[BlackHat USA 2013] Presentaciones y Diapositivas

• Day One Keynote July 31
  • us-13-Alexander-keynote.pdf
  • us-13-Alexander-keynote.m4v
• A Practical Attack against MDM Solutions
  • US-13-Brodie-A-Practical-Attack-against-MDM-Solutions-WP.pdf
  • US-13-Brodie-A-Practical-Attack-against-MDM-Solutions-Slides.pdf
• Above My Pay Grade: Cyber Response at the National Level
  • US-13-Healey-Above-My-Pay-Grade-WP.pdf
  • US-13-Healey-Above-My-Pay-Grade-Slides.pdf
• Android: one root to own them all
  • US-13-Forristal-Android-One-Root-to-Own-Them-All-Slides.pdf
• BinaryPig – Scalable Malware Analytics in Hadoop
  • US-13-Hanif-Binarypig-Scalable-Malware-Analytics-in-Hadoop-WP.pdf
  • US-13-Hanif-Binarypig-Scalable-Malware-Analytics-in-Hadoop-Slides.pdf
  • US-13-Hanif-Binarypig-Scalable-Malware-Analytics-in-Hadoop-Code.tar.gz
• BIOS Security
  • US-13-Butterworth-BIOS-Security-WP.pdf
  • US-13-Butterworth-BIOS-Security-Slides.pdf
  • US-13-Butterworth-BIOS-Security-Code.zip
• Black-Box Assessment of Pseudorandom Algorithms
  • US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-WP.pdf
  • US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-Slides.pdf
  • US-13-Soeder-Black-Box-Assessment-of-Pseudorandom-Algorithms-Code.zip
• Bugalyze.com – Detecting Bugs Using Decompilation and Data Flow Analysis
  • US-13-Cesare-Bugalyze.com-Detecting-Bugs-Using-Decompilation-WP.pdf
  • US-13-Cesare-Bugalyze.com-Detecting-Bugs-Using-Decompilation-Slides.pdf
• Buying into the Bias: Why Vulnerability Statistics Suck
  • US-13-Martin-Buying-Into-The-Bias-Why-Vulnerability-Statistics-Suck-WP.pdf
  • US-13-Martin-Buying-Into-The-Bias-Why-Vulnerability-Statistics-Suck-Slides.pdf
• Combating the Insider Threat at the FBI: Real World Lessons Learned
  • US-13-Reidy-Combating-the-Insider-Threat-At-The-FBI-Slides.pdf
• Compromising Industrial Facilities From 40 Miles Away
  • US-13-Apa-Compromising-Industrial-Facilities-From-40-Miles-Away-WP.pdf
  • US-13-Apa-Compromising-Industrial-Facilities-From-40-Miles-Away-Slides.pdf
• CreepyDOL: Cheap, Distributed Stalking
  • US-13-OConnor-CreepyDOL-Cheap-Distributed-Stalking-WP.pdf
  • US-13-OConnor-CreepyDOL-Cheap-Distributed-Stalking-Slides.pdf
• Defending Networks with Incomplete Information: A Machine Learning Approach
  • US-13-Pinto-Defending-Networks-with-Incomplete-Information-A-Machine-Learning-Approach-WP.pdf
  • US-13-Pinto-Defending-Networks-with-Incomplete-Information-A-Machine-Learning-Approach-Slides.pdf
• End-to-End Analysis of a Domain Generating Algorithm Malware Family
  • US-13-Geffner-End-To-End-Analysis-of-a-Domain-Generating-Algorithm-Malware-Family-WP.pdf
  • US-13-Geffner-End-To-End-Analysis-of-a-Domain-Generating-Algorithm-Malware-Family-Slides.pdf
• Energy Fraud and Orchestrated Blackouts: Issues with Wireless Metering Protocols (wM-Bus)
