Black Hat Multimedia - Presentation, Audio and Video Archives

This archive of computer security presentations is provided free of charge as a service to the world wide computer security community. Speaker presentations and materials are put on-line generally two weeks after the event. Audio and video are generally available 6-9 months after the conference. If a speaker is listed on the conference page, but their speech is not present here it generally means there is no available audio, video or materials. If you have questions or have found a broken link, please send a message to ping at blackhat døt com
[Updated August 2005] All content is streamed using a Real Networks Real Server in TCP RTSP mode (port 554) as well as in HTTP mode (port 80 and 8080). All older content is being re-encoded slowly to Real 10 format, so you will need at least a Real Player version 9 or later to view it. The updated content is done in a higher resolution, and generally is superior to the older formats. If you have problems viewing the media files, please contact us so we can look into it.
Some presentations require Acrobat Reader. Please use at least Acrobat 5.0 in order to view these files.
If you want to purchase complete video or audio of a conference, or just a specific speaker please visit The Sound of Knowledge website. They have professionally recorded video and audio available for purchase.
Black Hat Media Server hosted by: Complex Drive - Reliable, Secure, and Responsive Business Internet

Conference CDs containing speaker presentations and materials are available for purchase from our store.

Many Black Hat talks are available in audio and video formats. While we reorganize the site to include
direct links, please peruse our RSS feed for links to those talks currently online.

Black Hat Multimedia Archives Quick-link
USA	Europe	Asia	Windows Security	DC/Federal
USA 2007	Europe 2007	Asia 2007		DC 2007
USA 2006	Europe 2006	Asia 2006		Federal 2006
USA 2005	Europe 2005	Asia 2005
USA 2004	Europe 2004	Asia 2004	Windows Security 2004
USA 2003	Europe 2003	Asia 2003	Windows Security 2003	Federal 2003
USA 2002		Asia 2002	Windows Security 2002
USA 2001	Europe 2001	Asia 2001	Windows Security 2001
USA 2000	Europe 2000	Asia 2000
USA 1999
USA 1998
USA 1997

Have a look at some of our past advertising and promotional campaigns:
Ads: Europe 2007 DC 2007 Europe 2006 Federal 2006	Ads: USA 2003 Europe 2003 Windows Security 2003 USA 2002 Windows Security 2002 Europe 2003	Preview Programs: Europe 2007 DC 2007 Windows Security 2002 USA 2004

Track/Speaker/Topic

Presentation (PDFs)

White Paper/
Notes/Tools

Keynote Presentation - Black Hat Europe 2007

Welcome by Jeff Moss, Founder & CEO, Black Hat

Roger Cumming, Head of Device Delivery and Knowledge at CPNI (Center for the Protection of National Infrastructure)
How can the Security Researcher Community Work Better for the Common Good?

Speakers - Black Hat Europe 2007

Nish Bhalla
Web Service Vulnerabilities

Sun Bing
Software Virtualization Based Rootkits

Damiano Bolzoni
NIDS: False Positive Reduction Through Anomaly Detection

	Aphrodite
	Poseiden

Laurent Butti
Wi-Fi Advanced Fuzzing

Augusto Paes de Barros, André Fucs & Victor Pereira
New Botnets Trends and Threats

Cesar Cerrudo & Esteban Martinez Fayo
Hacking Databases for Owning Your Data

	White Paper
	Additional Materials

Joel Eriksson
Kernel Wars

ERESI Team
Next Generation Debuggers for Reverse Engineering

	White Paper
	Additional Materials

Kostya Kortchinsky
Making Windows Exploits More Reliable

Nitin Kumar & Vipin Kumar
Vboot Kit: Compromising Windows Vista Security

Toshinari Kureha & Dr. Brian Chess
Make My Day – Just Run a Web Scanner: Countering The Faults of Typical Web Scanners Through Byte-code Injection

Adam Laurie
RFIDIOts!!! - Practical RFID hacking (without soldering irons)

Philippe Langlois
SCTPscan - Finding Entry Points to SS7 Networks & Telecommunication Backbones

David Litchfield
Advanced Oracle Attack Techniques

Bruno Luiz
Challenging Malicious Inputs with Fault Tolerance Techniques

	White Paper
	References

Lluis Mora
SMTP Information Gathering

Mariano Nuñez Di Croce
Attacking the Giants: Exploiting SAP Internals

	White Paper
	Source Code

Billy K Rios & Raghav Dube
Kicking Down the Cross Domain Door (One XSS at a Time)

Dror-John Roecher & Michael Thumann
NACATTACK

	White Paper
	Extra

Alexander Sotirov
Heap Feng Shui in JavaScript

	White Paper
	Source Code

Ollie Whitehouse
GS and ASLR in Windows Vista

Jonathan Wilkins
ScarabMon - Automating Web Application Penetration Tests

	White Paper
	Source Code

Stefano Zanero
360° Anomaly Based Unsupervised Intrusion Detection

return to top

Track/Speaker/Topic

Presentation (PDFs)

White Paper/
Notes/Tools

Keynote Presentation - Black Hat DC 2007

Welcome by Jeff Moss, Founder & CEO, Black Hat

Special Agent (Ret) Jim Christy, Director, Futures Exploration, Department of Defense Cyber Crime Center
Cyber Crime and the Power of Digital Forensics

Speakers - Black Hat DC 2007

Ofir Arkin
NAC

Sean Barnum
Attack Patterns: Knowing Your Enemies in Order to Defeat Them

James D. Broesch
Secure Processors for Embedded Applications

Cesar Cerrudo
Practical 10 Minute Security Audit: The Oracle Case

		White Paper

		POC Exploit Code

John Heasman
Firmware Rootkits and the Threat to the Enterprise

Kris Kendall & Chad McMillan
Practical Malware Analysis: Fundamental Techniques and a New Method for Malware Discovery

David Litchfield
Advanced Oracle Attack Techniques

Papers

Kevin Mandia
Agile Incident Response: Operating through Ongoing Confrontation

Robert A. Martin, Steve Christey & Sean Barnum
Being Explicit about Software Weaknesses

David Maynor
Device Drivers 2.0

David Maynor & Robert Graham
Data Seepage: How to Give Attackers a Roadmap to Your Network

Ferret Tool

Jose Nazario
Botnet Tracking: Tools, Techniques, and Lessons Learned

Joanna Rutkowska
Beyond The CPU: Defeating Hardware Based RAM Acquisition Tools (Part I: AMD case)

Paul Vincent Sabanal & Mark Vincent Yason
Reversing C++

Amichai Shulman
Danger From Below: The Untold Tale of Database Communication Protocol Vulnerabilities

Michael Sutton
Smashing Web Apps: Applying Fuzzing to Web Applications and Web Services

Andrew Walenstein
Exploting Similarity Between Variants to Defeat Malware

Aaron Walters & Nick Petroni, Jr
Volatools: Integrating Volatile Memory Forensics into the Digital Investigation Process

Ollie Whitehouse
GS and ASLR in Windows Vista

Chuck Willis & Rohyt Belani
Web Application Incident Response and Forensics - A Whole New Ball Game!

Stefano Zanero
360° Anomaly Based Unsupervised Intrusion Detection

return to top

Audio & video files are not available for this conference.
Track/Speaker/Topic	Presentation (PDFs)
Keynote Presentation - Black Hat Japan 2006
Mitsugu Okatani, Joint Staff Office, J6, Japan Defense Agency Change of the Meaning of a Threat and Technology...What has Occurred Now in Japan?
Speakers - Black Hat Japan 2006
Darren Bilby Low Down and Dirty: Anti-Forensic Rootkits
Paul Böhm Taming Bugs: The Art and Science of Writing Secure Code
Kenneth Geers & Alexander Eisen IPv6 World Update: Strategy & Tactics
Jeremiah Grossman Hacking Intranet Websites from the Outside "JavaScript malware just got a lot more dangerous"
Yuji Hoshizawa Increasingly-sophisticated Online Swindlers
Heikki Kortti Input Attack Trees: Death of a Thousand Leaves
Dan Moniz Six Degrees of XSSploitation
Joanna Rutkowska Subverting Vista Kernel For Fun And Profit
Alex Stamos & Zane Lackey Breaking AJAX Web Applications: Vulns 2.0 in Web 2.0
Scott Stender Attacking Internationalized Software
Takayuki Sugiura Winny P2P Security
Georg Wicherski & Thorsten Holz Catching Malware to Detect, Track and Mitigate Botnets
return to top

