Past speeches and talks from the Black Hat Briefings computer security conferences. The Black Hat Briefings USA 2005 was held July 27-28 in Las Vegas at Caesars Palace. A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-05/bh-usa-05-index.html Black Hat Briefings bring together a unique mix in security: the best minds from government agencies and global corporations with the underground's most respected hackers. These forums take place regularly in Las Vegas, Washi ...
…
continue reading
Past speeches and talks from the Black Hat Briefings computer security conferences. The Black Hat Briefings USA 2006 was held August 2-3 in Las Vegas at Caesars Palace. Two days, fourteen tracks, over 85 presentations. Dan Larkin of the FBI was the keynote speaker. Celebrating our tenth year anniversary. A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-06/bh-usa-06-index.html Black Hat Briefings bring together a unique mix in security: the best minds from governm ...
…
continue reading
Past speeches and talks from the Black Hat Briefings computer security conferences. The Black Hat Briefings USA 2006 was held August 2-3 in Las Vegas at Caesars Palace. Two days, fourteen tracks, over 85 presentations. Dan Larkin of the FBI was the keynote speaker. Celebrating our tenth year anniversary. A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-06/bh-usa-06-index.html Black Hat Briefings bring together a unique mix in security: the best minds from governm ...
…
continue reading
1
Philip R. Zimmermann: The Unveiling of My Next Big Project
50:49
50:49
나중에 재생
나중에 재생
리스트
좋아요
좋아요
50:49
Philip R. Zimmermann is the creator of Pretty Good Privacy. For that, he was the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread all around the world following its 1991 publication as freeware. Despite the lack of funding, the lack of any…
…
continue reading
1
Adam L. Young: Building Robust Backdoors In Secret Symmetric Ciphers
48:55
48:55
나중에 재생
나중에 재생
리스트
좋아요
좋아요
48:55
This talk will present recent advances in the design of robust cryptographic backdoors in secret symmetric ciphers (i.e., classified or proprietary ciphers). The problem directly affects end-users since corporations and governments have in the past produced secret symmetric ciphers for general use (e.g., RC4 and Skipjack, respectively). The problem…
…
continue reading
1
Alex Wheeler and Neel Mehta: Owning Anti-Virus: Weaknesses in a Critical Security Component
1:05:10
1:05:10
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:05:10
AV software is becoming extremely popular because of the its percieved protection. Even the average person is aware they want AV on their computer (see AOL, Netscape, Netzero, Earthlink, and other ISP television ads). What if: Instead of protecting ppl from hackers AV software was actually making it easier for hackers? This talk will outline genera…
…
continue reading
1
Paul Vixie: Preventing Child Neglect in DNSSEC-bis using Lookaside Validation
1:15:01
1:15:01
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:15:01
Paul Vixie has been contributing to Internet protocols and UNIX systems as a protocol designer and software architect since 1980. Early in his career, he developed and introduced sends, proxynet, rtty, cron and other lesser-known tools. Today, Paul is considered the primary modern author and technical architect of BINDv8 the Berkeley Internet Name …
…
continue reading
1
Eugene Tsyrklevich: Ozone HIPS: Unbreakable Windows
1:16:57
1:16:57
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:16:57
Windows is the number one target on the Internet today. It takes less than 5 minutes for an unpatched Windows machine, connected to the Internet, to get owned. Yet the most prevalent security practices still consist of running anti-viruses and constant patching. This presentation introduces a new tool, called Ozone, that is designed to protect agai…
…
continue reading
1
Andrew van der Stock: World Exclusive - Announcing the OWASP Guide To Securing Web Applications and Services 2.0
53:49
53:49
나중에 재생
나중에 재생
리스트
좋아요
좋아요
53:49
After three years of community development, the Open Web Application Security Project (OWASP) is proud to introduce the next generation of web application security standards at BlackHat USA 2005. The Guide to Securing Web Applications and Services 2.0 is a major new release - written from the ground up, with many new sections covering common and em…
…
continue reading
When we built Metasploit, our focus was on the exploit development process. We tried to design a system that helped create reliable and robust exploits. While this is obviously very important, it's only the first step in the process. What do you do once you own EIP? Our presentation will concentrate on the recent advancements in shellcode, IDS/fire…
…
continue reading
1
Alex Stamos and Scott Stender: Attacking Web Services: The Next Generation of Vulnerable Enterprise Apps
1:12:18
1:12:18
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:12:18
Web Services represent a new and unexplored set of security-sensitive technologies that have been widely deployed by large companies, governments, financial institutions, and in consumer applications. Unfortunately, the attributes that make web services attractive, such as their ease of use, platform independence, use of HTTP and powerful functiona…
…
continue reading
1
Michael Sutton and Adam Greene: The Art of File Format Fuzzing
43:18
43:18
나중에 재생
나중에 재생
리스트
좋아요
좋아요
43:18
In September 2004, much hype was made of a buffer overflow vulnerability that existed in the Microsoft engine responsible for processing JPEG files. While the resulting vulnerability itself was nothing new, the fact that a vulnerability could be caused by a non-executable file commonly traversing public and private networks was reason for concern. …
