Black Hat Multimedia - Presentation, Audio and Video Archives

This archive of computer security presentations is provided free of charge as a service to the world wide computer security community. Speaker presentations and materials are put on-line generally two weeks after the event. Audio and video are generally available 6-9 months after the conference. If a speaker is listed on the conference page, but their speech is not present here it generally means there is no available audio, video or materials. If you have questions or have found a broken link, please send a message to ping at blackhat døt com
[Updated August 2005] All content is streamed using a Real Networks Real Server in TCP RTSP mode (port 554) as well as in HTTP mode (port 80 and 8080). All older content is being re-encoded slowly to Real 10 format, so you will need at least a Real Player version 9 or later to view it. The updated content is done in a higher resolution, and generally is superior to the older formats. If you have problems viewing the media files, please contact us so we can look into it.
Some presentations require Acrobat Reader. Please use at least Acrobat 5.0 in order to view these files.
If you want to purchase complete video or audio of a conference, or just a specific speaker please visit The Sound of Knowledge website. They have professionally recorded video and audio available for purchase.
Black Hat Media Server hosted by: Complex Drive - Reliable, Secure, and Responsive Business Internet

Conference CDs containing speaker presentations and materials are available for purchase from our store.

Many Black Hat talks are available in audio and video formats. While we reorganize the site to include
direct links, please peruse our RSS feed for links to those talks currently online.

Black Hat Multimedia Archives Quick-link
USA	Europe	Asia	Windows Security	DC/Federal
USA 2007	Europe 2007	Asia 2007		DC 2007
USA 2006	Europe 2006	Asia 2006		Federal 2006
USA 2005	Europe 2005	Asia 2005
USA 2004	Europe 2004	Asia 2004	Windows Security 2004
USA 2003	Europe 2003	Asia 2003	Windows Security 2003	Federal 2003
USA 2002		Asia 2002	Windows Security 2002
USA 2001	Europe 2001	Asia 2001	Windows Security 2001
USA 2000	Europe 2000	Asia 2000
USA 1999
USA 1998
USA 1997

Have a look at some of our past advertising and promotional campaigns:
Ads: Europe 2007 DC 2007 Europe 2006 Federal 2006	Ads: USA 2003 Europe 2003 Windows Security 2003 USA 2002 Windows Security 2002 Europe 2003	Preview Programs: Europe 2007 DC 2007 Windows Security 2002 USA 2004

Track/Speaker/Topic

Presentation (PDFs)

White Paper/
Notes/Tools

Keynote Presentation - Black Hat Europe 2007

Welcome by Jeff Moss, Founder & CEO, Black Hat

Roger Cumming, Head of Device Delivery and Knowledge at CPNI (Center for the Protection of National Infrastructure)
How can the Security Researcher Community Work Better for the Common Good?

Speakers - Black Hat Europe 2007

Nish Bhalla
Web Service Vulnerabilities

Sun Bing
Software Virtualization Based Rootkits

Damiano Bolzoni
NIDS: False Positive Reduction Through Anomaly Detection

	Aphrodite
	Poseiden

Laurent Butti
Wi-Fi Advanced Fuzzing

Augusto Paes de Barros, André Fucs & Victor Pereira
New Botnets Trends and Threats

Cesar Cerrudo & Esteban Martinez Fayo
Hacking Databases for Owning Your Data

	White Paper
	Additional Materials

Joel Eriksson
Kernel Wars

ERESI Team
Next Generation Debuggers for Reverse Engineering

	White Paper
	Additional Materials

Kostya Kortchinsky
Making Windows Exploits More Reliable

Nitin Kumar & Vipin Kumar
Vboot Kit: Compromising Windows Vista Security

Toshinari Kureha & Dr. Brian Chess
Make My Day – Just Run a Web Scanner: Countering The Faults of Typical Web Scanners Through Byte-code Injection

Adam Laurie
RFIDIOts!!! - Practical RFID hacking (without soldering irons)

Philippe Langlois
SCTPscan - Finding Entry Points to SS7 Networks & Telecommunication Backbones

David Litchfield
Advanced Oracle Attack Techniques

Bruno Luiz
Challenging Malicious Inputs with Fault Tolerance Techniques

	White Paper
	References

Lluis Mora
SMTP Information Gathering

Mariano Nuñez Di Croce
Attacking the Giants: Exploiting SAP Internals

	White Paper
	Source Code

Billy K Rios & Raghav Dube
Kicking Down the Cross Domain Door (One XSS at a Time)

Dror-John Roecher & Michael Thumann
NACATTACK

	White Paper
	Extra

Alexander Sotirov
Heap Feng Shui in JavaScript

	White Paper
	Source Code

Ollie Whitehouse
GS and ASLR in Windows Vista

Jonathan Wilkins
ScarabMon - Automating Web Application Penetration Tests

	White Paper
	Source Code

Stefano Zanero
360° Anomaly Based Unsupervised Intrusion Detection

return to top

Track/Speaker/Topic

Presentation (PDFs)

White Paper/
Notes/Tools

Keynote Presentation - Black Hat DC 2007

Welcome by Jeff Moss, Founder & CEO, Black Hat

Special Agent (Ret) Jim Christy, Director, Futures Exploration, Department of Defense Cyber Crime Center
Cyber Crime and the Power of Digital Forensics