> <


Track/Speaker/Topic	Presentation (PDFs)	Notes/Tools
Keynote Presentation: Black Hat USA 2006
Dan Larkin, Unit Chief, Internet Crime Complaint Center, Federal Bureau of Investigation Keynote: Fighting Organized Cyber Crime – War Stories and Trends
Speakers: Black Hat USA 2006
Noel Anderson & Taroon Mandhana WiFi in Windows Vista: A Peek Inside the Kimono
Ofir Arkin Bypassing Network Access Control (NAC) Systems
Robert Auger & Caleb Sima Zero Day Subscriptions: Using RSS and Atom Feeds as Attack Delivery Systems
Tod Beardsley Investigating Evil Websites with Monkeyspaw: The Greasemonkey Security Professional's Automated Webthinger
Corey Benninger Finding Gold in the Browser Cache
Renaud Bidou IPS Shortcomings
Daniel Bilar Automated Malware Classification/Analysis Though Network Theory and Statistics
Paul Böhm Taming Bugs: The Art and Science of Writing Secure Code
Mariusz Burdach Physical Memory Forensics
Jesse Burns Fuzzing Selected Win32 Interprocess Communication Mechanisms
Jamie Butler, Nick Petroni & William Arbaugh R^2: The Exponential Growth of Rootkit Techniques
johnny cache & David Maynor Device Drivers
Brian Caswell & HD Moore Thermoptic Camoflauge: Total IDS Evasion
Andrew Cushman Microsoft Security Fundamentals: Engineering, Response and Outreach
Himanshu Dwivedi I’m going to shoot the next person who says VLANs
Charles Edge Attacking Apple’s Xsan
Dino Dai Zovi Hardware Virtualization Based Rootkits
Shawn Embleton, Sherri Sparks & Ryan Cunningham Sidewinder: An Evolutionary Guidance System for Malicious Input Crafting
David Endler & Mark Collier Hacking VoIP Exposed
Chris Eng Breaking Crypto Without Keys: Analyzing Data in Web Applications
FX Analysing Complex Systems: the BlackBerry Case
Yuan Fan & Xiao Rong MatriXay—When WebApp&Database Security Pen-Test/Audit Is a Joy
Pete Finnigan How to Unwrap Oracle PL/SQL
Nicolas Fischbach Carrier VoIP Security
Halvar Flake RE 2006: New Challenges Need Changing Tools
Rob Franco Case Study: The Secure Development Lifecycle and Internet Explorer 7
Stefan Frei & Dr. Martin May The Speed of (In)security: Analysis of The Speed of Security vs Insecurity
Tom Gallagher Finding and Preventing Cross-site request Forgery
Abolade Gbadegesin The NetIO Stack: Reinventing TCP/IP in Windows Vista
Jeremiah Grossman & TC Niedzialkowski Hacking Intranet Websites from the Outside "JavaScript malware just got a lot more dangerous"
Lukas Grunwald New Attack RFID-systems and Their Middleware and Backends
Zvi Gutterman Open to Attack: Vulnerabilities of the Linux Random Number Generator
Billy Hoffman AJAX (in)security
Billy Hoffman Analysis of Web Application Worms and Viruses
Greg Hoglund Hacking World of Warcraft^®: An Exercise in Advanced Rootkit Design
David Hulton & Dan Moniz Faster Pwning Assured: Hardware Hacks and Cracks with FPGAs
Dan Kaminsky Black Ops 2006
William Kimball Code Integration-Based Vulnerability Auditing
Alexander Kornbrust Oracle Rootkits 2.0: The Next Generation
Dr. Neal Krawetz You Are What You Type: Non-Classical Computer Forensics
John Lambert Security Engineering in Windows Vista
Johnny Long Death by 1000 Cuts
Johnny Long Hacking, Hollywood Style
Kevin Mandia The State of Incidence Response
Adrian Marinescu Windows Vista Heap Management Enhancements– Security, Reliability and Performance
Claudio Merloni & Luca Carettoni The BlueBag: A Mobile, Covert Bluetooth Attack and Infection Device
Doug Mohney Defending Against Social Engineering with Voice Analytics
Dan Moniz & HD Moore Six Degrees of XSSploitation
HD Moore Metasploit Reloaded
Marco Morana Building Security into the Software LifeCycle, A Business Case
Maik Morgenstern & Tom Brosch Runtime Packers: The Hidden Problem?
Shawn Moyer Defending Black Box Web Applications: Building an Open Source Web Security Gateway
Bala Neerumalla SQL Injections by Truncation
Brendan O'Connor Vulnerabilities in Not-So Embedded Systems
Bruce Potter Bluetooth Defense Kit
Bruce Potter The Trusted Computing Revolution
Tom Ptacek & Dave Goldsmith Do Enterprise Management Applications Dream of Electric Sheep?
Jeremy Rauch PDB: The Protocol DeBugger
Melanie Rieback RFID Malware Demystified
Joanna Rutkowska Subverting Vista Kernel For Fun And Profit
Hendrik Scholz SIP Stack Fingerprinting and Stack Difference Attacks
SensePost A Tale of Two Proxies
Saumil Shah Writing Metasploit Plugins - From Vulnerability to Exploit
Jay Schulman Phishing with Asterisk PBX
Peter Silberman & Jamie Butler RAIDE: Rootkit Analysis Identification Elimination v1.0
Paul Simmonds, Henry Teng, Bob West & Justin Somaini Jericho Forum and Challenge
Alexander Sotirov Hotpatching and the Rise of Third-Party Patches
Kimber Spradlin & Dale Brocklehurst Auditing Data Access Without Bringing Your Database To Its Knees
Jonathan Squire $30, 30 minutes, 30 networks (Project Cowbird)
Alex Stamos & Zane Lackey Breaking AJAX Web Applications: Vulns 2.0 in Web 2.0
Scott Stender Attacking Internationalized Software
Michael Sutton & Greg MacManus Punk Ode: Hiding Shellcode In Plain Sight
Alexander Tereshkin Rootkits: Attacking Personal Firewalls
Philip Trainor The Statue of Liberty: Utilizing Active Honeypots for Hosting Potentially Malicious Events
Franck Veysset & Laurent Butti Wi-Fi Advanced Stealth
Jeff Waldron VOIP Security Essentials
Chuck Willis & Rohyt Belani Web Application Incident Response & Forensics: A Whole New Ball Game!
Emmanuelle Zambon & Damiano Bolzoni NIDS: False Positive Reduction Through Anomaly Detection
Stefano Zanero Host Based Anomaly Detection on System Call Arguments
Panels - Black Hat USA 2006
Center for Democracy and Technology Anti-Spyware Coalition Public Forum on Corporate Spyware Threats Ari Schwartz, Ron Davidson, Gerhard Eschelbeck, John Heasman, Dan Kaminsky, Andre Gold, Phil Harris, Drew Maness, Eileen Harrington, Jerry Dixon
Disclosure (Public) Jeff Moss, Paul Proctor, David Mortman, John Stewart, Derrick Scholl, Michael Sutton, Raven, Tom Ptacek, Pamela Fusco, Scott Blake, Jerry Dixon
Hacker Court Panel
Meet the Feds: OODA Loop and the Science of Security Jason Beckett, Ovie Carroll, James Christy, Andy Fried, Mike Jacobs, Ken Privette, Keith Rhodes, Dave Thomas, Bob Hopper, Hilary Stanhope, Tim Fowler
return to top

Track/Speaker/Topic

Presentation (PDFs)

Notes/Tools

Keynote Presentation - Black Hat Europe 2006

Welcome by Jeff Moss, Founder & CEO, Black Hat and

Eric Litt, Chief Information Security Officer, General Motors
Stuck in the Middle

Speakers - Black Hat Europe 2006

Philippe Biondi, & Fabrice Desclaux
Silver Needle in the Skype

Shalom Carmel
IBM iSeries For Penetration Testers: Bypass Restrictions and Take Over Server

resources

Cesar Cerrudo
WLSI - Windows Local Shellcode Injection

exploits

Tzi-cker Chiueh
How to Automatically Sandbox IIS With Zero False Positive and Negative

white paper

Gregory Conti
Malware Cinema: A Picture is Worth a Thousand Packets

resources

Bryan Cunningham & Amanda Hubbard
Separated By A Common Goal—Emerging EU and US Information Security and Privacy Law: Allies or Adversaries?

bibliography

Arian J. Evans, Daniel Thompson & Mark Belles
Project Paraegis Round 2: Using Razorwire HTTP proxy to strengthen webapp session handling and reduce attack surface

FX
Analysing Complex Systems: The BlackBerry Case

Halvar Flake
Attacks on Uninitialized Local Variables

John Heasman
Implementing and Detecting An ACPI BIOS Rootkit

Barnaby Jack
Exploiting Embedded Systems

Mikko Kiviharju
Hacking fingerprint Scanners - Why Microsoft's Fingerprint Reader Is Not a Security Feature

resources

Adam Laurie, Martin Herfurt, & Marcel Holtmann
Bluetooth Hacking - The State of The Art

Johnny Long
Death of a Thousand Cuts- Finding Evidence Everywhere!

Johnny Long
Hacking, Hollywood Style

Steve Manzuik and Andre Protas
Skeletons in Microsoft's Closet - Silently Fixed Vulnerabilities

Jarno Niemelä
Combatting Symbian Malware

white paper

Gunter Ollmann
Stopping Automated Application Attack Tools

Enno Rey
MPLS and VPLS Security

Joanna Rutkowska
Rootkit Hunting vs. Compromise Detection

demos

tools

Peter Silberman & Jamie Butler
RAIDE: Rootkit Analysis Identification Elimination

spoonm & skape
Beyond EIP

Alex Wheeler, Mark Dowd, & Neel Mehta
The Science of Code Auditing

Stefano Zanero
Anomaly Detection Through System Call Argument Analysis

return to top

Track/Speaker/Topic

Presentation (PDFs)

Notes/Tools

Keynote Presentation - Black Hat Federal 2006

Welcome by Jeff Moss, Founder & CEO, Black Hat and

Dr. Linton Wells II, Principal Deputy Assistant Secretary of Defense (Networks and Information Integration)
Security Research and Vulnerability Disclosure

Speakers - Black Hat Federal 2006

David Aitel
Nematodes

Mariusz Burdach
Finding Digital Evidence in Physical Memory

tools & docs

Max Caceres
Client Side Penetration Testing

Tzi-cker Chiueh
How to Automatically Sandbox IIS With Zero False Positive and Negative

Drew Copley
Angel Recon System (ARS) Prototype: Heuristic Vulnerability Analysis and Attack

tools

Halvar Flake
Attacks on Uninitialized Local Variables

Simson L. Garfinkel
New Directions in Disk Forensics

John Heasman
Implementing and Detecting An ACPI BIOS Rootkit

Billy Hoffman
Analysis of Web Application Worms and Viruses

code

Dan Kaminsky
Network Black Ops: Extracting Unexpected Functionality from Existing Networks

Arun Lakhotia
Analysis of Adversarial Code: Problem, Challenges, Results

David Litchfield
Breakable

Kevin Mandia
Foreign Attacks on Corporate America (How the Federal Government can apply lessons learned from the private sector)

David Maynor & Robert Graham
SCADA Security and Terrorism: We're Not Crying Wolf!