…
continue reading
1
Sherri Sparks and Jamie Butler: "Shadow Walker" - Raising The Bar For Rootkit Detection
1:14:10
1:14:10
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:14:10
Last year at Black Hat, we introduced the rootkit FU. FU took an unprecented approach to hiding not previously seen before in a Windows rootkit. Rather than patching code or modifying function pointers in well known operating system structures like the system call table, FU demonstrated that is was possible to control the execution path indirectly …
…
continue reading
This presentation will cover the eEye BootRoot project, an exploration of technology that boot sector code can use to subvert the Windows NT-family kernel and retain the potential for execution, even after Windows startup-a topic made apropos by the recent emergence of Windows rootkits into mainstream awareness. We will provide some brief but techn…
…
continue reading
1
Paul Simmonds: The Jericho Challenge - Finalist Architecture Presentations and Awards
41:11
41:11
나중에 재생
나중에 재생
리스트
좋아요
좋아요
41:11
The days of the corporate network, completely isolated with a well-secured outer shell are long gone; yet we continue to cling to this model. Global networks with no borders, offer the potential of substantial savings in communications costs, maximum network agility and instant connectivity for clients and partners. Can you secure this incredibly c…
…
continue reading
1
SensePost: Automation - Deus ex Machina or Rube Goldberg Machine?
1:06:46
1:06:46
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:06:46
How far can automation be taken? How much intelligence can be embodied in code? How generic can automated IT security assessment tools really be? This presentation will attempt to show which areas of attacks lend themselves to automation and which aspects should best be left for manual human inspection and analyses. SensePost will provide the audie…
…
continue reading
1
Mike Pomraning: Injection Flaws: Stop Validating Your Input
29:21
29:21
나중에 재생
나중에 재생
리스트
좋아요
좋아요
29:21
Years after the debut of XSS and SQL Injection, each passing week sees newly disclosed vulnerabilities ready to be exploited by these same techniques. Labelling all of these as "input validation flaws" isn't helping anymore. In this Turbo Talk we turn the situation upside-down to get a better perspective, and cover specific techniques to address th…
…
continue reading
1
Ejovi Nuwere and Mikko Varpiola: The Art of SIP fuzzing and Vulnerabilities Found in VoIP
1:04:21
1:04:21
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:04:21
This presentation will cover SIP and VoIP related automated fuzzing techniques. Using real world vulnerabilities and audit engagements we will give a technical understanding of this emerging technology and its common attack vectors. The techniques discussed in this talk will not only be limited to SIP but will apply to methodical audit approaches f…
…
continue reading
1
Mudge aka Peiter Mudge Zatko: Economics, Physics, Psychology and How They Relate to Technical Aspects of Counter Intelligence/Counter Espionage Within Information Security
1:11:11
1:11:11
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:11:11
The computer and network security fields have made little progress in the past decade. The rhetoric that the field is in an arms race; attacks are becoming more complicated and thus defenses are always in a keep-up situation makes little sense when 10 year old root kits, BGP and DNS attacks that have been widely publicized for years, and plain-text…
…
continue reading
Jeff Moss, founder of Black Hat, invites Chief Information Security Officers from global corporations to join him on stage for a unique set of questions and answers. What do CISOs think of Black Hat, David Litchfield, Dan Kaminsky, Joe Grand, Johnny Long, Metasploit, and DEFCON? How many years before deperimeterization is a reality? Is security res…
…
continue reading
1
Shawn Moyer: Owning the C-suite: Corporate Warfare as a Social Engineering Problem
18:36
18:36
나중에 재생
나중에 재생
리스트
좋아요
좋아요
18:36
Let's face it, you ROCK at building InfoSec tech, but you SUCK at corporate warfare. Sooner or later, you WILL have to sit in a boardroom with the suits and justify your existence. If you approach your own survival and that of your security team's as a Social Engineering problem, it can not only work for you, but it can be FUN. Don't let them own y…
…
continue reading
1
Robert Morris: The Non-Cryptographic Ways of Losing Information
1:02:59
1:02:59
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:02:59
To fully understand how to protect crucial information in the modern world, one needs to fully understand how the modern spy steals it. Since the glorious days of cryptanalysis during World War II, the art of stealing and protecting information has drastically changed. Using over 25 years of NSA field-stories, this talk will highlight the lesser-kn…
…
continue reading
As a result of the Real-ID Act, all American citizens will have an electronically readable ID card that is linked to the federal database by May 2008. This means that in three years we will have a National ID card system that is being unilaterally controlled by one organization (DHS) whether we want it or not. Organizations such as the ACLU are alr…
…
continue reading
During the course of 2004 and 2005, we have responded to dozens of computer security incidents at some of America's largest organizations. Mr. Mandia was on the front lines assisting these organizations in responding to international computer intrusions, theft of intellectual property, electronic discovery issues, and widespread compromise of sensi…
…
continue reading
1
David Maynor: NX: How Well Does It Say NO to Attacker's eXecution Attempts?