  • US-13-Brunschwiler-Energy-Fraud-and-Orchestrated-Blackouts-Issues-with-Wireless-Metering-Protocols-WP.pdf
  • US-13-Brunschwiler-Energy-Fraud-and-Orchestrated-Blackouts-Issues-with-Wireless-Metering-Protocols-Slides.pdf
• Exploiting Network Surveillance Cameras Like a Hollywood Hacker
  • US-13-Heffner-Exploiting-Network-Surveillance-Cameras-Like-A-Hollywood-Hacker-WP.pdf
  • US-13-Heffner-Exploiting-Network-Surveillance-Cameras-Like-A-Hollywood-Hacker-Slides.pdf
• Evading deep inspection for fun and shell
  • US-13-Opi-Evading-Deep-Inspection-for-Fun-and-Shell-WP.pdf
  • US-13-Opi-Evading-Deep-Inspection-for-Fun-and-Shell-Slides.pdf
  • US-13-Opi-Evading-Deep-Inspection-for-Fun-and-Shell-Code.zip
• The Factoring Dead: Preparing for the Cryptopocalypse
  • us-13-Stamos-The-Factoring-Dead.pdf
• Fully Arbitrary 802.3 Packet Injection: Maximizing the Ethernet Attack Surface
  • US-13-Barisani-Fully-Arbitrary-802-3-Packet-Injection-WP.pdf
  • US-13-Barisani-Fully-Arbitrary-802-3-Packet-Injection-Slides.pdf
• Funderbolt: Adventures in Thunderbolt DMA Attacks
  • US-13-Sevinsky-Funderbolt-Adventures-in-Thunderbolt-DMA-Attacks-Slides.pdf
• Hacking like in the Movies: Visualizing Page Tables for Local Exploitation
  • US-13-Wicherski-Hacking-like-in-the-Movies-Visualizing-Page-Tables-WP.pdf
  • US-13-Wicherski-Hacking-like-in-the-Movies-Visualizing-Page-Tables-Slides.pdf
  • US-13-Wicherski-Hacking-like-in-the-Movies-Visualizing-Page-Tables-Pictures.zip
• Hacking, Surveilling, and Deceiving victims on Smart TV
  • US-13-Lee-Hacking-Surveilling-and-Deceiving-Victims-on-Smart-TV-Slides.pdf
• Home Invasion v2.0 – Attacking Network-Controlled Hardware
  • US-13-Crowley-Home-Invasion-2-0-WP.pdf
  • US-13-Crowley-Home-Invasion-2-0-Slides.pdf
  • US-13-Crowley-HomeInvasion2-0-Source-Code.zip
• Hot Knives Through Butter: Bypassing Automated Analysis Systems
  • US-13-Singh-Hot-Knives-Through-Butter-Evading-File-based-Sandboxes-WP.pdf
  • US-13-Singh-Hot-Knives-Through-Butter-Evading-File-Based-Sandboxes-Slides.pdf
• HOW CVSS is DOSsing YOUR PATCHING POLICY (and wasting your money)
  • US-13-Allodi-HOW-CVSS-is-DOSsing-Your-Patching-Policy-WP.pdf
  • US-13-Allodi-HOW-CVSS-is-DOSsing-Your-Patching-Policy-Slides.pdf
• How to Build a SpyPhone
  • US-13-McNamee-How-To-Build-a-SpyPhone-WP.pdf
  • US-13-McNamee-How-To-Build-a-SpyPhone-Slides.pdf
• How to Grow a TREE (Taint-enabled Reverse Engineering Environment) From CBASS (Cross-platform Binary Automated Symbolic-execution System)
  • US-13-Li-How-to-Grow-a-TREE-Code.zip
• Hunting the Shadows: In Depth Analysis of Escalated APT Attacks
  • US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-WP.pdf
  • US-13-Yarochkin-In-Depth-Analysis-of-Escalated-APT-Attacks-Slides.pdf
• Is that a government in your network or are you just happy to see me?