Speakers - Black Hat DC 2007

Ofir Arkin
NAC

Sean Barnum
Attack Patterns: Knowing Your Enemies in Order to Defeat Them

James D. Broesch
Secure Processors for Embedded Applications

Cesar Cerrudo
Practical 10 Minute Security Audit: The Oracle Case

		White Paper

		POC Exploit Code

John Heasman
Firmware Rootkits and the Threat to the Enterprise

Kris Kendall & Chad McMillan
Practical Malware Analysis: Fundamental Techniques and a New Method for Malware Discovery

David Litchfield
Advanced Oracle Attack Techniques

Papers

Kevin Mandia
Agile Incident Response: Operating through Ongoing Confrontation

Robert A. Martin, Steve Christey & Sean Barnum
Being Explicit about Software Weaknesses

David Maynor
Device Drivers 2.0

David Maynor & Robert Graham
Data Seepage: How to Give Attackers a Roadmap to Your Network

Ferret Tool

Jose Nazario
Botnet Tracking: Tools, Techniques, and Lessons Learned

Joanna Rutkowska
Beyond The CPU: Defeating Hardware Based RAM Acquisition Tools (Part I: AMD case)

Paul Vincent Sabanal & Mark Vincent Yason
Reversing C++

Amichai Shulman
Danger From Below: The Untold Tale of Database Communication Protocol Vulnerabilities

Michael Sutton
Smashing Web Apps: Applying Fuzzing to Web Applications and Web Services

Andrew Walenstein
Exploting Similarity Between Variants to Defeat Malware

Aaron Walters & Nick Petroni, Jr
Volatools: Integrating Volatile Memory Forensics into the Digital Investigation Process

Ollie Whitehouse
GS and ASLR in Windows Vista

Chuck Willis & Rohyt Belani
Web Application Incident Response and Forensics - A Whole New Ball Game!

Stefano Zanero
360° Anomaly Based Unsupervised Intrusion Detection

return to top

Audio & video files are not available for this conference.
Track/Speaker/Topic	Presentation (PDFs)
Keynote Presentation - Black Hat Japan 2006
Mitsugu Okatani, Joint Staff Office, J6, Japan Defense Agency Change of the Meaning of a Threat and Technology...What has Occurred Now in Japan?
Speakers - Black Hat Japan 2006
Darren Bilby Low Down and Dirty: Anti-Forensic Rootkits
Paul Böhm Taming Bugs: The Art and Science of Writing Secure Code
Kenneth Geers & Alexander Eisen IPv6 World Update: Strategy & Tactics
Jeremiah Grossman Hacking Intranet Websites from the Outside "JavaScript malware just got a lot more dangerous"
Yuji Hoshizawa Increasingly-sophisticated Online Swindlers
Heikki Kortti Input Attack Trees: Death of a Thousand Leaves
Dan Moniz Six Degrees of XSSploitation
Joanna Rutkowska Subverting Vista Kernel For Fun And Profit
Alex Stamos & Zane Lackey Breaking AJAX Web Applications: Vulns 2.0 in Web 2.0
Scott Stender Attacking Internationalized Software
Takayuki Sugiura Winny P2P Security
Georg Wicherski & Thorsten Holz Catching Malware to Detect, Track and Mitigate Botnets
return to top

