Blackhat USA 2004 July 1, 2004 to July 1, 2004, Las Vegas, USA

Event Page

Tell us about missing data
Title Speakers Summary Topic Types
Vice - Catch The Hookers Greg Hoglund , Jamie Butler Security
Phishing & Committing Fraud In Public Phillip Hallam-baker In late 2003 the rate of phishing fraud suddenly began to escalate leading to widespread ... Security Media Phishing
Google Attacks Patrick Chambet How knows that Google is a powerful attack tool for pen-testers but also for other ... Security
Cyber Jihad And The Globalization Of Warfare: Computer Networks As A Battle Ground In The Middle East And Beyond Peter Feaver This briefing addresses the world's first global Internet war: the cyber skirmishes associated with the ... Security
Managing Election Data: The California Recall Bev Harris The California recall election, held October 7, 2003, was controversial on a number of levels. ... Security Analysis Legal
Introduction To The Global Security Syndicate Travis Schack The Global Security Syndicate (GSS),, is a not for profit group of security professionals ... Security Community
Evasion And Detection Of Web Application Attacks K. K. Mookhey Intrusion detection systems that work at the application layer appear to be the next new ... Security Web
Tracking Prey In The Cyberforest Brian Wotring No matter where we go online or in the real world, we are being tracked.  ... Security Web
Web Application Session Strength Michael Shema Web applications handle user session management in a variety of ways and levels of security. ... Security Web
A Comparison Of Buffer Overflow Prevention Implementations And Weaknesses Richard Johnson Buffer overflows are historically the most commonly exploited software vulnerability in the security world. The ... Security Buffer Overflows
Advanced Return Address Discovery Using Context-Aware Machine Code Emulation Derek Soeder , Ryan Permeh , Yuji Ukai Payloads intended to execute attacker-provided code typically require a static address of code already existing ... Security
Ike-Test - Testing Ike Implementations Ralf Spenneberg The IKE protocol is the key protocol in modern VPN solutions based on IPsec. It ... Security Testing
Next Generation Application Proxies: What Check Point &Amp; Netscreen Understand But Are Afraid To Admit Andrew Stevens Great confusion has set in over the last 18 to 24 months around the role ... Security Firewall
Cryptographic Port-Knocking David Worth Port-knocking has recently become a popular concept, and a common source of discussion. Many groups and ... Security
Panelweb Application Security Crossfire: Different Views On Web Application Security Moderator:david Rhoades , Paul E. Proctor , Frank Lam As a result of insecure custom application code and unpatched web servers, web application security ... Security Web
Thinking Outside The Box–Embracing Globalization Paul Simmonds The days of the corporate network, completely isolated with a well-secured outer shell are long ... Security
Managing Msie Security In Corporate Networks By Creating Custom Internet Zones Patrick Chambet Everyone is aware of MSIE vulnerabilities (real or potential), but a great number of administrators ... Security
Program Semantics-Aware Intrusion Detection Tzi-cker Chiueh One of the most dangerous cybersecurity threats is "control hijacking'' attacks, which hijack the control ... Security
The Anonymity Toolkit Len Sassaman Today's Internet is fraught with privacy dangers. Users in both the consumer and enterprise environments ... Security Anonymity
Defeating Automated Web Assessment Tools Saumil Udayan Shah , Director of Development , Net-square Solutions None Security Web
Detecting Ø-Days Attacks With Learning Intrusion Detection Systems Stefano Zanero , M.s. Traditional anomaly-based Intrusion Detection Systems, relying on pattern matching and static signatures, are not really ... Security
Hacking With Executives David Mortman The issue of security testing between banks and corporate networks is one of the most ... Security Risk Business Testing
The Keys To The Kingdom: Understanding Covert Channels Of Communication Russ Rogers Security professionals see the compromise of networked systems on a day to day basis. It's ... Security Exploitation
Insecure Ip Storage Networks: Problems With Network Attached Storage (Nas) Himanshu Dwivedi The presentation will discuss the security problems with enterprise storage architectures using Network Attached Storage ... Security
Attacking Obfuscated Code With Ida Pro Chris Eagle Virtually every virus and worm that circulates the Internet today is "protected" by some form ... Security
Information Hiding In Executable Binaries Rakan El-khali Information Hiding techniques are much researched in the context of watermarking or fingerprinting images and ... Security
The Laws Of Vulnerabilities For Internal Networks Gerhard Eschelbeck New vulnerabilities to internal networks are discovered and published on a daily base. With each such ... Security Risk
Shoot The Messenger— Using Window Messages To Exploit Local Win32 Applications Brett ( Antic0de ) Moore The windows GDI interface uses messages to pass input and events to windows. As there ... Security
All New Ø-Day David Litchfield , Founder , Next Software This presentation will be entirely new and never seen before. Code included. Security
