Black Hat USA 2009 //Media Archives

Caesars Palace Las Vegas, NV • July 25-30


( MEDIA LEGEND )

white paper document

audio recording

video recording

presentation

source material

Event AUDIO & VIDEO: The Source of Knowledge will be onsite to sell audio and video recordings of the Briefings sessions. Their booth will be located outside of the Fourth Floor (Promenade Level), Emperor's Ballroom. You can download the order form here or purchase the media onsite: [ PDF ]


Alessandro Acquisti

I Just Found 10 Million SSN's






Dmitri Alperovitch, Keith Mularski

Fighting Russian Cybercrime Mobsters: Report from the Trenches






Andrea Barisani, Daniele Bianco

Sniff Keystrokes With Lasers/Voltmeters
Side Channel Attacks Using Optical Sampling of Mechanical Energy and Power Line Leakage






Marc Bevand

MD5 Chosen-Prefix Collisions on GPUs






Bill Blunden

Anti-Forensics: The Rootkit Connection






Hristo Bojinov, Dan Boneh, Elie Bursztein

Embedded Management Interfaces: Emerging Massive Insecurity






Michael Brooks, David Aslanian

BitTorrent Hacks






Jesse Burns

Exploratory Android Surgery






K. Chen

Reversing and Exploiting an Apple® Firmware Update






Matt Conover

SADE: Injecting Agents into VM Guest OS






Dino Dai Zovi

Advanced Mac OS X Rootkits






Datagram

Lockpicking Forensics






Mike Davis

Recoverable Advanced Metering Infrastructure






Nitesh Dhanjani

Psychotronica: Exposure, Control, and Deceit






Mark Dowd, Ryan Smith, David Dewey

The Language of Trust: Exploiting Trust Relationships in Active Content






Muhaimin Dzulfakar

Advanced MySQL Exploitation






Michael Eddington

Demystifying Fuzzers






Egypt

Using Guided Missiles in Drive-by's: Automatic browser fingerprinting and exploitation with Metasploit






Rachel Engel

Gizmo: A Lightweight Open Source Web Proxy






Stefan Esser

State of the Art Post Exploitation in Hardened PHP Environments






Tony Flick

Hacking the Smart Grid






Andrew Fried, Paul Vixie, Dr. Chris Lee

Internet Special Ops: Stalking Badness Through Data Mining






Chris Gates

Breaking the "Unbreakable" Oracle with Metasploit






Travis Goodspeed

A 16 bit Rootkit and Second Generation Zigbee Chips






Joe Grand, Jacob Appelbaum, Chris Tarnovsky

"Smart" Parking Meter Implementations, Globalism, and You






Jennifer Granick

Computer Crime Year In Review: MySpace, MBTA, Boston College and More






Jeremiah Grossman, Trey Ford

Mo' Money Mo' Problems: Making A LOT More Money on the Web the Black Hat Way






Peter Guerra

How Economics and Information Security Affects Cyber Crime and What It Means in the Context of a Global Recession






Nathan Hamiel, Shawn Moyer

Weaponizing the Web: More Attacks on User-Generated Content






Nick Harbour

Win at Reversing: Tracing and Sandboxing through Inline Hooking






Riley Hassell

Exploiting Rich Content






Billy Hoffman, Matt Wood

Veiled: A Browser-based Darknet






Mikko Hypponen

The Conficker Mystery






Vincenzo Iozzo, Charlie Miller

Post Exploitation Bliss: Loading Meterpreter on a Factory iPhone






Dan Kaminsky

Something about Network Security






Peter Kleissner

Stoned Bootkit






Kostya Kortchinsky

Cloudburst: Hacking 3D (and Breaking Out of VMware)






Zane Lackey, Luis Miras

Attacking SMS






Aaron LeMasters, Michael Murphy

Rapid Enterprise Triaging (RETRI): How to Run a Compromised Network and Keep Your Data Safe






Robert Lentz

Keynote: Cyberspace, A Fragile Ecosystem






Felix "FX" Lindner

Router Exploitation






Kevin Mahaffey, Anthony Lineberry, John Hering

Is Your Phone Pwned? Auditing, Attacking and Defending Mobile Devices






Moxie Marlinspike

More Tricks For Defeating SSL






John McDonald, Chris Valasek

Practical Windows XP/2003 Heap Exploitation






Haroon Meer, Nick Arvanitis, Marco Slaviero

Clobbering the Cloud!

Download file contains 11 videos






Erez Metula

Managed Code Rootkits: Hooking into the Runtime Environments






Charlie Miller, Collin Mulliner

Fuzzing the Phone in your Phone






David Mortman

A Black Hat Vulnerability Risk Assessment






Graeme Neilson

Netscreen of the Dead: Developing a Trojaned ScreenOS for Juniper Netscreen Appliances






Steve Ocepek

Long-Term Sessions: This Is Why We Can't Have Nice Things






Jeongwook Oh

Fight Against 1-day Exploits: Diffing Binaries vs Anti-diffing Binaries






Alfredo Ortega, Anibal Sacco

Deactivate the Rootkit






Danny Quist, Lorie Liebrock

Reverse Engineering By Crayon: Game Changing Hypervisor Based Malware Analysis and Visualization






Tiffany Strauchs Rad, James Arlen

Your Mind: Legal Status, Rights and Securing Yourself






Daniel Raygoza

Automated Malware Similarity Analysis






Bruce Schneier

Re-conceptualizing Security






Peter Silberman, Steve Davis

Metasploit Autopsy: Reconstructing the Crime Scene






Val Smith, Colin Ames, David Kerb

MetaPhish






Mike Zusman, Alexander Sotirov

Breaking the security myths of Extended Validation SSL Certificates






Kevin Stadmeyer, Garrett Held

Worst of the Best of the Best






Alex Stamos, Andrew Becherer, Nathan Wilcox

Cloud Computing Models and Vulnerabilities: Raining on the Trendy New Parade






Bryan Sullivan

Defensive Rewriting: A New Take on XSS/XSRF/Redirect-Phishing Defense






Chris Tarnovsky

What the hell is inside there?






Alexander Tereshkin, Rafal Wojtczuk

Introducing Ring -3 Rootkits






Steve Topletz, Jonathan Logan and Kyle Williams

Global Spying: Realistic Probabilities in Modern Signals Intelligence






Michael Tracy, Chris Rohlf, Eric Monti

Ruby for Pentesters






Dustin "I)ruid" Trammell

Metasploit Telephony






Eduardo Vela Nava, David Lindsay

Our Favorite XSS Filters and How to Attack Them






Mario Vuksan, Tomislav Pericin

Fast & Furious Reverse Engineering with TitanEngine






Chris Weber

Unraveling Unicode: A Bag of Tricks for Bug Hunting






Jeff Williams

Enterprise Java Rootkits






Rafal Wojtczuk, Alexander Tereshkin

Attacking Intel® BIOS