deepsec 2017 Nov. 14, 2017 to Nov. 17, 2017, vienna,austria

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Advanced Penetration Testing In The Real World (closed) Davy Douhine , Guillaume Lopes A 2 days 100% “hands-on” workshop. Main topics: Buffer overflow 101: Find and exploit buffer ...
How To Be A Ghost Jean Yav , Rhett Greenhagen In the security community, most threat researchers are conducting research in an insecure and time-consuming ...
Hunting The Adversary: Developing And Using Threat Intelligence John Bambenek Traditional security defense tools are increasingly unable to protect against emerging and current attacks. The ...
Open Source Defensive Security (closed) Leszek Miś Open Source Defensive Security Training is an Open Source IT Security laboratory dedicated to professionals ...
SAP CTF Pentest : From Outside To Company Salaries Tampering (closed) Yvan Genuer SAP is no longer an unknown black box for the security community and SAP products ...
Smart Lockpicking - Hands-on Exploiting Contemporary Locks and Access Control Systems Slawomir Jasek There is no doubt electronic locks are among the most profitable smart devices to attack. ...
Workshop On Advanced Social Engineering (closed) Dominique C. Brack For the first time Dominique Brack, the author of the Social Engineering Engagement Framework (SEEF), ...
Mobile App Attack Sneha Rajguru Mobiles Apps are the most preferred way of delivering attacks today. Understanding the finer details ...
The ARM IoT Exploit Laboratory (Three-Day Workshop) (closed) Saumil Udayan Shah NOTE: This is a Three-Day Workshop, starting on the 13th of November, one day earlier ...
Social Science First! Jessica Barker Bruce Schneier popularised the concept in 1999: cyber security is about people, process and technology. ...
Don't Let The Cuteness Fool You - Exploiting IoT's MQTT Protocol Dalmoz "Connect all the things!" - for some time now, this is the main theme when ...
Paying The Price For Disruption: A FinTech Allowed Account Takeover Tilo Muller , Dominik Maier , Vincent Haupert In this paper, we look at N26, a pan-European banking startup and the poster child ...
Next-Gen Mirai Fabian Bräunlein , Balthasar Martin Badly secured embedded devices enabled the largest DDoS attack on critical networks seen to date: ...
A Survey On Automated Dynamic Malware Analysis Evasion And Counter-Evasion: PC, Mobile, And Web Alexei Bulazel , Bülent Yener Automated dynamic malware analysis systems are important in combating the proliferation of modern malware. Unfortunately, ...
XFLTReaT: A New Dimension In Tunnelling Balazs Bucsay This presentation will sum up how to do tunnelling with different protocols and will feature ...
Lock, Stock And Two Smoking Apples - XNU Kernel Security Alex Plaskett , James Loureiro This talk will aim to cover the research which has been undertaken following on from ...
Dynamic Loader Oriented Programming On Linux Claudia Eckert , Thomas Kittel , Julian Kirsch , Bruno Bierbaumer Memory corruptions are still the most prominent venue to attack otherwise secure programs. In order ...
Behavior Based Secure And Resilient System Development Muhammad Taimoor Khan We introduce a design methodology to develop reliable and secure systems based on their functional ...
ML Clustering Attacks: A Walk outside the Lab Gilad Yehudai A lot of research was done about clustering attacks of different types using many Machine ...
Reverse Engineering a Code without the Code Jean-louis Lanet Retrieving assets inside a secure element is a challenging task. The most attractive assets are ...
A Song of Botnets and Power: Blackout is coming Adrian ( atrox ) Dabrowski Power grids are a prime example of large-scale decentralized critical infrastructure pre-dating modern telecommunication by ...
Who Hid My Desktop – Deep Dive Into hVNC Or Safran , Pavel Asinovsky Since the past decade, financial institutions are increasingly faced with the problem of malware stealing ...
Insecurity In Information Technology Tanya Janca A lot is expected of software developers these days; they are expected to be experts ...
How To Hide Your Browser 0-days: Free Offense And Defense Tips Included Zoltan Balazs Zero-day exploits targeting browsers are usually very short-lived. These zero-days are actively gathered and analyzed ...
