Black Hat USA 2008 Archives
Black Hat USA 2008 Presentations are listed alphabetically by speaker.
Keynote: Complexity in Computer Security: a Risky Business
Ian O. Angell, Professor of Information Systems. London School of Economics
Winning the Race to Bare Metal – UEFI Hypervisors
Don Bailey, Martin Mocko
Track: Turbo Talk
Keynote: Natural Security
Rod Beckström, Director of the National Cyber Security Center
RE:Trace - Applied Reverse Engineering on OS X
Tiller Beauchamp, David Weston
Track: Reverse Engineering
Predictable RNG in the Vulnerable Debian OpenSSL package, the What and the How
Luciano Bello, Maximiliano Bertacchini
Track: Network
When Lawyers Attack: Dealing With the New Rules of Electronic Discovery
John Benson
Track: Deep Knowledge
No More 0-Days (or Code-Based Intrusion Detection by Korset)
Ohad Ben-Cohen
Track: 0-Day Defense
Free-Space Quantum Key Distribution at GHz Transmission Rates
Joshua Bienfang
Track: Turbo Talks
Active 802.11 Fingerpinting: a "Secret Handshake" to Know Your APs
Sergey Bratus
Track: OTA
SmartCard APDU Analysis
Ivan Buetler
Track: Hardware
Insane Detection of Insane Rootkits: Chipset Based Approach to Detect Virtualization Malware
Yuriy Bulygin
Track: Root Kit Arms Race
FLEX, AMF 3 and BlazeDS: An Assessment
Jacob Carlson, Kevin Stadmeyer
Track: App Sec 1.0 / 2.0
Cisco IOS Shellcodes/Backdoors
Gyan Chawdhary, Varun Uppal
Track:
SQL Injection Worms for Fun and Profit
Justin Clarke
Track: Turbo Talks
Commission on Cyber Security for the 44th Presidency
Panel Discussion
Visual Forensic Analysis and Reverse Engineering of Binary Data
Greg Conti, Erik Dean
Track: Forensics & Anti Forensics
iRK - Crafting OS X Kernel Rootkits
Jesse D'Aguanno
Track: Rootkits Arms Race
Methods for Understanding Targeted Attacks with Office Documents
Bruce Dang
Track: App Sec 1.0 / 2.0
AppSec A-Z: Reverse Engineering, Source Code Auditing, Fuzzing, and Exploitation
Jared DeMott
Track: App Sec 1.0 / 2.0
Bad Sushi: Beating Phishers at Their Own Game
Nitesh Dhanjani, Senior Manager
Billy Rios, Microsoft
Track: Bots and Malware
Next Generation Collaborative Reversing with Ida Pro and CollabREate
Chris Eagle, Tim Vidas
Track: App Sec 1.0/ 2.0
A New Breed of Rootkit: The System Management Mode (SMM) Rootkit
Shawn Embleton, Sherri Sparks
Track: Root Kit Arms Race
Encoded, Layered, and Trancoded Syntax Attacks: Threading the Needle past Web Application Security Controls
Arian Evans
Track: App Sec 1.0 / 2.0
Hacker Court 2008: Hack MyFace
Carole Fennelly, Paul Ohm, Richard Salgado, Kurt Opsahl, Jennifer Granick, Richard Thieme, Peiter Zatko, Brian Martin, Simple Nomad, Jonathan Klein, Caitlin Klein, Ryan Bulat
Track: Reception, Day 1
Passive and Active Leakage of Secret Data from Non Networked Computer
Eric Filiol
Track:
Threats to the 2008 Presidential Election (and more)
Oliver Friedrichs
Track: App Sec 1.0 / 2.0
Taking the Hype Out of Hypervisors
Tal Garfinkel
Track: Virtualization
Side-channel Timing Attacks on MSP430 Microcontroller Firmware
Travis Goodspeed
Track: Hardware
Get Rich or Die Trying - "Making Money on The Web, The Black Hat Way"
Jeremiah Grossman, Trey Ford
Track: Web 2.0
Hacking and Injecting Federal Trojans.
Lukas Grunwald
Track: Forensics & Anti Forensics
Decompilers and Beyond
Ilfak Guilfanov
Track:
Got Citrix, Hack It!
