DeepSec 2015 Nov. 17, 2015 to Nov. 20, 2015, vienna,austria

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Crypto Attacks Tibor Jager , Juraj Somorovsky The course covers cryptographic pitfalls and issues every security developer should be aware of. To ...
Hacking Web Applications – Case Studies of Award-winning Bugs in Google, Yahoo, Mozilla and more Dawid Czagan OVERVIEW Have you ever thought of hacking web applications for fun and profit? How about ...
Pentesting and Securing IPv6 Networks Marc Heuse This training course shows you how to perform penetration testing on IPv6 networks locally and ...
PowerShell for Penetration Testers Nikhil Mittal Overview PowerShell has changed the way Windows networks are attacked. It is Microsoft’s shell and ...
Practical Firmware Reversing and Exploit Development for AVR-based Embedded Devices Alexander Bolshev , Boris Ryutin Today, you can find many devices based on AVR microcontrollers, from arduino-based amateur projects to ...
Social Engineering and Security Awareness Stefan Schumacher Social Engineering is a great method for hacking systems. Instead of attacking technical devices social ...
Training: Developing and Using Threat Intelligence John Bambenek Traditional security defense tools are increasingly unable to protect against emerging and current attacks. The ...
Practical Incident Handling Felix Schallock It is not a question of if, but rather when you have an incident that ...
Secure Web Development Marcus Niemietz This training shows you how to attack and defend websites from the perspective of a ...
Can societies manage the SIGINT monster? Duncan Campbell Behind closed doors, ubiquitous surveillance systems have evolved in parallel to and hidden within the ...
A Death in Athens: The inherent Vulnerability of “lawful Intercept” Programs. James Bamford Mr. Bamford will discuss the “Athens Affair,” the subject of a recent investigation by him ...
How to Break XML Encryption – Automatically Juraj Somorovsky In recent years, XML Encryption became a target of several new attacks. These attacks belong ...
Yes, Now YOU Can Patch That Vulnerability Too! Mitja Kolsek Software vulnerabilities are likely the biggest problem of information security, fueling a rapidly growing market ...
File Format Fuzzing in Android - Giving a Stagefright to the Android Installer Alexandru Blanda The presentation focuses on revealing a fuzzing approach that can be used to uncover different ...
Bridging the Air-Gap: Data Exfiltration from Air-Gap Networks Yuval Elovici , Yisroel Mirsky Air-gapped networks are isolated, separated both logically and physically from public networks. Although the feasibility ...
Building a Better Honeypot Network Josh Pyorre Honeypots and honeypot networks help security researchers to get a good look at different attacker ...
Cyber Cyber Cyber Warfare: Mistakes from the MoDs Raoul "Nobody" Chiesa This presentation will (try to) analyze those mistakes commonly done by MoDs while dealing with ...
Advanced SOHO Router Exploitation Lyon Yang In this talk we will look into how a series of 0-day vulnerabilities can be ...
OSINT Barn Cat: Mining Malware for Intelligence at Scale John Bambenek According to Virus Total, on January 4th, 2015 they received over 500,000 samples of potential ...
Chw00t: How To Break Out from Various Chroot Solutions Balazs Bucsay Chroot syscall is part of POSIX. All Unix systems have this syscall, so it is ...
Deactivating Endpoint Protection Software in an Unauthorized Manner Matthias Deeg Many endpoint protection software like antivirus or firewall software offer a password protection in order ...
50 Shades of WAF - Exemplified at Barracuda & Sucuri Ashar Javed This talk will present 50 (25*2) bypasses of Barracuda and Sucuri's WAF default signatures that ...
Temet Nosce - Know thy Endpoint Through and Through; Processes to Data Thomas Fischer Most organisations today accept that they have been compromised or will be compromised. To that ...
Cryptography Tools, Identity Vectors for "Djihadists" Julie Gommes Cryptography, social networks - today the use of online tools also serves to protect the ...
The German Data Privacy Laws and IT Security Stefan Schumacher Hesse introduced the first data privacy law in the world in 1970. Since then, the ...
illusoryTLS: Nobody But Us. Impersonate,Tamper and Exploit Alfonso de Gregorio Cryptographic backdoors are a timely topic often debated as a government matter to legislate on. ...
Have We Penetrated Yet?? Johnny Deutsch Penetration testing is a subject that seems to has been discussed thoroughly. How to test, ...
A Case Study on the Security of Application Whitelisting René Freingruber Application whitelisting is a concept which can be used to further harden critical systems such ...
Continuous Intrusion: Why CI Tools Are an Attacker's Best Friends. Nikhil Mittal Continuous Integration (CI) tools provide excellent attack surfaces due to no/poor security controls, the distributed ...
Cryptographic Enforcement of Segregation of Duty within Work-Flows Thomas Maus Workflows with Segregation-of-Duty requirements or involving multiple parties with non-aligned interests (typically mutually distrustful) pose ...
DDoS: Barbarians at the Gate(way) Dave Lewis This talk will examine the tools, methods and data behind the DDoS attacks that are ...
Legal Responses Against Cyber Incidents Oscar serrano Serrano Despite current efforts to adapt existing legal instruments to regulate hostile activities in cyber space, ...
Revisiting SOHO Router Attacks Jose Garcia , Ivan Castro , Álvaro Folgado Rueda Domestic routers have lately been targeted by cybercrime due to the huge amount of well-known ...
Extending a Legacy Platform Providing a Minimalistic, Secure Single-Sign-On-Library Bernhard Göschlberger , Msc Göttfert , Bsc Despite decades of security research and authentication standards there's still a vast amount of systems ...
Visualizing Wi-Fi Packets the Hacker's Way Milan Gabor Today visualizing Wi-Fi traffic is more or less limited to console windows and analyze different ...
ZigBee Smart Homes - A Hacker's Open House Tobias Zillner ZigBee is one of the most widespread communication standards used in the Internet of Things ...
Digital Forensics at Scale Martin Schmiedecker The forensic process as used today has severe problems: massive amounts of data to be ...
Not so Smart: On Smart TV Apps Marcus Niemietz One of the main characteristics of Smart TVs are apps. Apps extend the Smart TVs ...
Measuring the Tor Network Jens Kubieziel Tor is an anonymisation network and by design doesn't know anything about its users. However, ...
HackingTeam - How They Infected Your Android Device By 0days Attila Marosi There is no need to make a long introduction when speaking about the famous Remote ...
Agile Security: The Good, The Bad, and mostly the Ugly Daniel Liber Buzzwords about Agile are flying around in overwhelming speed, talks about Scrum, Kanban, XP and ...