP.pdf
        US-13-Crowley-Home-Invasion-2-0-Slides.pdf
        US-13-Crowley-HomeInvasion2-0-Source-Code.zip
    Hot Knives Through Butter: Bypassing Automated Analysis Systems
        US-13-Singh-Hot-Knives-Through-Butter-Evading-File-based-Sandboxes-WP.pdf
        US-13-Singh-Hot-Knives-Through-Butter-Evading-File-Based-Sandboxes-Slides.pdf
    HOW CVSS is DOSsing YOUR PATCHING POLICY (and wasting your money)
        US-13-Allodi-HOW-CVSS-is-DOSsing-Your-Patching-Policy-WP.pdf
        US-13-Allodi-HOW-CVSS-is-DOSsing-Your-Patching-Policy-Slides.pdf
    How to Build a SpyPhone
        US-13-McNamee-How-To-Build-a-SpyPhone-WP.pdf
        US-13-McNamee-How-To-Build-a-SpyPhone-Slides.pdf
    How to Grow a TREE (Taint-enabled Reverse Engineering Environment) From CBASS (Cross-platform Binary Automated Symbolic-execution System)
        US-13-Li-How-to-Grow-a-TREE-Code.zip
    Hunting the Shadows: In Depth Analysis of Escalated APT Attacks
        US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-WP.pdf
        US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-Slides.pdf
    Is that a government in your network or are you just happy to see me?
        US-13-Fiterman-Is-that-a-Government-in-Your-Network-Slides.pdf
    Java Every-Days: Exploiting Software Running on 3 Billion Devices
        US-13-Gorenc-Java-Every-Days-Exploiting-Software-Running-on-3-Billion-Devices-WP.pdf
        US-13-Gorenc-Java-Every-Days-Exploiting-Software-Running-on-3-Billion-Devices-Slides.pdf
    Javascript Static Security Analysis made easy with JSPrime
        US-13-Patnaik-Javascript-Static-Security-Analysis-made-Easy-with-JSPrime-WP.pdf
        US-13-Patnaik-Javascript-Static-Security-Analysis-made-easy-with-JSPrime-Slides.pdf
    Just-In-Time Code Reuse: The more things change, the more they stay the same
        US-13-Snow-Just-In-Time-Code-Reuse-Slides.pdf
    Legal Aspects of Full Spectrum Computer Network (Active) Defense
        US-13-Clark-Legal-Aspects-of-Full-Spectrum-Computer-Network-Active-Defense-Slides.pdf
    Mactans: Injecting Malware into iOS Devices via Malicious Chargers
        US-13-Lau-Mactans-Injecting-Malware-into-iOS-Devices-via-Malicious-Chargers-WP.pdf
        US-13-Lau-Mactans-Injecting-Malware-into-iOS-Devices-via-Malicious-Chargers-Slides.pdf
    Mainframes: The Past Will Come Back to Haunt You
        US-13-Young-Mainframes-The-Past-Will-Come-Back-to-Haunt-You-WP.pdf
        US-13-Young-Mainframes-The-Past-Will-Come-Back-to-Haunt-You-Slides.pdf
    Maltego Tungsten as a collaborative attack platform
        US-13-Temmingh-Maltego-Tungsten-as-a-Collaborative-Attack-Platform-WP.pdf
        US-13-Temmingh-Maltego-Tungsten-as-a-Collaborative-Attack-Platform-Slides.pdf
    Multiplexed Wired Attack Surfaces
        US-13-Ossmann-Multiplexed-Wired-Attack-Surfaces-WP.pdf
    OptiROP: hunting for ROP gadgets in style
        US-13-Quynh-OptiROP-Hunting-for-ROP-Gadgets-in-Style-WP.pdf
    Out of Control: Demonstrating SCADA device exploitation
        US-13-Forner-Out-of-Control-Demonstrating-SCADA-WP.pdf
        US-13-Forner-Out-of-Control-Demonstrating-SCADA-Slides.pdf
    Owning the Routing Table – Part II
        US-13-Nakibly-Owning-the-Routing-Table-Part-II-WP.pdf
        US-13-Nakibly-Owning-the-Routing-Table-Part-II-Slides.pdf
    Pass-The-Hash 2: The Admin’s Revenge
        US-13-Duckwall-Pass-the-Hash-WP.pdf
        US-13-Duckwall-Pass-the-Hash-Slides.pdf
        US-13-Duckwall-Pass-The-Hash-2-The-Admins-Revenge-Code.zip
    Pixel Perfect Timing Attacks with HTML5
        US-13-Stone-Pixel-Perfect-Timing-Attacks-with-HTML5-WP.pdf
    Post Exploitation Operations with Cloud Synchronization Services
        US-13-Williams-Post-Exploitation-Operations-with-Cloud-Synchronization-Services-WP.pdf
        US-13-Williams-Post-Exploitation-Operations-with-Cloud-Synchronization-Services-Slides.pdf
    Power Analysis Attacks for Cheapskates
        US-13-OFlynn-Power-Analysis-Attacks-for-Cheapskates-WP.pdf
        US-13-OFlynn-Power-Analysis-Attacks-for-Cheapskates-Slides.pdf
    Predicting Susceptibility to Social Bots on Twitter
        US-13-Sumner-Predicting-Susceptibility-to-Social-Bots-on-Twitter-Slides.pdf
    Press ROOT to continue: Detecting OSX and Windows bootkits with RDFU
        US-13-Vuksan-Press-ROOT-to-Continue-Detecting-MacOS-and-Windows-Bootkits-with-RDFU-WP.pdf
        US-13-Vuksan-Press-ROOT-to-Continue-Detecting-MacOS-and-Windows-Bootkits-with-RDFU-Slides.pdf
    Revealing Embedded Fingerprints: Deriving intelligence from USB stack interactions
        US-13-Davis-Deriving-Intelligence-From-USB-Stack-Interactions-Slides.pdf
    RFID Hacking: Live Free or RFID Hard
        US-13-Brown-RFID-Hacking-Live-Free-or-RFID-Hard-Slides.pdf
        US-13-Brown-RFID-Hacking-Live-Free-or-RFID-Hard-Code.zip
    The SCADA That Didn’t Cry Wolf- Who’s Really Attacking Your ICS Devices- Part Deux!