Repairing The internet With Responsible Disclosures Victor Gevers In 2016 a non-profit organization, GDI.foundation, operated by volunteers, started reporting vulnerabilities as responsible disclosures ...
Malware Analysis: A Machine Learning Approach Chiheb Chebbi Threats are a growing problem for people and organizations across the globe.With millions of malicious ...
PeopleSoft: Hack The Planet's Universities Dmitry Yudin The PeopleSoft Campus Solutions is used in more than 1000 universities worldwide. In this presentation ...
Skip Tracing For Fun And Profit Rhett Greenhagen This talk covers skip tracing TTPs and countermeasures in the digital and human domains. The ...
The Future of the Internet Josh Pyorre Where are we headed with all our things as they become connected to the internet? ...
Uncovering And Visualizing Botnet Infrastructure And Behavior Josh Pyorre , Andrea Scarfo How much information about a botnet can one find using a single IP address, domain ...
Intel AMT: Using & Abusing The Ghost In The Machine Parth Shukla Come see how Intel AMT can be used to completely own a modern machine permanently ...
Normal Permissions In Android: An Audiovisual Deception Constantinos Patsakis Marshmallow was a significant revision for Android. Among the new fea- tures that were introduced ...
Out-Of-Order Execution As A Cross-VM Side Channel And Other Applications Sophia D’antoine , Jeremy Blackthorne , Bülent Yener Given the rise in popularity of cloud computing and platform-as-a- service, vulnerabilities, inherent to systems ...
Hacking The Brain For Fun And Profit Stefan Hager When we're talking and thinking about security, we very often have a rather fixed mindset ...
Forensic Accounting – The What, Why And How Ulrike Hugl As of late, Forensic Accounting seems to be the fastest growing area of accounting. The ...
On The (In-)Security Of JavaScript Object Signing and Encryption Juraj Somorovsky , Jörg Schwenk , Christian Mainka , Vladislav Mladenov , Dennis Detering JavaScript Object Notation (JSON) has evolved to the de- facto standard file format in the ...
Making Security Awareness Measurable Stefan Schumacher Security awareness campaigns aim at educating and training your workforce with regards to IT security. ...
I Wrote my Own Ransomware; Did Not Make 1 Iota Of A Bitcoin Thomas Fischer 2016 saw a substantial rise in ransomware attacks and in some cases the return of ...
Cloud Of Suspicion: Scaling Up Phishing Campaigns Using Google Apps Scripts Maor Bin Google Apps Scripts is a JavaScript cloud scripting language that provides easy ways to automate ...
BITSInject - Control Your BITS, Get SYSTEM Dor Azouri Windows’ BITS service is a middleman for your download jobs. You start a BITS job, ...
Security Analysis Of The Telegram IM Josef Kokeš , Tomas Susanka Telegram is a popular instant messaging service, a self-described fast and secure solution. It introduces ...
How Secure Are Your VoLTE And VoWiFi Calls? Sreepriya Chalakkal Voice over LTE (VoLTE) as well as Voice over WiFi (VoWiFi) are variants of Voice ...
Essential Infrastructure Interdependencies: Would We Be Prepared For Significant Interruptions? Herbert Saurugg Cyber Security and Critical Infrastructure Protection (CIP) are major topics almost everywhere. Its priority has ...
BitCracker: BitLocker Meets GPUs Elena Agostini BitLocker is a full-disk encryption feature available in recent Windows versions. It is designed to ...
Bypassing Web Application Firewalls Khalil Bijjou This talk will teach you how to attack applications secured by a WAF. The presenter ...
OpenDXL In Active Response Scenarios Tarmo Randel Automating response to cyber security incidents is the trend which is - considering increasing amount ...
How I Rob Banks Freakyclown A light-hearted trip through security failures both physical and electronic that have enabled me over ...
Securing The Darknet Jens Kubieziel Tor's Onion Services are often labeled as "The Darknet". The place where people can do ...
A Story Of A Vulnerability: How To Execute Code On A Forensic Workstation Wolfgang Ettlinger EnCase Forensic Imager is a tool used by forensic investigators to gather evidence from storage ...