Jarno Niemelä
Combatting Symbian Malware

Tom Parker & Matthew G. Devost
The Era of a Zero-Day Nation-State: Characterising the real threats to our nation’s critical information systems

Joanna Rutkowska
Rootkit Hunting vs. Compromise Detection

demos

Marc Schoenefeld
Pentesting J2EE

spoonm & skape
Beyond EIP

Paul Syverson & Lasse Øverlier
Playing Server Hide and Seek on the Tor Anonymity Network

Irby Thompson & Mathew Monroe
FragFS: An Advanced NTFS Data Hiding Technique

tool

Stefano Zanero
My IDS is better than yours. Or is it?

return to top


Track/Speaker/Topic	Presentation (PDFs)	Notes/Tools
Keynote Presentation - Black Hat Japan 2005
Welcome by Jeff Moss, Founder & CEO, Black Hat and Katsuya Uchida, Associate Professor, Institute Information Security, and Associate Professor, Research and Development Initiative, Chuo University "The Day After..."
Speakers - Black Hat Japan 2005
Dominique Brezinski A Paranoid Perspective of an Interpreted Language
Kenneth Geers Hacking in a Foreign Language: A Network Security Guide to Russia (and Beyond)
Jeremiah Grossman Phishing with Super Bait
Chris Hurley (Roamer) Identifying and Responding to Wireless Attacks		code
Hideaki Ihara Forensics in Japan
Dan Kaminsky Black Ops Of TCP/IP 2005		code
Satoru Koyama Botnet survey result. "Our security depends on your security."
David Maynor Architecture Flaws in Common Security Tools
Ejovi Nuwere The Art of SIP fuzzing and Vulnerabilities Found in VoIP
Saumil Shah & Dave Cole Adware/Spyware
Sherri Sparks & Jamie Butler “Shadow Walker” — Raising The Bar For Rootkit Detection
Michael Sutton & Adam Greene The Art of File Format Fuzzing
Closing Remarks
Jeff Moss Founder & CEO, Black Hat
return to top

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentation - Black Hat USA 2005

Gilman Louie, President & Chief Executive Officer, In-Q-Tel
Investing in Our Nation's Security,

Application Security - Black Hat USA 2005

Esteban Martínez Fayó
Advanced SQL Injection in Oracle Databases

Jeremiah Grossman
Phishing with Super Bait

Alexander Kornbrust
Circumvent Oracle’s Database Encryption and Reverse Engineering of Oracle Key Management Algorithms

Ben Laurie
CaPerl: Running Hostile Code Safely

David Maynor
NX: How Well Does It Say NO to Attacker’s eXecution Attempts?

Ejovi Nuwere & Mikko Varpiola
The Art of SIP fuzzing and Vulnerabilities Found in VoIP

example test cases

Sherri Sparks & Jamie Butler
“Shadow Walker”: Raising The Bar For Rootkit Detection

Alex Stamos & Scott Stender
Attacking Web Services: The Next Generation of Vulnerable Enterprise Apps

Michael Sutton & Adam Greene
The Art of File Format Fuzzing

Alex Wheeler & Neel Mehta
Owning Anti-Virus: Weaknesses in a Critical Security Component

Andrew van der Stock
World Exclusive – Announcing the OWASP Guide To Securing Web Applications and Services 2.0

Computer Forensics & Log Analysis

Jim Christy
The Defense Cyber Crime Center

Greg Conti
Beyond Ethereal: Crafting A Tivo for Security Datastreams

James C. Foster & Vincent T. Liu
Catch Me If You Can: Exploiting Encase, Microsoft, Computer Associates, and the rest of the bunch…

Grugq
The Art of Defiling: Defeating Forensic Analysis

Allen Harper and Edward Balas
GEN III Honeynets: The birth of roo

Kevin Mandia
Performing Effective Incident Response

Deep Knowledge

Himanshu Dwivedi
iSCSI Security (Insecure SCSI)

Dan Kaminsky
Black Ops 2005

David Litchfield
All new Ø Day

Mudge
Economics, Physics, Psychology and How They Relate to Technical Aspects of Counter Intelligence / Counter Espionage Within Information Security

Sensepost
Automation - Deus ex Machina or Rube Goldberg Machine?

Layer 0

Darrin Barrall & David Dewey
Plug and Root, the USB Key to the Kingdom

Joe Grand
Can You Really Trust Hardware? Exploring Security Problems in Hardware Devices

Joseph Klein
The Social Engineering Engagement Methodology

Kevin Mahaffey, Mark McGovern, Paul Simmonds, Jon Callas
Long Range RFID and its Security Implications

Robert Morris
The Non-Cryptographic Ways of Losing Information

Policy, Management, and the Law

Scott Blake, Pamela Fusco, Andre Gold, Ken Pfeil, Justin Somaini
CISO Q&A with Jeff Moss

Robert W. Clark
Legal Aspects of Computer Network Defense

papers

Bryan Cunningham & C. Forrest Morgan
U.S National Security, Individual and Corporate Information Security, and Information Security Providers

bibliography

Kenneth Geers
Hacking in a Foreign Language

Jennifer Stisa Granick
Top Ten Issues in Computer Security

Privacy & Anonymity

PANEL: Joseph Ansanelli, Richard Baich, Adam Shostack, Paul Proctor
The Future of Personal Information

Ian Clarke & Oskar Sandberg
Routing in the Dark: Scalable Searches in Dark P2P Networks

Johnny Long
Google Hacking for Penetration Testers

PANEL: David Mortman, Dennis Bailey, Jim Harper, Rhonda MacLean
The National ID Debate

Adam L. Young
Building Robust Backdoors In Secret Symmetric Ciphers

Philip R. Zimmermann
The Unveiling of My Next Big Project

Turbo Talks

Akshay Aggarwal
Rapid Threat Modeling

Darrin Barrall
Shakespearean Shellcode

Renaud Bidou
A Dirty BlackMail DoS Story

James C. Foster
BlackHat Standup: “Yea I’m a Hacker…”

Kevin Cardwell
Toolkits: All-in-One Approach to Security

Cesar Cerrudo
Demystifying MS SQL Server & Oracle Database Server Security

Tyler Close
Shatter-proofing Windows

white paper

Yuan Fan
Advance SQL Injection Detection by Join Force of Database Auditing and Anomaly Intrusion Detection

Ken Hines
Using Causal Analysis to Establish Meaningful Connections between Anomalous Behaviors in a Networking Environment

MadHat Unspecific & Simple Nomad
SPA: Single Packet Authorization

Shawn Moyer
Owning the C-suite: Corporate Warfare as a Social Engineering Problem

Mike Pomraning
Injection Flaws: Stop Validating Your Input

Paul Simmonds
The Jericho Challenge - Finalist Architecture Presentations and Awards

Zero Day Attack

Adam Boileau
Trust Transience: Post Intrusion SSH Hijacking

Barnaby Jack
Remote Windows Kernel Exploitation - Step In To the Ring 0

white paper

Michael Lynn
Cisco IOS Security Architecture

Derek Soeder & Ryan Permeh
eEye BootRoot

spoonm & skape
Beyond EIP

Zero Day Defense

Ofir Arkin
A New Hybrid Approach For Infrastructure Discovery, Monitoring and Control

Beetle and Bruce Potter
Rogue Squadron: Evil Twins, 802.11intel, Radical RADIUS, and Wireless Weaponry for Windows

Tzi-cker Chiueh
Checking Array Bound Violation Using Segmentation Hardware

Robert J. Hansen & Meredith L. Patterson
Stopping Injection Attacks with Computational Theory

white paper

Eugene Tsyrklevich
Ozone HIPS: Unbreakable Windows

Paul Vixie
Preventing Child Neglect in DNSSEC-bis using Lookaside Validation

return to top


Track/Speaker/Topic	Presentation (PDFs)	Notes/Tools
Keynote Presentation - Black Hat Europe 2005
Simon Davies, Privacy International
Speakers - Black Hat Europe 2005
David Barroso Berrueta & Alfredo Andres Yersinia, A Framework For Layer 2 Attacks		tool
Jon Callas Hacking PGP
Cesar Cerrudo Hacking Windows Internals		tool
Job de Haas Symbian Security
Steve Dugan A New Password Capture on Cisco System Devices
Arian Evans Building Zero-Day Self-Defending Web Applications: Enforcing Authoritative Action to Stop Session Attacks
Chris Farrow Injecting Trojans via Patch Management Software & Other Evil Deeds
Nicolas Fischbach Network Flows and Security
Halvar Flake & Rolf Rolles Compare, Port, Navigate
Kenneth Geers Hacking in a Foreign Language: A Network Security Guide to Russia
Joe Grand Can You Really Trust Hardware? Exploring Security Problems in Hardware Devices
the Grugq The Art of Defiling: Defeating Forensic Analysis
Dan Kaminsky Attacking Distributed Systems: The DNS Case Study
Christian Klein & Ilja van Sprundel Mac OS X Kernel Insecurity
Alexander Kornbrust Database Rootkits		tool
Adam Laurie, Martin Herfurt & Marcel Holtmann Bluetooth Hacking - Full Disclosure
David Litchfield SQL Injection and Data Mining Through Inference
Johnny Long Google Hacking for Penetration Testers
Laurent Oudot WLAN and Stealth Issues		tool
Sensepost Revolutions in Web Server/Application Assessments
Saumil Shah Defeating Automated Web Assessment Tools
Paul Simmonds Architectural Challenges in a Jericho World
Alex Wheeler & Neel Mehta Owning Anti-Virus: Weaknesses in a Critical Security Component
Stefano Zanero Automatically Detecting Web Application Vulnerabilities by Variable Flow Reconstruction
return to top

