[BlackHat USA 2012] Presentaciones Oficiales ~ Blackploit [PenTest]

Aquí les dejo el material de las charlas que se dieron en la BlackHat USA 2012 el pasado mes de julio en Las Vegas. Hay bastante material y muy bueno:

A Scientific (But Non Academic) Study of How Malware Employs Anti-Debugging, Anti-Disassembly and Anti-Virtualization Technologies
- BH_US_12_Branco_Scientific_Academic_WP.pdf
- BH_US_12_Branco_Scientific_Academic_Slides.pdf
A Stitch in Time Saves Nine: A Case of Multiple Operating System Vulnerability
- BH_US_12_Wojtczuk_A_Stitch_In_Time_WP.pdf
- BH_US_12_Wojtczuk_A_Stitch_In_Time_Slides.pdf
Adventures in Bouncerland
- BH_US_12_Percoco_Adventures_in_Bouncerland_WP.pdf
- BH_US_12_Percoco_Bouncerland_Slides.pdf
AMF Testing Made Easy!
- BH_US_12_Carettoni_AMF_Testing_WP.pdf
- BH_US_12_Carettoni_AMF_Testing_Slides.pdf
- Source.zip
Are You My Type? – Breaking .NET Sandboxes Through Serialization
- BH_US_12_Forshaw_Are_You_My_Type_WP.pdf
- BH_US_12_Forshaw_Are_You_My_Type_Slides.pdf
Blended Threats and JavaScript: A Plan for Permanent Network Compromise
- BH_US_12_Purviance_Blended_Threats_WP.pdf
- BH_US_12_Purviance_Blended_Threats_Slides.pdf
Clonewise – Automated Package Clone Detection
- BH_US_12_Cesare_Clonewise_WP.pdf
- BH_US_12_Cesare_Clonewise_Slides.pdf
Confessions of a WAF Developer: Protocol-Level Evasion of Web Application Firewalls
- BH_US_12_Ristic_Protocol_Level_WP.pdf
- BH_US_12_Ristic_Protocol_Level_Slides.pdf
Control-Alt-Hack(TM): White Hat Hacking for Fun and Profit (A Computer Security Card Game)
- BH_US_12_Kohno_Control_Alt_Hack_WP.pdf
- BH_US_12_Kohno_Control_Alt_Hack_Slides.pdf
DE MYSTERIIS DOM JOBSIVS: Mac EFI Rootkits
- BH_US_12_LoukasK_De_Mysteriis_Dom_Jobsivs_WP.pdf
- BH_US_12_LoukasK_De_Mysteriis_Dom_Jobsivs_Slides.pdf
Digging Deep Into The Flash Sandboxes
- BH_US_12_Sabanal_Digging_Deep_WP.pdf
- BH_US_12_Sabanal_Digging_Deep_Slides.pdf
Don’t Stand So Close To Me: An Analysis of the NFC Attack Surface
- BH_US_12_Miller_NFC_attack_surface_WP.pdf
- BH_US_12_Miller_NFC_attack_surface_Slides.pdf
- BH_US_12_Miller_NFC_attack_surface_Code.zip
Easy Local Windows Kernel Exploitation
- BH_US_12_Cerrudo_Windows_Kernel_WP.pdf
- BH_US_12_Cerrudo_Windows_Kernal_Slides.pdf
Errata Hits Puberty: 13 Years of Chagrin
- BH_US_12_Jericho_Errata_Slides.pdf
Exchanging Demands
- BH_US_12_Hannay_Exchanging_Demands_WP.pdf
- BH_US_12_Hannay_Exchanging_Demands_Slides.pdf
- BH_US_12_Hannay_Exchanging_Demands_Code.zip
Exploit Mitigation Improvements in Win 8
- BH_US_12_Miller_Exploit_Mitigation_Slides.pdf
Exploiting the jemalloc Memory Allocator: Owning Firefox’s Heap
- BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_WP.pdf
- BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_Slides.pdf
- BH_US_12_Argyroudis_Exploiting_the_ jemalloc_Memory_ Allocator_Code.zip
File disinfection framework: Striking back at polymorphic viruses
- BH_US_12_Vuksan_Pericin_Disinfection_Framework_WP.pdf
Flowers for Automated Malware Analysis
- BH_US_12_Song_Royal_Flowers_Automated_WP.pdf
- BH_US_12_Song_Royal_Flowers_Automated_Slides.pdf
From the Iriscode to the Iris: A New Vulnerability of Iris Recognition Systems
- BH_US_12_Galbally_Iris_Reconstruction_WP.pdf
- BH_US_12_Galbally_Iris_Reconstruction_Slides.pdf
Ghost is in the Air(traffic)
- BH_US_12_Costin_Ghosts_In_Air_WP.pdf
- BH_US_12_Costin_Ghosts_In_Air_Slides.pdf
