|
"Abusing GDI for ring0 exploit primitives: Evolution"
|
|
|
"How to Stop Using Cryptography and Start Living"
|
|
|
"Chat with hacker"
|
Egor Karbutov
|
|
"In-depth forensic analysis of Windows registry files"
|
|
|
"Securing clouds in GCP"
|
Anton Sapozhnikov
|
|
"Front door nightmare"
|
Stephan Gerling
|
|
"Reverse DNS tunnel extension for Meterpreter"
|
Alexey Sintsov
|
|
"MITM Attacks on HTTPS: Another Perspective"
|
|
|
"DAO for Pentesters"
|
|
|
"Hardware-based tracing on ARM"
|
Ralf-Philipp Weinmann
,
Comsecuris
|
|
"How to Implement SDL and Not Turn Grey"
|
Andrey Kovalev
|
|
"Jumping the Fence: Comparison and Improvements for Existing Jump Oriented Programming Tools"
|
|
|
"Fundamentals of DDoS mitigation"
|
|
|
"For the Greater Good: Leveraging VMware's RPC Interface for fun and profit"
|
Jasiel Spelman
,
Abdul-Aziz Hariri
,
Brian Gorenc
|
|
"Recent Exploit Trend and Mitigation, detection Tactics"
|
Matt Oh
,
Microsoft Corporation
|
|
"Hacking Robots Before Skynet"
|
Lucas Apa
|
|
"Machine learning, offense, and the future of automation"
|
Thomas Dullien
,
Google Inc.
|
|
"Automation of Web Application Scanning With Burp Suite"
|
|
|
"Betraying the BIOS: Where the Guardians of the BIOS are Failing"
|
Alex Matrosov
,
NVIDIA
|
|
"Compressed signature and Public key recovery with GOST R 34.10-2012"
|
|
|
"Attacks Using Signaling System No. 7. Myths, Reality, and Security Measures"
|
|
|
"Hunting for Credentials Dumping in Windows Environment"
|
|
|
"Exploiting e-mail sandbox: backdoor it with one evil e-mail"
|
|
|
"Playing with IE11 ActiveX 0days"
|
James Lee
|
|
"Silver bullet vulnerabilities and backdoor. Hunting +30K vendors using tiny license tokens"
|
|
|
"Monitoring systems: Capturing the entire server and hosts (Pentesters’ view)"
|
|
|
"Angine ABAC Framework"
|
Denis Kolegov
,
Oleg Broslavsky
|
|
"Gas is too expensive! Let's make it free."
|
Ido Naor
|
|
"Security Champions Playbook"
|
|
|
"Play by Your Own Rules!"
|
Digital Security
|
|
"Vulnerability in Apps on React"
|
|
|
"Implementing Content Security Policy at a Large Scale"
|
|
|
"Legacy of Heartbleed: MITM and Revoked Certificates"
|
|
|
"Gone in Sixty Seconds"
|
|
|
"Bootstrapping secure by design processes in a low-process, peer-to-peer engineering organization"
|
Andrey Labunets
,
Facebook
|
|
"Abusing Access Tokens for UAC Bypasses"
|
James Forshaw
|
|
"OpenSource Sandbox in Corporate Environment"
|
Sberbank
|
|
"Defensive Exploitation: How to Pwn Your Attacker's Decision-making"
|
Kelly Shortridge
|
|
"Attacks on encrypted memory: Beyond the single bit conditionals"
|
Amazon
|
|
"Creating Backdoors Using Legal Applications"
|
|
|
"Bypass 2FA, Stealing Private Keys without Social Engineering, and the Introduction to "2FAssassin"."
|
Maxwell Koh
|
|
"Tricks for Bypassing CSRF Protection"
|
|
|
"Gain remote code execution in your smart devices!"
|
Jiashui Wang
|
|
"Building Advanced Coverage-guided Fuzzer for Program Binaries"
|
Nguyen Anh Quynh
|
|
"Vector of telephone flood attack via callback services"
|
|