Track/Speaker/Topic

Presentation (PPTs)

Presentation (PDFs)

Notes/Tools

Keynote Presentation - Black Hat Japan 2004

Raisuke Miyawaki

Japanese Language Slides Only

Speakers - Black Hat Japan 2004

Shunichi Arai
Thinking Techie's Social Responsibility - Lessons Fom Winny Case

Japanese Language Slides Only

Chris Eagle
Attacking Obfuscated Code with IDA Pro

tool

Riley "Caezar" Eller
Capture the Flag Games: Measuring Skill with Hacking Contests

Gerhard Eschelbeck
The Laws of Vulnerabilities for Internal Networks

Joe Grand
Understanding Hardware Security

notes

David Litchfield
Oracle PL/SQL Injection

Johnny Long
You got that with GOOGLE?

Hisamichi Okamura
Cybercrime Treaty and Legal Environment of Japanese Computer Crime and Laws

Japanese Language Slides Only

Russ Rogers
The Keys to the Kingdom: Understanding Covert Channels of Communication

Daiji Sanai & Hidenobu Seki
Optimized Attacking for NTLM2 Session Response

Japanese Language Slides Only

Yuji Ukai
Environment Dependencies in Windows Exploitation

Japanese Language

English Language

Charl van der Walt-Sensepost
When the Tables Turn

return to top

Black Hat USA 2004
Audio & video files are available from the Sound of Knowledge this conference

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentation - Black Hat USA 2004

Paul Simmonds, Global Information Security Director (CISO), Jericho Forum/ICI Plc.
Deperimeterisation: This Decade's Security Challenge

Application Security - Black Hat USA 2004

Nitesh Dhanjani & Justin Clarke
Hacking Without Re-inventing the Wheel

Rakan El-Khalil
Information Hiding in Executable Binaries

Sarah Gordon
Antivirus Security Software Tests

Cameron Hotchkies
Blind SQL Injection Automation Techniques

tools & references

Dan Kaminsky
The Black Ops of DNS

tool (.zip)

source code

Brett Moore
Shoot the Messenger

white paper

source code (.zip)

Michael Shema
Web Application Session Strength

Ralf Spenneberg
IKE-Test

tool

Panel
The Black Hat Testimonies

Panel
Web Application Security Crossfire

Computer Forensics & Log Analysis

Peter Feaver & Kenneth Geers
Cyber Jihad and the Globalization of Warfare

Curtis Kret
Nobody’s Anonymous—Tracking Spam and Covert Channels

Kevin Mandia
The Evolution of Incident Response

Rebecca Mercuri, Ph.D & Bev Harris
Managing Election Data: The California Recall

K.K. Mookhey
Evasion and Detection of Web Application Attacks

white paper

Michael Raggo
Steganography, Steganalysis, & Cryptanalysis

tool

Deep Knowledge

Tzi-cker Chiueh
Program Semantics-Aware Intrusion Detection

whitepaper

Chris Eagle
Attacking Obfuscated Code with IDA Pro

FX
Vulnerability Finding in Win32—A Comparison

Halvar Flake
Diff, Navigate, Audit

David Maynor
Trust No-one, Not Even Yourself OR The Weak Link Might Be Your Build Tools

Layer 0

Joe Grand
Introduction to Embedded Security

Handouts

Joe Grand
A Historical Look at Hardware Token Compromises

Handouts

Lukas Grunwald
RF-ID and Smart-Labes: Myth, Technology and Attacks

tool

spoonm & HD Moore
Metasploit

Paul Wouters
Windows WaveSEC Deployment

tool

Policy, Management, and the Law

Brad Bolin
Information Security Law Update

Gerhard Eschelbeck
The Laws of Vulnerabilities for Internal Networks

Jennifer Granick
Legal Liability and Security Incident Investigation

Panel
Hacker Court ’04: Pirates of the Potomac

Panel
Hacking with Executives

Privacy & Anonymity

Dr. Alessandro Acquisti
Privacy, Economics and Immediate Gratification

Roger Dingledine
Putting the P back in VPN

Adam Laurie & Martin Herfurt
BlueSnarfing The Risk From Digital Pickpockets

mgp

Johnny Long
You got that with GOOGLE?

paper + tool

Bruce Potter & Brian Wotring
Tracking Prey in the Cyberforest

tool

Len Sassaman
The Anonymity Toolkit

Turbo Talks

Patrick Chambet
Google Attacks

Patrick Chambet
Managing MSIE Security in Corporate Networks by Creating Custom Internet Zones

Himanshu Dwivedi
Insecure IP Storage Networks

James C. Foster
Managing Hackers

Sarah Gordon
Privacy: Do As I Say...Not as I Do

Chris Hurley
WorldWide WarDrive 4

Gregory S. Miles & Travis Schack
Introduction to the Global Security Syndicate

Robert Morris
The Future of History

Laurent Oudot
Digital Active Self Defense

Andrew Stevens
How Next Generation Application Proxies Protect Against The Latest Attacks & Intrusions

Richard Thieme

Jeff Waldron
Introduction to the Certification and Accreditation Process (C&A) Within the US Government

David Worth
Cryptographic Port-Knocking

Zero Day Attack

Thorsten Holz & Maximillian Dornseif
NoSEBrEaK - Defeating Honeynets

toolkit (.tgz)

Demos

David Litchfield
All New Ø-Day

Saumil Udayan Shah
Defeating Automated Web Assessment Tools

Derek Soeder, Ryan Parmeh, Yuji Ukai
Advanced Return Address Discovery using Context-Aware Machine Code Emulation

Eugene Tsyrklevich
Attacking Host Intrusion Prevention Systems

Zero Day Defense

Phillip Hallam-Baker
Phishing— Committing Fraud in Public

Dominique Brezinski
Acting in Milliseconds-Why Defense Processes Need to Change

.zip of html

Jamie Butler & Greg Hoglund
VICE - Catch the Hookers!

tool

Sensepost
When the Tables Turn

Peter Silberman & Richard Johnson
A Comparison Buffer Overflow Prevention Implementations & Weaknesses

code

paper

Stefano Zanero
Detecting 0-days Attacks With Learning Intrusion Detection Systems

return to top

Black Hat Europe Briefings & Training 2004

Black Hat Europe 2004
Audio and video files are not available for this conference.

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentations - Black Hat Europe 2004

Paul Simmonds, Global Information Security Director (CISO), Jericho Forum/ICI Plc.
De-Perimeterisation: Border Security Is Obsolete- The Security Challenge For This Decade

Speakers - Black Hat Europe 2004

Jamie Butler
DKOM (Direct Kernel Object Manipulation)

Patrick Chambet & Eric Larcher
Security Patches Management On A Windows Infrastructure

Job de Haas
Reverse Engineering ARM Based Devices

resource files (.zip)

Luc Delpha & Maliha Rashid
Smartphone Security Issues

white paper

Eric Detoisien & Eyai Dotan
Old win32 Code For A Modern, Super-Stealth Trojan

demo (.zip)

Eli O
Security Within A Development Lifecycle

Gergely Erdelyi
Hide 'n' Seek? Anatomy of Stealth Malware

white paper

FX
Practical Win32 and UNICODE Exploitation

Nicolas Fischbach
Building an Early Warning System in a Service Provider Network

Joe Grand
Introduction to Embedded Security

Joe Grand
Introduction to Mobile Device Insecurity

the grugq
The Art of Defiling: Defeating Forensic Analysis on Unix File Systems

Seth Hardy
Pseudorandom Number Generation, Entropy Harvesting, and Provable Security in Linux

references

erandom-0.1 tool (.tgz)

Larry Korba
Privacy Rights Management Using DRM: Is This A Good Idea?

David Litchfield
Oracle PL/SQL Injection

Russ Rogers
The Keys to the Kingdom – Understanding Covert Channels

SensePost
When the Tables Turn

Saumil Udayan Shah
HTTP Fingerprinting and Advanced Assessment Techniques

httprint
freebsd	linux
macosx	win32
paper

Eugene Tsyrklevich
Dynamic Detection and Prevention of Race Conditions in File Accesses

raceprot tool (.tgz)

Paul Wouters
Windows WaveSEC Deployment

presentation
pdf	sxi

Wavesec for Windows

Stefano Zanero
Detecting Ø-days Attacks With Learning Intrusion Detection Systems

return to top

Black Hat Windows Security 2004
Audio and video files are not available for this conference.

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentations - Black Hat Windows 2004

Dan Geer Jr., Sc.D, Principal, Geer Risk Services, LLC & VP/Chief Scientist, Verdasys, Inc.