> <


Track/Speaker/Topic	Presentation (PDFs)	Notes/Tools
Keynote Presentation: Black Hat USA 2006
Dan Larkin, Unit Chief, Internet Crime Complaint Center, Federal Bureau of Investigation Keynote: Fighting Organized Cyber Crime – War Stories and Trends
Speakers: Black Hat USA 2006
Noel Anderson & Taroon Mandhana WiFi in Windows Vista: A Peek Inside the Kimono
Ofir Arkin Bypassing Network Access Control (NAC) Systems
Robert Auger & Caleb Sima Zero Day Subscriptions: Using RSS and Atom Feeds as Attack Delivery Systems
Tod Beardsley Investigating Evil Websites with Monkeyspaw: The Greasemonkey Security Professional's Automated Webthinger
Corey Benninger Finding Gold in the Browser Cache
Renaud Bidou IPS Shortcomings
Daniel Bilar Automated Malware Classification/Analysis Though Network Theory and Statistics
Paul Böhm Taming Bugs: The Art and Science of Writing Secure Code
Mariusz Burdach Physical Memory Forensics
Jesse Burns Fuzzing Selected Win32 Interprocess Communication Mechanisms
Jamie Butler, Nick Petroni & William Arbaugh R^2: The Exponential Growth of Rootkit Techniques
johnny cache & David Maynor Device Drivers
Brian Caswell & HD Moore Thermoptic Camoflauge: Total IDS Evasion
Andrew Cushman Microsoft Security Fundamentals: Engineering, Response and Outreach
Himanshu Dwivedi I’m going to shoot the next person who says VLANs
Charles Edge Attacking Apple’s Xsan
Dino Dai Zovi Hardware Virtualization Based Rootkits
Shawn Embleton, Sherri Sparks & Ryan Cunningham Sidewinder: An Evolutionary Guidance System for Malicious Input Crafting
David Endler & Mark Collier Hacking VoIP Exposed
Chris Eng Breaking Crypto Without Keys: Analyzing Data in Web Applications
FX Analysing Complex Systems: the BlackBerry Case
Yuan Fan & Xiao Rong MatriXay—When WebApp&Database Security Pen-Test/Audit Is a Joy
Pete Finnigan How to Unwrap Oracle PL/SQL
Nicolas Fischbach Carrier VoIP Security
Halvar Flake RE 2006: New Challenges Need Changing Tools
Rob Franco Case Study: The Secure Development Lifecycle and Internet Explorer 7
Stefan Frei & Dr. Martin May The Speed of (In)security: Analysis of The Speed of Security vs Insecurity
Tom Gallagher Finding and Preventing Cross-site request Forgery
Abolade Gbadegesin The NetIO Stack: Reinventing TCP/IP in Windows Vista
Jeremiah Grossman & TC Niedzialkowski Hacking Intranet Websites from the Outside "JavaScript malware just got a lot more dangerous"
Lukas Grunwald New Attack RFID-systems and Their Middleware and Backends
Zvi Gutterman Open to Attack: Vulnerabilities of the Linux Random Number Generator
Billy Hoffman AJAX (in)security
Billy Hoffman Analysis of Web Application Worms and Viruses
Greg Hoglund Hacking World of Warcraft^®: An Exercise in Advanced Rootkit Design
David Hulton & Dan Moniz Faster Pwning Assured: Hardware Hacks and Cracks with FPGAs
Dan Kaminsky Black Ops 2006
William Kimball Code Integration-Based Vulnerability Auditing
Alexander Kornbrust Oracle Rootkits 2.0: The Next Generation
Dr. Neal Krawetz You Are What You Type: Non-Classical Computer Forensics
John Lambert Security Engineering in Windows Vista
Johnny Long Death by 1000 Cuts
Johnny Long Hacking, Hollywood Style
Kevin Mandia The State of Incidence Response
Adrian Marinescu Windows Vista Heap Management Enhancements– Security, Reliability and Performance
Claudio Merloni & Luca Carettoni The BlueBag: A Mobile, Covert Bluetooth Attack and Infection Device
Doug Mohney Defending Against Social Engineering with Voice Analytics
Dan Moniz & HD Moore Six Degrees of XSSploitation
HD Moore Metasploit Reloaded
Marco Morana Building Security into the Software LifeCycle, A Business Case
Maik Morgenstern & Tom Brosch Runtime Packers: The Hidden Problem?
Shawn Moyer Defending Black Box Web Applications: Building an Open Source Web Security Gateway
Bala Neerumalla SQL Injections by Truncation
Brendan O'Connor Vulnerabilities in Not-So Embedded Systems
Bruce Potter Bluetooth Defense Kit
Bruce Potter The Trusted Computing Revolution
Tom Ptacek & Dave Goldsmith Do Enterprise Management Applications Dream of Electric Sheep?
Jeremy Rauch PDB: The Protocol DeBugger
Melanie Rieback RFID Malware Demystified
Joanna Rutkowska Subverting Vista Kernel For Fun And Profit
Hendrik Scholz SIP Stack Fingerprinting and Stack Difference Attacks
SensePost A Tale of Two Proxies
Saumil Shah Writing Metasploit Plugins - From Vulnerability to Exploit
Jay Schulman Phishing with Asterisk PBX
Peter Silberman & Jamie Butler RAIDE: Rootkit Analysis Identification Elimination v1.0
Paul Simmonds, Henry Teng, Bob West & Justin Somaini Jericho Forum and Challenge
Alexander Sotirov Hotpatching and the Rise of Third-Party Patches
Kimber Spradlin & Dale Brocklehurst Auditing Data Access Without Bringing Your Database To Its Knees
Jonathan Squire $30, 30 minutes, 30 networks (Project Cowbird)
Alex Stamos & Zane Lackey Breaking AJAX Web Applications: Vulns 2.0 in Web 2.0
Scott Stender Attacking Internationalized Software
Michael Sutton & Greg MacManus Punk Ode: Hiding Shellcode In Plain Sight
Alexander Tereshkin Rootkits: Attacking Personal Firewalls
Philip Trainor The Statue of Liberty: Utilizing Active Honeypots for Hosting Potentially Malicious Events
Franck Veysset & Laurent Butti Wi-Fi Advanced Stealth
Jeff Waldron VOIP Security Essentials
Chuck Willis & Rohyt Belani Web Application Incident Response & Forensics: A Whole New Ball Game!
Emmanuelle Zambon & Damiano Bolzoni NIDS: False Positive Reduction Through Anomaly Detection
Stefano Zanero Host Based Anomaly Detection on System Call Arguments
Panels - Black Hat USA 2006
Center for Democracy and Technology Anti-Spyware Coalition Public Forum on Corporate Spyware Threats Ari Schwartz, Ron Davidson, Gerhard Eschelbeck, John Heasman, Dan Kaminsky, Andre Gold, Phil Harris, Drew Maness, Eileen Harrington, Jerry Dixon
Disclosure (Public) Jeff Moss, Paul Proctor, David Mortman, John Stewart, Derrick Scholl, Michael Sutton, Raven, Tom Ptacek, Pamela Fusco, Scott Blake, Jerry Dixon
Hacker Court Panel
Meet the Feds: OODA Loop and the Science of Security Jason Beckett, Ovie Carroll, James Christy, Andy Fried, Mike Jacobs, Ken Privette, Keith Rhodes, Dave Thomas, Bob Hopper, Hilary Stanhope, Tim Fowler
return to top

Track/Speaker/Topic

Presentation (PDFs)

Notes/Tools

Keynote Presentation - Black Hat Europe 2006

Welcome by Jeff Moss, Founder & CEO, Black Hat and

Eric Litt, Chief Information Security Officer, General Motors
Stuck in the Middle

