Upload File

black hat usa 2012 track chair previewhtml5 top 10 threats- stealth attacks and silent exploits by:...

  • Home
  • Documents
  • Black Hat USA 2012 Track Chair Previewhtml5 top 10 threats- stealth attacks and silent exploits by: shreeraj shah amf testing made easy by luca carettoni hacking with websockets by
8
Black Hat USA 2012 Track Chair Preview Moderated by Robert Richardson, Editorial Director July 12, 2012

Upload: others

Post on 09-Jul-2020

3 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Black Hat USA 2012 Track Chair Previewhtml5 top 10 threats- stealth attacks and silent exploits by: shreeraj shah amf testing made easy by luca carettoni hacking with websockets by

Black Hat USA 2012 Track Chair Preview

Moderated by Robert Richardson, Editorial Director

July 12, 2012

Page 2: Black Hat USA 2012 Track Chair Previewhtml5 top 10 threats- stealth attacks and silent exploits by: shreeraj shah amf testing made easy by luca carettoni hacking with websockets by

Black Hat USA 2012 Track Chair Preview

SPONSOR PRESENTER:

PHILIP LIEBERMAN,

PRESIDENT AND CEO, LIEBERMAN SOFTWARE

GUEST PRESENTERS:

VINCENZO IOZZO – MOBILE SHAWN MOYER - DEFENSE NATHAN HAMIEL - APPSEC

CHRIS ROHLF - BREAKING THINGS STEFANO ZANERO - MALWARE

Page 3: Black Hat USA 2012 Track Chair Previewhtml5 top 10 threats- stealth attacks and silent exploits by: shreeraj shah amf testing made easy by luca carettoni hacking with websockets by

Black Hat USA 2012 Track Chair Preview

VINCENZO IOZZO – MOBILE

ADVANCED ARM EXPLOITATION

BY STEPHEN RIDLEY & STEPHEN LAWLER

SCALING UP BASEBAND ATTACKS: MORE (UNEXPECTED) ATTACK SURFACE BY RALF-PHILIPP WEINMANN

DON’T STAND SO CLOSE TO ME:

AN ANALYSIS OF THE NFC ATTACK SURFACE BY CHARLIE MILLER

PROBING MOBILE OPERATOR NETWORKS BY COLLIN MULLINER

ADVENTURES IN BOUNCER LAND BY NICHOLAS PERCOCO & SEAN SCHULTE

MY THREE PICKS ARE:

TORTURING OPENSSL – BY VALERIA BERTACCO

CUTECATS.EXE AND THE ARAB SPRING - BY MORGAN MARQUIS-BOIRE

HOW THE ANALYSIS OF ELECTRICAL CURRENT CONSUMPTION OF EMBEDDED SYSTEMS COULD LEAD TO CODE REVERSING? –

BY YANN ALLAIN & JULIEN MOINARD

Page 4: Black Hat USA 2012 Track Chair Previewhtml5 top 10 threats- stealth attacks and silent exploits by: shreeraj shah amf testing made easy by luca carettoni hacking with websockets by

Black Hat USA 2012 Track Chair Preview

SHAWN MOYER - DEFENSE

SEXYDEFENSE - MAXIMIZING THE HOME-FIELD ADVANTAGE IFTACH

BY IAN AMIT

THE DEFENSE RESTS: AUTOMATION AND APIS FOR IMPROVING SECURITY BY DAVID MORTMAN

CONTROL-ALT-HACK (A COMPUTER SECURITY CARD GAME) BY TADAYOSHI KOHNO & TAMARA DENNING & ADAM SHOSTACK

INTRUSION DETECTION ALONG THE KILL CHAIN BY JOHN FLYNN

EXPLOIT MITIGATION IMPROVEMENTS IN WINDOWS 8

BY MATT MILLER & KEN JOHNSON

SOME BONUS PICKS: ERRATA HITS PUBERTY: 13 YEARS OF BY CHAGRIN JERICHO

CODE REVIEWING WEB APPLICATION FRAMEWORK BASED APPLICATIONS BY ABRAHAM KANG

OWNING BAD GUYS {AND MAFIA} WITH JAVASCRIPT BOTNETS

BY CHEMA ALONSO

Page 5: Black Hat USA 2012 Track Chair Previewhtml5 top 10 threats- stealth attacks and silent exploits by: shreeraj shah amf testing made easy by luca carettoni hacking with websockets by

Black Hat USA 2012 Track Chair Preview

NATHAN HAMIEL - APPSEC

HTML5 TOP 10 THREATS- STEALTH ATTACKS AND SILENT EXPLOITS BY: SHREERAJ SHAH

AMF TESTING MADE EASY BY LUCA CARETTONI

HACKING WITH WEBSOCKETS

BY SERGEY SHEKYAN AND VAAGAN TOUKHARIAN

BLENDED THREATS AND JAVASCRIPT: A PLAN FOR PERMANENT NETWORK COMPROMISE BY PHIL PURVIANCE

STATE OF WEB EXPLOIT TOOLKITS BY JASON JONES

CONFESSIONS OF A WAF DEVELOPER: PROTOCOL-LEVEL EVASION OF WEB APPLICATION

FIREWALLS BY IVAN RISTIC

WEBTRACKING FOR YOU BY GREGORY FLEISCHER

Page 6: Black Hat USA 2012 Track Chair Previewhtml5 top 10 threats- stealth attacks and silent exploits by: shreeraj shah amf testing made easy by luca carettoni hacking with websockets by

