BSidesManchester 2015 Aug. 25, 2015 to Aug. 25, 2015, Manchester,UK
Tell us about missing data
Tell us about missing data
Title | Speakers | Summary | Topic Types |
---|---|---|---|
KEY NOTE | Ian Glover | N/A | |
Static code analysis, from source to sink | Paul Johnston | Static analysis is an alternative approach to penetration testing, which focus on analysing source code,rather ... | |
Who breached Ashley Madison and why should we care? | James Maude | Most people assume data breaches of websites like Ashley Madison (the home of extra marital ... | |
Server-Side Template Injection: RCE for the Modern Web App | James Kettle | Simple inputs can conceal an {expansive} attack surface. Feature-rich web applications often embed user input ... | |
PHP unserialization vulnerabilities – what are we missing? | Sam Thomas | We regularly find unserialization issues during penetration testing engagements, often within previously tested systems, which ... | |
PowerShell Fu with Metasploit “Interactive PowerShell Sessions in Metasploit” | Ben Turner , Dave Hardy | This talk will discuss the development of a new session type that now supports PowerShell ... | |
Low-Level TLS Hacking | Richard Moore | Generally penetration testers focus on SSL/TLS as a blackbox, usually using the open-SSL command line. ... | |
From Phish To Pwned: Dissecting a modern phishing campaign from e-mail to malware infection | Jim Slaughter | My intention with this talk is to focus on the defence/incident response side of the ... | |
Detect & Protect: Securing financial applications in hostile environments | Luke Drakeford | Mobile payment applications contain sensitive user data and easily abused functionality, and all the while ... | |
Squashing Rotten Apples: Automated forensics & analysis for Mac OS X with OSXCollector | Kuba Sendor | OSXCollector (https://github.com/Yelp/osxcollector) is an open source forensic evidence collection and analysis toolkit for Mac OS ... | |
Instrumentation of .NET applications using Frida | Alberto Barbaro | There is currently no de facto standard to help a reverse engineer or geek to ... | |
Yes, penetration testing might need standardisation. No, it’s not the way you think. | William Knowles | You’ve read the title and you’re panicking. Don’t. This isn’t a talk about having a ... | IncludeThinkstScapes |
Exploring android smartlocks | Stephen Fisher Davies | An review of Android Lollipop ‘Smart Locks’ and how they can be exploited to fool ... | |
Burping Up Data: What Your Apps Reveal About You | Iain Smart | Ever wondered what information your apps give away before you even authenticate? Does that photo ... | |
The Matrix PRELOADED | Alastair O’neill | A discussion of userland rootkits making use of the LD_PRELOAD mechanism, focusing on theirfunctionality and ... | |
OWASP-SKF Making the web secure by design | Glenn Ten Cate | Will be a mixture of the workshops we already given and inspirational presentation. For an ... | |
Financial Crime: The Past, The Present and The Future | Marcelo Mansur | Opening with boiler room investment fraud: • Common fraudulent products and practices • Pump-and-dump schemes ... | |
Artificial intelligence and security | Edward Bowles | Within the field artificial intelligence, there are many tools which we can use in the ... | |
Journey into hunting the attackers | Asif Matadar | An attacker can use a number of tools and techniques to retrieve credentials without triggering ... |