| Dangling Pointer |
Jonathan Afek |
Presentation |
Paper |
| Fuzzing Sucks! |
Aaron Portnoy, Pedram Amini |
- |
Paper |
| Injecting RDS-TMC Traffic Information Signals a.k.a. How to freak out your Satellite Navigation |
Andrea Barisani & Daniele Bianco |
Presentation |
Paper |
| Smoke 'em Out! |
Rohyt Belani & Keith Jones |
- |
Paper |
| Sphinx: An Anomaly-based Web Intrusion Detection System |
Damiano Bolzoni, Emmanuel Zambon |
- |
- |
| Remote and Local Exploitation of Network Drivers |
Yuriy Bulygin |
Presentation |
Paper |
| Blackout: What Really Happened... |
Jamie Butler, Kris Kendall |
Presentation |
- |
| Intranet Invasion With Anti-DNS Pinning |
David Byrne |
Presentation |
Paper |
| Traffic Analysis - The Most Powerful and Least Understood Attack Methods |
Jon Callas, Raven Alder, Riccardo Bettati, Nick Mathewson |
Presentation |
- |
| Reverse Engineering Automation with Python |
Ero Carrera |
Presentation |
- |
| Defeating Web Browser Heap Spray Attacks |
Stephan Chenette, Moti Joseph |
Presentation |
- |
| Iron Chef Blackhat |
Brian Chess, Jacob West, Sean Fay, Toshinari Kureha |
Presentation |
Paper |
| Unforgivable Vulnerabilities |
Steve Christey |
- |
Paper |
| Computer and Internet Security Law - A Year in Review 2006-2007 |
Robert W. Clark |
Presentation |
- |
| Building an Effective Application Security Practice on a Shoestring Budget |
David Coffey, John Viega |
Presentation |
Paper |
| Side Channel Attacks (DPA) and Countermeasures for Embedded Systems |
Job De Haas |
Presentation |
- |
| The Security Analytics Project: Alternatives in Analysis |
Mark Ryan del Moral Talabis |
Presentation |
Paper |
| VoIP Security: Methodology and Results |
Barrie Dempster |
Presentation |
Paper |
| Revolutionizing the Field of Grey-box Attack Surface Testing with Evolutionary Fuzzing |
Jared DeMott, Dr. Richard Enbody, Dr. Bill Punch |
Presentation |
Paper |
| PISA: Protocol Identification via Statistical Analysis |
Rohit Dhamankar, Rob King |
Presentation |
Paper |
| Tor and Blocking-resistance |
Roger Dingledine |
- |
- |
| Something Old (H.323), Something New (IAX), Something Hollow (Security), and Something Blue (VoIP Administrators) |
Himanshu Dwivedi, Zane Lackey |
Presentation |
Paper |
| Kernel Wars |
Joel Eriksson, Christer Öberg, Claes Nyberg, Karl Janmar |
Presentation |
Paper |
| CaffeineMonkey: Automated Collection, Detection and Analysis of Malicious JavaScript |
Ben Feinstein, Daniel Peck |
Presentation |
Paper |
| Understanding the Heap by Breaking It |
Justin N. Ferguson |
Presentation |
Paper |
| SQL Server Database Forensics |
Kevvie Fowler |
Presentation |
Paper |
| Hacking Capitalism |
Dave G., Jeremy Rauch |
Presentation |
- |
| Greetz from Room 101 |
Kenneth Geers |
Presentation |
Paper |
| Hacking Intranet Websites from the Outside (Take 2)—"Fun With and Without JavaScript Malware" |
Jeremiah Grossman, Robert Hansen |
Presentation |
Paper |
| Disclosure and Intellectual Property Law: Case Studies |
Jennifer Granick |
- |
- |
| A Dynamic Technique for Enhancing the Security and Privacy of Web Applications |
Ezequiel D. Gutesman & Ariel Waissbein |
Presentation |
Paper |
| Stealth Secrets of the Malware Ninjas |
Nick Harbour |
Presentation |
Paper |
| Hacking the Extensible Firmware Interface |
John Heasman |
Presentation |
- |
| Attacking Web Service Security: Message Oriented Madness, XML Worms and Web Service Security Sanity |
Brad Hill |
Presentation |
Paper |
| Vista Network Attack Surface Analysis and Teredo Security Implications |
Jim Hoagland |
Presentation |
Paper |
| Active Reversing: The Next Generation of Reverse Engineering |
Greg Hoglund |
Presentation |
- |
| Status of Cell Phone Malware in 2007 |
Mikko Hypponen |
Presentation |
Paper |
| Black Ops 2007: Design Reviewing The Web |
Dan Kaminksy |
Presentation |
- |
| Vulnerabilities in Wi-Fi/Dual-Mode VoIP Phones |
Krishna Kurapati |
Presentation |
Paper |
| Point, Click, RTPInject |
Zane Lackey, Alex Garbutt |
Presentation |
- |
| RFIDIOts!!! - Practical RFID Hacking (Without Soldering Irons or Patent Attorneys) |
Adam Laurie |
Presentation |
- |
| Anonymous Authentication - Preserving Your Privacy Online |
Dr. Andrew Lindell |
Presentation |
Paper |
| Attacking the Windows Kernel |
Jonathan Lindsay |
Presentation |
Paper |
| Database Forensics |
David Litchfield |
Presentation |
- |
| OpenBSD Remote Exploit |
Alfredo Ortega |
Presentation |
Paper |
| It's All About the Timing |
Haroon Meer, Marco Slaviero |
Presentation |
Paper |
| Hacking Leopard: Tools and techniques for attacking the newest Mac OS X |
Charlie Miller |
Presentation |
Paper |
| Other Wireless: New ways of being Pwned |
Luis Miras |
Presentation |
Paper |
| Defeating Information Leak Prevention |
Eric Monti, Dan Moniz |
Presentation |
- |
| Tactical Exploitation |
HD Moore, Valsmith |
Presentation |
Paper |
| Type Conversion Errors: How a Little Data Type Can Do a Whole Lot of Damage |
Jeff Morin |
Presentation |
Paper |
| (un)Smashing the Stack |
Shawn Moyer |
Presentation |
Paper |
| RFID for Beginners++ |
Chris Paget |
Presentation |
- |
| Social Network Site Data Mining |
Stephen Patton |
Presentation |
Paper |
| Securing the Tor Network |
Mike Perry |
Presentation |
Paper |
| Don't Tell Joanna, The Virtualized Rootkit Is Dead |
Thomas Ptacek, Nate Lawson |
Presentation |
- |
| Covert Debugging: Circumventing Software Armoring Techniques |
Danny Quist, Valsmith |
Presentation |
Paper |
| NACATTACK |
Dror-John Roecher, Michael Thumann |
Presentation |
Paper |
| IsGameOver(), anyone? |
Joanna Rutkowska, Alexander Tereshkin |
Presentation |
- |
| Reversing C++ |
Paul Vincent Sabanal |
- |
- |
| Strengths and Weaknesses of Access Control Systems |
Eric Schmiedl, Mike Spindell |
Presentation |
Paper |
| Reflection DNS Poisoning |
Jerry Schneider |
- |
- |
| Building and Breaking the Browser |
Window Snyder, Mike Shaver |
Presentation |
Paper |
| Heap Feng Shui in JavaScript |
Alexander Sotirov |
Presentation |
Paper |
| Blind Security Testing - An Evolutionary Approach |
Scott Stender |
Presentation |
Paper |
| Just Another Windows Kernel Perl Hacker |
Joe Stewart |
Presentation |
Paper |
| Premature Ajax-ulation |
Bryan Sullivan, Billy Hoffman |
- |
Paper |
| Transparent Weaknesses in VoIP |
Peter Thermos |
Presentation |
- |
| Exposing Vulnerabilities in Media Software |
David Thiel |
Presentation |
Paper |
| OpenID: Single Sign-On for the Internet |
Eugene Tsyrklevich, Vlad Tsyrklevich |
Presentation |
Paper |
| Timing Attacks for Recovering Private Entries From Database Engines |
Ariel Waissbein, Damian Saura |
Presentation |
Paper |
| Static Detection of Application Backdoors |
Chris Wysopal, Chris Eng |
Presentation |
Paper |
| The Art of Unpacking |
Mark Vincent Yason |
Presentation |
Paper |
| Kick Ass Hypervisoring: Windows Server Virtualization |
Brandon Baker |
Architecture Security |
- |
| Breaking C++ Applications |
Mark Dowd, John McDonald, Neel Mehta |
- |
Paper |
| Estonia: Information Warfare and Strategic Lessons |
Gadi Evron |
- |
- |
| The Little Hybrid Web Worm that Could |
Billy Hoffman, John Terrill |
- |
Paper |
| A Picture's Worth... |
Dr. Neal Krawetz |
Presentation |
Paper |
| Practical Sandboxing - Techniques for Isolating Processes |
David LeBlanc |
- |
- |
| Longhorn Server Foundation & Server Roles |
Iain McDonald |
- |
- |
| Simple Solutions to Complex Problems from the Lazy Hacker's Handbook |
David Maynor, Robert Graham |
- |
Paper |
| Breaking Forensics Software: Weaknesses in Critical Evidence Collection |
Chris Palmer, Tim Newsham, Alex Stamos, Chris Ridder |
- |
- |
| Anonymity and its Discontents |
Len Sassaman |
- |
Paper |
| Reversing MSRC Updates: Case Studies of MSRC Bulletins 2004-2007 |
Greg Wroblewski |
- |
- |
| Observing the Tidal Waves of Malware |
Stefano Zanero |
- |
- |
| Z-Phone |
Phil Zimmermann |
- |
- |