DeepSec 2014 Nov. 18, 2014 to Nov. 21, 2014, Vienna,Austria

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Hacking web applications – case studies of award-winning bugs in Google, Yahoo, Mozilla and more Dawid Czagan Have you ever thought of hacking web applications for fun and profit? How about playing ...
IPv6 Attacks and Defenses - A Hands-on Workshop Enno Rey IPv6 deployment is rising every single day; Specifically, according to the statistics and the trends ...
Understanding x86-64 Assembly for Reverse Engineering and Exploits Xeno Kovah This two-day class helps you bootstrap into the areas of reverse engineering, vulnerability exploitation, operating ...
Mobile Application – Scan, Attack and Exploit Hemil Shah Mobile application hacking and its security is becoming a major concern in today’s world specially ...
Powershell for Penetration Testers Nikhil Mittal PowerShell has changed the way how Windows is used, secured and also the way Windows ...
Suricata Training Event Victor Julien Suricata is a high performance Network IDS, IPS, and Network Security Monitoring engine. Open-source and ...
Welcome To DeepSec 2014 René Pfeiffer , Michael Kafka The DeepSec organisation team welcomes you to the DeepSec 2014 conference.
The Measured CSO Alex Hutton One of the most significant changes technology has wrought over the last decade is the ... IncludeThinkstScapes
On the Effectiveness of Full-ASLR on 64-bit Linux Hector Marco Address-Space Layout Randomization (ASLR) is a technique used to thwart attacks which relies on knowing ...
A Tale of an Unbreakable, Context-specific XSS Sanitizer Ashar Javed Cross-Site Scripting - `An epidemic` nowadays, developers' nightmare, but my love. This talk will present ...
Java's SSLSocket: How Bad APIs Compromise Security Georg Lukas Internet security is hard. TLS is almost impossible. Implementing TLS correctly in Java is "Nightmare!". ...
Addressing the Skills Gap Colin Mclean Mark Weatherford of the US Department of Homeland Security has stated “The lack of people ...
A Myth or Reality – BIOS-based Hypervisor Threat Information Security Specialist The talk is a status report of BIOS-based hypervisor research. Our guest information security scientist ...
Safer Six - IPv6 Security in a Nutshell Johanna Ullrich The history of computers is full of underestimation: 640 kilobyte, 2-digit years, and 32-bit Internet ...
Reliable EMET Exploitation René Freingruber The Enhanced Mitigation Experience Toolkit (EMET) is an application developed by Microsoft which adds an ...
MLD Considered Harmful - Breaking Another IPv6 Subprotocol Enno Rey , Antonios Atlasis , Jayson Salazar Multicast Listener Discovery (MLD) and its successor, MLDv2, is a protocol of the IPv6 suite ...
Trusting Your Cloud Provider. Protecting Private Virtual Machines. Armin Simma SECRETS: My talk is first and foremost about secrets. Most people refer to data at ...
The IPv6 Snort Plugin Martin Schütte There are still very few tools to defend against IPv6 related attacks. To improve this ...
An innovative and comprehensive Framework for Social Vulnerability Assessment Enrico Frumento As anyone probably knows nowadays spear-phishing is probably the most effective threat, and it is ...
Bending and Twisting Networks Paul Coggin Learn about network attack vectors that an adversary can use to control, and influence network ...
Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks Juraj Somorovsky As a countermeasure against the famous Bleichenbacher attack on RSA based ciphersuites, all TLS RFCs ...
Cognitive Bias and Critical Thinking in Open Source Intelligence (OSINT) Benjamin Brown When gathering open source data and transforming it into actionable intelligence, it is critical to ... IncludeThinkstScapes
Build Yourself a Risk Assessment Tool Vlado Luknar Risk assessment should reflect the overall security knowledge and experience accumulated over the years in ...
Mobile SSL Failures Tushar Dalvi , Tony Trummer Mobile SSL Failures Failure to validate Certificate Authorities - Approximately 40 well-known apps Failure to ...
Cyber Security Information Sharing Oscar serrano Serrano Organizations operate increasingly in a coalition and federated environment and the necessity of relying on ...
TextSecure and RedPhone-bring them to iOS Christine Corbett I will talk about Open WhisperSystems iOS efforts, including a general overview of the protocols ...
Advanced Powershell Threat: Lethal Client Side Attacks using Powershell Nikhil Mittal APT - A buzzword which refuses to die. Lets have some fun with it, lets ...
SAP BusinessObjects Attacks: Espionage and Poisoning of Business Intelligence platforms Juan Perez-etchegoyen Business executives make their strategic decisions and report on their performance based on the information ...
SENTER Sandman: Using Intel TXT to Attack BIOSes Xeno Kovah At CanSecWest 2014 we presented the first prototype of Copernicus 2, a trustworthy BIOS capture ...
Why IT Security Is Fucked Up And What We Can Do About It Stefan Schumacher IT Security is in a miserable state. The problems have been discussed again and again ...
The prime Suspect is the Butler cause he holds all the “Keys” Sergio Santos , Jesús Torres In recent years many efforts have been invested in the detection of malicious mobile applications ...
Trap a Spam-Bot for Fun and Profit Attila Marosi The most of honeypot systems pretend that they are vulnerable or badly confirured systems in ...
CERT.at's Daily Business in a Nutshell Christian Wojner This talk provides exclusive insights in the daily business of the national computer emergency response ...
Cloud-based Data Validation patterns… We need a new approach! Geoffrey Hill Current methodology in nearly every organisation is to create data validation gates. But when an ...
Why Antivirus Software fails Daniel Sauder Based on my work about antivirus evasion techniques (see link below), I started using antivirus ...
Creating a kewl and simple Cheating Platform on Android Milan Gabor , Danijel Grah Number of mobile applications is rising and Android still holds large market share. As these ...
Memory Forensics and Security Analytics : Detecting Unknown Malware Fahad Ehsan The main purpose of the presentation is to show the audience how open-source tools can ...
Security Operations: Moving to a Narrative-Driven Model Josh Goldfarb The current security operations model is an alert-driven one. Alerts contain a snapshot of a ...