Richard Thieme, Thiemeworks.com
Broken Windows: What Security Looks Like When Gollum Gets the Ring

Application Security - Black Hat Windows 2004

Jamie Butler
DKOM (Direct Kernel Object Manipulation)

Jeremiah Grossman
The Challenges of Automated Web Application Scanning

Matt Hargett
Integrating Security Into Agile Development/Testing

Drew Miller
Application Intrusion Detection

Gunnar Peterson
Security in the Development Lifecycle

Deep Knowledge - Black Hat Windows 2004

Cesar Cerrudo
Auditing ActiveX Controls

Halvar Flake
Automated Binary Reverse Engineering

Curtis Kret
Nobody’s Anonymous – Tracking Spam

Saumil Shah
HTTP Fingerprinting and Advanced Assessment Techniques

httprint

freebsd

linux

macosx

win32

paper

MS Specific Attack - Black Hat Windows 2004

David Aitel
MOSDEF

Harlan Carvey
Data Hiding On A Live (NTFS) System

David Litchfield
Windows Heap Overflows

Sergey Polak
Capturing Windows Passwords Using the Network Provider API

Hidenobu Seki
Fingerprinting through Windows RPC

MS Specific Defend - Black Hat Windows 2004

David Blight
Trusted Computing 101

Mark Burnett & James Foster
Without a Trace: Forensic Secrets for Windows Servers

Bryan Glancey
WinCE PDA Insecurity

Derek Milroy
Hardening Windows Servers

Steve Riley
Windows XP: Improving Resiliency

Policy & Law - Black Hat Windows 2004

Chris Conacher
Information Security in Mergers & Acquisitions

Jennifer Stisa Granick
Legal Risks of Vulnerability Disclosure

Curtis Karnow
Digital Security: Policies & The Law

Russ Rogers
Addressing Complete Security to Save Money

Adam Shostack
Terrorism and Immigration: The Economics of Secure Identity

Routing & Infrastructure - Black Hat Windows 2004

Stephen Dugan
"They'll never see it coming!"

FX
Lessons Learned When The Cisco Guys Went to Windows land

Jim Harrison & Jim Edwards
ISA Server: Best Practices from the Field

Steve Hofmeyr
Preventing Intrusions and Tolerating False Positives

Laura Robinson
Win2K3 Terminal Server

return to top


Black Hat Asia 2003 Audio and video files are not available for this conference.
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentations - Black Hat Asia 2003
Lim Khee Ming, Deputy General Manager (Technology & Operations), Network for Electronic Transfers (S) Pte Ltd (NETS) The Total Security System Approach - A Perspective From The Financial Industry
Harry SK Tan, Director, Centre for Asia Pacific Technology Law & Policy (CAPTEL) Cyber-crime
Speakers & Topics - Black Hat Asia 2003
David Aitel MOSDEF Tool Release
S.K. Chong Win32 One-Way Shellcode
Shaun Clowes A Security Microcosm - Attacking/Defending Shiva, A Linux Executable Encryptor
Stephen Dugan Cisco Security
Halvar Flake Automated Reverse Engineering
Jennifer Stisa Granick International DMCA Laws
the grugq The Art of Defiling: Defeating Forensic Analysis on Unix File Systems
David Litchfield Defeating the Stack Based Buffer Overflow Exploitation Prevention Mechanism of Microsoft Windows 2003 Server
Tim Mullen Brute Forcing Terminal Server Logons with TSGrinder
Laurent Oudot Honeypots Against Worms 101
Jeremy Rauch (In)Security in Network Management
Russ Rogers Addressing Complete Security to Save Money
SensePost Putting The Tea Back Into CyberTerrorism
Saumil Shah HTTP Fingerprinting and Advanced Assessment Techniques Updated tools may also be found at the Net-Square site.			Wind32 Linux MacOS
return to top


Black Hat Federal 2003 Audio and video files are not available for this conference.
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentations - Black Hat Federal 2003
David G. Major, co-founder, the Centre for Counterintelligence and Security Studies
Keith Rhodes, Chief Technologist, GAO
Application Security - Black Hat Federal 2003
Halvar Flake More Fun With Graphs
Jeremiah Grossman The Challenges of Automated Web Application Scanning
Greg Hoglund Runtime Decompilation
Drew Miller Application Intrusion Detection
Gunnar Peterson Security Design Patterns
Attack! - Black Hat Federal 2003
David Aitel MOSDEF Tool Release
Ofir Arkin Using Xprobe2 in a Corporate Environment
Dan Kaminsky Stack Black Ops
David Litchfield Defeating the Stack Based Buffer Overflow Exploitation Prevention Mechanism of Microsoft Windows 2003 Server
SensePost Putting The Tea Back Into CyberTerrorism
Defend! - Black Hat Federal 2003
Beetle & Bruce Potter Rogue AP 101
Major Ronald Dodge, Wayne Schepens, Lt. Colonel Daniel Ragsdale and Colonel Don Welch Enhancing Network Security Through Competitive Cyber Exercises
Chris Eagle Strike/Counter-Strike: Reverse Engineering Shiva
Larry Leibrock Digital Information, User Tokens, Privacy and Forensics Investigations
Saumil Shah HTTP Fingerprinting and Advanced Assessment Techniques Updated tools may also be found at the Net-Square site.		Wind32 Linux MacOS
IDS, IPS and Honeynets - Black Hat Federal 2003
Jay Beale Intrusion Prevention: an Introduction and Comparison
The Honeynet Project Latest Advances in Honeynet Technologies
Panel-Tom Parker Adversary Characterization and Scoring Systems
Marty Roesch Contextually Intelligent IDS
Lance Spitzner The Future of Honeypots
Policy, Procedure & Law - Black Hat Federal 2003
Jaya Baloo Government IP Tapping - EU
Chris Hurley Practical Vulnerability Assessments in a Distributed Federal Environment
Rick Smith The Challenge of Mulitlevel Security
Panel Hackers Court 2003
Routing & Infrastructure - Black Hat Federal 2003
Dan Avida Securing Data in Storage
FX Cisco Vulnerabilities - Yesterday, Today and Tomorrow
Mark Gross Intrusion Vulnerabilities of Fiber Optic Infrastructures
Jeremy Rauch Security in Distributed and Remote Network Management Protocols
Michael H. Warfield Security Implications of IPv6
return to top

Black Hat USA 2003

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentations - Black Hat USA 2003

Philip R. Zimmermann, Creator, Pretty Good Privacy

Bruce Schneier, Founder & Chief Technical Officer, Counterpane Internet Security
Following the Money: Security Proxies and Agenda

Luncheon Presentations - Black Hat USA 2003

Dario Forte, CFE, CISM, Security Advisor, European Electronic Crimes Task Force (EECTF)
International Hacking: When The Cooperation is The Only Cure

Marcus Sachs, P.E., Cyber Program Director, Information Analysis and Infrastructure Protection, US Department of Homeland Security
Building a Global Culture of Security

Application Security - Black Hat USA 2003

Jay Beale
Locking Down Mac OS X

Frederic Bret-Mounet
Automated Detection of COM Vulnerabilities

Greg Hoglund
Runtime Decompilation

David Litchfield
Variations in Exploit Methods Between Linux and Windows

Aldora Louw
Notes on Domino

Neel Mehta
Advanced in ELF Runtime Binary Encryption - Shiva

Drew Miller
.NET from the Hacker's Perspective: Part 2

Timothy Mullen & Ryan Russell
Brute Forcing Terminal Server Logons with TSGrinder

Chris Paget
Click to Continue

Kevin Spett
Java Decompilation & Application Security

Core Services - Black Hat USA 2003

Silvio Cesare
Opensource Kernel Auditing/Exploitation

Josh Daymont
Hardening Windows CE

Himanshu Dwivedi
Security Issues with Fibre Channel Storage Networks (SANs)

FX
More (Vulnerable) Embedded Systems

SensePost
Putting The Tea Back Into CyberTerrorism

Firewalls, Access Control, Physical Security - Black Hat USA 2003

Michael D. Glasser
OSI Layer 1 Security

Bruce Potter
Java Card 101

Jeffrey Prusan
Technical Security Countermeasures

Rick Smith
Masquerades: Tricking Modern Authentication Systems

Lee Sutterfield
Enterprise Security for Converging Technologies

Incident Response & Computer Forensics - Black Hat USA 2003

Thomas Akin
Web Based Email Forensics

The Honeynet Project
Latest Advances in Honeynet Technologies

Larry Leibrock
Digital Information, User Tokens, Privacy and Forensics Investigations

Lance Spitzner
Honeypots

Chuck Willis
Forensics With Linux 101

Intrusion Detection, Log Analysis - Black Hat USA 2003

Ofir Arkin
Revolutionizing Operating System Fingerprinting

David Maynor
Leave the Theory Behind and Embrace the Code

Patrick Miller
SPIDeR

Jan K. Rutkowski
Advanced Windows 2000 Rootkits Detection

paper

tool

Saumil Shah
HTTP Fingerprinting and Advanced Assessment Techniques

Panels - Black Hat USA 2003

Panel
Adversary Characterization and Scoring Systems

Panel
Hacker Court

Gerhard Eschelbeck
The Law of Vulnerabilities

Panel
A Proposed Process for Handling Vulnerability Information

Policy, Law & Society - Black Hat USA 2003

Jaya Baloo
Lawful Interception of IP: the European Context

Eric Goldman
Criminal Copyright Infringement and Warez Trading

Curtis E.A. Karnow
Running the Matrix

Andrea M. Matwyshyn
Introduction to Corporate Information Security Law

Gerardo Richarte
Modern Intrusion Practices

Privacy & Anonymity - Black Hat USA 2003

Jennifer Stisa Granick
The Law of 'Sploits

Len Sassaman & Roger Dingledine
Attacks on Anonymity Systems (Theory)

Len Sassaman & Roger Dingledine
Attacks on Anonymity Systems (Practice)

