Zoz - Pwned By The Owner: What Happens When You Steal A Hacker's Computer
Having your place broken into and your computer stolen can be a nightmare. Getting revenge on the fucker who has your machine can be a dream come true. I had the opportunity to experience both of these...
View ArticleWayne Huang & Kuon Ding - NoSQL, No Injection !?
This is a short talk on NoSQL technologies and their impacts on traditional injection threats such as SQL injection. This talk surveys existing NoSQL technologies, and then demos proof-of-concept...
View ArticleWayne Huang, Jeremy Chiu & Benson Wu - 0box Analyzer: AfterDark Runtime...
For antivirus vendors and malware researchers today, the challenge lies not in "obtaining" the malware samples - they have too many already. What's needed is automated tools to speed up the analysis...
View ArticleWayne Huang - Drivesploit: Circumventing Both Automated AND Manual...
This year saw the biggest news in Web security ever--Operation Aurora, which aimed at stealing source code and other intellectual properties and succeeded with more than 30 companies, including...
View ArticleWade Polk, Paul Malkewicz & J. Novak - Industrial Cyber Security
Industrial control systems are flexible constructs that result in increased efficiency and profitability, but this comes at the cost of vulnerability. In past years, industrial cyber security has been...
View ArticleVal Smith, Colin Ames & Anthony Lai - Balancing the Pwn Trade Deficit
One of the presenters is a native Chinese language speaker and heavily involved in the Chinese security community and so brings unique insights to this presentation. The other presenters have been...
View ArticleTyler Krpata - Like a Boss: Attacking JBoss
JBoss is an open source Java EE application server. Its default configuration provides several insecure defaults that an attacker can use to gather information, cause a denial of service, or even...
View ArticleTottenkoph - VirGraff101: An Introduction to Virtual Graffiti
Want to take a stab at graffiti but spray paint fumes get you nauseous? Worry not! The world of virtual graffiti is slowly but surely gaining popularity and now hackers with little to no artistic...
View ArticleTom Stracener "Strace", Sean Barnum & Chris Peterson - So Many Ways to Slap A...
Maybe you've played YoVille because your spouse or relative got you into it. Maybe its your overt obsession or secret delight. If you haven't heard of YoVille, well, its got at least 5 Million active...
View ArticleSumit Siddharth - Hacking Oracle From Web Apps
This talk will focus on exploiting SQL injections in web applications with oracle back-end and will discuss all old/new techniques. The talk will target Oracle 9i,10g and 11g (R1 and R2) It is widely...
View ArticleThe Suggmeister - Social Networking Special Ops: Extending Data Visualization...
If you're ever in a position when you need to pwn criminals via social networks or see where Tony Hawk likes to hide skateboards around the world, this talk is for you. The talk is delivered in two...
View ArticleSho Ho - FOE The Release of Feed Over Email, a Solution to Feed Controversial...
Many repressive countries have created Internet censorship systems to prevent Internet users from accessing websites that are deemed inappropriate by their officials. In many cases, these websites are...
View ArticleShawn Moyer & Nathan Keltner - Wardriving the Smart Grid: Practical...
If you haven't just emerged from a coma, you probably have some idea of the multifaceted attack surface that the inevitable modernization of power transmission and distribution is rapidly introducing...
View ArticleShawn Merdinger - We Don't Need No Stinkin' Badges: Hacking Electronic Door...
In the security world, attacker physical access often means game over - so what happens if you can't trust your building's electronic door system? This presentation and paper explore attack surfaces...
View ArticleScott Wolchok - Crawling BitTorrent DHTs for Fun
This talk describes how crawling BitTorrent's DHTs used for distributed tracking can be used for two opposing goals. First, pirates can crawl the DHTs to build BitTorrent search engines in just a few...
View ArticleSchuyler Towne & datagram - Attack the Key, Own the Lock
Locks restrict access to anyone lacking the correct key. As security components, we depend on locks to secure our most valuable possessions. Most attacks demonstrated in recent years involve...
View ArticleSamy Kamkar - How I Met Your Girlfriend
How I Met Your Girlfriend: The discovery and execution of entirely new classes of Web attacks in order to meet your girlfriend. This includes newly discovered attacks including HTML5 client-side XSS...
View ArticleSam Bowne - Who Cares About IPv6?
What is IPv6? Why should you care? If we ignore it, will it just go away? The current Internet Protocol numbering scheme, IPv4, is nearing its end-of-life. Within two years, all the IPv4 numbers will...
View ArticleRyan Linn - Multiplayer Metasploit: Tag-Team Penetration and Information...
Sharing information in team penetration testing environments is frequently a challenge. There are a number of tools out there that allow wiki style submissions but any time that data needs to be used,...
View ArticleRobert Edmonds & Paul Vixie - Passive DNS Hardening
Passive DNS replication is a technique invented by Florian Weimer for tracking changes to the domain name system. This session will introduce the problems faced by passive DNS replication in the areas...
View Article
