BlackHatDC 2010 Jan. 31, 2010 to Feb. 3, 2010, Washington, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Connection String Parameter Pollution Attacks Chema Alonso , Jose ( Palako ) Palazon This session is about Parameter Pollution in Connection Strings Attack. Today, a lot of tools ...
Internet Explorer turns your personal computer into a public file server Jorge Medina In this presentation we will show how an attacker can read every file of your ...
Neurosurgery With Meterpreter Colin Ames , David Kerb A crucial step in post-exploitation technology is memory manipulation. Metasploit's Meterpreter provides a robust platform ...
Advanced Command Injection Exploitation: cmd.exe in the '00s Bannedit Command injection vulnerabilities have always been a neglected vulnerability class when it comes to exploitation. ...
Neat, New, and Ridiculous Flash Hacks Mike "mckt" Bailey Flash is scary stuff. It's installed on just about everybody's web browser, used everywhere, and ...
Interpreter Exploitation: Pointer Inference and JIT Spraying Dionysus Blazakis As remote exploits have dwindled and perimeter defenses have become the standard, remote client-side attacks ...
An Uninvited Guest (Who Wont Go Home) Bill Blunden While there are a multitude of battle-tested forensic tools that focus on disk storage, the ...
Reversing DPAPI and Stealing Windows Secrets Offline Elie Bursztein , Jean-michel Picod The Data Protection API (DPAPI) plays a key role in Windows security: This API is ...
Beware of Serialized GUI Objects Bearing Data David Byrne , Rohini Sulatycki This presentation will highlight 0-days in Apache MyFaces and Sun Mojarra that allow an attacker ...
Exploiting Lawful Intercept to Wiretap the Internet Tom ( Decius ) Cross Many governments require telecommunications companies to provide interfaces that law enforcement can use to monitor ...
Unmanned Aerial Vehicles: Exploit Automation with the Metasploit Framework Egypt Sometimes you need to choose your exploits precisely and be careful about the packets you ...
Whose Internet is it, anyway? Andrew Fried Malware injecting emails and websites have reached epidemic proportions on the Internet. Virtually all spam ...
Hardware is the New Software Joe ( Kingpin ) Grand Society thrives on an ever increasing use of technology. Electronics are embedded into nearly everything ...
Enhancing ZFS Christian Kendi ZFS is a revolutionary Open Source file system with many capabilities. Snapshots and Storage pools ...
Wireless security isn't dead; Attacking clients with MSF Mike Kershaw We've figured out how to defend wireless access points, but clients remain exposed. A look ...
0-Knowledge Fuzzing Vincenzo Iozzo Nowadays fuzzing is a pretty common technique used both by attackers and software developers. Currently ...
Hacking Oracle 11g David Litchfield N/A
Physical Security in a Networked World: Video Analytics, Video Surveillance, and You. Joshua Marpet Video Analytics is a component of many advanced video surveillance systems. It includes such well ...
Hacking Russia: Inside An Unprecedented Prosecution of Organized Cybercrime Joseph Menn Almost all of the talk from Western law enforcement agencies of signs of cooperation by ...
Metasploit and Money Hd Moore In 2008 Metasploit expanded from a community-run project to a corporate product managed by Rapid7. ...
Playing in a Satellite Environment 1.2 Leonardo Nve This presentation is a warning call to those responsible for the companies that use or ...
The Four Types of Lock Deviant Ollam Physical security is an oft-overlooked component of data and system security in the technology world. ...
Global Security Report 2010 Nicholas J. Percoco From January 1, 2009 to December 31, 2009, we performed approximately 2000* penetration tests (network, ...
Cyber Effects Prediction Shane Powell Once the sole domain of military planners, public sector organizations must begin to understand the ...
Malware Analysis for the Enterprise Jason Ross Your organization has Anti-Virus deployed and is logging virus activity to a central location. Your ...
iPhone Privacy Nicolas Seriot The iPhone business model relies on consumers trust in a closed ecosystem. According to Apple: ...
Why Black Hats Always Win Val Smith , Chris From the origins of hacking and black hat hackers a new industry called penetration testing ...
The Underground Economy of the Pay-Per-Install (PPI) Business Kevin Stevens This presentation shows how hackers are recruiting hundreds of affiliates to join their Pay Per ...
Advanced Mac OS X Physical Memory Analysis Matthieu Suiche In 2008 and 2009, companies and governments interests for Microsoft Windows physical memory growled significantly. ...
Agile Security; or, How to Defend Applications with Five-Day-Long Release Cycles Bryan Sullivan Some security experts would have you believe that it is "impossible" to implement secure development ...
Hacking the Smartcard Chip Christopher Tarnovsky From start to finish, we will walk through how a current generation smartcard was successfully ...