  • US-13-Fiterman-Is-that-a-Government-in-Your-Network-Slides.pdf
• Java Every-Days: Exploiting Software Running on 3 Billion Devices
  • US-13-Gorenc-Java-Every-Days-Exploiting-Software-Running-on-3-Billion-Devices-WP.pdf
  • US-13-Gorenc-Java-Every-Days-Exploiting-Software-Running-on-3-Billion-Devices-Slides.pdf
• Javascript Static Security Analysis made easy with JSPrime
  • US-13-Patnaik-Javascript-Static-Security-Analysis-made-Easy-with-JSPrime-WP.pdf
  • US-13-Patnaik-Javascript-Static-Security-Analysis-made-easy-with-JSPrime-Slides.pdf
• Just-In-Time Code Reuse: The more things change, the more they stay the same
  • US-13-Snow-Just-In-Time-Code-Reuse-Slides.pdf
• Legal Aspects of Full Spectrum Computer Network (Active) Defense
  • US-13-Clark-Legal-Aspects-of-Full-Spectrum-Computer-Network-Active-Defense-Slides.pdf
• Mactans: Injecting Malware into iOS Devices via Malicious Chargers
  • US-13-Lau-Mactans-Injecting-Malware-into-iOS-Devices-via-Malicious-Chargers-WP.pdf
  • US-13-Lau-Mactans-Injecting-Malware-into-iOS-Devices-via-Malicious-Chargers-Slides.pdf
• Mainframes: The Past Will Come Back to Haunt You
  • US-13-Young-Mainframes-The-Past-Will-Come-Back-to-Haunt-You-WP.pdf
  • US-13-Young-Mainframes-The-Past-Will-Come-Back-to-Haunt-You-Slides.pdf
• Maltego Tungsten as a collaborative attack platform
  • US-13-Temmingh-Maltego-Tungsten-as-a-Collaborative-Attack-Platform-WP.pdf
  • US-13-Temmingh-Maltego-Tungsten-as-a-Collaborative-Attack-Platform-Slides.pdf
• Multiplexed Wired Attack Surfaces
  • US-13-Ossmann-Multiplexed-Wired-Attack-Surfaces-WP.pdf
• OptiROP: hunting for ROP gadgets in style
  • US-13-Quynh-OptiROP-Hunting-for-ROP-Gadgets-in-Style-WP.pdf
• Out of Control: Demonstrating SCADA device exploitation
  • US-13-Forner-Out-of-Control-Demonstrating-SCADA-WP.pdf
  • US-13-Forner-Out-of-Control-Demonstrating-SCADA-Slides.pdf
• Owning the Routing Table – Part II
  • US-13-Nakibly-Owning-the-Routing-Table-Part-II-WP.pdf
  • US-13-Nakibly-Owning-the-Routing-Table-Part-II-Slides.pdf
• Pass-The-Hash 2: The Admin’s Revenge
  • US-13-Duckwall-Pass-the-Hash-WP.pdf
  • US-13-Duckwall-Pass-the-Hash-Slides.pdf
  • US-13-Duckwall-Pass-The-Hash-2-The-Admins-Revenge-Code.zip
• Pixel Perfect Timing Attacks with HTML5
  • US-13-Stone-Pixel-Perfect-Timing-Attacks-with-HTML5-WP.pdf
• Post Exploitation Operations with Cloud Synchronization Services
  • US-13-Williams-Post-Exploitation-Operations-with-Cloud-Synchronization-Services-WP.pdf
  • US-13-Williams-Post-Exploitation-Operations-with-Cloud-Synchronization-Services-Slides.pdf
• Power Analysis Attacks for Cheapskates
  • US-13-OFlynn-Power-Analysis-Attacks-for-Cheapskates-WP.pdf
  • US-13-OFlynn-Power-Analysis-Attacks-for-Cheapskates-Slides.pdf
• Predicting Susceptibility to Social Bots on Twitter
  • US-13-Sumner-Predicting-Susceptibility-to-Social-Bots-on-Twitter-Slides.pdf
• Press ROOT to continue: Detecting OSX and Windows bootkits with RDFU
  • US-13-Vuksan-Press-ROOT-to-Continue-Detecting-MacOS-and-Windows-Bootkits-with-RDFU-WP.pdf
  • US-13-Vuksan-Press-ROOT-to-Continue-Detecting-MacOS-and-Windows-Bootkits-with-RDFU-Slides.pdf
• Revealing Embedded Fingerprints: Deriving intelligence from USB stack interactions
  • US-13-Davis-Deriving-Intelligence-From-USB-Stack-Interactions-Slides.pdf
• RFID Hacking: Live Free or RFID Hard
  • US-13-Brown-RFID-Hacking-Live-Free-or-RFID-Hard-Slides.pdf
  • US-13-Brown-RFID-Hacking-Live-Free-or-RFID-Hard-Code.zip
• The SCADA That Didn’t Cry Wolf- Who’s Really Attacking Your ICS Devices- Part Deux!