Speakers - Black Hat Europe 2006

Philippe Biondi, & Fabrice Desclaux
Silver Needle in the Skype

Shalom Carmel
IBM iSeries For Penetration Testers: Bypass Restrictions and Take Over Server

resources

Cesar Cerrudo
WLSI - Windows Local Shellcode Injection

exploits

Tzi-cker Chiueh
How to Automatically Sandbox IIS With Zero False Positive and Negative

white paper

Gregory Conti
Malware Cinema: A Picture is Worth a Thousand Packets

resources

Bryan Cunningham & Amanda Hubbard
Separated By A Common Goal—Emerging EU and US Information Security and Privacy Law: Allies or Adversaries?

bibliography

Arian J. Evans, Daniel Thompson & Mark Belles
Project Paraegis Round 2: Using Razorwire HTTP proxy to strengthen webapp session handling and reduce attack surface

FX
Analysing Complex Systems: The BlackBerry Case

Halvar Flake
Attacks on Uninitialized Local Variables

John Heasman
Implementing and Detecting An ACPI BIOS Rootkit

Barnaby Jack
Exploiting Embedded Systems

Mikko Kiviharju
Hacking fingerprint Scanners - Why Microsoft's Fingerprint Reader Is Not a Security Feature

resources

Adam Laurie, Martin Herfurt, & Marcel Holtmann
Bluetooth Hacking - The State of The Art

Johnny Long
Death of a Thousand Cuts- Finding Evidence Everywhere!

Johnny Long
Hacking, Hollywood Style

Steve Manzuik and Andre Protas
Skeletons in Microsoft's Closet - Silently Fixed Vulnerabilities

Jarno Niemelä
Combatting Symbian Malware

white paper

Gunter Ollmann
Stopping Automated Application Attack Tools

Enno Rey
MPLS and VPLS Security

Joanna Rutkowska
Rootkit Hunting vs. Compromise Detection

demos

tools

Peter Silberman & Jamie Butler
RAIDE: Rootkit Analysis Identification Elimination

spoonm & skape
Beyond EIP

Alex Wheeler, Mark Dowd, & Neel Mehta
The Science of Code Auditing

Stefano Zanero
Anomaly Detection Through System Call Argument Analysis

return to top

Track/Speaker/Topic

Presentation (PDFs)

Notes/Tools

Keynote Presentation - Black Hat Federal 2006

Welcome by Jeff Moss, Founder & CEO, Black Hat and

Dr. Linton Wells II, Principal Deputy Assistant Secretary of Defense (Networks and Information Integration)
Security Research and Vulnerability Disclosure

Speakers - Black Hat Federal 2006

David Aitel
Nematodes

Mariusz Burdach
Finding Digital Evidence in Physical Memory

tools & docs

Max Caceres
Client Side Penetration Testing

Tzi-cker Chiueh
How to Automatically Sandbox IIS With Zero False Positive and Negative

Drew Copley
Angel Recon System (ARS) Prototype: Heuristic Vulnerability Analysis and Attack

tools

Halvar Flake
Attacks on Uninitialized Local Variables

Simson L. Garfinkel
New Directions in Disk Forensics

John Heasman
Implementing and Detecting An ACPI BIOS Rootkit

Billy Hoffman
Analysis of Web Application Worms and Viruses

code

Dan Kaminsky
Network Black Ops: Extracting Unexpected Functionality from Existing Networks

Arun Lakhotia
Analysis of Adversarial Code: Problem, Challenges, Results

David Litchfield
Breakable

Kevin Mandia
Foreign Attacks on Corporate America (How the Federal Government can apply lessons learned from the private sector)

David Maynor & Robert Graham
SCADA Security and Terrorism: We're Not Crying Wolf!

Jarno Niemelä
Combatting Symbian Malware

Tom Parker & Matthew G. Devost
The Era of a Zero-Day Nation-State: Characterising the real threats to our nation’s critical information systems

Joanna Rutkowska
Rootkit Hunting vs. Compromise Detection

demos

Marc Schoenefeld
Pentesting J2EE

spoonm & skape
Beyond EIP

Paul Syverson & Lasse Øverlier
Playing Server Hide and Seek on the Tor Anonymity Network

Irby Thompson & Mathew Monroe
FragFS: An Advanced NTFS Data Hiding Technique

tool

Stefano Zanero
My IDS is better than yours. Or is it?

return to top


Track/Speaker/Topic	Presentation (PDFs)	Notes/Tools
Keynote Presentation - Black Hat Japan 2005
Welcome by Jeff Moss, Founder & CEO, Black Hat and Katsuya Uchida, Associate Professor, Institute Information Security, and Associate Professor, Research and Development Initiative, Chuo University "The Day After..."
Speakers - Black Hat Japan 2005
Dominique Brezinski A Paranoid Perspective of an Interpreted Language
Kenneth Geers Hacking in a Foreign Language: A Network Security Guide to Russia (and Beyond)
Jeremiah Grossman Phishing with Super Bait
Chris Hurley (Roamer) Identifying and Responding to Wireless Attacks		code
Hideaki Ihara Forensics in Japan
Dan Kaminsky Black Ops Of TCP/IP 2005		code
Satoru Koyama Botnet survey result. "Our security depends on your security."
David Maynor Architecture Flaws in Common Security Tools
Ejovi Nuwere The Art of SIP fuzzing and Vulnerabilities Found in VoIP
Saumil Shah & Dave Cole Adware/Spyware
Sherri Sparks & Jamie Butler “Shadow Walker” — Raising The Bar For Rootkit Detection
Michael Sutton & Adam Greene The Art of File Format Fuzzing
Closing Remarks
Jeff Moss Founder & CEO, Black Hat
return to top

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentation - Black Hat USA 2005

Gilman Louie, President & Chief Executive Officer, In-Q-Tel
Investing in Our Nation's Security,

Application Security - Black Hat USA 2005

Esteban Martínez Fayó
Advanced SQL Injection in Oracle Databases

Jeremiah Grossman
Phishing with Super Bait

Alexander Kornbrust
Circumvent Oracle’s Database Encryption and Reverse Engineering of Oracle Key Management Algorithms

Ben Laurie
CaPerl: Running Hostile Code Safely

David Maynor
NX: How Well Does It Say NO to Attacker’s eXecution Attempts?