36:40
36:40
나중에 재생
나중에 재생
리스트
좋아요
좋아요
36:40
NX. It's known by different names to different people. AMD calls it Enhanced Virus Protection, or EVP. Microsoft calls its support Data Execution Prevention, or DEP. After the press about how this new technology will stop hackers and worms in their tracks, many people call it a modern marvel. But this new technology has several layers of confusion …
…
continue reading
1
Simple Nomad and MadHat Unspecific: SPA: Single Packet Authorization
19:27
19:27
나중에 재생
나중에 재생
리스트
좋아요
좋아요
19:27
We needed a protocol that allowed us to tell a server that we are who we say we are, have it work across NAT, use TCP, UDP, or ICMP as the transport mechanism, act as an extra layer of security, and be secure itself. Oh, and do so with a single packet. Sound crazy? It's actually very useful. We've come up with a Single Packet Authorization (SPA). T…
…
continue reading
Google Hacking returns for more guaranteed fun this year at Blackhat USA! If you haven't caught one of Johnny's Google talks, you definitely should. Come and witness all the new and amazing things that can be done with Google. All new for BH USA 2005, Johnny reveals basic and advanced search techniques, basic and advanced hacking techniques, multi-…
…
continue reading
David Litchfield leads the world in the discovery and publication of computer security vulnerabilities. This outstanding research was recognised by Information Security Magazine who voted him as 'The World's Best Bug Hunter' for 2003. To date, David has found over 150 vulnerabilities in many of today's popular products from the major software compa…
…
continue reading
There are many circumstances under which we would like to run code we don't trust. This talk presents a method for making that possible with various popular scripting languages-the test case is Perl, but the technique will work with other languages. Also presented is an open source implementation for Perl, and various examples of its use - for inst…
…
continue reading
1
Alexander Kornbrust: Circumvent Oracle's Database Encryption and Reverse Engineering of Oracle Key Management Algorithms
59:58
59:58
나중에 재생
나중에 재생
리스트
좋아요
좋아요
59:58
This talk describes architecture flaws of the Oracle's database encryption packages dbms_crypto and dbms_obfuscation_toolkit. These encryption packages are used to encrypt sensitive information in the database. A hacker can intercept the encryption key and use this key to decrypt sensitive information like clinical data, company secrets or credit c…
…
continue reading
1
Joseph Klein: The Social Engineering Engagement Methodology - A Formal Testing process of the People and Process
40:54
40:54
나중에 재생
나중에 재생
리스트
좋아요
좋아요
40:54
The security of an organization is composed of technology, people and processes. In the last few years, many organizations have done a good job addressing technology but have focused very little on the people and processes. This presentation reviews the formal methodology for performing Social Engineering Engagements. The method is divided into fou…
…
continue reading
1
Barnaby Jack: Remote Windows Kernel Exploitation - Step In To the Ring 0
36:08
36:08
나중에 재생
나중에 재생
리스트
좋아요
좋아요
36:08
Almost every possible method and technique regarding Windows exploitation has been discussed in depth. Surprisingly, a topic that has rarely been touched on publicly is the remote exploitation of Win32 kernel vulnerabilities; a number of kernel vulnerabilities have been published, yet no exploit code has surfaced in the public arena. I predict we w…
…
continue reading
1
Ken Hines: Using Causal Analysis to Establish Meaningful Connections between Anomalous Behaviors in a Networking Environment
24:48
24:48
나중에 재생
나중에 재생
리스트
좋아요
좋아요
24:48
