Black Hat USA 2011 - Wednesday, August 3
08:50
welcome & introduction to black hat usa 2011
09:00
Keynote
10:00
Bailey
War Texting: Identifying and Interacting with Devices on the Telephone Network
Daniels, Grattafiori, Stamos
Macs in the Age of the APT
Roth
Analyzing SPDY: Getting to know the new web protocol
McCoy
Hacking .Net Applications: The Black Arts
Nohl, Tarnovsky
Reviving smart card analysis
Cui, Kataria, Stolfo
Killing the Myth of Cisco IOS Diversity: Towards Reliable, Large-Scale Exploitation of Cisco IOS
Pericin, Vuksan
Constant Insecurity: Things you didn't know about (PE) Portable Executable file format
10:30
LeMasters
Heap spray detection with Heap Inspector
11:15
Nakibly
Owning the Routing Table - New OSPF Attacks
Pan, Tsai
Weapons of Targeted Attack: Modern Document Exploit Techniques
Johansen, Osborne
Hacking Google Chrome OS
Ivintskiy, Rohlf
Attacking Clientside JIT Compilers
McNabb
Vulnerabilities of Wireless Water Meter Networks
Kennedy, Muttik
IEEE Software Taggant System
Physical Memory Forensics for Cache
11:40
Costa
The Troika of E-Discovery: Ethics, ESI, and Expertise in a Web 2.0 World
12:05
Belenko
Overcoming IOS Data Protection to Re-enable iPhone Forensics
13:45
Kaminsky
Black Ops of TCP/IP 2011
Wolf
The Rustock Botnet Takedown
Sullivan
Server-Side JavaScript Injection: Attacking NoSQL and Node.js
Mandt
Windows Hooks of Death: Kernel Attacks Through User-Mode Callbacks
Beresford
Exploiting Siemens Simatic S7 PLCs
Moussouris
From Redmond with Love!
Bursztein, Fontarensky, Martin, Picod
Beyond files undeleting: OWADE
14:20
Skehan
SSH as the next back door. Are you giving hackers root access?
15:15
Borgaonkar, Golde, Redon
Femtocells: A poisonous needle in the operator's hay stack
datagram
Tamper Evident Seals - Design and Security
Shah
Reverse Engineering Browser Components - Dissecting and Hacking Silverlight, HTML 5 and Flex
Dai Zovi
Apple iOS Security Evaluation: Vulnerability Analysis and Data Encryption
Giannetsos
Spy-Sense: Spyware Tool for executing Stealthy Exploits against Sensor Networks
Ristic
The Ultimate Study of Real-Life SSL Issues
McGrew
Covert Post-Exploitation Forensics With Metasploit
15:40
Raber
Function Rerouting from Kernel Land "Hades"
16:05
Kiani
OAuth - Securing the Insecure
16:45
Dinaburg
Bit-squatting: DNS Hijacking without exploitation
Perkins, Tassey
Aerial Cyber Apocalypse: If we can do it... they can too.
Brown, Ragan
Pulp Google Hacking - The Next Generation Search Engine Hacking Arsenal
Sabanal, Yason
Playing In The Reader X Sandbox
Le, Nguyen
ARM exploitation ROPmap
Clark
Familiarity Breeds Contempt: The Honeymoon Effect and the Role of Legacy Code in Zero-Day Vulns
Brossard
Post Memory Corruption Memory Analysis
17:10
Anstis
Affiliate Programs: Legitimate Business or Fuelling Cybercrime?
17:35
Cache
PPI-Geolocation: The next generation of 802.11 visualization and geo-location
Black Hat USA 2011 - Thursday, August 4
08:50
Keynote
10:00
Clark
Legal Aspects of Cybersecurity - (AKA) CYBERLAW: A Year in Review, Cases, issues, your questions my
Elhage
Virtualization under attack: Breaking out of KVM
Arkin, Grossman, Hutton, Johnson, Lane
Trillions of Lines of Code and Counting - Securing Applications At Scale
Abraham, Eston, Johnson
Don't Drop the SOAP: Real World Web Service Testing for Web Hackers
Davis
USB - Undermining Security Barriers
Paget
Microsoft Vista: NDA-less The Good, The Bad, and The Ugly
Hassell, Macaulay
Hacking Androids for Profit
11:15
Granick
The Law of Mobile Privacy and Security
Sutton
Corporate Espionage for Dummies: The Hidden Threat of Embedded Web Servers
Ormandy
Sophail: A Critical Analysis of Sophos Antivirus
Slaviero
Sour Pickles
Miller
Battery Firmware Hacking
Thieme
Staring into the Abyss: The Dark Side of Secuirity and Professional Intelligence
Esser
Exploiting the iOS Kernel
13:45
Marlinspike
SSL And The Future Of Authenticity
Schuetz
Inside Apple's MDM Black Box
Arlen
Security When Nano-seconds Count
Ptacek
Crypto for Pentesters
Ose
Exploiting USB Devices with Arduino
Bailey, Dai Zovi, DePetrillo, Lineberry, Miller, Shields, Weinmann, Wysopal
Owning Your Phone at Every Layer - A Mobile Security Panel
15:15
Acquisti
Faces Of Facebook - Or, How The Largest Real ID Database In The World Came To Be
Polyakov
A Crushing Blow At The Heart of SAP J2EE Engine
Yamaguchi
Vulnerability Extrapolation or 'Give me more Bugs like that, please!'
Engler, Fleischer, Hamiel, Law
Smartfuzzing The Web: Carpe Vestra Foramina
Radcliffe
Hacking Medical Devices for Fun and Insulin: Breaking the Human SCADA System
Lineberry, Strazzere, Wyatt
Don't Hate the Player, Hate the Game: Inside the Android Security Patch Lifecycle
16:45
Chamales
Lives On The Line: Defending Crisis Maps in Libya, Sudan, and Pakistan
Litchfield
Hacking and Forensicating an Oracle Database Server
Britton, Willis
Sticking to the Facts: Scientific Study of Static Analysis Tools
Balduzzi
Automated Detection of HPP Vulnerabilities in Web Applications
Barisani, Bianco, Franken, Laurie
Chip & PIN is definitely broken
Daswani
Mobile Malware Madness, and How To Cap the Mad Hatters


Instructions

This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.

Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.