Ejovi Nuwere & Mikko Varpiola
The Art of SIP fuzzing and Vulnerabilities Found in VoIP

example test cases

Sherri Sparks & Jamie Butler
“Shadow Walker”: Raising The Bar For Rootkit Detection

Alex Stamos & Scott Stender
Attacking Web Services: The Next Generation of Vulnerable Enterprise Apps

Michael Sutton & Adam Greene
The Art of File Format Fuzzing

Alex Wheeler & Neel Mehta
Owning Anti-Virus: Weaknesses in a Critical Security Component

Andrew van der Stock
World Exclusive – Announcing the OWASP Guide To Securing Web Applications and Services 2.0

Computer Forensics & Log Analysis

Jim Christy
The Defense Cyber Crime Center

Greg Conti
Beyond Ethereal: Crafting A Tivo for Security Datastreams

James C. Foster & Vincent T. Liu
Catch Me If You Can: Exploiting Encase, Microsoft, Computer Associates, and the rest of the bunch…

Grugq
The Art of Defiling: Defeating Forensic Analysis

Allen Harper and Edward Balas
GEN III Honeynets: The birth of roo

Kevin Mandia
Performing Effective Incident Response

Deep Knowledge

Himanshu Dwivedi
iSCSI Security (Insecure SCSI)

Dan Kaminsky
Black Ops 2005

David Litchfield
All new Ø Day

Mudge
Economics, Physics, Psychology and How They Relate to Technical Aspects of Counter Intelligence / Counter Espionage Within Information Security

Sensepost
Automation - Deus ex Machina or Rube Goldberg Machine?

Layer 0

Darrin Barrall & David Dewey
Plug and Root, the USB Key to the Kingdom

Joe Grand
Can You Really Trust Hardware? Exploring Security Problems in Hardware Devices

Joseph Klein
The Social Engineering Engagement Methodology

Kevin Mahaffey, Mark McGovern, Paul Simmonds, Jon Callas
Long Range RFID and its Security Implications

Robert Morris
The Non-Cryptographic Ways of Losing Information

Policy, Management, and the Law

Scott Blake, Pamela Fusco, Andre Gold, Ken Pfeil, Justin Somaini
CISO Q&A with Jeff Moss

Robert W. Clark
Legal Aspects of Computer Network Defense

papers

Bryan Cunningham & C. Forrest Morgan
U.S National Security, Individual and Corporate Information Security, and Information Security Providers

bibliography

Kenneth Geers
Hacking in a Foreign Language

Jennifer Stisa Granick
Top Ten Issues in Computer Security

Privacy & Anonymity

PANEL: Joseph Ansanelli, Richard Baich, Adam Shostack, Paul Proctor
The Future of Personal Information

Ian Clarke & Oskar Sandberg
Routing in the Dark: Scalable Searches in Dark P2P Networks

Johnny Long
Google Hacking for Penetration Testers

PANEL: David Mortman, Dennis Bailey, Jim Harper, Rhonda MacLean
The National ID Debate

Adam L. Young
Building Robust Backdoors In Secret Symmetric Ciphers

Philip R. Zimmermann
The Unveiling of My Next Big Project

Turbo Talks

Akshay Aggarwal
Rapid Threat Modeling

Darrin Barrall
Shakespearean Shellcode

Renaud Bidou
A Dirty BlackMail DoS Story

James C. Foster
BlackHat Standup: “Yea I’m a Hacker…”

Kevin Cardwell
Toolkits: All-in-One Approach to Security

Cesar Cerrudo
Demystifying MS SQL Server & Oracle Database Server Security

Tyler Close
Shatter-proofing Windows

white paper

Yuan Fan
Advance SQL Injection Detection by Join Force of Database Auditing and Anomaly Intrusion Detection

Ken Hines
Using Causal Analysis to Establish Meaningful Connections between Anomalous Behaviors in a Networking Environment

MadHat Unspecific & Simple Nomad
SPA: Single Packet Authorization

Shawn Moyer
Owning the C-suite: Corporate Warfare as a Social Engineering Problem

Mike Pomraning
Injection Flaws: Stop Validating Your Input

Paul Simmonds
The Jericho Challenge - Finalist Architecture Presentations and Awards

Zero Day Attack

Adam Boileau
Trust Transience: Post Intrusion SSH Hijacking

Barnaby Jack
Remote Windows Kernel Exploitation - Step In To the Ring 0

white paper

Michael Lynn
Cisco IOS Security Architecture

Derek Soeder & Ryan Permeh
eEye BootRoot

spoonm & skape
Beyond EIP

Zero Day Defense

Ofir Arkin
A New Hybrid Approach For Infrastructure Discovery, Monitoring and Control

Beetle and Bruce Potter
Rogue Squadron: Evil Twins, 802.11intel, Radical RADIUS, and Wireless Weaponry for Windows