Fueled by business needs such as supply chain integration and outsourcing, modern enterprises must open up portions of their networks to potentially untrusted outsiders. Combined with the troubling aspects of malicious insiders, ever more sophisticated attacks, increasing network complexity, and strong pressure from regulatory bodies to rapidly ide…
…
continue reading
1
Robert J. Hansen and Meredith L. Patterson: Stopping Injection Attacks with Computational Theory
49:29
49:29
나중에 재생
나중에 재생
리스트
좋아요
좋아요
49:29
Input validation is an important part of security, but it's also one of the most annoying parts. False positives and false negatives force us to choose between convenience and security-but do we have to make that choice? Can't we have both? In this talk two University of Iowa researchers will present new methods of input validation which hold promi…
…
continue reading
1
Allen Harper and Edward Balas: GEN III Honeynets: The birth of roo
51:27
51:27
나중에 재생
나중에 재생
리스트
좋아요
좋아요
51:27
A Honeypot is a information gathering system, designed for attackers to interact with. A honeynet, simply put, is a network of honeypots. The key component of a honeynet is the honeywall. The honeywall is used to provide the following capabilities: * Data Capture. The ability to collect information about the attack. * Data Control. The ability to r…
…
continue reading
The use of phishing/cross-site scripting hybrid attacks for financial gain is spreading. It's imperative that security professionals familiarize themselves with these new threats to protect their websites and confidential corporate information. This isn't just another presentation about phishing scams or cross-site scripting. We're all very familia…
…
continue reading
1
The Grugq: The Art of Defiling: Defeating Forensic Analysis
1:09:18
1:09:18
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:09:18
The Grugq has been at the forefront of forensic research for the last six years, during which he has been pioneering in the realm of anti-forensic research and development. During this time, he has also worked with a leading IT security consultancy and been employed at a major financial institution. Most recently he has been involved with an innova…
…
continue reading
1
Jennifer Stisa Granick: Top Ten Legal Issues in Computer Security
1:12:57
1:12:57
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:12:57
This will be a practical and theoretical tutorial on legal issues related to computer security practices. In advance of the talk, I will unscientifically determine the "Top Ten LegalQuestions About Computer Security" that Black Hat attendees have and will answer themas clearly as the unsettled nature of the law allows. While the content of the talk…
…
continue reading
1
Joe Grand: Can You Really Trust Hardware? Exploring Security Problems in Hardware Devices
1:12:47
1:12:47
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:12:47
Most users treat a hardware solution as an inherently trusted black box. "If it's hardware, it must be secure," they say. This presentation explores a number of classic security problems with hardware products, including access to stored data, privilege escalation, spoofing, and man-in-the-middle attacks. We explore technologies commonly used in th…
…
continue reading
1
Kenneth Geers: Hacking in a Foreign Language: A Network Security Guide to Russia (and Beyond)
1:01:42
1:01:42
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:01:42
Has your network ever been hacked, and all you have to show for your investigative efforts is an IP address belonging to an ISP in Irkutsk? Are you tired of receiving e-mails from Citibank that resolve to Muscovite IP addresses? Would you like to hack the Kremlin? Or do you think that the Kremlin has probably owned you first? Maybe you just think t…
…
continue reading
1
James C. Foster and Vincent T. Liu: Catch Me If You Can:Exploiting Encase, Microsoft, Computer Associates, and the rest of the bunch.