Shanit Gupta
Track: Turbo Talks
Attacking the Vista Heap
Ben Hawkes
Track: 0-Day
The Four Horsemen of the Virtualization Security Apocalypse
Christofer Hoff
Track: Virtualization
Circumventing Automated JavaScript Analysis Tools
Billy Hoffman
Track:
Protecting Vulnerable Applications with IIS7
Brian Holyfield
Track: Turbo Talks
Virtually Secure
Oded Horovitz
Track: Virtualization
Metamorphic / Polymorphic Malware DNA
Chet Hosmer
Track: Turbo Talks
Pointers and Handles, A Story Of Unchecked Assumptions In The Windows Kernel
Alex Ionescu
Track: 0-Day
Black Ops 2008 -- Its The End Of The Cache As We Know It
Dan Kaminsky
Track: The Network
Vista and ActiveX Controls
Su Yong Kim
Track: Turbo Talks
New Classes of Security and Privacy Vulnerabilities for Implantable Wireless Medical Devices
Tadayoshi Kohno, Kevin Fu
Track:
Jinx - Malware 2.0
Itzik Kotler, Jonathan Rom
Track: Bots & Malware
Mobile Phone Messaging Anti-Forensics
Zane Lackey, Luis Miras
Track: Forensics
Deobfuscator: an Automated Approach to the Identification and Removal of Code Obfuscation
Eric Laspe
Track: Turbo Talks
Highway to Hell: Hacking Toll Systems
Nate Lawson
Track: OTA
Bluetooth v2.1 - a New Security Infrastructure and New Vulnerabilities
Andrew Lindell
Track: OTA
Developments in Cisco IOS Forensics
Felix Lindner
Track: Forensics
Oracle Forensics
David Litchfield
Track: Forensics & Anti Forensics
The Internet is Broken: Beyond Document.Cookie - Extreme Client Side Exploitation
Nathan McFeters, John Heasman, Rob Carter
Track: App Sec 1.0 / 2.0
Braving the Cold: New Methods for Preventing Cold Boot Attacks on Encryption Keys
Patrick McGregor
Track: 0-Day Defense
Pushing the Camel through the Eye of a Needle
SensePost
Track: Web 2.0
Meet the Feds 2008
Panel Discussion
Reverse DNS Tunneling Shellcode
Ty Miller
Track: 0-Day
Satan is on My Friends List: Attacking Social Networks
Shawn Moyer, Nathan Hamiel
Track: App Sec 1.0 / 2.0
Viral Infections in Cisco IOS
Ariel Futoransky
Track: Rootkit Arms Race
A Hypervisor IPS based on Hardware Assisted Virtualization Technology
Junichi Murakami
Track: Virtualization
Mifare -- Little Security, Despite Obscurity
Karsten Nohl
Track: Hardware
Living in the RIA World: Blurring the Line Between Web and Desktop Security
Alex Stamos, Justine Osborne
Track: App Sec 1.0 / 2.0
Mobitex Network Security
olleB
Track: OTA
Software Radio and the Future of Wireless Security
Michael Ossmann
Track: OTA
Playing by Virtual Security Rules: How Virtualization Changes Everything and What to Do About It
Steve Pate
Track: Turbo Talks
Client-side Security
Petko D. Petkov
Track: App Sec 1.0 / 2.0
Malware Detection Through Network Flow Analysis
Bruce Potter
Track: The Network
Temporal Reverse Engineering
Danny Quist, Colin Ames
Track: Reverse Engineering
Secure the Planet! New Strategic Initiatives from Microsoft to Rock Your World
Mike Reavey, Steve Adegbite, Katie Moussouris
Track: Deep Knowledge
No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler UsingTraffic Profiling
Ivan Ristic, Ofer Shezaf
Track: 0-Day Defense
Alternative Medicine: The Malware Analyst's Blue Pill
Paul Royal
Track: Reverse Engineering
Detecting & Preventing the Xen Hypervisor Subversions
Joanna Rutkowska, Rafal Wojtczuk
Track: Virtualization
Bluepilling the Xen Hypervisor
Alexander Tereshkin, Joanna Rutkowska
Track: Virtualization
Return-Oriented Programming: Exploits Without Code Injection
Hovav Shacham
Track: 0-Day
Meet The Owner Of a Real Hacked Company - Forensic Investigation
Mark Shelhart
Track: Turbo Talks
MetaPost-Exploitation
Val Smith, Colin Ames
Track: App Sec 1.0 / 2.0
How To Impress Girls With Browser Memory Protection Bypasses
Alexander Sotirov, Mark Dowd
Track: App Sec 1.0 / 2.0
Deeper Door - Exploiting the NIC Chipset
Sherri Sparks, Shawn Embleton
Track: Root Kit Arms Race
A Fox in the Hen House (UPnP IGD)
Jonathan Squire
Track: Turbo Talks
Living in the RIA World: Blurring the Line Between Web and Desktop Security
Alex Stamos
Track: App Sec 1.0 /2.0
Concurrency Attacks in Web Applications
Scott Stender
Track: App Sec 1.0 / 2.0
Protocols and Encryption of The Storm Botnet
Joe Stewart
Track: Bots & Malware
Xploiting Google Gadgets: Gmalware and Beyond
Tom Stracener
Track: Bots & Malware
Windows Hibernation File for Fun and Profit.
Matthieu Suiche
Track: Deep Knowledge
REST for the Wicked
Bryan Sullivan
Track: Web 2.0
Inducing Momentary Faults Within Secure Smartcards / Microcontrollers
Christopher Tarnovsky
Track: Hardware
ePassports Reloaded
Jeroen van Beek
Track: Privacy & Anonymity
Nmap: Scanning the Internet
Fyodor Vaskovich
Track: The Network
Iron Chef: Fuzzing Challenge
Jacob West, Brian Chess, Charlie Miller, Sean Fay, Geoff Morrison, Jacob Honoroff
Track: 0-day
Subverting the Xen Hypervisor
Rafal Wojtczuk
Track: Virtualization
Leveraging the Edge: Abusing SSL VPNs
Mike Zusman
Track: The Network