Tzi-cker Chiueh
Checking Array Bound Violation Using Segmentation Hardware

Robert J. Hansen & Meredith L. Patterson
Stopping Injection Attacks with Computational Theory

white paper

Eugene Tsyrklevich
Ozone HIPS: Unbreakable Windows

Paul Vixie
Preventing Child Neglect in DNSSEC-bis using Lookaside Validation

return to top


Track/Speaker/Topic	Presentation (PDFs)	Notes/Tools
Keynote Presentation - Black Hat Europe 2005
Simon Davies, Privacy International
Speakers - Black Hat Europe 2005
David Barroso Berrueta & Alfredo Andres Yersinia, A Framework For Layer 2 Attacks		tool
Jon Callas Hacking PGP
Cesar Cerrudo Hacking Windows Internals		tool
Job de Haas Symbian Security
Steve Dugan A New Password Capture on Cisco System Devices
Arian Evans Building Zero-Day Self-Defending Web Applications: Enforcing Authoritative Action to Stop Session Attacks
Chris Farrow Injecting Trojans via Patch Management Software & Other Evil Deeds
Nicolas Fischbach Network Flows and Security
Halvar Flake & Rolf Rolles Compare, Port, Navigate
Kenneth Geers Hacking in a Foreign Language: A Network Security Guide to Russia
Joe Grand Can You Really Trust Hardware? Exploring Security Problems in Hardware Devices
the Grugq The Art of Defiling: Defeating Forensic Analysis
Dan Kaminsky Attacking Distributed Systems: The DNS Case Study
Christian Klein & Ilja van Sprundel Mac OS X Kernel Insecurity
Alexander Kornbrust Database Rootkits		tool
Adam Laurie, Martin Herfurt & Marcel Holtmann Bluetooth Hacking - Full Disclosure
David Litchfield SQL Injection and Data Mining Through Inference
Johnny Long Google Hacking for Penetration Testers
Laurent Oudot WLAN and Stealth Issues		tool
Sensepost Revolutions in Web Server/Application Assessments
Saumil Shah Defeating Automated Web Assessment Tools
Paul Simmonds Architectural Challenges in a Jericho World
Alex Wheeler & Neel Mehta Owning Anti-Virus: Weaknesses in a Critical Security Component
Stefano Zanero Automatically Detecting Web Application Vulnerabilities by Variable Flow Reconstruction
return to top

Track/Speaker/Topic

Presentation (PPTs)

Presentation (PDFs)

Notes/Tools

Keynote Presentation - Black Hat Japan 2004

Raisuke Miyawaki

Japanese Language Slides Only

Speakers - Black Hat Japan 2004

Shunichi Arai
Thinking Techie's Social Responsibility - Lessons Fom Winny Case

Japanese Language Slides Only

Chris Eagle
Attacking Obfuscated Code with IDA Pro

tool

Riley "Caezar" Eller
Capture the Flag Games: Measuring Skill with Hacking Contests

Gerhard Eschelbeck
The Laws of Vulnerabilities for Internal Networks

Joe Grand
Understanding Hardware Security

notes

David Litchfield
Oracle PL/SQL Injection

Johnny Long
You got that with GOOGLE?

Hisamichi Okamura
Cybercrime Treaty and Legal Environment of Japanese Computer Crime and Laws

Japanese Language Slides Only

Russ Rogers
The Keys to the Kingdom: Understanding Covert Channels of Communication

Daiji Sanai & Hidenobu Seki
Optimized Attacking for NTLM2 Session Response

Japanese Language Slides Only

Yuji Ukai
Environment Dependencies in Windows Exploitation

Japanese Language

English Language

Charl van der Walt-Sensepost
When the Tables Turn

return to top

Black Hat USA 2004
Audio & video files are available from the Sound of Knowledge this conference

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentation - Black Hat USA 2004

Paul Simmonds, Global Information Security Director (CISO), Jericho Forum/ICI Plc.
Deperimeterisation: This Decade's Security Challenge

Application Security - Black Hat USA 2004

Nitesh Dhanjani & Justin Clarke
Hacking Without Re-inventing the Wheel

Rakan El-Khalil
Information Hiding in Executable Binaries

Sarah Gordon
Antivirus Security Software Tests

Cameron Hotchkies
Blind SQL Injection Automation Techniques

tools & references

Dan Kaminsky
The Black Ops of DNS

tool (.zip)

source code

Brett Moore
Shoot the Messenger

white paper

source code (.zip)

Michael Shema
Web Application Session Strength

Ralf Spenneberg
IKE-Test

tool

Panel
The Black Hat Testimonies

Panel
Web Application Security Crossfire

Computer Forensics & Log Analysis

Peter Feaver & Kenneth Geers
Cyber Jihad and the Globalization of Warfare

Curtis Kret
Nobody’s Anonymous—Tracking Spam and Covert Channels

Kevin Mandia
The Evolution of Incident Response

Rebecca Mercuri, Ph.D & Bev Harris
Managing Election Data: The California Recall

K.K. Mookhey
Evasion and Detection of Web Application Attacks

white paper

Michael Raggo
Steganography, Steganalysis, & Cryptanalysis

tool

Deep Knowledge

Tzi-cker Chiueh
Program Semantics-Aware Intrusion Detection

whitepaper

Chris Eagle
Attacking Obfuscated Code with IDA Pro

FX
Vulnerability Finding in Win32—A Comparison

Halvar Flake
Diff, Navigate, Audit

David Maynor
Trust No-one, Not Even Yourself OR The Weak Link Might Be Your Build Tools