57:41
57:41
나중에 재생
나중에 재생
리스트
좋아요
좋아요
57:41
Don't get caught. Building off of Foster's log manipulation and bypassing forensics session at BlackHat Windows 2004, James C. Foster and Vincent T. Liu will share over eighteen months of continued private forensic research with the Black Hat audience including ground-breaking vulnerabilities and key weaknesses in some of the most popular tools use…
…
continue reading
1
Esteban Martinez Fayo: Advanced SQL Injection in Oracle Databases
52:03
52:03
나중에 재생
나중에 재생
리스트
좋아요
좋아요
52:03
This presentation shows new ways to attack Oracle Databases. It is focused on SQL injection vulnerabilities and how can be exploited using new techniques. It also explains how to see the internal PL/SQL code that is vulnerable in Oracle built-in procedures and examples using recently discovered vulnerabilities. Buffer overflows, remote attacks usin…
…
continue reading
In a refreshing different format, Foster cracks the audience with a twenty minute comedic dissertation of the past year in the information security industry. Performing standup, Foster will roast the year's worst companies' business mistakes, stereotypes, books, websites, Fucked Company security excerpts in addition to posing fun of those who don't…
…
continue reading
1
Arian J. Evans and Daniel Thompson: Building Self-Defending Web Applications: Secrets of Session Hacking and Protecting Software Sessions
21:51
21:51
나중에 재생
나중에 재생
리스트
좋아요
좋아요
21:51
Web applications are constantly under attack, and must defend themselves. Sadly, today, most cannot. There are several key elements to building self-defending software but only a few are focused on today, including input validation, output encoding, and error handling. Strong Session Handing and effective Authorization mechanisms are almost complet…
…
continue reading
1
Yuan Fan: Advance SQL Injection Detection by Join Force of Database Auditing and Anomaly Intrusion Detection
20:01
20:01
나중에 재생
나중에 재생
리스트
좋아요
좋아요
20:01
This topic will present the proposal/idea/work from the author's master graduate project about effective detection of SQL Injection exploits while lowering the number of false positives. It gives detail analysis example of how database auditing could help this case, and also presents the challenge with anomaly detection for this attack and how the …
…
continue reading
1
Himanshu Dwivedi: iSCSI Security (Insecure SCSI)
1:11:48
1:11:48
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:11:48
Himanshu Dwivedi's presentation will discuss the severe security issues that exist in the default implementations of iSCSI storage networks/products. The presentation will cover iSCSI storage as it pertains to the basic principals of security, including enumeration, authentication, authorization, and availability. The presentation will contain a sh…
…
continue reading
1
Bryan Cunningham and C. Forrest Morgan: U.S National Security, Individual and Corporate Information Security, and Information Security Providers
1:30:10
1:30:10
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:30:10
This presentation, by a former Deputy Legal Adviser to the White House National Security Council, and author of a chapter on legal issues in the forthcoming "Case Studies for Implementing the NSA IEM," will provide information security consultants and information technology providers alike with insights into: how emerging United States national sec…
…
continue reading
The Shatter attack uses the Windows API to subvert processes running with greater privilege than the attack code. The author of the Shatter code has made strong claims about the difficulty of fixing the underlying problem, while Microsoft has, with one exception, claimed that the attack isn't a problem at all. Whether or not Shatter is indeed an ex…
…
continue reading
1
Greg Conti: Beyond Ethereal: Crafting A Tivo for Security Datastreams
1:10:19
1:10:19
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:10:19
Ethereal is a thing of beauty, but ultimately you are constrained to a tiny window of 30-40 packets that is insufficient when dealing with network datasets that could be on the order of millions of packets. In addition, it only displays traffic from packet captures and lacks the ability to incorporate and correlate other security related datastream…
…
continue reading
1
Robert W. Clark: Legal Aspects of Computer Network Defense-A Government Perspective and A Year in Review Important Precedents in Computer and Internet Security Law 2004 - 2005
1:15:00
1:15:00
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:15:00
This presentation looks at computer network defense and the legal cases of the last year that affect internet and computer security. This presentation clearly and simply explains (in non-legal terms) the legal foundations available to service providers to defend their networks. Quickly tracing the legal origins from early property common-law doctri…
…
continue reading
1
Ian Clarke and Oskar Sandberg: Routing in the Dark: Scalable Searches in Dark P2P Networks.
1:00:44
1:00:44
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:00:44
It has become apparent that the greatest threat toward the survival of peer to peer, and especially file sharing, networks is the openness of the peers themselves towards strangers. So called "darknets"-encrypted networks where peers connect directly only to trusted friends-have been suggested as a solution to this. Some, small-scale darknet implem…
…
continue reading
1
Tzi-cker Chiueh: Checking Array Bound Violation Using Segmentation Hardware
1:02:08
1:02:08
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:02:08
The ability to check memory references against their associated array/buffer bounds helps programmers to detect programming errors involving address overruns early on and thus avoid many difficult bugs down the line. Because such programming errors have been the targets of remote attacks, i.e., buffer overflow attack, prevention of array bound viol…
…
continue reading
This talk will cover the Defense Cyber Crime Center (DC3), our mission and capabilities. The DC3 is one-stop shopping for cyber crime related support. We have approximately 160 people assigned in 3 main organizations: * The Defense Computer Forensics Lab - probably the largest digital forensics lab in the world and the leader in handling large data…
…
continue reading