BlackHatDC 2011 Jan. 16, 2011 to Jan. 17, 2011, Washington,USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote - Cyber Conflicts: Challenging the Future Franklin D. Kramer ABSTRACT TBA
Popping Shell on A(ndroid)RM Devices Itzhak "Zuk" Avraham The attendees will gain knowledge on how to exploit ARM buffer overflows, use Ret2ZP attack ...
XSS Street-Fight: The Only Rule Is There Are No Rules Ryan C. Barnett Defending web applications from Cross-Site Scripting (XSS) attacks is extremely challenging, especially when the application's ...
The Apple Sandbox Dionysus Blazakis Despite the never ending proclamations of the end of memory corruption vulnerabilities, modern software still ...
Checkmate with Denial of Service Tom Brennan , Ryan C. Barnett Denial-Of-Service is an attempt to make a computer resource unavailable to its intended users and ...
De-Anonymizing Live CDs through Physical Memory Analysis Andrew Case Traditional digital forensics encompasses the examination of data from an offline or dead source such ...
The Getaway: Methods and Defenses for Data Exfiltration Sean Coyne There are several stages to a successful cyber attack. The most crucial of which is ...
Identifying the true IP/Network identity of I2P service hosts Adrian Crenshaw This paper will present research into services hosted internally on the I2P anonymity network, especially ...
Malware Distribution via Widgetization of the Web Neil Daswani The Web 2.0 transformation has in part involved many sites using third-party widgets. We present ...
Your crown jewels online: Attacks to SAP Web Applications Mariano Croce "SAP platforms are only accessible internally". You may have heard that several times. While that ...
WORKSHOP - Cyber-attacks to SAP platforms: The Insider Threat Mariano Croce , Jordan Santarsieri How would a malicious insider exploit vulnerabilities in your SAP environment to get hold of ...
WORKSHOP - Peach Fuzzing Michael Eddington Join us for look at fuzzing with Peach and the Peach extension HotFuzz. Peach is ...
Active Exploitation Detection Marc Eisenbarth Security professionals have a massive number of acronyms at their disposal: IPS, VA, VM, SIEM, ...
Attacking Oracle Web Applications With Metasploit Chris Gates In 2009, Metasploit released a suite of auxiliary modules targeting oracle databases and attacking them ...
Responsibility for the Harm and Risk of Software Security Flaws Cassio Goldschmidt Who is responsible for the harm and risk of security flaws? The advent of worldwide ...
WORKSHOP - Hardware Reverse Engineering: Access, Analyze, and Defeat Joe ( Kingpin ) Grand Electronics are embedded into nearly everything we use. Hardware products are being relied on for ...
WORKSHOP: How to Hack Large Companies and Make Millions Chris Hadnagy Offensive Security wants to take you on a non-stop thrill ride through an actual hack. ...
Hacking the Fast Lane: security issues with 802.11p, DSRC, and WAVE Rob Havelt , Bruno Oliveira The new 802.11p standard aims to provide reliable wireless communication for vehicular environments. The P802.11p ...
Stale pointers are the new black Vincenzo Iozzo , Giovanni Gola Memory corruption bugs such as dangling pointers, double frees and uninitialized memory are some of ...
Beyond AutoRun: Exploiting software vulnerabilities with removable storage Jon Larimer Malware has been using the AutoRun functionality in Windows for years to spread through removable ...
Kernel Pool Exploitation on Windows 7 Tarjei Mandt In Windows 7, Microsoft introduced safe unlinking to the kernel pool to address the growing ...
Inglourious Hackerds: Targeting Web Clients Laurent Oudot This talk will propose to look at technical security issues related to multiple Internet Web ...
Stuxnet Redux: Malware Attribution & Lessons Learned Tom Parker Recent incidents commonly thought to be linked to state sponsored activities have given rise to ...
A practical attack against GPRS/EDGE/UMTS/HSPA mobile data communications David Perez , Jose Pico In this presentation we will show a practical attack against GPRS, EDGE, UMTS and HSPA ...
Breaking encryption in the cloud: GPU accelerated supercomputing for everyone Thomas Roth It has been known since some time now that the massive parallel architecture of modern ...
How to Steal Nuclear Warheads Without Voiding Your Xbox Warranty Eric Michaud , Jamie Schwettmann We will present the common elements and basic mechanisms of modern tamper-evident seals, tags, and ...
Forgotten World: Corporate Business Application Systems Val Smith , Alexander mikhailovich Polyakov Do you know where are all critical company data is stored? Do you know how ...
Exploiting Smart-Phone USB Connectivity For Fun And Profit Angelos Stavrou , Zhaohui Wang The Universal Serial Bus (USB) connection has become the de-facto standard for both charging and ...
Your cloud in my pocket Matthieu Suiche LiveCloudKd makes possible to debug live Microsoft Hyper-V and VMWare Workstation virtual machines without having ...
Hey You, Get Off Of My Cloud: Denial of Service in the *aaS Era Bryan Sullivan Why care about denial-of-service attacks when there are so many privilege elevation and information disclosure ...
Counterattack: Turning the tables on exploitation attempts from tools like Metasploit Matthew Weeks In hostile networks, most people hope their con kung-fu is good enough to avoid getting ...
The Baseband Apocalypse Ralf-Philipp Weinmann Attack scenarios against smartphones have concentrated on vulnerable software executed on the application processor. The ...