Black Hat USA 2012 Track Chair Preview

CHRIS ROHLF - BREAKING THINGS

A STITCH IN TIME SAVES NINE: A CASE OF MULTIPLE OPERATING SYSTEM VULNERABILITY - BY

RAFAL WOJTCZUK

EXPLOITING THE JEMALLOC MEMORY ALLOCATOR: OWNINGS FIREFOX'S HEAP - BY PATROKLOS ARGYROUDIS & CHARITON KARAMITAS

THE INFO LEAK ERA ON SOFTWARE EXPLOITATION –

BY FERMIN J. SERNA

ARE YOU MY TYPE? BREAKING .NET SANDBOXES THROUGH SERIALIZATION - BY JAMES FORSHAW

PINPADPWN - BY NILS & RAFAEL DOMINGUEZ VEGA

Page 7: Black Hat USA 2012 Track Chair Previewhtml5 top 10 threats- stealth attacks and silent exploits by: shreeraj shah amf testing made easy by luca carettoni hacking with websockets by

Black Hat USA 2012 Track Chair Preview

STEFANO ZANERO - MALWARE

A SCIENTIFIC ( BUT NOT ACADEMIC) STUDY OF HOW MALWARE EMPLOYS ANTI-DEBUGGING, ANTI-

DISASSEMLY, AND ANTI-VIRTUALIZATION TECHNOLOGIES BY RODRIGO BRANCO

DE MYSTERIIS DOM JOBSIVS: MAC EFI ROOTKITS LOUKAS K

DEX EDUCATION: PRACTICING SAFE DEX BY TIMOTHY STRAZZERE

HARDWARE BACKDOORING IS PRACTICAL

BY JONATHAN BROSSARD

FLOWERS FOR AUTOMATED MALWARE ANALYSIS BY CHENGYU SONG

Page 8: Black Hat USA 2012 Track Chair Previewhtml5 top 10 threats- stealth attacks and silent exploits by: shreeraj shah amf testing made easy by luca carettoni hacking with websockets by

•  T O J O I N T H E B L A C K H AT M A I L I N G L I S T, E M A I L B H L I S T T O : F E E D B A C K @ B L A C K H AT. C O M

•  T O J O I N O U R L I N K E D I N G R O U P : •  H T T P : / / W W W. L I N K E D I N . C O M / G R O U P S ?

G I D = 3 7 6 5 8 & T R K = H B _ S I D E _ G

•  T O F O L L O W B L A C K H AT O N T W I T T E R : •  H T T P S : / / T W I T T E R . C O M / B L A C K H AT E V E N T S

•  B L A C K H AT ’S FA C E B O O K FA N PA G E : •  H T T P : / / W W W. FA C E B O O K . C O M / B L A C K H AT

•  F I N D O U T M O R E AT H T T P : / / W W W. B L A C K H AT. C O M

•  N E X T W E B C A S T: A U G U S T, B L A C K H AT U S A W R A P U P

•  F O R M O R E I N F O R M AT I O N , V I S I T W W W. L I E B S O F T. C O M

Questions & Answers


Hacking with WebSockets - Black Hat Briefingsmedia.blackhat.com/.../Shekyan/...Hacking_Websocket_Slides.pdf · A Trip into HTML5! WebSockets background! ... WebSockets API describes

Unity and WebSockets

Realtime with-websockets-2015

XSS & CSRF strike back Powered by HTML5 Shreeraj Shah ...conference.hitb.org/hitbsecconf2012kul/materials/D2T1 - Shreeraj... · Powered by HTML5 Shreeraj Shah HackInTheBox 2012 Malaysia

Intro to WebSockets

Programming WebSockets - OSCON 2010

WebSockets för applikationstestare

LO3 8 WebSockets - CSE116

Comet, WebSockets, HTML5, SSE

Lethal Attacks On The Rise Shreeraj Shah › ... › Securing_web_applications.pdf · Securing Web Applications Lethal Attacks On The Rise Shreeraj Shah Founder & Director, ... Java

WebSockets with Spring 4

Django-tornado-websockets Documentation · Django-tornado-websockets Documentation, Release 0.2.2 Django-tornado-websockets is a useful solution to provide an easy way to useTornado

Websockets & Web Messaging

Node.js and websockets intro

Using Websockets with Play!

Websockets par Martin Moizard

Comet, WebSockets, HTML5

My adventure with WebSockets

Blackhat11 shreeraj reverse_engineering_browser

Cowboy rabbit-websockets

Introduction to WebSockets Presentation

Ember and WebSockets

Cookies och Websockets

vlavrynovych - WebSockets Presentation

Asynchronous WebSockets using Django - VilniusPyvilniuspy.lt/slides/DjangoWebSockets.pdfWEBSOCKETS DJANGO CHANNELS EXAMPLE WEBSOCKETS (A.K.A.ASYNCHRONOUS WEBSOCKETS) I WebSocket is

HTML5: WebSockets and WebWorkers

Transforming WebSockets

WebSockets in Enterprise Applications

Hacking (with) WebSockets

Using WebSockets with ColdFusion

XSS & CSRF strike back Powered by HTML5 Shreeraj Shah HackInTheBox 2012 … · © Blueinfy Solutions XSS & CSRF strike back Powered by HTML5 Shreeraj Shah HackInTheBox 2012 Malaysia

Understand WebSockets

WebSockets On Fire

Jsf meets websockets

Building interactivity with websockets