BlackHatDC 2010 Jan. 31, 2010 to Feb. 3, 2010, Washington, USA
Tell us about missing data
Tell us about missing data
Title | Speakers | Summary | Topic Types |
---|---|---|---|
Connection String Parameter Pollution Attacks | Chema Alonso , Jose ( Palako ) Palazon | This session is about Parameter Pollution in Connection Strings Attack. Today, a lot of tools ... | |
Internet Explorer turns your personal computer into a public file server | Jorge Medina | In this presentation we will show how an attacker can read every file of your ... | |
Neurosurgery With Meterpreter | Colin Ames , David Kerb | A crucial step in post-exploitation technology is memory manipulation. Metasploit's Meterpreter provides a robust platform ... | |
Advanced Command Injection Exploitation: cmd.exe in the '00s | Bannedit | Command injection vulnerabilities have always been a neglected vulnerability class when it comes to exploitation. ... | |
Neat, New, and Ridiculous Flash Hacks | Mike "mckt" Bailey | Flash is scary stuff. It's installed on just about everybody's web browser, used everywhere, and ... | |
Interpreter Exploitation: Pointer Inference and JIT Spraying | Dionysus Blazakis | As remote exploits have dwindled and perimeter defenses have become the standard, remote client-side attacks ... | |
An Uninvited Guest (Who Wont Go Home) | Bill Blunden | While there are a multitude of battle-tested forensic tools that focus on disk storage, the ... | |
Reversing DPAPI and Stealing Windows Secrets Offline | Elie Bursztein , Jean-michel Picod | The Data Protection API (DPAPI) plays a key role in Windows security: This API is ... | |
Beware of Serialized GUI Objects Bearing Data | David Byrne , Rohini Sulatycki | This presentation will highlight 0-days in Apache MyFaces and Sun Mojarra that allow an attacker ... | |
Exploiting Lawful Intercept to Wiretap the Internet | Tom ( Decius ) Cross | Many governments require telecommunications companies to provide interfaces that law enforcement can use to monitor ... | |
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework | Egypt | Sometimes you need to choose your exploits precisely and be careful about the packets you ... | |
Whose Internet is it, anyway? | Andrew Fried | Malware injecting emails and websites have reached epidemic proportions on the Internet. Virtually all spam ... | |
Hardware is the New Software | Joe ( Kingpin ) Grand | Society thrives on an ever increasing use of technology. Electronics are embedded into nearly everything ... | |
Enhancing ZFS | Christian Kendi | ZFS is a revolutionary Open Source file system with many capabilities. Snapshots and Storage pools ... | |
Wireless security isn't dead; Attacking clients with MSF | Mike Kershaw | We've figured out how to defend wireless access points, but clients remain exposed. A look ... | |
0-Knowledge Fuzzing | Vincenzo Iozzo | Nowadays fuzzing is a pretty common technique used both by attackers and software developers. Currently ... | |
Hacking Oracle 11g | David Litchfield | N/A | |
Physical Security in a Networked World: Video Analytics, Video Surveillance, and You. | Joshua Marpet | Video Analytics is a component of many advanced video surveillance systems. It includes such well ... | |
Hacking Russia: Inside An Unprecedented Prosecution of Organized Cybercrime | Joseph Menn | Almost all of the talk from Western law enforcement agencies of signs of cooperation by ... | |
Metasploit and Money | Hd Moore | In 2008 Metasploit expanded from a community-run project to a corporate product managed by Rapid7. ... | |
Playing in a Satellite Environment 1.2 | Leonardo Nve | This presentation is a warning call to those responsible for the companies that use or ... | |
The Four Types of Lock | Deviant Ollam | Physical security is an oft-overlooked component of data and system security in the technology world. ... | |
Global Security Report 2010 | Nicholas J. Percoco | From January 1, 2009 to December 31, 2009, we performed approximately 2000* penetration tests (network, ... | |
Cyber Effects Prediction | Shane Powell | Once the sole domain of military planners, public sector organizations must begin to understand the ... | |
Malware Analysis for the Enterprise | Jason Ross | Your organization has Anti-Virus deployed and is logging virus activity to a central location. Your ... | |
iPhone Privacy | Nicolas Seriot | The iPhone business model relies on consumers trust in a closed ecosystem. According to Apple: ... | |
Why Black Hats Always Win | Val Smith , Chris | From the origins of hacking and black hat hackers a new industry called penetration testing ... | |
The Underground Economy of the Pay-Per-Install (PPI) Business | Kevin Stevens | This presentation shows how hackers are recruiting hundreds of affiliates to join their Pay Per ... | |
Advanced Mac OS X Physical Memory Analysis | Matthieu Suiche | In 2008 and 2009, companies and governments interests for Microsoft Windows physical memory growled significantly. ... | |
Agile Security; or, How to Defend Applications with Five-Day-Long Release Cycles | Bryan Sullivan | Some security experts would have you believe that it is "impossible" to implement secure development ... | |
Hacking the Smartcard Chip | Christopher Tarnovsky | From start to finish, we will walk through how a current generation smartcard was successfully ... |