Star 0


Title Humans
"Abusing GDI for ring0 exploit primitives: Evolution"
"How to Stop Using Cryptography and Start Living"
"Chat with hacker" Egor Karbutov
"In-depth forensic analysis of Windows registry files"
"Securing clouds in GCP" Anton Sapozhnikov
"Front door nightmare" Stephan Gerling
"Reverse DNS tunnel extension for Meterpreter" Alexey Sintsov
"MITM Attacks on HTTPS: Another Perspective"
"DAO for Pentesters"
"Hardware-based tracing on ARM" Ralf-Philipp Weinmann , Comsecuris
"How to Implement SDL and Not Turn Grey" Andrey Kovalev
"Jumping the Fence: Comparison and Improvements for Existing Jump Oriented Programming Tools"
"Fundamentals of DDoS mitigation"
"For the Greater Good: Leveraging VMware's RPC Interface for fun and profit" Jasiel Spelman , Abdul-Aziz Hariri , Brian Gorenc
"Recent Exploit Trend and Mitigation, detection Tactics" Matt Oh , Microsoft Corporation
"Hacking Robots Before Skynet" Lucas Apa
"Machine learning, offense, and the future of automation" Thomas Dullien , Google Inc.
"Automation of Web Application Scanning With Burp Suite"
"Betraying the BIOS: Where the Guardians of the BIOS are Failing" Alex Matrosov , NVIDIA
"Compressed signature and Public key recovery with GOST R 34.10-2012"
"Attacks Using Signaling System No. 7. Myths, Reality, and Security Measures"
"Hunting for Credentials Dumping in Windows Environment"
"Exploiting e-mail sandbox: backdoor it with one evil e-mail"
"Playing with IE11 ActiveX 0days" James Lee
"Silver bullet vulnerabilities and backdoor. Hunting +30K vendors using tiny license tokens"
"Monitoring systems: Capturing the entire server and hosts (Pentesters’ view)"
"Angine ABAC Framework" Denis Kolegov , Oleg Broslavsky
"Gas is too expensive! Let's make it free." Ido Naor
"Security Champions Playbook"
"Play by Your Own Rules!" Digital Security
"Vulnerability in Apps on React"
"Implementing Content Security Policy at a Large Scale"
"Legacy of Heartbleed: MITM and Revoked Certificates"
"Gone in Sixty Seconds"
"Bootstrapping secure by design processes in a low-process, peer-to-peer engineering organization" Andrey Labunets , Facebook
"Abusing Access Tokens for UAC Bypasses" James Forshaw
"OpenSource Sandbox in Corporate Environment" Sberbank
"Defensive Exploitation: How to Pwn Your Attacker's Decision-making" Kelly Shortridge
"Attacks on encrypted memory: Beyond the single bit conditionals" Amazon
"Creating Backdoors Using Legal Applications"
"Bypass 2FA, Stealing Private Keys without Social Engineering, and the Introduction to "2FAssassin"." Maxwell Koh
"Tricks for Bypassing CSRF Protection"
"Gain remote code execution in your smart devices!" Jiashui Wang
"Building Advanced Coverage-guided Fuzzer for Program Binaries" Nguyen Anh Quynh
"Vector of telephone flood attack via callback services"