ModJack: Hijacking The MacOS Kernel
|
Zhi Zhou
,
Alipay
|
Modern Techniques to Deobfuscate UEFI/BIOS Malware and Virtualized Packers
|
Alexandre Borges
,
Blackstorm Security
|
HAXPO: Reverse Engineering Custom ASICs by Exploiting Potential Supply-Chain Leaks
|
|
SeasCoASA: Exploiting a Small Leak in a Great Ship
|
|
Now You See It: TOCTOU Attacks Against Secure Boot and BootGuard
|
Trammell Hudson
,
Two Sigma
|
HAXPO: WiCy: Monitoring 802.11AC Networks at Scale
|
Vivek Ramachandran
|
fn_fuzzy: Fast Multiple Binary Diffing Triage with IDA
|
Takahiro Haruyama
,
Carbon Black
|
The Birdman: Hacking Cospas-Sarsat Satellites
|
|
Hourglass Fuzz: A Quick Bug Hunting Method
|
Moony Li
,
Lilang Wu
,
Trend Micro, Inc.
|
HAXPO: Might As Well JUMP: Exploit Development for Java Serialization
|
|
HAXPO: I Own Your Building (Management System)
|
Gjoko Krstic
|
HITB LAB: Overcoming Fear: Reversing with Radare2
|
|
HAXPO: PatrOwl – The Red Flavour of SOC Automation and Orchestration
|
|
For the Win: The Art of the Windows Kernel Fuzzing
|
Tencent, Inc.
|
HAXPO: Attacking Encrypted VOIP Protocols
|
|
HAXPO: Reversing Mobile Malware
|
|
HITB LAB: Attacking GSM – Alarms, Smart Homes, Smart Watches and More
|
|
Hacking Jenkins
|
Orange Tsai
,
DEVCORE
|
Hey Operator, Where’s Your Crane? Attacking Industrial Remote Controllers
|
Federico Maggi
,
Marco Balduzzi
,
Trend Micro, Inc.
|
Reversing Cryptographic Primitives Using Quantum Computing
|
Econocom Digital Security
|
HAXPO: VoLTE Phreaking
|
Secura
|
HAXPO: Implementation and Evaluation of Secure and Scalable Anomaly-Based Network Intrusion Detection
|
|
HAXPO: Hiding a Secret Distributed Chat System Inside 802.11 Management Frames
|
|
Make ARM Shellcode Great Again
|
Saumil Shah
,
Net-Square
|
HAXPO: A Decade of Infosec Tools
|
Thomas Debize
|
GDALR: Duplicating Black Box Machine Learning Models
|
Rewanth Cool
,
Payatu Software Labs LLP
|
Fresh Apples: Researching New Attack Interfaces on iOS and OSX
|
Moony Li
,
Lilang Wu
,
Trend Micro, Inc.
|
KEYNOTE 1: The End Is The Beginning Is The End: Ten Years In The NL Box
|
Dhillon ‘L33tdawg’ Kannabhiran
,
Hack In The Box
|
Automated Discovery of Logical Privilege Escalation Bugs in Windows 10
|
Wenxu Wu
,
Tencent, Inc.
|
Muraena: The Unexpected Phish
|
Michele Orru
,
FortConsult
|
HITB LAB: Wireless Hacking with HackCUBE-Special
|
Kunzhe Chai
,
Jie Fu
,
Qihoo 360
|
Panic on the Streets of Amsterdam: PanicXNU 3.0
|
Juwei Lin
,
Junzhi Lu
,
Trend Micro, Inc.
|
H(ack)DMI: Pwning HDMI for Fun and Profit
|
Jeonghoon Shin
|
HAXPO: How to Query and Visualize Almost Anything, Anywhere with Apache Drill
|
Charles Givre
|
HITB LAB: i.MX Memory Madness: How to Dump, Parse, and Analyze i.MX Flash Memory Chips
|
|
HAXPO: RF Exploitation: Demystifying IoT/OT Hacks with SDR
|
Himanshu Mehta
|
KEYNOTE 2: Securing Journalists
|
The New York Times
|
CLOSING KEYNOTE: The Beginning of the End? A Return to the Abyss for a Quick Look
|
Richard Thieme
|
HAXPO: Ghost Tunnel 2.0: Blue Ghost
|
Yongtao Wang
,
Qihoo 360
|
HAXPO: Social Networks: Can We Fix Them?
|
|
HITB LAB: Azeria’s ARM Exploitation Lab (Part 1)
|
Azeria Labs
|
HAXPO: Hey Attacker! I Can See You!
|
Ross Bevington
,
Microsoft Corporation
|
HAXPO: V1 Bounty: Building an International Coordinated Bug Disclosure Bridge for the European Union
|
Benjamin Kunz
,
Vulnerability Lab
|
Compiler Bugs and Bug Compilers
|
Marion Marschalek
,
Intel Corporation
|
Content Security Policy: A Successful Mess Between Hardening and Mitigation
|
Michele Spagnuolo
,
Lukas Weichselbaum
,
Google Inc.
|
HITB LAB: Azeria’s ARM Exploitation Lab (Part 2)
|
Azeria Labs
|
HAXPO: This is a Public Service Announcement: Hacking LTE Public Warning Systems
|
|
HAXPO: Rise of the WarPi
|
|
Sneaking Past Device Guard
|
Philip Tsukerman
,
Cybereason
|
Binder: The Bridge to Root
|
Hongli Han
,
Mingjian Zhou
,
Qihoo 360
|
HAXPO: Hacking the 0day Market
|
Andrea Zapparoli Manzoni
,
Crowdfense
|
HAXPO: Infrared: Old Threat Meets New Devices
|
Wang Kang
,
Alibaba Group Holding Limited
|
mbuf-oflow: Finding Vulnerabilities in iOS/MacOS Networking Code
|
Kevin Backhouse
,
Semmle Inc
|
Hidden Agendas: Bypassing GSMA Recommendations on SS7 Networks
|
Positive Technologies
|
Deep Confusables: Improving Unicode Encoding Attacks with Deep Learning
|
|
Pwning Centrally-Controlled Smart Homes: It’s a Gas
|
|