Adam Shostack
Identity: Economics, Security, and Terrorism

Simple Nomad
Covering Your Tracks

ncovert-1.0.tgz

ncrypt-0.6.4.tgz

ncrypt-064-win32.zip

Routing & Infrastructure - Black Hat USA 2003

Matthew Franz & Sean Convery
BGP Vulnerability Testing

2003
updated 2004

Dan Kaminsky
Stack Black Ops

Marco Valleri & Alberto Ornaghi
Man In The Middle Attacks

Brandon Wiley
The Superworm Manifesto

Paul Wouters
IPsec: Opportunistic Encryption using DNSSEC

return to top


Black Hat Europe 2003
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentation - Black Hat Europe 2003
Richard Thieme Masters of the Unseen: The Art of Information Warfare
Speakers & Topics - Black Hat Europe 2003
David Aitel Vivisection of an Exploit Development Process
Jaya Baloo Lawful Interception of IP: The European Context
BBP BSD Heap Smashing		tools & code
Shaun Clowes Generic Technical Defences		tools & code
Bram Cohen Security Issues in P2P File Distribution
Job de Haas Pocket PC Phone Security
Stephen Dugan $tea£ing with BGP
Nicolas Fischbach DDoS Mitigation and Analysis at the Infrastructure Level
Halvar Flake Data Flow Analysis
FX Design and Software Vulnerabilities In Embedded Systems
Greg Hoglund Runtime Decompilation
The Honeynet Project Honeynet Technologies: Sebek
Larry Leibrock Digital Information, User Tokens, Privacy and Forensics Investigations: The Case of Windows XP Platform
David Litchfield All New Oracle Ø-Day: Attacking and Defending Oracle
Andrey Malyshev & Serg Vasilenkov Security Analysis of Microsoft Encrypted File System (EFS)
Len Sassaman Designing Useful Privacy Applications
Marc Schoenfeld Hunting Flaws in JDK
Sensepost The Role of Non Obvious Relationships in the Foot Printing Process		notes
Adam Shostack Will People Ever Pay for Privacy?
Lance Spitzner Honeypots: Tracking Hackers
Marco Valleri & Alberto Ornaghi Man In The Middle Attacks
Paul Wouters Deploying DNSSEC
return to top


Black Hat Windows Security 2003
Miss out on the Black Hat Windows 2003 show? Read what others had to say: CNET \| King County Journal
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentations - Black Hat Windows Security 2003
Scott Culp Trustworthy Computing Update
Curtis E. A. Karnow Strike and Counterstrike: The Law on Automated Intrusions and Striking Back
Application Development - Black Hat Windows Security 2003
Michael Howard & David LeBlanc Writing Secure and Hack Resistant Code
Yoshiaki Komoriya & Hidenobu Seki Exploiting DCOM
Marc Schöenefeld Java Library Hole Allowing Multiplatform Denial-Of-Service
Audit / Response / Policy - Black Hat Windows Security 2003
Jeremiah Grossman & Bill Pennington Web Application Security
Riley Hassell Payload Anatomy & Future Mutations
Dan Kaminsky Applied Black Op Networking on Windows XP
Larry Leibrock, Ph.D Forensics Tools and Processes for Windows^® XP Platforms
Deep Knowledge - Black Hat Windows Security 2003
David Aitel Vivisection of an Exploit Development Process
Halvar Flake Graph-Based Binary Analysis
Eric Schultze & Erik Birkholz Securing Your Network
IIS, SQL, ISA, etc. - Black Hat Windows Security 2003
Cesar Cerrudo & Aaron Newman Hunting Flaws in MS SQL Server		notes tool
David Litchfield Oracle Security II
Timothy Mullen Enforcer™
Saumil Udayan Shah HTTP: Advanced Assessment Techniques
Networking & Integration - Black Hat Windows Security 2003
Stephen Dugan $tea£ing with BGP
FX Design Issues and Software Vulnerabilities in Embedded Systems
Haroon Meer & Charl van der Walt The Role of Non Obvious Relationships in the Foot Printing Process
Steve Riley Securing Wireless Networks with 802.1x, EAP-TLS and PEAP
Windows 2003 Server / .NET - Black Hat Windows Security 2003
Mark Burnett FrontPage Server Extensions on Windows Server 2003
Drew Miller .NET from the Hacker's Perspective
Michael Muckin IIS 6.0's Security Architecture - It's a Whole New World
Steve Riley & Timothy Bollefer Surviving OpenHack IV
return to top

-->


Black Hat Asia 2002 Audio and video files are not available for this conference.
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentations - Black Hat Asia 2002
Thomas C. Waszak Perspectives
Martin Khoo Computer Forensics - Tracking the Cyber Vandals
Track 1 - Black Hat Asia 2002
Stephen Dugan Cisco Security
Halvar Flake Graph-Based Binary Analysis
FX Attacking Networked Embedded Systems
Greg Hoglund Exploiting Parsing Vulnerabilities		The Pit- Full Release
Last Stage of Delirium Java and Java Virtual Machine Security Vulnerabilities and Their Exploitation Techniques
Larry Leibrock, Ph.D Forensics Tools and Processes for Windows XP Platforms^®
Tim Mullen Neutralizing Nimda: Automated Strikeback
Saumil Shah Top Ten Web Hacks
Track 2 - Black Hat Asia 2002
Jay Beale Attacking and Securing UNIX FTP Servers
Jay Beale Phase II - 2nd Generation Honeynet Technologies
Shaun Clowes Fixing/Making Holes in Binaries		Elfutils Tool	Injectso Tool
Riley "Caezar" Eller Aggressive Security Revisited
Jeremiah Grossman Identifying Web Servers
Dan Kaminsky Black Ops of TCP/IP		Paketto Keiretsu 1.0 tool	3D visualization
David Litchfield Database Security
Haroon Meer & Jaco van Graan Setiri
return to top

Black Hat USA 2002
Miss out on the Black Hat USA 2002 show? Read what others had to say.
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentations - Black Hat USA 2002
Richard Clarke, Office of Cyberspace Security National Strategy for Securing Cyberspace
Luncheon Speakers - Black Hat USA 2002
Richard George, NSA Views On the Future Direction of Information Assurance
Jeff Jonas Non-Obvious Relationship Awareness (NORA) Technology
Application Security - Black Hat USA 2002
Dave Aitel An Introduction to SPIKE
Shaun Clowes Fixing/Making Holes in Binaries		Elfutils Tool Injectso Tool
JD Glaser JD's Toolbox: Fire & Water
Greg Hoglund Application Testing Through Fault Injection Techniques
Marc Schönefeld Security Aspects in Java Bytecode Engineering
Tim Mullen Neutralizing Nimda: Automated Strikeback
Debra Littlejohn Shinder Scene of the Cybercrime
Mark Dowd, Nishad Herath, Neel Mehta, Chris Spencer & Halvar Flake Professional Source Code Auditing
Halvar Flake Graph-Based Binary Analysis
Aaron Higbee & Chris Davis DC Phone Home
Dan Kaminsky Black Ops of TCP/IP
Firewall / Access - Black Hat USA 2002
Jed Haile Hogwash
Diana Kelley & Ian Poynter Single Sign-On 101
Rich Murphey Locking Down Your FreeBSD Install
Rick Smith The Biometrics Dilemma
Roelof Temmingh & Haroon Meer Setiri
Mark Eckenwiler The USA Patriot Act and Criminal Investigations
Ian Goldberg Off the Record Messaging
David Goldman & Robert Marotta Securing Your Computing Environment to Conform to Privacy Regulations
Len Sassaman Forensic Dead-Ends		Mixmaster Tool Nilsimsa Tool
Routing & Infrastructure - Black Hat USA 2002
Ofir Arkin Cracking VoIP Architecture
Sean Convery Hacking Layer 2
FX & kim0 Attacking Networked Embedded Systems
Web, Mail, DNS & Others - Black Hat USA 2002
Jay Beale Attacking and Securing UNIX FTP Servers
Scott Blake The Politics of Vulnerabilities
David Endler & Michael Sutton Web Application Brute Forcing 101
Paul Holman Enterprise Email Security Made Practical
Bruce Potter 802.1x
Mike Schiffman The Need for an 802.11b Toolkit
Dan Veeneman Wireless Overview: Protocols & Threat Models
Dan Veeneman Vulnerabilities of Cellular and Satellite-based Voice and Data Networks
Panels - Black Hat USA 2002
Hacker Court Carole Fennelly, Rebecca Bace, Richard Thieme, Jennifer Granick, Jonathan Klein, Brian Martin, Don Cavender, Jesse Kornblum, Kevin Manson, Simple Nomad, Jack Holleran & Richard P. Salgado
Vulnerability Disclosure: What the Feds Think Michael I. Morgenstern, Richard George, Marcus H. Sachs, O. Sami Saydjari, Steve Lipner, Tom Parker
return to top