You Got That With Google? Johnny Long This presentation explores the explosive growth of a technique known as "Google Hacking". When the ... Security Web Firewall
Nobody’S Anonymous—Tracking Spam And Covert Channels Curtis Kret Viagra! Work from home! Who sends this stuff? And what if not all Spam is what ... Security
Bluesnarfing - The Risk From Digital Pickpockets Martin Herfurt In November 2003, Adam Laurie of A.L. Digital Ltd. discovered serious flaws in the authentication ... Security Risk
Worldwide Wardrive 4: An Analysis Of Wireless Security Trends Chris Roamer The WorldWide WarDrive is an effort by security professionals and hobbyists to generate awareness of ... Security Wireless Analysis
The Black Ops Of Dns Dan Kaminsky The Domain Name System is a powerful, flexible, and integral part of the Internet. Somewhat ... Security DNS
Rf-Id And Smart-Labes: Myth, Technology And Attacks Lukas Grunwald This talk provides an overview of the RF-ID Smart-Labes, small labels on products with an ... Security
Nosebreak - Defeating Honeynets Thorsten Holz Honeynets are one of the more recent toys in the white-hat arsenal. They are usually ... Security
Legal Liability And Security Incident Investigation Jennifer Stisa Granick Companies and governments use various techniques to investigate when computer break-ins happen, and to learn ... Security Legal
Introduction To Embedded Security Joe ( Kingpin ) Grand The design of secure hardware is often overlooked in the product development lifecycle, leaving many ... Security Development
A Historical Look At Hardware Token Compromises Joe ( Kingpin ) Grand This talk examines the details behind successful hardware attacks of early authentication tokens: Two USB ... Security Access
Privacy: Do As I Say….Not As I Do! Sarah Gordon We’ve heard the saying “Do As I Say, Not as I Do”—and it applies now ... Security
Antivirus Software Tests: What You Need To Know! Sarah Gordon There are a plethora of antivirus software tests available—magazines, universities, and  commercial organizations abound with ... Security Testing
Managing Hackers: The Top 8 Rules For Creating Productive Security Teams James C. Foster While commonly entrenched within bleeding-edge technology, most forget the importance and art of management and ... Security
Diff, Navigate, Audit: Three Applications Of Graphs And Graphing For Security Thomas ( Halvar Flake ) Dullien None Security
Pocket Pc Abuse: To Protect And Destroy Seth Fogie When most people look at a PDA, they see a harmless device that is handy ... Security
The Evolution Of Incident Response Kevin Mandia During the course of 2003, Mr. Kevin Mandia responded to over 20 computer security incidents ... Security
Trust No-One, Not Even Yourself Or The Weak Link Might Be Your Build Tools David Maynor Many advances have happened in the security arena over the last few years. With new ... Security
Introduction To The Global Security Syndicate Travis Schack The Global Security Syndicate (GSS),, is a not for profit group of security professionals ... Security Community
Vulnerability Finding In Win32—A Comparison Runtime Analysis There are several well known techniques to find a vulnerability in a closed source product ... Security
The Black Hat Surveys Larry Ponemon Ponemon Institute recently conducted two independent surveys concerning individual privacy rights. The first study examines ... Security Privacy Community Analysis
Putting The P Back In Vpn: An Overlay Network To Resist Traffic Analysis Roger Dingledine Tor (second-generation Onion Routing) is a distributed overlay network that anonymizes TCP-based applications like web ... Security Analysis
Hacking Without Re-Inventing The Wheel Justin Clarke Home-grown applications and services are increasingly being implemented in order to suit corporate and invidual ... Security
Acting In Milliseconds—Why The Defense Process Needs To Change Dominique Brezinski Why are attackers and worms so successful? Because the process we use to defend systems ... Security
Advanced Return Address Discovery Using Context-Aware Machine Code Emulation Yuji Uka Payloads intended to execute attacker-provided code typically require a static address of code already existing ... Security
Metasploit: Hacking Like In The Movies Hd Moore The Metasploit Framework has progressed from a simple network game to a powerful tool for ... Security Development
Attacking Host Intrusion Prevention Systems Eugene Tsyrklevic Host Intrusion Prevention Systems (HIPS) is the latest buzzword in the security arena. But is ... Security
Introduction To The Certification And Accreditation Process (C&Amp;A) Within The U.S. Government Jeff Waldron The United States Federal Government has recently become very active in the arena of Information ... Security
Information Security Law Update: The Emerging Trend Toward Programmatic Information Security Management Brad Bolin There is an emerging trend from ad hoc information security practices toward more a strategic, ... Security
Privacy, Economics And Immediate Gratification: Why Protecting Privacy Is Easy But Selling It Is Not Alessandro Acquisti Surveys have repeatedly identified privacy as one of the most pressing concerns of those using ... Security Privacy