  • US-13-Wilhoit-The-SCADA-That-Didnt-Cry-Wolf-Whos-Really-Attacking-Your-ICS-Devices-Slides.pdf
• Smashing The Font Scaler Engine in Windows Kernel
  • US-13-Chan-Smashing-The-Font-Scaler-Engine-in-Windows-Kernel-WP.pdf
  • US-13-Chan-Smashing-The-Font-Scaler-Engine-in-Windows-Kernel-Slides.pdf
• SSL, gone in 30 seconds – a BREACH beyond CRIME
  • US-13-Prado-SSL-Gone-in-30-seconds-A-BREACH-beyond-CRIME-WP.pdf
  • US-13-Prado-SSL-Gone-in-30-seconds-A-BREACH-beyond-CRIME-Slides.pdf
• TLS ‘secrets’
  • US-13-Daigniere-TLS-Secrets-WP.pdf
  • US-13-Daigniere-TLS-Secrets-Slides.pdf
• UART THOU MAD?
  • US-13-Kohlenberg-UART-Thou-Mad-WP.pdf
  • US-13-Kohlenberg-UART-Thou-Mad-Slides.pdf
• Universal DDoS Mitigation Bypass
  • US-13-Lee-Universal-DDoS-Mitigation-Bypass-WP.pdf
  • US-13-Lee-Universal-DDoS-Mitigation-Bypass-Slides.pdf
  • US-13-Lee-Universal-DDoS-Mitigation-Bypass-Code.zip
• USING ONLINE ACTIVITY AS DIGITAL FINGERPRINTS TO CREATE A BETTER SPEAR PHISHER
  • US-13-Espinhara-Using-Online-Activity-As-Digital-Fingerprints-WP.pdf
  • US-13-Espinhara-Using-Online-Activity-As-Digital-Fingerprints-Slides.pdf
• Virtual Deobfuscator – a DARPA Cyber Fast Track funded effort
  • US-13-Raber-Virtual-Deobfuscator-A-DARPA-Cyber-Fast-Track-Funded-Effort-WP.pdf
  • US-13-Raber-Virtual-Deobfuscator-A-DARPA-Cyber-Fast-Track-Funded-Effort-Slides.pdf
  • US-13-Raber-Virtual-Deobfuscator-A-DARPA-Cyber-Fast-Track-Funded-Effort-Code.zip
• What’s on the Wire? Physical Layer Tapping with Project Daisho
  • US-13-Spill-Whats-on-the-Wire-WP.pdf
  • US-13-Spill-Whats-on-the-Wire-Slides.pdf
• With BIGDATA comes BIG responsibility: Practical exploiting of MDX injections
  • US-13-Chastuhin-With-BIGDATA-comes-BIG-responsibility-WP.pdf
  • US-13-Chastuhin-With-BIGDATA-comes-BIG-responsibility-Slides.pdf
• ‘) UNION SELECT `This_Talk` AS (‘New Optimization and Obfuscation Techniques’)
  • US-13-Salgado-SQLi-Optimization-and-Obfuscation-Techniques-WP.pdf
  • US-13-Salgado-SQLi-Optimization-and-Obfuscation-Techniques-Slides.pdf
• Embedded Devices Security and Firmware Reverse Engineering
  • US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-WP.pdf
  • US-13-Zaddach-Workshop-on-Embedded-Devices-Security-and-Firmware-Reverse-Engineering-Slides.pdf
• JTAGulator: Assisted discovery of on-chip debug interfaces
  • US-13-Grand-JTAGulator-Assisted-Discovery-of-On-Chip-Debug-Interfaces-Slides.pdf
  • US-13-Grand-JTAGulator-Assisted-Discovery-of-On-Chip-Debug-Interfaces-Code.zip
• Methodologies for Hacking Embedded Security Appliances
  • US-13-Bathurst-Methodologies-for-Hacking-Embdded-Security-Appliances-Slides.pdf
• Mo Malware Mo Problems – Cuckoo Sandbox to the rescue
  • US-13-Bremer-Mo-Malware-Mo-Problems-Cuckoo-Sandbox-WP.pdf
  • US-13-Bremer-Mo-Malware-Mo-Problems-Cuckoo-Sandbox-Slides.pdf
• PDF Attack: A Journey from the Exploit Kit to the shellcode
  • US-13-Esparza-PDF-Attack-A-journey-from-the-Exploit-Kit-Slides.pdf
  • US-13-Esparza-PDF-Attack-A-journey-from-the-Exploit-Kit-Slides-Source.zip
• Practical Pentesting of ERPs and Business Applications