Black Hat Windows Security 2002
Track/Speaker/Topic	Presentation	Tools
Keynote Presentation - Black Hat Windows Security 2002
Jennifer S. Granick, Attorney At Law Digital Rights Management Legal Briefing
Tony Sager, National Security Agency Windows Security Configuration Guide
General - Black Hat Windows Security 2002
David Goldman & Todd Feinman & Joe Nocera The Deep Technical Audit: How to Mitigate the Risks Presented in Other Sessions
Jesper Johansson Mobile Computing Security
Eric Schultze How to Stay Up-To-Date On Security Patches
Roelof Temmingh & Haroon Meer Bi-directional Communications in a Heavily Protected Environment
Network - Black Hat Windows Security 2002
Ofir Arkin VoIP: The Next Generation of Phreaking
Stephen Dugan Protecting Your Cisco Infrastructure Against the Latest "Attacktecs"
FX Routing and Tunneling Protocol Attacks
Jonathan Wilkins Taranis
MS Apps - Black Hat Windows Security 2002
Jay Beale & Andrew Hintz Attacking and Defending DNS
Tony Harris & Murugiah Souppaya NIST Recommendations for System Administrators for Securing Windows 2000 Professional
Laura A. Robinson The Devil Inside: Planning Security in Active Directory Design
Thomas Shinder & Jim Harrison Deploying and Securing Microsoft Internet Security and Acceleration Server
Tools of the Trade - Black Hat Windows Security 2002
Erik Pace Birkholz How to Fix a Broken Window
Jeremiah Grossman Web Application Security and Release of "WhiteHat Arsenal"
Urity Cracking NTLMv2 Authentication
Database - Black Hat Windows Security 2002
Chip Andrews MS SQL Server Security Mysteries Explained
JD Glaser One-Way SQL Hacking: Futility of Firewalls in Web Hacking
David Litchfield & Sherief Hammad Oracle Vulnerabilities
Timothy Mullen Web Vulnerability and SQL Injection Countermeasures: Securing Your Servers From the Most Insidious of Attacks
Deep Knowledge - Black Hat Windows Security 2002
Harlan Carvey NT/2K Incident Response and Mining for Hidden Data: Post Mortem of a Windows Box
Halvar Flake Third Generation Exploits on NT/Win2k Platforms
return to top

Black Hat Europe 2001
Track/Speaker/Topic	Presentation	Tools
Keynote Presentation - Black Hat Europe 2001
Scott Blake Politics of Vulnerability Reporting
Wilco van Ginkel The Other Side of Information Security
Deep Knowledge - Black Hat Europe 2001
Shaun Clowes - injectso: Modifying and Spying on Running Processes Under Linux
Dale Coddington & Ryan Permeh Decoding & Understanding Internet Worms
Halvar Flake Third Generation Exploits on NT/Win2k Platforms
Raymond Forbes Active Directory and Group Policy
Anders Ingeborn IDS Evasion Design Tricks for Buffer Overflow Exploits
Tim Mullen Web Vulnerability & SQL Injection Countermeasures
General Track - Black Hat Europe 2001
Ofir Arkin X-Remote ICMP Based OS Fingerprinting Techniqu es
Nicolas Fischbach & Sebastian Lacoste-Seris Protecting your IP Network Infrastructure
FX Routing Protocol Attacks
JD Glaser & Saumil Udayan Shah One-Way SQL Hacking
Jeremiah Grossman Web Application Security
Job de Haas Mobile Security: SMS and WAP
LSD How We Beat the 5th Argus Hacking Contest
David Litchfield Hackproofing Lotus Domino
Marc Witteman Smart Card Security
Panel Discussion Security Issues in the Infrastructure
return to top

Black Hat USA 2001
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentation - Black Hat USA 2001
James Bamford Researching Secrets, Part II
William Tafoya & Kevin Manson Career Routing for the Ethical Coder
Luncheon Speakers - Black Hat USA 2001
Bruce Schneier Paradigms Lost: Engineering vs. Risk Management.
Richard Thieme Defending the Information Web
Deep Knowledge - Black Hat USA 2001
Ofir Arkin Introducing X: Playing Tricks with ICMP		White Paper
Halvar Flake Hit Them Where It hurts: Finding Holes in COTS Software
George Jelatis Countering the Insider Threat with the Autonomic Distributed Firewall (ADF)
Dan Kaminsky Gateway Cryptography: Hacking Impossible Tunnels Through Improbable Networks with OpenSSH and the GNU Privacy Guard
Last Stage of Delirium Research Group (LSD) UNIX Assembly Codes Development for Vulnerabilities Illustration Purposes		White Paper
Kevin McPeake Falling Dominos Part III
Walter Gary Sharp Key Legal Implications of Computer Network Defense
Lance Spitzner The HoneyNet Project	Powerpoint, White Papers, Tools
More Technical - Black Hat USA 2001
Iván Arce & Max Caceres Automated Penetration Testing
Jay Beale Attacking and Defending BIND / DJBDNS DNS Servers
Marshall Beddoe & Chris Abad The Siphon Project.
Mike Beekey ARP Vulnerabilities: Indefensible Local Network Attacks?
Eric Brandwine & Todd MacDermid: Fnord: A Loadable Kernel Module for Defense and Honeypots
Jeff Nathan & Kevin Depeugh Layer 2 Attacks
Jose Nazario The Future of Internet Worms		White Paper
Tim Newsham Cracking WEP Keys
Daiji Sanai Promiscuous Node Detection Using ARP Packets
Technical - Black Hat USA 2001
Chip Andrews SQL Security Revisited		SQL Ping Tool
Scott Blake DOG of WAR: Attack Box Design
Steven M. Christey CVE Behind the Scenes: The Complexity of Being Simple
Job de Haas GSM / WAP / SMS Security
Robert Hansen Hardening .htaccess Scripts in Apache Environments
Tim Mullen Grabbing User Credentials via W2k ODBC Libraries
Palante Top 25 Overlooked Security Configurations on Your Switches and rRouters
Chad R. Skipper Polymorphism and Intrusion Detection Systems
Andrew van der Stock Alternatives to Honeypots or The dtk
Tools of the Trade - Black Hat USA 2001
Renaud Deraison The Nessus Project	Powerpoint & Tools
Thomas Olofsson Building A Blind IP Spoofed Portscanning Tool
Rain Forest Puppy New Tools at rfp.labs
Martin Roesch Snort
Simple Nomad & Todd Sabin The RAZOR Warez
White Hat Track - Black Hat USA 2001
Mandy Andress Wireless LAN Security
Brian Martin & B.K. DeLong Lessons Learned From attrition.org
Gregory S. Miles Computer Forensics: A Critical Process in Your Incident Response Plan
Daniel VanBelleghem Solving Network Mysteries
Panel: Meet the Press
return to top

Black Hat Asia 2001
there are no audio or video files available for this conference

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentation - Black Hat Asia 2001

Martin Khoo
Post Mortem of a Rootkit Attack

Bruce Schneier
The Three Truths of Computer Security

Deep Knowledge Track - Black Hat Asia 2001

Ofir Arkin
ICMP Usage In Scanning (The Advanced Methods)

Halvar Flake
Finding Holes iIn Closed-source Software (With IDA)

Rain Forest Puppy
Web Assessment Tools

Trust Factory
Falling Dominos

Fyodor Yarochkin & ISS R&D
Non-common Architectures Buffer Overflows

hpux tools

General Track - Black Hat Asia 2001

Shaun Clowes
Breaking In Through The Front Door

Emmanuel Gadaix
Overall Security Review of the GSM Infrastructure

JD Glaser & Saumil Udayan Shah
Web Hacking

David Litchfield
Remote Web Application Disassembly with ODBC Error Messages

Tim Mullen
Restrict Anonymous & the Null User

user-info

user-dump

server trans

Marcus Ranum
IDS Benchmarking

Rooster
IPSec in a Windows 2000 World

IPsec

Protocol Basics

Simple Nomad
Stealth Network Techniques

Panel Discussion: Security vs. Privacy

return to top

Black Hat Windows Security 2001
Track/Speaker/Topic	Presentation	Tools
Keynote Presentation - Black Hat Windows 2001
James Bamford, Author of The Puzzle Palace Researching Secrets, Part 1
Chey Cobb Why Government Systems Fail at Security
Jeff Jonas Cops and Robbers - Cheating Las Vegas
Howell McConnell International Organized Crime and Terrorism
Deep Knowledge - Black Hat Windows 2001
Halvar Flake Auditing Binaries For Security Vulnerabilities
Kevin McPeake & Wouter Aukema Falling Domino's
More Technical Track - Black Hat Windows 2001
Chip Andrews MS SQL Server Security Overview
Ofir Arkin Active & Passive Fingerprinting of Microsoft Based Operating Systems Using the ICMP Protocol
Erik Birkholz & Clinton Mugge Terminal Server
Greg Hoglund Kernel Mode Rootkits		Complete mirror of Rootkit.com with source code
Andrey Malyshev Analysis of Microsoft Office Password Protection System, and Survey of Encryption Holes In Other MS Windows Applications
Paul T. Mobley Sr. Computer Forensics With An Emphasis On The NT Operating System
Panel Discussion The Black Hat Time Machine: What Happens Next Year?
Technical Track - Black Hat Windows 2001
Macy Bergoon Host Based Intrusion Detection Using W2K Auditing Features
Kate Borten Healthcare and New Federal Security Protections
Todd Feinman & David Goldman Safeguarding your Business Assets Through Understanding of the Win32API
JD Glaser & Saumil Shah Web Hacking Par t 1 Hacking Exposed: E-commerce
JD Glaser & Saumil Shah Web Hacking Part 1 & 2
Loki Virtual Private Problems
Mushin Incident Response in a Microsoft World
Rooster, Dan Kurc & William Dixon IPSec in a Windows 2000 World
Todd Sabin Null Sessions, MSRPC, and Windows 2000
Eric Schultz & David LeBlanc Defense in Depth: Winning in Spite of Yourself (aka "Foiling JD")
return to top

