Misconfiguration in development infrastructure
|
|
Blind XSS
|
|
Introduction into browser hacking
|
|
Unveiling the cloak: A behind-the-scenes look at what happens when you click that link
|
Ilya Nesterov
|
Reverse proxies & Inconsistency
|
Alexey Tiurin
|
Abusing UPnP to create the perfect cloaking framework
|
|
Ntlm Relay Reloaded: Attack methods you do not know
|
Jianing Wang
,
Junyu Zhou
,
Tencent Security Xuanwu Lab
|
Denial, anger, bargaining, depression and acceptance: Stages of reporting 0-days to Russian vendors
|
Kaspersky Lab
|
SD-WAN Internet Census
|
Denis Kolegov
,
Oleg Broslavsky
|
Zero Fax given
|
Luis Merino
,
Markus Vervier
,
Eric Sesterhenn
|
Massive Scale USB Device Driver Fuzz WITHOUT device
|
HC MA
|
Denial, anger, bargaining, depression and acceptance: Stages of reporting 0-days to Russian vendors
|
|
Atypical vulnerabilities
|
|
Redis post-exploitation
|
|
Turning your BMC into a revolving door
|
Alexandre Gazet
,
Joffrey Czarny
,
Fabien Perigaud
|
Spel injection
|
|
Vulnerability in compiler leads to stealth backdoor in software
|
David Baptiste
|
Diffing C source codes to binaries
|
Joxean Koret
|
NUClear explotion
|
Alexander Ermolov
|
SCADA projects from the point of view of hackers
|
Yuriy Gurkin
|
I <“3 XSS
|
|
PHP
|
|
PHP unserialize
|
|
Issues in Node.js Desktop applications (hypster_mode_ON in development)
|
|
ELF execution in Linux RAM
|
|
Automated approach to the analysis of network devices security
|
|
Defense. Change my mind!
|
Sergey
|
Who owned your code: Attack surfaces against Git web servers used by thousands of developers
|
Junyu Zhou
,
Wenxu Wu
|
Harder, Faster, Better, Stronger: The (Re)Evolution of the Hacker Con
|
|
BugBounty Automation
|
Sergey
|
Ways to automate testing Linux kernel exploits
|
|
Reveal the unseen: Getting access to sensitive data with graphic file editing libraries
|
|
Key methods of CSP bypassing
|
Ivan Chalykin
|
Researching Marvell Avastar Wi-Fi: from zero knowledge to over-the-air zero-touch RCE
|
|