Memorias del Black Hat USA 2009

Memorias Black Hat

Se ha liberado la documentación oficial del Blackhat USA, una de las conferencia de seguridad más importantes a nivel mundial, a continuación les dejo los contenidos expuestos en estas conferencias:

BHUSA09 webdoc Memorias del Black Hat Usa 2009 = Paper

BHUSA09 webdeck Memorias del Black Hat Usa 2009 = Diapositivas de la presentacion

= Video Presentacion

= Codigo Fuente

Alessandro Acquisti

Índice
  • I Just Found 10 Million SSN's
  • Fighting Russian Cybercrime Mobsters: Report from the Trenches
  • Sniff Keystrokes With Lasers/Voltmeters Side Channel Attacks Using Optical Sampling of Mechanical Energy and Power Line Leakage
  • MD5 Chosen-Prefix Collisions on GPUs
  • Anti-Forensics: The Rootkit Connection
  • Embedded Management Interfaces: Emerging Massive Insecurity
  • BitTorrent Hacks
  • Exploratory Android Surgery
  • Reversing and Exploiting an Apple® Firmware Update
  • SADE: Injecting Agents into VM Guest OS
  • Advanced Mac OS X Rootkits
  • Lockpicking Forensics
  • Psychotronica: Exposure, Control, and Deceit
  • The Language of Trust: Exploiting Trust Relationships in Active Content
  • Advanced MySQL Exploitation
  • Demystifying Fuzzers
  • Using Guided Missiles in Drive-by's: Automatic browser fingerprinting and exploitation with Metasploit
  • Gizmo: A Lightweight Open Source Web Proxy
  • State of the Art Post Exploitation in Hardened PHP Environments
  • Hacking the Smart Grid
  • Internet Special Ops: Stalking Badness Through Data Mining
  • Breaking the "Unbreakable" Oracle with Metasploit
  • A 16 bit Rootkit and Second Generation Zigbee Chips
  • "Smart" Parking Meter Implementations, Globalism, and You
  • Computer Crime Year In Review: MySpace, MBTA, Boston College and More
  • Mo' Money Mo' Problems: Making A LOT More Money on the Web the Black Hat Way
  • How Economics and Information Security Affects Cyber Crime and What It Means in the Context of a Global Recession
  • Weaponizing the Web: More Attacks on User-Generated Content
  • Win at Reversing: Tracing and Sandboxing through Inline Hooking
  • Exploiting Rich Content
  • The Conficker Mystery
  • Post Exploitation Bliss: Loading Meterpreter on a Factory iPhone
  • Something about Network Security
  • Stoned Bootkit
  • Cloudburst: Hacking 3D (and Breaking Out of VMware)
  • Attacking SMS
  • Rapid Enterprise Triaging (RETRI): How to Run a Compromised Network and Keep Your Data Safe
  • Router Exploitation
  • Is Your Phone Pwned? Auditing, Attacking and Defending Mobile Devices
  • More Tricks For Defeating SSL
  • Practical Windows XP/2003 Heap Exploitation
  • Clobbering the Cloud!
  • Managed Code Rootkits: Hooking into the Runtime Environments
  • Fuzzing the Phone in your Phone
  • A Black Hat Vulnerability Risk Assessment
  • Netscreen of the Dead: Developing a Trojaned ScreenOS for Juniper Netscreen Appliances
  • Long-Term Sessions: This Is Why We Can't Have Nice Things
  • Fight Against 1-day Exploits: Diffing Binaries vs Anti-diffing Binaries
  • Deactivate the Rootkit
  • Hacking Capitalism '09: Vulnerabilities In Markets And Trading Platforms
  • Reverse Engineering By Crayon: Game Changing Hypervisor Based Malware Analysis and Visualization
  • Your Mind: Legal Status, Rights and Securing Yourself
  • Automated Malware Similarity Analysis
  • Metasploit Autopsy: Reconstructing the Crime Scene
  • MetaPhish
  • Breaking the security myths of Extended Validation SSL Certificates
  • Worst of the Best of the Best
  • Defensive Rewriting: A New Take on XSS/XSRF/Redirect-Phishing Defense
  • What the hell is inside there?
  • Global Spying: Realistic Probabilities in Modern Signals Intelligence
  • Ruby for Pentesters
  • Metasploit Telephony
  • Our Favorite XSS Filters and How to Attack Them
  • Fast & Furious Reverse Engineering with TitanEngine
  • Unraveling Unicode: A Bag of Tricks for Bug Hunting
  • Enterprise Java Rootkits

    • I Just Found 10 Million SSN's

    Dmitri Alperovitch, Keith Mularski

    Fighting Russian Cybercrime Mobsters: Report from the Trenches

    Andrea Barisani, Daniele Bianco

    Sniff Keystrokes With Lasers/Voltmeters

    Side Channel Attacks Using Optical Sampling of Mechanical Energy and Power Line Leakage

    Marc Bevand

    MD5 Chosen-Prefix Collisions on GPUs

    Bill Blunden

    Anti-Forensics: The Rootkit Connection

    Hristo Bojinov, Dan Boneh, Elie Bursztein

    Embedded Management Interfaces: Emerging Massive Insecurity

    Michael Brooks, David Aslanian

    BitTorrent Hacks

    Jesse Burns

    Exploratory Android Surgery

    K. Chen

    Reversing and Exploiting an Apple® Firmware Update

    Matt Conover

    SADE: Injecting Agents into VM Guest OS

    Dino Dai Zovi

    Advanced Mac OS X Rootkits

    Datagram

    Lockpicking Forensics

    Nitesh Dhanjani

    Psychotronica: Exposure, Control, and Deceit

    Mark Dowd, Ryan Smith, David Dewey

    The Language of Trust: Exploiting Trust Relationships in Active Content

    Muhaimin Dzulfakar

    Advanced MySQL Exploitation

    Michael Eddington

    Demystifying Fuzzers

    Egypt

    Using Guided Missiles in Drive-by's: Automatic browser fingerprinting and exploitation with Metasploit

    Rachel Engel

    Gizmo: A Lightweight Open Source Web Proxy

    Stefan Esser

    State of the Art Post Exploitation in Hardened PHP Environments

    Tony Flick

    Hacking the Smart Grid

    Andrew Fried, Paul Vixie, Dr. Chris Lee

    Internet Special Ops: Stalking Badness Through Data Mining

    Chris Gates

    Breaking the "Unbreakable" Oracle with Metasploit

    Travis Goodspeed

    A 16 bit Rootkit and Second Generation Zigbee Chips


    Joe Grand, Jacob Appelbaum, Chris Tarnovsky

    "Smart" Parking Meter Implementations, Globalism, and You

    Jennifer Granick

    Computer Crime Year In Review: MySpace, MBTA, Boston College and More


    Jeremiah Grossman, Trey Ford

    Mo' Money Mo' Problems: Making A LOT More Money on the Web the Black Hat Way

    Peter Guerra

    How Economics and Information Security Affects Cyber Crime and What It Means in the Context of a Global Recession