Deepsec 2016 Nov. 8, 2016 to Nov. 11, 2016, vienna,austria

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Deploying Secure Applications with TLS (closed) Juraj Somorovsky Transport Layer Security (TLS) is the most important cryptographic protocol on the Internet. It is ...
Do-It-Yourself Patching: Writing Your Own Micropatch (closed) Mitja Kolsek The current state of updating software – be it operating systems, applications or appliances - ...
Hacking Web Applications: Case Studies of Award-winning Bugs in Google, Yahoo, Mozilla and more Dawid Czagan Have you ever thought of hacking web applications for fun and profit? How about playing ...
IoT Hacking: Linux Embedded, Bluetooth Smart, KNX Home Automation Slawomir Jasek The workshop consists of several modules: 1. Linux embedded Linux embedded is probably the most ...
Offensive iOS Exploitation Marco Lancini This is an exercise-driven training course that uses detailed tutorials to guide the attendee through ...
Hands on Hacking with the WiFi Pineapple, USB Rubber Ducky and LAN Turtle (closed) Robin Wood , Sebastian Kinne , Darren Kitchen From wireless fundamentals to physical access security, man-in-the-middle attacks and precision WiFi exploitation, this workshop ...
Offensive PowerShell for Red and Blue Teams (closed) Nikhil Mittal Penetration Tests and Red Team operations for secured environments need altered approaches. You cannot afford ...
Fundamentals of Routing and Switching from a Blue and Red Team Perspective (sold out) Paul Coggin In this intense 2 day workshop, students will learn the fundamentals of routing and switching ...
Penetration Testing Humans (closed) Cyni Winegard , Bethany Ward Social engineering is quickly becoming more prevalent in the infosec industry. Users are becoming more ...
Secure Web Development (closed) Marcus Niemietz This training focuses on how to attack and defend websites from the perspective of a ...
Opening Michael Kafka , René Pfeiffer Opening Ceremony. 10 Years of DeepSec In-Depth Security Conference.
Keynote: Security in my Rear-View Mirror Marcus J. Ranum Everything that's old is new again, and if you work in security long enough, you'll ...
Advanced Concepts for SMM Malware Sebastian Schrittwieser , Julian Rauchberger Hiding malware inside the BIOS/UEFI of a computer has long been deemed a theoretical threat ...
When your Firewall turns against you Raschin Tavakoli , René Freingruber This talk will demonstrate how attackers can compromise a company's network via their firewall system. ...
Brace Yourselves - Exploit Automation is Coming! Andreas Follner After W^X/DEP was widely adopted, taking away the fun of simple code injection attacks, return-oriented ...
Why Companies Must Control Their Data in the Era of IoT - and How To Kurt Kammerer Any company's dilemma is the need for data sharing in the era of IoT while ...
Go Hack Yourself…Or Someone Else Will Frans Rosén Regardless of what type of programming language you work with, business flaws that could expose ...
HSTS and Cookie Side-Channels: Stealing Browser History Adrian ( atrox ) Dabrowski In this talk we show that HSTS headers and long-term cookies (like those used for ...
Systematic Fuzzing and Testing of TLS Libraries Juraj Somorovsky We present TLS-Attacker, a novel framework for evaluating the security of TLS libraries. Using a ...
Of Mice and Keyboards: On the Security of Modern Wireless Desktop Sets Gerhard Klostermeier Wireless desktop sets consisting of a wireless mouse, a wireless keyboard, and a USB dongle ...
Fuzzing Remote Interfaces for System Services in Android Alexandru Blanda System services represent one of the core components in Android, implementing many fundamental Android features ...
I Thought I Saw a |-|4><0.- Thomas Fischer Threat Hunting refers to proactively and iteratively searching through networks or datasets to detect and ...
badGPO - Using GPOs for Persistence and Lateral Movement Yves Kraft , Immanuel Willi Group Policy is a feature which provides centralized management and configuration functions for the Microsoft ...
Security and Privacy in the Current E-Mobility Charging Infrastructure Achim 'ahzf' Friedland Smart and electric mobility is an emerging market and thus an interesting area of research ...
DROWN: Breaking TLS using SSLv2 Nimrod Aviram We present DROWN, a novel cross-protocol attack on TLS that uses a server supporting SSLv2 ...
Human vs Artificial intelligence – Battle of Trust Hemil Shah In this era of complex evolution, application technologies have adapted HTML5, WebSockets, APIs, Frameworks, Dynamic ...
Inside Stegosploit Saumil Udayan Shah Stegosploit creates a new way to encode "drive-by" browser exploits and delivers them through image ...
Malicious Hypervisor Threat – Phase Two: How to Catch the Hypervisor Mikhail a. Utin In our 2014 presentation we proved that the threat of Malicious Hypervisor (MH) is a ...
Java Deserialization Vulnerabilities - The Forgotten Bug Class Matthias Kaiser Java deserialization vulnerabilities are a bug class of its own. Although several security researchers have ...
TLS 1.3: Lessons Learned from Implementing and Deploying the Latest Protocol Nick Sullivan Version 1.3 is the latest Transport Layer Security (TLS) protocol, which allows client/server applications to ...
The Perfect Door and The Ideal Padlock Deviant Ollam You have spent lots of money on a high-grade pick-resistant lock for your door. Your ...
Obfuscated Financial Fraud Android Malware: Detection And Behavior Tracking Inseung Yang In Korea in particular, hackers have distributed sophisticated and complex financial fraud android malware through ...
Machine Duping: Pwning Deep Learning Systems Clarence Chio Deep learning and neural networks have gained incredible popularity in recent years. The technology has ...
Exploiting First Hop Protocols to Own the Network Paul Coggin This talk will focus on how to exploit a network by targeting the various first ...
AMSI: How Windows 10 Plans To Stop Script Based Attacks and How Good It Does That Nikhil Mittal In Windows 10, Microsoft introduced the AntiMalware Scan Interface (AMSI), which is designed to target ...
CSP Is Dead, Long Live Strict CSP! Lukas Weichselbaum Content Security Policy (CSP) is a defense-in-depth mechanism to restrict resources that can be loaded, ...
802.11 Complexity. An Introduction to 802.11 Protocol Chaos Andres Blanco Over the last few years, IEEE 802.11 standard for wireless connectivity usage has turned massive. ...
Behavioral Analysis from DNS and Network Traffic Josh Pyorre Multiple methods exist for detecting malicious activity in a network, including intrusion detection, anti-virus and ...
Advanced SSH Leyrer , Maclemon Productivity- and Security Tipps for SSH -- Tips and tricks for a more efficient and ...
Smart Sheriff, Dumb Idea: The Wild West of Government Assisted Parenting Abraham Aranguren , Fabian Fäßler Would you want to let your kids discover the darker corners of the internet without ...
Protecting Against Tomorrow's Adversaries - Post-Quantum Cryptography Hanno Böck Quantum Computers could endanger almost all cryptosystems that are in use today. While it's unclear ...
Social Engineering The Most Underestimated APT – Hacking the Human Operating System Dominique C. Brack The content I am going to share is brand-new and has been developed over the ...
Where Should I Host My Malware? Attila Marosi Malicious actors always try to abuse badly configured devices, since this is the "cheapest" solution. ...
Assessing the Hacking Capabilities of Institutional and Non-institutional Players Stefan Schumacher Cyberwar, Cyberterror and Cybercrime have been buzzwords for several years now. Despite the problem of ...
COVER YOUR SAAS: Protecting Your Cloud With Analytics and Machine Learning Ian Thornton-trump The more intelligence you have, the greater the chance you can find your bad guy. ...