DeepSec 2007 Nov. 20, 2007 to Nov. 23, 2007, Vienna,Austria

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Windows Heap Protection: Bypassing requires understanding Dave Aitel Introduction "Heap exploits are dead. Heap exploits remain dead. And we have killed them." Sending ...
Oracle Security: Orasploit Alexander Kornbrust Orasploit is an Oracle exploit framework which automatically exploits vulnerabilities in Oracle databases. With orasploit ...
Naked Security : The State of the Application Security Industry Mark Curphey If you follow the popular press you may think that the only thing to worry ...
Browser Hijacking Daniel Fabian Current XSS attacks make use of the document object model to steal session credentials from ...
Practical VOIP/SIP Hacking Klaus Darilion This training teaches you how you can hack typical SIP provider setups. For this, we ...
A Discussion on Memory-Resident Backdoors in Oracle David Litchfield Oracle "rootkits", in other words backdoors, have been discussed in the past but none that ...
Breaking and Securing Web Applications Nitesh Dhanjani The application layer exposes an organization to a huge attack surface. A single coding error ...
Carmen, Rogue Web Server Simon Roses Femerling Carmen is a unique web server written 100% in python that covers the gap in ...
Flash Security Basics Fukami The lecture will give an overview over the history of Flash/ActionScript, its capabilities, object and ...
Collecting and Managing Accumulated Malware Automatically Georg Wicherski With the nepenthes Platform, we are able to collect malware autonomously. Centrally collecting this malware ...
Intercepting GSM traffic Steve This talk is about GSM security. We will explain the security, technology and protocols of ...
Automated structural classification of malware Halvar Flake Malware authors are changing: In the past, their motivation was fame, nowadays it is mostly ...
Destructive Data - Designing Inputs That Make Software Fail Heikki Kortti What makes software fail? This talk describes techniques for creating effective malicious inputs designed to ...
New Security Model of Bluetooth 2.1 Marcel Holtmann The security architecture of Bluetooth changes a lot with the upcoming Bluetooth 2.1 specification. This ...
Reasonable Disclosure Jeff ( Dark Tangent ) Moss N/A
Securing Networked Infrastructure through Seven Layers of Insecurity Michael Kafka , René Pfeiffer The training addresses the basics of security from the viewpoint of the network and networked ...
Fuzzing and Exploiting Wireless Drivers Clemens Kolbitsch , Sylvester Keil This paper documents the process of identifying potential vulnerabilities in IEEE 802.11 device drivers through ...
Audit of the RFID ePassport and the concepts Lukas Grunwald After some introduction to the RFID technology and security risks, a deep technical overview of ...
SAP (In)Security Mariano Croce This training is aimed to dive into the world of SAP security. You will learn ...
Attacking the Giants: Exploiting SAP Internals Mariano Croce The SAP Remote Function Call (RFC) Interface is the heart of communications between SAP systems, ...
The Three Faces of CSRF Martin Johns Even though Cross Site Request Forgery (CSRF) vulnerabilities have made it into the OWASP Top ...
The RFID Guardian Melanie Rieback This talk will present the design and implementation of the RFID Guardian, the first-ever unified ...
Hijacking Virtual Machine Execution for Fun and Profit Nguyen Anh Quynh In general Virtual machine (VM) technology can guarantee strong isolation between VMs, so even if ...
kNAC! Ofir Arkin Network admission control (NAC), network access protection (NAP), network access control (NAC), and many other ...
The Business Case for removing your perimeter Paul Simmonds The days of the corporate network, completely isolated with a well secured outer shell are ...
the many dimensions of security in eVoting Peter Purgathofer various forms of eVoting are quickly becoming a hot item everywhere. while some societies bet ...
Doppelgänger - novel protection against unknown file format vulnerabilities Rich Smith The presentation intends to discuss the development of a general technique for protection against unknown ...
Disruptive modernization of legacy systems Shalom Carmel The talk will demonstrate, by using IBM system i as an example, the disruptive effect ...
Web 2.0 Application Kung-Fu - Securing Ajax & Web Services Shreeraj Shah With Web 2.0 applications being adopted by businesses at a very quick pace, security concerns ...
Web Hacking Training Shreeraj Shah A growing concern has been Web application security Web and application servers are the target ...
Are the vendors listening? Simon Howard Are vendors listening to the security community? Security researchers have been presenting techniques to bypass ...
Observing the Tidal Waves of Malware Stefano Zanero In this talk we will address the main challenges to be solved in order to ...
Security -- an Obstacle for large-scale Projects and eGovernment? Thomas Maus This talk tries to take up again a thread, which was completely lost in the ...