Layer 0

Joe Grand
Introduction to Embedded Security

Handouts

Joe Grand
A Historical Look at Hardware Token Compromises

Handouts

Lukas Grunwald
RF-ID and Smart-Labes: Myth, Technology and Attacks

tool

spoonm & HD Moore
Metasploit

Paul Wouters
Windows WaveSEC Deployment

tool

Policy, Management, and the Law

Brad Bolin
Information Security Law Update

Gerhard Eschelbeck
The Laws of Vulnerabilities for Internal Networks

Jennifer Granick
Legal Liability and Security Incident Investigation

Panel
Hacker Court ’04: Pirates of the Potomac

Panel
Hacking with Executives

Privacy & Anonymity

Dr. Alessandro Acquisti
Privacy, Economics and Immediate Gratification

Roger Dingledine
Putting the P back in VPN

Adam Laurie & Martin Herfurt
BlueSnarfing The Risk From Digital Pickpockets

mgp

Johnny Long
You got that with GOOGLE?

paper + tool

Bruce Potter & Brian Wotring
Tracking Prey in the Cyberforest

tool

Len Sassaman
The Anonymity Toolkit

Turbo Talks

Patrick Chambet
Google Attacks

Patrick Chambet
Managing MSIE Security in Corporate Networks by Creating Custom Internet Zones

Himanshu Dwivedi
Insecure IP Storage Networks

James C. Foster
Managing Hackers

Sarah Gordon
Privacy: Do As I Say...Not as I Do

Chris Hurley
WorldWide WarDrive 4

Gregory S. Miles & Travis Schack
Introduction to the Global Security Syndicate

Robert Morris
The Future of History

Laurent Oudot
Digital Active Self Defense

Andrew Stevens
How Next Generation Application Proxies Protect Against The Latest Attacks & Intrusions

Richard Thieme

Jeff Waldron
Introduction to the Certification and Accreditation Process (C&A) Within the US Government

David Worth
Cryptographic Port-Knocking

Zero Day Attack

Thorsten Holz & Maximillian Dornseif
NoSEBrEaK - Defeating Honeynets

toolkit (.tgz)

Demos

David Litchfield
All New Ø-Day

Saumil Udayan Shah
Defeating Automated Web Assessment Tools

Derek Soeder, Ryan Parmeh, Yuji Ukai
Advanced Return Address Discovery using Context-Aware Machine Code Emulation

Eugene Tsyrklevich
Attacking Host Intrusion Prevention Systems

Zero Day Defense

Phillip Hallam-Baker
Phishing— Committing Fraud in Public

Dominique Brezinski
Acting in Milliseconds-Why Defense Processes Need to Change

.zip of html

Jamie Butler & Greg Hoglund
VICE - Catch the Hookers!

tool

Sensepost
When the Tables Turn

Peter Silberman & Richard Johnson
A Comparison Buffer Overflow Prevention Implementations & Weaknesses

code

paper

Stefano Zanero
Detecting 0-days Attacks With Learning Intrusion Detection Systems

return to top

Black Hat Europe Briefings & Training 2004

Black Hat Europe 2004
Audio and video files are not available for this conference.

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentations - Black Hat Europe 2004

Paul Simmonds, Global Information Security Director (CISO), Jericho Forum/ICI Plc.
De-Perimeterisation: Border Security Is Obsolete- The Security Challenge For This Decade

Speakers - Black Hat Europe 2004

Jamie Butler
DKOM (Direct Kernel Object Manipulation)

Patrick Chambet & Eric Larcher
Security Patches Management On A Windows Infrastructure

Job de Haas
Reverse Engineering ARM Based Devices

resource files (.zip)

Luc Delpha & Maliha Rashid
Smartphone Security Issues

white paper

Eric Detoisien & Eyai Dotan
Old win32 Code For A Modern, Super-Stealth Trojan

demo (.zip)

Eli O
Security Within A Development Lifecycle

Gergely Erdelyi
Hide 'n' Seek? Anatomy of Stealth Malware

white paper

FX
Practical Win32 and UNICODE Exploitation

Nicolas Fischbach
Building an Early Warning System in a Service Provider Network

Joe Grand
Introduction to Embedded Security

Joe Grand
Introduction to Mobile Device Insecurity

the grugq
The Art of Defiling: Defeating Forensic Analysis on Unix File Systems

Seth Hardy
Pseudorandom Number Generation, Entropy Harvesting, and Provable Security in Linux

references

erandom-0.1 tool (.tgz)

Larry Korba
Privacy Rights Management Using DRM: Is This A Good Idea?

David Litchfield
Oracle PL/SQL Injection

Russ Rogers
The Keys to the Kingdom – Understanding Covert Channels

SensePost
When the Tables Turn

Saumil Udayan Shah
HTTP Fingerprinting and Advanced Assessment Techniques

httprint
freebsd	linux
macosx	win32
paper

Eugene Tsyrklevich
Dynamic Detection and Prevention of Race Conditions in File Accesses

raceprot tool (.tgz)

Paul Wouters
Windows WaveSEC Deployment

presentation
pdf	sxi

Wavesec for Windows

Stefano Zanero
Detecting Ø-days Attacks With Learning Intrusion Detection Systems

return to top

Black Hat Windows Security 2004
Audio and video files are not available for this conference.

Track/Speaker/Topic

Presentation

Notes/Tools

Keynote Presentations - Black Hat Windows 2004

Dan Geer Jr., Sc.D, Principal, Geer Risk Services, LLC & VP/Chief Scientist, Verdasys, Inc.