Black Hat Europe 2000
Track/Speaker/Topic	Presentation	Ancillary
Keynote Presentation - Black Hat Europe 2000
Jennifer Granick Issues Surrounding International Computer Crime Laws
Stuart Hyde "Plenty of Coppers in Change"
Speaker/Presentation - Black Hat Europe 2000
Ofir Arkin ICMP Usage In Scanning		white paper
HalVar Flake Finding Holes in Closed-source Software
Jobb De Haas Getting Rooted and Never Knowing It
David Litchfield Auditing The Security of Applications
Kevin McPeake & Wouter Aukema Falling Domino Servers
Rooster & J.D. Glaser Defending Your Network with Kerberos
Simple Nomad Strategies for Defeating Distributed Attacks
John Tan What Is Involved In a Forensic Effort
Ask the Experts Panel: Rooster, JD Glasser, Job de Haas, Ofir Arkin, Jennifer Granick, Halvar Flake The panel starts off with the question "What do you see now and in the future as the security trends in your area of expertise?" and expands from there.
return to top

Black Hat USA 2000
Track/Speaker/Topic	Presentation
Keynote Presentation - Black Hat USA 2000
Dominique Brezinski
Hal McConnell Threats from Organized Crime & Terrorists
Arthur Money
Marcus Ranum Full Disclosure and Open Source
Bruce Schneier The Internet and the Death of Security
Brian Snow We Need Assurance
Richard Thieme The Strategies of Sun Tzu and Multiple Levels of Deception
Deep Knowledge - Black Hat USA 2000
Greg Hoglund Advanced Buffer Overflow Techniques
Kingpin & Brian Oblivion Secure Hardware Design
John McDonald & Thomas Lopatic & Dug Song A Stateful Inspection of FireWall-1
Mudge An Analysis of Tactics Used in Discovering "Passive" Monitoring Devices
Rooster & J.D. Glaser Defending Your Network with Active Directory Services
More Technical Track - Black Hat USA 2000
Job de Haas Getting Rooted and Never Knowing It
Joey Advanced Windows NT/2K Security (II)
David LeBlanc Real-world Techniques in Network Security Management
Simple Nomad Strategies for Defeating Distributed Attacks
Technical Track - Black Hat USA 2000
Jason Garms Defending Windows 2000 on the Internet
Ron Gula Bypassing Intrusion Detection Systems
Jericho & Munge Hard-core Web Defacement Statistics Trends and Analysis
Mark Kadrich Intrusion Detection in High Speed Networks
David Litchfield Compromising Web Servers, and Defensive Techniques	abstract
Ron Moritz Proactive Defense Against Malicious Code
Padgett Peterson Securing E-Mail Gateways From Attack
Jeremy Rauch Routers, Switches & More: Part 2
Jeff Thompson Making Unix Secure for the Internet
White Hat Track - Black Hat USA 2000
Scott Blake The Pros and Cons of Hiring Hackers
Jennifer Granick & Mark Eckenwiler What Internet Service Providers Need to Know About the Law
Terry Losonsky National Information Assurance Partnership
Diana Kelly with Edward Schwartz From Policy to Technology, Translating U.S. Privacy Regulations for Implementation. with Edward Schwartz. Part 2-2
Lee Kushner Hiring Trends, Desired Skill Sets, and The State of Employment in the Information Security Industry
Ian Poynter & Diana Kelley The truth about ASPs
Edward G. Schwartz with Diana Kelley Data Privacy: What should the CIO and CISO be doing? Part 1-2
return to top

Black Hat Asia 2000
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentation - Black Hat Asia 2000
Wilfred A. Nathan Computer Crime: The Law Enforcement Perspective
Pierre Noel Why Security Architectures Fail
Speaker/Presentation - Black Hat Asia 2000
Batz Casing the Joint. What We Already Know About Your Network The beginning of the audio is messed up for a few minutes
Caezar Malicious Information Gathering
J.D. Glaser Auditing and Forensics on NT		Greg Hoglund - Caught!
Jennifer Granick International Legal Issues Surrounding Computer Hacking		Field Notes
Greg Hoglund Advanced Buffer Overflow Techniques
Joey Advanced Windows NT Security
Martin Khoo Responding to Cyber Threats
Marcus Ranum Intrusion Detection and Network Forensics		Long Version
Jeremy Rauch Routers, Switches & More: Part 1
Panel: Q&A: Ask the Experts Panel moderated by Jeff Moss. Check out the full disclosure debate!
return to top

Black Hat USA 1999

Track/Speaker/Topic

Presentation

Keynote Presentation - Black Hat USA 1999

William R. Cheswick
Security Ideas From All Over

William R. Cheswick
The Internet Mapping Project

Dr. Jeffrey A. Hunker
Introduction by John Davis
Protecting America’s Cyberspace: Version 1.0 of the National Plan

Dr. Mudge

Bruce Schneier
Mistakes and Blunders: A Hacker Looks At Cryptography

Technical Track - Black Hat USA 1999

Batz
Security Issues Affecting Internet Transit Points and Backbone Providers

David Bovee
VPN Architectures: Looking at the Complete Picture

Dominique Brezinski
Building a Forensic Tool kit That Will Protect You From Evil Influences

Ed Gerck
Overview of Certification Systems: x.509, CA, PGP and SKIP

JD Glaser
Auditing NT - Catching Greg Hoglund

Brent Huston
Appliance Firewalls: A Detailed Review

Rooster
DNS Security Issues

Eric Schultze & George Kurtz
Over the Router, Through the Firewall, to Grandma’s House We Go

Peter Shipley & Tom Jackiewicz
Security Issues with Implementing and Deploying the LDAP Directory System

Simple Nomad
Modern NetWare Hacking

General Track - Black Hat USA 1999

Sarah Gordon
Viruses in the Information Age

Greg Hoglund
1000 Hackers in a Box: Failings of "Security Scanners."

Larry Korba
Hope, Hype, Horrors... E-Commerce Explored

Marcus Ranum
Burglar Alarms and Booby Traps

Jeremy Rauch
How Responsive are Vendors to Security Problems When They Aren't Being Pressured by Someone Threatening To Go Public?

Mike Schiffman
The Firewalk Tool

Eugene Schultz
Security Issues with Configuring and Maintaining an IIS 4 Server

Adam Shostack
Towards A Taxonomy of Network Security Testing Techniques

Peter Stephenson
Introduction to Cyber Forensic Analysis

Panel: Competitive Intelligence
Moderated by Sangfroid.
Pannelists include: Dr. Mudge, Mike Schiffman, Batz, Jeremy Rauch, Dean Turner, Space Rogue, Sir Distic

White Hat Track - Black Hat USA 1999

Scott Culp
Building a Security Response Process

Jon David
Putting Intrusion Detection into Intrusion Detection Systems

Jennifer Grannick
Forensic Issues in Hacker Prosecutions

Rob Karas
Open Source Monitoring

Jim Litchko
Total BS Security: Business-based Systems Security

Teresa Lunt
Taxonomy of Intrusion Detection Systems

Padgett Peterson
Overlooked Local Attack Techniques

G. Alec Tatum, III & Rich Alu
Managing the External Environment

Ira Winkler
The issues Surrounding The Hiring of "Hackers."

Rebecca Base
Security (or the lack thereof) and "Our Friends In Redmond"

Panel - John Davis, William Ozier
Overview of risk of your corporate infrastructure. They will then discuss what are the concerns from external & internal viewpoints with management and technical points of concern

return to top

Black Hat USA 1998
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentation - Black Hat USA 1998
Marcus Ranum How to REALLY Secure the Internet
Bruce Schneier Mistakes and Blunders: A Hacker Looks at Cryptography
Richard Thieme Convergence— Every Man (and Woman) a Spy
Technical Track - Black Hat USA 1998
Dominique Brezinski Penetrating NT Networks Through Information Leaks and Policy Weaknesses		Presentation Notes! 6k , #2, #3, #4, #5
John Bailey SOCKS, PPTP & IPSec: Implementation & Futures
Ian Goldberg Cell Phone Security: A History and The State of the Art
Dr. Mudge Problems with VPN Technologies
Tom Ptacek Problems with Intrusion Detection Systems
General Track - Black Hat USA 1998
Jennifer Granick What's Different About Evidence in Computer Crime litigation
Patrick Richard Open Network PKI Design Issues or Business as Usual”
Bruce K. Marshall Statistical Analysis of Reusable Password Systems and Their Alternatives
Ira Winkler Information Security: Beyond the Hype
return to top

-->

Black Hat USA 1997
Speaker/Topic	Presentation	Ancillary
Keynote Presentation - Black Hat USA 1997
Richard Thieme
Speaker/Presentation - Black Hat USA 1997
Dominique Brezinski Security Posture Assessment (SPA) of Windows NT Networks
Miles Connley Firewalls: Not Enough of a Good Thing
Chris Goggans Internet Attack Methodologies
Hobbit Microsoft LM athentication, CIFS, and All Kinds of Password Problems
Ray Kaplan Meet The Enemy
Mudge Secure Coding Practices and Source Code Analysis
QMaster Secure Implementations of ActiveX in a Corporate Environment
Priest Building the Business Case for Management for Increased Security
Jeremy Rauch Security Implications of Distributed Network Management
Route TCP/IP Insecurities		readme file Download DOS.tgz Download sniff.tgz Download misc.tgz Download Phrack 48, 49, and 50
Bruce Schneier Why Cryptograpy is Harder Than it Looks		website
Peter Shipley Securing your Network with Free Utilities		references website
Adam Shostack Code Reviews: Making them Worthwhile		website
Sluggo Denial of Service Attacks, and Defensive Strategies
Ira Winkler Who are the Real Black Hats?
return to top

Media Server Hosted By:

Complex Drive - Reliable, Secure, and Responsive Business Internet