  • US-13-Polyakov-Practical-Pentesting-of-ERPs-and-Business-Applications-WP.pdf
  • US-13-Polyakov-Practical-Pentesting-of-ERPs-and-Business-Applications-Slides.pdf
• Abusing Web APIs Through Scripted Android Applications
  • US-13-Peck-Abusing-Web-APIs-Through-Scripted-Android-Applications-WP.pdf
  • US-13-Peck-Abusing-Web-APIs-Through-Scripted-Android-Applications-Slides.pdf
• Beyond the Application: Cellular Privacy Regulation Space
  • US-13-Dudley-Beyond-the-Application-Cellular-Privacy-Regulatory-Space-WP.pdf
  • US-13-Dudley-Beyond-the-Application-Cellular-Privacy-Regulatory-Space-Slides.pdf
• Clickjacking Revisited: A Perceptual View of UI Security
  • US-13-Akhawe-Clickjacking-Revisited-A-Perceptual-View-of-UI-Security-Slides.pdf
• CMX: IEEE Clean File Metadata Exchange
  • US-13-Kennedy-CMX-IEEE-Clean-File-Metadata-Exchange-WP.pdf
• CrowdSource: An Open Source, Crowd Trained Machine Learning Model for Malware Capability Detection
  • US-13-Saxe-CrowdSource-An-Open-Source-Crowd-Trained-Machine-Learning-Model-Slides.pdf
• Denial of Service as a Service – asymmetrical warfare at its finest
  • US-13-Masse-Denial-of-Service-as-a-Service-Slides.pdf
• Denying service to DDOS protection services
  • US-13-Nixon-Denying-Service-to-DDOS-Protection-Services-WP.pdf
  • US-13-Nixon-Denying-Service-to-DDOS-Protection-Services-Slides.pdf
• LTE BOOMS WITH VULNERABILITIES
  • US-13-Gupta-LTE-Booms-withVulnerabilities-WP.pdf
• Malicious File for Exploiting Forensic Software
  • US-13-Haruyama-Malicous-File-For-Exploiting-Forensic-Software-Slides.pdf
• Mobile Malware: Why the traditional AV paradigm is doomed and how to use physics to detect undesirable routines
  • US-13-Stewart-Mobile-Malware-Why-the-Traditional-AV-Paradigm-is-Doomed-WP.pdf
  • US-13-Stewart-Mobile-Malware-Why-the-Traditional-AV-Paradigm-is-Doomed-Slides.pdf
• New Trends in FastFlux Networks
  • US-13-Xu-New-Trends-in-FastFlux-Networks-WP.pdf
  • US-13-Xu-New-Trends-in-FastFlux-Networks-Slides.pdf
• OPSEC failures of spies
  • US-13-Cole-OPSEC-Failures-of-Spies-Slides.pdf
• Password Hashing: the Future is Now
  • US-13-Aumasson-Password-Hashing-the-Future-is-Now-WP.pdf
  • US-13-Aumasson-Password-Hashing-the-Future-is-Now-Slides.pdf
• Shattering Illusions in Lock-Free Worlds: Compiler/Hardware Behaviors in OSes and VMs
  • us-13-Blanchou-Shattering-Illusions-in-Lock-Free-Worlds.pdf
• TOR… ALL-THE-THINGS!
  • US-13-Geffner-Tor…-All-The-Things-WP.pdf
  • US-13-Geffner-Tor…-All-The-Things-Slides.pdf
• Truncating TLS Connections to Violate Beliefs in Web Applications
  • US-13-Smyth-Truncating-TLS-Connections-to-Violate-Beliefs-in-Web-Applications-WP.pdf
  • US-13-Smyth-Truncating-TLS-Connections-to-Violate-Beliefs-in-Web-Applications-Slides.pdf
• The Web IS Vulnerable: XSS Defense on the BattleFront
  • US-13-Wroblewski-The-Web-IS-Vulnerable-XSS-Defense-on-the-Battle-Front-Slides.pdf
  • US-13-Wroblewski-The-Web-IS-Vulnerable-XSS-Defense-on-the-BattleFront-Code.zip

Fuente: http://www.cyberhades.com/

Fuente: http://www.blackploit.com/2013/08/blackhat-usa-2013-presentaciones-y.html