        US-13-Wilhoit-The-SCADA-That-Didnt-Cry-Wolf-Whos-Really-Attacking-Your-ICS-Devices-Slides.pdf
    Smashing The Font Scaler Engine in Windows Kernel
        US-13-Chan-Smashing-The-Font-Scaler-Engine-in-Windows-Kernel-WP.pdf
        US-13-Chan-Smashing-The-Font-Scaler-Engine-in-Windows-Kernel-Slides.pdf
    SSL, gone in 30 seconds – a BREACH beyond CRIME
        US-13-Prado-SSL-Gone-in-30-seconds-A-BREACH-beyond-CRIME-WP.pdf
        US-13-Prado-SSL-Gone-in-30-seconds-A-BREACH-beyond-CRIME-Slides.pdf
    TLS ‘secrets’
        US-13-Daigniere-TLS-Secrets-WP.pdf
        US-13-Daigniere-TLS-Secrets-Slides.pdf
    UART THOU MAD?
        US-13-Kohlenberg-UART-Thou-Mad-WP.pdf
        US-13-Kohlenberg-UART-Thou-Mad-Slides.pdf
    Universal DDoS Mitigation Bypass
        US-13-Lee-Universal-DDoS-Mitigation-Bypass-WP.pdf
        US-13-Lee-Universal-DDoS-Mitigation-Bypass-Slides.pdf
        US-13-Lee-Universal-DDoS-Mitigation-Bypass-Code.zip
    USING ONLINE ACTIVITY AS DIGITAL FINGERPRINTS TO CREATE A BETTER SPEAR PHISHER
        US-13-Espinhara-Using-Online-Activity-As-Digital-Fingerprints-WP.pdf
        US-13-Espinhara-Using-Online-Activity-As-Digital-Fingerprints-Slides.pdf
    Virtual Deobfuscator – a DARPA Cyber Fast Track funded effort
        US-13-Raber-Virtual-Deobfuscator-A-DARPA-Cyber-Fast-Track-Funded-Effort-WP.pdf
        US-13-Raber-Virtual-Deobfuscator-A-DARPA-Cyber-Fast-Track-Funded-Effort-Slides.pdf
        US-13-Raber-Virtual-Deobfuscator-A-DARPA-Cyber-Fast-Track-Funded-Effort-Code.zip
    What’s on the Wire? Physical Layer Tapping with Project Daisho
        US-13-Spill-Whats-on-the-Wire-WP.pdf
        US-13-Spill-Whats-on-the-Wire-Slides.pdf
    With BIGDATA comes BIG responsibility: Practical exploiting of MDX injections
        US-13-Chastuhin-With-BIGDATA-comes-BIG-responsibility-WP.pdf
        US-13-Chastuhin-With-BIGDATA-comes-BIG-responsibility-Slides.pdf
    ‘) UNION SELECT `This_Talk` AS (‘New Optimization and Obfuscation Techniques’)
        US-13-Salgado-SQLi-Optimization-and-Obfuscation-Techniques-WP.pdf
        US-13-Salgado-SQLi-Optimization-and-Obfuscation-Techniques-Slides.pdf
    Embedded Devices Security and Firmware Reverse Engineering
        US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-WP.pdf
        US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-Slides.pdf
    JTAGulator: Assisted discovery of on-chip debug interfaces
        US-13-Grand-JTAGulator-Assisted-Discovery-of-On-Chip-Debug-Interfaces-Slides.pdf
        US-13-Grand-JTAGulator-Assisted-Discovery-of-On-Chip-Debug-Interfaces-Code.zip
    Methodologies for Hacking Embedded Security Appliances
        US-13-Bathurst-Methodologies-for-Hacking-Embdded-Security-Appliances-Slides.pdf
    Mo Malware Mo Problems – Cuckoo Sandbox to the rescue
        US-13-Bremer-Mo-Malware-Mo-Problems-Cuckoo-Sandbox-WP.pdf
        US-13-Bremer-Mo-Malware-Mo-Problems-Cuckoo-Sandbox-Slides.pdf
    PDF Attack: A Journey from the Exploit Kit to the shellcode
        US-13-Esparza-PDF-Attack-A-journey-from-the-Exploit-Kit-Slides.pdf
        US-13-Esparza-PDF-Attack-A-journey-from-the-Exploit-Kit-Slides-Source.zip
    Practical Pentesting of ERPs and Business Applications
