BSidesManchester 2015 Aug. 25, 2015 to Aug. 25, 2015, Manchester,UK

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
KEY NOTE Ian Glover N/A
Static code analysis, from source to sink Paul Johnston Static analysis is an alternative approach to penetration testing, which focus on analysing source code,rather ...
Who breached Ashley Madison and why should we care? James Maude Most people assume data breaches of websites like Ashley Madison (the home of extra marital ...
Server-Side Template Injection: RCE for the Modern Web App James Kettle Simple inputs can conceal an {expansive} attack surface. Feature-rich web applications often embed user input ...
PHP unserialization vulnerabilities – what are we missing? Sam Thomas We regularly find unserialization issues during penetration testing engagements, often within previously tested systems, which ...
PowerShell Fu with Metasploit “Interactive PowerShell Sessions in Metasploit” Ben Turner , Dave Hardy This talk will discuss the development of a new session type that now supports PowerShell ...
Low-Level TLS Hacking Richard Moore Generally penetration testers focus on SSL/TLS as a blackbox, usually using the open-SSL command line. ...
From Phish To Pwned: Dissecting a modern phishing campaign from e-mail to malware infection Jim Slaughter My intention with this talk is to focus on the defence/incident response side of the ...
Detect & Protect: Securing financial applications in hostile environments Luke Drakeford Mobile payment applications contain sensitive user data and easily abused functionality, and all the while ...
Squashing Rotten Apples: Automated forensics & analysis for Mac OS X with OSXCollector Kuba Sendor OSXCollector (https://github.com/Yelp/osxcollector) is an open source forensic evidence collection and analysis toolkit for Mac OS ...
Instrumentation of .NET applications using Frida Alberto Barbaro There is currently no de facto standard to help a reverse engineer or geek to ...
Yes, penetration testing might need standardisation. No, it’s not the way you think. William Knowles You’ve read the title and you’re panicking. Don’t. This isn’t a talk about having a ... IncludeThinkstScapes
Exploring android smartlocks Stephen Fisher Davies An review of Android Lollipop ‘Smart Locks’ and how they can be exploited to fool ...
Burping Up Data: What Your Apps Reveal About You Iain Smart Ever wondered what information your apps give away before you even authenticate? Does that photo ...
The Matrix PRELOADED Alastair O’neill A discussion of userland rootkits making use of the LD_PRELOAD mechanism, focusing on theirfunctionality and ...
OWASP-SKF Making the web secure by design Glenn Ten Cate Will be a mixture of the workshops we already given and inspirational presentation. For an ...
Financial Crime: The Past, The Present and The Future Marcelo Mansur Opening with boiler room investment fraud: • Common fraudulent products and practices • Pump-and-dump schemes ...
Artificial intelligence and security Edward Bowles Within the field artificial intelligence, there are many tools which we can use in the ...
Journey into hunting the attackers Asif Matadar An attacker can use a number of tools and techniques to retrieve credentials without triggering ...