Google Native Client – Analysis Of A Secure Browser Plugin Sandbox
- BH_US_12_Rohlf_Google_Native_Client_WP.pdf
- BH_US_12_Rohlf_Google_Native_Client_Slides.pdf
Hacking the Corporate Mind: Using Social Engineering Tactics to Improve Organizational Security Acceptance
- BH_US_12_Philput_Hacking_The_Corporate_Mind_WP.pdf
- BH_US_12_Philput_Hacking_The_Corporate_Mind_Slides.pdf
Hacking with WebSockets
- BH_US_12_Shekyan_Toukharian_Hacking_Websocket_Slides.pdf
Hardware backdooring is practical
- BH_US_12_Brossard_Backdoor_Hacking_WP.pdf
- BH_US_12_Brossard_Backdoor_Hacking_Slides.cpgz
Here Be Backdoors: A Journey Into The Secrets Of Industrial Firmware
- BH_US_12_Santamarta_Backdoors_WP.pdf
Hookin’ ain’t easy: BeEF injection with MITM
- BH_US_12_Ocepek_Linn_BeEF_MITM_WP.pdf
- BH_US_12_Ocepek_Linn_BeEF_MITM_Slides.pdf
How many bricks does it take to crack a microcell?
- BH_US_12_Rowley_Microcell_Bricks_WP.pdf
- BH_US_12_Rowley_Microcell_Bricks_Slides.pdf
How the Analysis of Electrical Current Consumption of Embedded Systems Could Lead to Code Reversing?
- BH_US_12_Allain_Current Consumption-WP.pdf
- BH_US_12_Allain_Current Consumption-Slides.pdf
- BH_US_12_Allain_Current Consumption-Code.zip
HTML5 Top 10 Threats – Stealth Attacks and Silent Exploits
- BH_US_12_Shah_Silent_Exploits_WP.pdf
- BH_US_12_Shah_Silent_Exploits_Slides.pdf
iOS Application Security Assessment and Automation: Introducing SIRA
- BH_US_12_Engler_SIRA_WP.pdf
- BH_US_12_Engler_SIRA_Slides.pdf
iOS Kernel Heap Armageddon Revisited
- BH_US_12_Esser_iOS_Kernel_Heap_Armageddon_WP.pdf
- BH_US_12_Esser_iOS_Kernel_Heap_Armageddon_Slides.pdf
Legal Aspects of Cyberspace Operations
- BH_US_12_Clark_Legal_Aspects_Slides.pdf
Looking Into The Eye Of The Meter
- BH_US_12_Weber_Eye_of_the_Meter_WP.pdf
- BH_US_12_Weber_Eye_of_the_Meter_Slides.pdf
My Arduino Can Beat Up Your Hotel Room Lock
- BH_US_12_Brocious_Hotel_Key_WP.pdf
- BH_US_12_Brocious_Hotel_Key_Slides.pdf
Owning bad guys {and mafia} with javascript botnets
- BH_US_12_Alonso_Owning_Bad_Guys_WP.pdf
- BH_US_12_Alonso_Owning_Bad_Guys_Slides.pdf
Probing Mobile Operator Networks
- BH_US_12_Milliner_Probing Mobile Operating_WP.pdf
- BH_US_12_Milliner_Probing Mobile Operating_Slides.pdf
SexyDefense – Maximizing the Home-Field Advantage
- BH_US_12_Amit_Sexy_Defense_WP.pdf
- BH_US_12_Amit_Sexy_Defense_Slides.pdf
SQL Injection to MIPS Overflows: Rooting SOHO Routers
- BH_US_12_Cutlip_SQL_Exploitation_WP.pdf
- BH_US_12_Cutlip_SQL_Exploitation_Slides.pdf
- BH_US_12_Cutlip_SQL_Exploitation_Code.zip
SSRF vs. Business Critical Applications
- BH_US_12_Polyakov_SSRF_Business_WP.pdf
- BH_US_12_Polyakov_SSRF_Business_Slides.pdf
State of Web Exploit Toolkits
- BH_US_12_Jones_State_Web_Exploits_WP.pdf
- BH_US_12_Jones_State_Web_Exploits_Slides.pdf
Still Passing the Hash 15 Years Later? Using the Keys to the Kingdom to Access All your Data
- BH_US_12_Duckwall_Campbell_Still_Passing_WP.pdf
- BH_US_12_Duckwall_Campbell_Still_Passing_Slides.pdf
- BH_US_12_Duckwall_Campbell_Still_Passing_Code.zip
Targeted Intrusion Remediation: Lessons From The Front Lines
- BH_US_12_Aldridge_Targeted_Intrustion_WP.pdf
- BH_US_12_Aldridge_Targeted_Intrustion_Slides.pdf
The Defense RESTs: Automation and APIs for Improving Security
- BH_US_12_Mortman_Defense_RESTs_WP.pdf
- BH_US_12_Mortman_Defense_RESTs_Slides.pdf
The Info Leak Era on Software Exploitation