Richard Thieme, Thiemeworks.com
Broken Windows: What Security Looks Like When Gollum Gets the Ring

Application Security - Black Hat Windows 2004

Jamie Butler
DKOM (Direct Kernel Object Manipulation)

Jeremiah Grossman
The Challenges of Automated Web Application Scanning

Matt Hargett
Integrating Security Into Agile Development/Testing

Drew Miller
Application Intrusion Detection

Gunnar Peterson
Security in the Development Lifecycle

Deep Knowledge - Black Hat Windows 2004

Cesar Cerrudo
Auditing ActiveX Controls

Halvar Flake
Automated Binary Reverse Engineering

Curtis Kret
Nobody’s Anonymous – Tracking Spam

Saumil Shah
HTTP Fingerprinting and Advanced Assessment Techniques

httprint

freebsd

linux

macosx

win32

paper

MS Specific Attack - Black Hat Windows 2004

David Aitel
MOSDEF

Harlan Carvey
Data Hiding On A Live (NTFS) System

David Litchfield
Windows Heap Overflows

Sergey Polak
Capturing Windows Passwords Using the Network Provider API

Hidenobu Seki
Fingerprinting through Windows RPC

MS Specific Defend - Black Hat Windows 2004

David Blight
Trusted Computing 101

Mark Burnett & James Foster
Without a Trace: Forensic Secrets for Windows Servers

Bryan Glancey
WinCE PDA Insecurity

Derek Milroy
Hardening Windows Servers

Steve Riley
Windows XP: Improving Resiliency

Policy & Law - Black Hat Windows 2004

Chris Conacher
Information Security in Mergers & Acquisitions

Jennifer Stisa Granick
Legal Risks of Vulnerability Disclosure

Curtis Karnow
Digital Security: Policies & The Law

Russ Rogers
Addressing Complete Security to Save Money

Adam Shostack
Terrorism and Immigration: The Economics of Secure Identity

Routing & Infrastructure - Black Hat Windows 2004

Stephen Dugan
"They'll never see it coming!"

FX
Lessons Learned When The Cisco Guys Went to Windows land

Jim Harrison & Jim Edwards
ISA Server: Best Practices from the Field

Steve Hofmeyr
Preventing Intrusions and Tolerating False Positives

Laura Robinson
Win2K3 Terminal Server

return to top


Black Hat Asia 2003 Audio and video files are not available for this conference.
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentations - Black Hat Asia 2003
Lim Khee Ming, Deputy General Manager (Technology & Operations), Network for Electronic Transfers (S) Pte Ltd (NETS) The Total Security System Approach - A Perspective From The Financial Industry
Harry SK Tan, Director, Centre for Asia Pacific Technology Law & Policy (CAPTEL) Cyber-crime
Speakers & Topics - Black Hat Asia 2003
David Aitel MOSDEF Tool Release
S.K. Chong Win32 One-Way Shellcode
Shaun Clowes A Security Microcosm - Attacking/Defending Shiva, A Linux Executable Encryptor
Stephen Dugan Cisco Security
Halvar Flake Automated Reverse Engineering
Jennifer Stisa Granick International DMCA Laws
the grugq The Art of Defiling: Defeating Forensic Analysis on Unix File Systems
David Litchfield Defeating the Stack Based Buffer Overflow Exploitation Prevention Mechanism of Microsoft Windows 2003 Server
Tim Mullen Brute Forcing Terminal Server Logons with TSGrinder
Laurent Oudot Honeypots Against Worms 101
Jeremy Rauch (In)Security in Network Management
Russ Rogers Addressing Complete Security to Save Money
SensePost Putting The Tea Back Into CyberTerrorism
Saumil Shah HTTP Fingerprinting and Advanced Assessment Techniques Updated tools may also be found at the Net-Square site.			Wind32 Linux MacOS
return to top


Black Hat Federal 2003 Audio and video files are not available for this conference.
Track/Speaker/Topic	Presentation	Notes/Tools
Keynote Presentations - Black Hat Federal 2003
David G. Major, co-founder, the Centre for Counterintelligence and Security Studies
Keith Rhodes, Chief Technologist, GAO
Application Security - Black Hat Federal 2003
Halvar Flake More Fun With Graphs
Jeremiah Grossman The Challenges of Automated Web Application Scanning
Greg Hoglund Runtime Decompilation
Drew Miller Application Intrusion Detection
Gunnar Peterson Security Design Patterns
Attack! - Black Hat Federal 2003
David Aitel MOSDEF Tool Release
Ofir Arkin Using Xprobe2 in a Corporate Environment
Dan Kaminsky Stack Black Ops
David Litchfield Defeating the Stack Based Buffer Overflow Exploitation Prevention Mechanism of Microsoft Windows 2003 Server
SensePost Putting The Tea Back Into CyberTerrorism
Defend! - Black Hat Federal 2003
Beetle & Bruce Potter Rogue AP 101
Major Ronald Dodge, Wayne Schepens, Lt. Colonel Daniel Ragsdale and Colonel Don Welch Enhancing Network Security Through Competitive Cyber Exercises
Chris Eagle Strike/Counter-Strike: Reverse Engineering Shiva
Larry Leibrock Digital Information, User Tokens, Privacy and Forensics Investigations
Saumil Shah HTTP Fingerprinting and Advanced Assessment Techniques Updated tools may also be found at the Net-Square site.		Wind32 Linux MacOS
IDS, IPS and Honeynets - Black Hat Federal 2003
Jay Beale Intrusion Prevention: an Introduction and Comparison
The Honeynet Project Latest Advances in Honeynet Technologies
Panel-Tom Parker Adversary Characterization and Scoring Systems
Marty Roesch Contextually Intelligent IDS
Lance Spitzner The Future of Honeypots