Memorias del Black Hat USA 2009
Se ha liberado la documentación oficial del Blackhat USA, una de las conferencia de seguridad más importantes a nivel mundial, a continuación les dejo los contenidos expuestos en estas conferencias:
= Paper
= Diapositivas de la presentacion
= Video Presentacion
= Codigo Fuente
Alessandro Acquisti
Índice
I Just Found 10 Million SSN's
Fighting Russian Cybercrime Mobsters: Report from the Trenches
Sniff Keystrokes With Lasers/Voltmeters
Side Channel Attacks Using Optical Sampling of Mechanical Energy and Power Line Leakage
MD5 Chosen-Prefix Collisions on GPUs
Anti-Forensics: The Rootkit Connection
Embedded Management Interfaces: Emerging Massive Insecurity
BitTorrent Hacks
Exploratory Android Surgery
Reversing and Exploiting an Apple® Firmware Update
SADE: Injecting Agents into VM Guest OS
Advanced Mac OS X Rootkits
Lockpicking Forensics
Psychotronica: Exposure, Control, and Deceit
The Language of Trust: Exploiting Trust Relationships in Active Content
Advanced MySQL Exploitation
Demystifying Fuzzers
Using Guided Missiles in Drive-by's: Automatic browser fingerprinting and exploitation with Metasploit
Gizmo: A Lightweight Open Source Web Proxy
State of the Art Post Exploitation in Hardened PHP Environments
Hacking the Smart Grid
Internet Special Ops: Stalking Badness Through Data Mining
Breaking the "Unbreakable" Oracle with Metasploit
A 16 bit Rootkit and Second Generation Zigbee Chips
"Smart" Parking Meter Implementations, Globalism, and You
Computer Crime Year In Review: MySpace, MBTA, Boston College and More
Mo' Money Mo' Problems: Making A LOT More Money on the Web the Black Hat Way
How Economics and Information Security Affects Cyber Crime and What It Means in the Context of a Global Recession
Weaponizing the Web: More Attacks on User-Generated Content
Win at Reversing: Tracing and Sandboxing through Inline Hooking
Exploiting Rich Content
The Conficker Mystery
Post Exploitation Bliss: Loading Meterpreter on a Factory iPhone
Something about Network Security
Stoned Bootkit
Cloudburst: Hacking 3D (and Breaking Out of VMware)
Attacking SMS
Rapid Enterprise Triaging (RETRI): How to Run a Compromised Network and Keep Your Data Safe
Router Exploitation
Is Your Phone Pwned? Auditing, Attacking and Defending Mobile Devices
More Tricks For Defeating SSL
Practical Windows XP/2003 Heap Exploitation
Clobbering the Cloud!
Managed Code Rootkits: Hooking into the Runtime Environments
Fuzzing the Phone in your Phone
A Black Hat Vulnerability Risk Assessment
Netscreen of the Dead: Developing a Trojaned ScreenOS for Juniper Netscreen Appliances
Long-Term Sessions: This Is Why We Can't Have Nice Things
Fight Against 1-day Exploits: Diffing Binaries vs Anti-diffing Binaries
Deactivate the Rootkit
Hacking Capitalism '09: Vulnerabilities In Markets And Trading Platforms
Reverse Engineering By Crayon: Game Changing Hypervisor Based Malware Analysis and Visualization
Your Mind: Legal Status, Rights and Securing Yourself
Automated Malware Similarity Analysis
Metasploit Autopsy: Reconstructing the Crime Scene
MetaPhish
Breaking the security myths of Extended Validation SSL Certificates
Worst of the Best of the Best
Defensive Rewriting: A New Take on XSS/XSRF/Redirect-Phishing Defense
What the hell is inside there?
Global Spying: Realistic Probabilities in Modern Signals Intelligence
Ruby for Pentesters
Metasploit Telephony
Our Favorite XSS Filters and How to Attack Them
Fast & Furious Reverse Engineering with TitanEngine
Unraveling Unicode: A Bag of Tricks for Bug Hunting
Enterprise Java Rootkits
I Just Found 10 Million SSN's
Dmitri Alperovitch, Keith Mularski
Fighting Russian Cybercrime Mobsters: Report from the Trenches
Andrea Barisani, Daniele Bianco
Sniff Keystrokes With Lasers/Voltmeters
Side Channel Attacks Using Optical Sampling of Mechanical Energy and Power Line Leakage