- BH_US_12_Serna_Leak_Era_WP.pdf
- BH_US_12_Serna_Leak_Era_Slides.pdf
The Myth of Twelve More Bytes: Security on the Post-Scarcity Internet
- BH_US_12_Ritter_Stamos_Myth_of_Twelve_More_Bytes_Slides.pdf
The subway line 8 – Exploitation of Windows 8 Metro Style Apps
- BH_US_12_Tsai_Pan_Exploiting_Windows8_WP.pdf
- BH_US_12_Tsai_Pan_Exploiting_Windows8_Slides.pdf
Torturing OpenSSL
- BH_US_12_Bertacco_TorturingOpenSSL_WP.pdf
- BH_US_12_Bertacco_TorturingOpenSSL_Slides.pdf
Trust, Security, and Society
- BH_US_12_Schneier_Liars_and_Outliers_WP.pdf
We have you by the Gadgets
- BH_US_12_Shkatov_Kohlenberg_Blackhat_Have_You_By_The_Gadgets_WP.pdf
- BH_US_12_Shkatov_Kohlenberg_Blackhat_Have_You_By_The_Gadgets_Slides.pdf
Web Tracking for You
- BH_US_12_Fleischer_Implementing_Web_Tracking_gfleischer_WP.pdf
- BH_US_12_Fleischer_Implementing_Web_Tracking_gfleischer_Slides.pdf
- BH_US_12_Fleischer_Implementing_Web_Tracking_gfleischer_Code.zip
Windows Phone 7 Internals and Exploitability
- BH_US_12_Oi_Windows_Phone_WP.pdf
- BH_US_12_Oi_Windows_Phone_Slides.pdf
Windows 8 Heap Internals
- BH_US_12_Atlas_GHZ_Workshop_Slides.pdf
- BH_US_12_Atlas_GHZ_Workshop_Code.zip
Advanced Chrome Extension Exploitation – Leveraging API Powers for the Better Evil
- BH_US_12_Osborn_Kotowicz_Advanced_Chrome_Extension_WP.pdf
- BH_US_12_Osborn_Kotowicz_Advanced_Chrome_Extension_Slides.pdf
- BH_US_12_Osborn_Kotowicz_Advanced_Chrome_Extension_Code.zip
Code Reviewing Web Application Framework Based Applications (Struts 2, Spring MVC, Ruby on Rails (Groovy on Grails), .NET MVC)
- BH_US_12_Kang_Code_Reviewing_WP.pdf
Lessons Of Binary Analysis
- BH_US_12_Rioux_Lessons_Of_Binary_Analysis_Slides.pdf
Linux interactive exploit development with GDB and PEDA
- BH_US_12_Le_Linux_Interactive_Exploit_Development_with_GDB_and_PEDA_Slides.pdf
Ruby for Pentesters: The Workshop
- BH_US_12_Scott_ruby_for_pentesters_the_workshop_Slides.pdf
HTExploit Bypassing Htaccess Restrictions
- BH_US_12_Katz_Soler_HTExploit_WP.pdf
- BH_US_12_Katz_Soler_HTExploit_Slides.pdf
- HTExploit_v0.7b.zip
libinjection: A C library for SQLi detection and generation through lexical analysis of real world attacks
- BH_US_12_Galbreath_Libinjection_Slides.pdf
ModSecurity as Universal Cross-platform Web Protection Tool
- BH_US_12_Wroblewski_ModSecurity_Universal_WP.pdf
- BH_US_12_Wroblewski_ModSecurity_Universal_Slides.pdf
Passive Bluetooth Monitoring in Scapy
- BH_US_12_Holeman_Demo.pdf
- BH_US_12_Holeman_Panda.pdf
- BH_US_12_Holeman_Passive_Bluetooth_Slides.pdf
- source.zip
Stamp Out Hash Corruption, Crack All The Things
- BH_US_12_Reynods_Stamp_Out_Hash_WP.pdf
- BH_US_12_Reynods_Stamp_Out_Hash_Slides.pdf
- BH_US_12_Reynods_Stamp_Out_Hash_Code.zip
SYNful Deceit, Stateful Subterfuge
- BH_US_12_Patten_Steele_SYNful_Deceit_Slides.pdf
The last gasp of the industrial air-gap…
- BH_US_12_Leverett_Last_Gasp_Slides.pdf
When security gets in the way: PenTesting mobile apps that use certificate pinning
- BH_US_12_Diqut_Osborne_Mobile_Certificate_Pinning_Slides.pdf

Más Material: https://www.blackhat.com/

Fuente: http://www.cyberhades.com/

Author & Editor

Ingeniero, me gusta la cyberseguridad, la programación y el blockchain.

Blackploit [PenTest].

Top-Bar

2 ago 2012

[BlackHat USA 2012] Presentaciones Oficiales

0 Notaciones:

Publicar un comentario

Labels

Popular Posts

Blog Archive

3nlaces: