Memorias del Black Hat USA 2009

Memorias Black Hat

Se ha liberado la documentación oficial del Blackhat USA, una de las conferencia de seguridad más importantes a nivel mundial, a continuación les dejo los contenidos expuestos en estas conferencias:

BHUSA09 webdoc Memorias del Black Hat Usa 2009 = Paper

BHUSA09 webdeck Memorias del Black Hat Usa 2009 = Diapositivas de la presentacion

= Video Presentacion

= Codigo Fuente

Alessandro Acquisti

I Just Found 10 Million SSN’s

Dmitri Alperovitch, Keith Mularski

Fighting Russian Cybercrime Mobsters: Report from the Trenches

Andrea Barisani, Daniele Bianco

Sniff Keystrokes With Lasers/Voltmeters

Side Channel Attacks Using Optical Sampling of Mechanical Energy and Power Line Leakage

Marc Bevand

MD5 Chosen-Prefix Collisions on GPUs

Bill Blunden

Anti-Forensics: The Rootkit Connection

Hristo Bojinov, Dan Boneh, Elie Bursztein

Embedded Management Interfaces: Emerging Massive Insecurity

Michael Brooks, David Aslanian

BitTorrent Hacks

Jesse Burns

Exploratory Android Surgery

K. Chen

Reversing and Exploiting an Apple® Firmware Update

Matt Conover

SADE: Injecting Agents into VM Guest OS

Dino Dai Zovi

Advanced Mac OS X Rootkits


Lockpicking Forensics

Nitesh Dhanjani

Psychotronica: Exposure, Control, and Deceit

Mark Dowd, Ryan Smith, David Dewey

The Language of Trust: Exploiting Trust Relationships in Active Content

Muhaimin Dzulfakar

Advanced MySQL Exploitation

Michael Eddington

Demystifying Fuzzers


Using Guided Missiles in Drive-by’s: Automatic browser fingerprinting and exploitation with Metasploit

Rachel Engel

Gizmo: A Lightweight Open Source Web Proxy

Stefan Esser

State of the Art Post Exploitation in Hardened PHP Environments

Tony Flick

Hacking the Smart Grid

Andrew Fried, Paul Vixie, Dr. Chris Lee

Internet Special Ops: Stalking Badness Through Data Mining

Chris Gates

Breaking the “Unbreakable” Oracle with Metasploit

Travis Goodspeed

A 16 bit Rootkit and Second Generation Zigbee Chips

Joe Grand, Jacob Appelbaum, Chris Tarnovsky

“Smart” Parking Meter Implementations, Globalism, and You

Jennifer Granick

Computer Crime Year In Review: MySpace, MBTA, Boston College and More

Jeremiah Grossman, Trey Ford

Mo’ Money Mo’ Problems: Making A LOT More Money on the Web the Black Hat Way

Peter Guerra

How Economics and Information Security Affects Cyber Crime and What It Means in the Context of a Global Recession

Nathan Hamiel, Shawn Moyer

Weaponizing the Web: More Attacks on User-Generated Content

Nick Harbour

Win at Reversing: Tracing and Sandboxing through Inline Hooking

Riley Hassell

Exploiting Rich Content

Mikko Hypponen

The Conficker Mystery

Vincenzo Iozzo, Charlie Miller

Post Exploitation Bliss: Loading Meterpreter on a Factory iPhone

Dan Kaminsky

Something about Network Security

Peter Kleissner

Stoned Bootkit

Kostya Kortchinsky

Cloudburst: Hacking 3D (and Breaking Out of VMware)

Zane Lackey, Luis Miras

Attacking SMS

Aaron LeMasters, Michael Murphy

Rapid Enterprise Triaging (RETRI): How to Run a Compromised Network and Keep Your Data Safe

Felix “FX” Lindner

Router Exploitation

Kevin Mahaffey, Anthony Lineberry, John Hering

Is Your Phone Pwned? Auditing, Attacking and Defending Mobile Devices

Moxie Marlinspike

More Tricks For Defeating SSL

John McDonald, Chris Valasek

Practical Windows XP/2003 Heap Exploitation

Haroon Meer, Nick Arvanitis, Marco Slaviero

Clobbering the Cloud!

Erez Metula

Managed Code Rootkits: Hooking into the Runtime Environments

Charlie Miller, Collin Mulliner

Fuzzing the Phone in your Phone

David Mortman

A Black Hat Vulnerability Risk Assessment

Graeme Neilson

Netscreen of the Dead: Developing a Trojaned ScreenOS for Juniper Netscreen Appliances

Steve Ocepek

Long-Term Sessions: This Is Why We Can’t Have Nice Things

Jeongwook Oh

Fight Against 1-day Exploits: Diffing Binaries vs Anti-diffing Binaries

Alfredo Ortega, Anibal Sacco

Deactivate the Rootkit

Thomas H. Ptacek, David Goldsmith, Jeremy Rauch

Hacking Capitalism ’09: Vulnerabilities In Markets And Trading Platforms

Danny Quist, Lorie Liebrock

Reverse Engineering By Crayon: Game Changing Hypervisor Based Malware Analysis and Visualization

Tiffany Strauchs Rad, James Arlen

Your Mind: Legal Status, Rights and Securing Yourself

Daniel Raygoza

Automated Malware Similarity Analysis

Peter Silberman, Steve Davis

Metasploit Autopsy: Reconstructing the Crime Scene

Val Smith, Colin Ames, David Kerb


Mike Zusman, Alexander Sotirov

Breaking the security myths of Extended Validation SSL Certificates

Kevin Stadmeyer, Garrett Held

Worst of the Best of the Best

Bryan Sullivan

Defensive Rewriting: A New Take on XSS/XSRF/Redirect-Phishing Defense

Chris Tarnovsky

What the hell is inside there?

Steve Topletz, Jonathan Logan and Kyle Williams

Global Spying: Realistic Probabilities in Modern Signals Intelligence

Michael Tracy, Chris Rohlf, Eric Monti

Ruby for Pentesters

Dustin “I)ruid” Trammell

Metasploit Telephony

Eduardo Vela Nava, David Lindsay

Our Favorite XSS Filters and How to Attack Them

Mario Vuksan, Tomislav Pericin

Fast & Furious Reverse Engineering with TitanEngine

Chris Weber

Unraveling Unicode: A Bag of Tricks for Bug Hunting

Jeff Williams

Enterprise Java Rootkits

Si te ha gustado el post, compartelo y ayudanos a crecer.

Unete a nuestra Fanpage Siguenos en Twitter

Autor: DragoN

Ingeniero en Sistemas y Telecomunicaciones de la Universidad de Manizales. Information Security Researcher con más de 10 años de experiencias en Ethical Hacking, Pen Testing y Análisis Forense. Docente Universitario en Pre y Post-Grado, Speaker y Organizador de diferentes eventos de Seguridad Informática, Fundador del DragonJAR Security Conference y Fundador de DragonJAR SAS y de La Comunidad DragonJAR, una de las comunidades de seguridad informática mas grandes de habla hispana y referente en el sector.

Compartir este Artículo


O Puedes Subscribete







Aprende ONLINE Técnicas HACKING y Seguridad Informática guiad@ por Profesionales RECONOCIDOS con más de 10 años de experiencia REAL en el campo de la Seguridad Informática

Toma acción !AHORA¡
miles ya lo han hecho

NUNCA te enviaremos spam.

  • No necesitas conocimiento previo (De 0 a Ninja)
  • Docentes reconocidos en el medio y con experiencia REAL
  • Clases ONLINE en VIVO que luego podrás repasar si lo deseas desde cualquier parte o cualquier dispositivo
  • Contenidos EXCLUSIVOS generados por nuestros docentes
  • Contacto constante con el docente por distintos medios, antes, durante y después de las clases
  • Laboratorios en linea para que nuestros alumnos practiquen sus conocimientos sin problemas
  • Exclusivo FORO VIP de Alumnos y Ex-Alumnos donde se continúa el aprendizaje y se comparte conocimiento
  • Te entregamos un diploma de certificación por cada curso
  • Miles de ex-alumnos felices