        US-13-Polyakov-Practical-Pentesting-of-ERPs-and-Business-Applications-WP.pdf
        US-13-Polyakov-Practical-Pentesting-of-ERPs-and-Business-Applications-Slides.pdf
    Abusing Web APIs Through Scripted Android Applications
        US-13-Peck-Abusing-Web-APIs-Through-Scripted-Android-Applications-WP.pdf
        US-13-Peck-Abusing-Web-APIs-Through-Scripted-Android-Applications-Slides.pdf
    Beyond the Application: Cellular Privacy Regulation Space
        US-13-Dudley-Beyond-the-Application-Cellular-Privacy-Regulatory-Space-WP.pdf
        US-13-Dudley-Beyond-the-Application-Cellular-Privacy-Regulatory-Space-Slides.pdf
    Clickjacking Revisited: A Perceptual View of UI Security
        US-13-Akhawe-Clickjacking-Revisited-A-Perceptual-View-of-UI-Security-Slides.pdf
    CMX: IEEE Clean File Metadata Exchange
        US-13-Kennedy-CMX-IEEE-Clean-File-Metadata-Exchange-WP.pdf
    CrowdSource: An Open Source, Crowd Trained Machine Learning Model for Malware Capability Detection
        US-13-Saxe-CrowdSource-An-Open-Source-Crowd-Trained-Machine-Learning-Model-Slides.pdf
    Denial of Service as a Service – asymmetrical warfare at its finest
        US-13-Masse-Denial-of-Service-as-a-Service-Slides.pdf
    Denying service to DDOS protection services
        US-13-Nixon-Denying-Service-to-DDOS-Protection-Services-WP.pdf
        US-13-Nixon-Denying-Service-to-DDOS-Protection-Services-Slides.pdf
    LTE BOOMS WITH VULNERABILITIES
        US-13-Gupta-LTE-Booms-withVulnerabilities-WP.pdf
    Malicious File for Exploiting Forensic Software
        US-13-Haruyama-Malicous-File-For-Exploiting-Forensic-Software-Slides.pdf
    Mobile Malware: Why the traditional AV paradigm is doomed and how to use physics to detect undesirable routines
        US-13-Stewart-Mobile-Malware-Why-the-Traditional-AV-Paradigm-is-Doomed-WP.pdf
        US-13-Stewart-Mobile-Malware-Why-the-Traditional-AV-Paradigm-is-Doomed-Slides.pdf
    New Trends in FastFlux Networks
        US-13-Xu-New-Trends-in-FastFlux-Networks-WP.pdf
        US-13-Xu-New-Trends-in-FastFlux-Networks-Slides.pdf
    OPSEC failures of spies
        US-13-Cole-OPSEC-Failures-of-Spies-Slides.pdf
    Password Hashing: the Future is Now
        US-13-Aumasson-Password-Hashing-the-Future-is-Now-WP.pdf
        US-13-Aumasson-Password-Hashing-the-Future-is-Now-Slides.pdf
    Shattering Illusions in Lock-Free Worlds: Compiler/Hardware Behaviors in OSes and VMs
        us-13-Blanchou-Shattering-Illusions-in-Lock-Free-Worlds.pdf
    TOR… ALL-THE-THINGS!
        US-13-Geffner-Tor…-All-The-Things-WP.pdf
        US-13-Geffner-Tor…-All-The-Things-Slides.pdf
    Truncating TLS Connections to Violate Beliefs in Web Applications
        US-13-Smyth-Truncating-TLS-Connections-to-Violate-Beliefs-in-Web-Applications-WP.pdf
        US-13-Smyth-Truncating-TLS-Connections-to-Violate-Beliefs-in-Web-Applications-Slides.pdf
    The Web IS Vulnerable: XSS Defense on the BattleFront
        US-13-Wroblewski-The-Web-IS-Vulnerable-XSS-Defense-on-the-Battle-Front-Slides.pdf
        US-13-Wroblewski-The-Web-IS-Vulnerable-XSS-Defense-on-the-BattleFront-Code.zip

Edited by hate.me
  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...