Black Hat USA 2012 - Wednesday, July 25
00:00
Brocious
MY ARDUINO CAN BEAT UP YOUR HOTEL ROOM LOCK
08:50
Moss
Welcome & Introduction to Black Hat USA 2012
09:00
Henry
CHANGING THE SECURITY PARADIGM....TAKING BACK YOUR NETWORK AND BRINGING PAIN TO THE ADVERSARY
10:15
Granick, Moss, Ranum, Schneier, Shostack
SMASHING THE FUTURE FOR FUN AND PROFIT
Lawler, Ridley
ADVANCED ARM EXPLOITATION
Wojtczuk
A STITCH IN TIME SAVES NINE: A CASE OF MULTIPLE OPERATING SYSTEM VULNERABILITY
Amit
SEXYDEFENSE - MAXIMIZING THE HOME-FIELD ADVANTAGE
Pericin, Vuksan
FILE DISINFECTION FRAMEWORK: STRIKING BACK AT POLYMORPHIC VIRUSES
11:45
Kaminsky
BLACK OPS
Rohlf
GOOGLE NATIVE CLIENT - ANALYSIS OF A SECURE BROWSER PLUGIN SANDBOX
Moinard, Yann
HOW THE ANALYSIS OF ELECTRICAL CURRENT CONSUMPTION OF EMBEDDED SYSTEMS COULD LEAD TO CODE REVERSING?
Weinmann
SCALING UP BASEBAND ATTACKS: MORE (UNEXPECTED) ATTACK SURFACE
Mortman
THE DEFENSE RESTS: AUTOMATION AND APIS FOR IMPROVING SECURITY
Argyroudis, Karamitas
EXPLOITING THE JEMALLOC MEMORY ALLOCATOR: OWNING FIREFOX'S HEAP
Ristic
CONFESSIONS OF A WAF DEVELOPER: PROTOCOL-LEVEL EVASION OF WEB APPLICATION FIREWALLS
14:15
Marqis-Boire
CUTECATS.EXE AND THE ARAB SPRING
Barnett, Wroblewski
MODSECURITY AS UNIVERSAL CROSS-PLATFORM WEB PROTECTION TOOL
Weber
LOOKING INTO THE EYE OF THE METER
Miller
DON'T STAND SO CLOSE TO ME: AN ANALYSIS OF THE NFC ATTACK SURFACE
Denning, Kohno, Shostack
CONTROL-ALT-HACK(TM): WHITE HAT HACKING FOR FUN AND PROFIT (A COMPUTER SECURITY CARD GAME)
Serna
THE INFO LEAK ERA ON SOFTWARE EXPLOITATION
Bertacco
TORTURING OPENSSL
14:35
Leverett
THE LAST GASP OF THE INDUSTRIAL AIR-GAP...
Katz, Soler
HTEXPLOIT BYPASSING HTACCESS RESTRICTIONS
14:55
Barnum
STIX: THE STRUCTURED THREAT INFORMATION EXPRESSION
Galbreath
LIBINJECTION: A C LIBRARY FOR SQLI DETECTION AND GENERATION THROUGH LEXICAL ANALYSIS OF REAL WORLD ATTACKS
15:30
Jericho
ERRATA HITS PUBERTY: 13 YEARS OF CHAGRIN
Argyros, Cesare
PRNG: PWNING RANDOM NUMBER GENERATORS (IN PHP APPLICATIONS)
Mandt, Valasek
WINDOWS 8 HEAP INTERNALS
Mulliner
PROBING MOBILE OPERATOR NETWORKS
Flynn
INTRUSION DETECTION ALONG THE KILL CHAIN: WHY YOUR DETECTION SYSTEM SUCKS AND WHAT TO DO ABOUT IT
Forshaw
ARE YOU MY TYPE? - BREAKING .NET SANDBOXES THROUGH SERIALIZATION
Fleischer
WEB TRACKING FOR YOU
17:00
Ritter, Stamos
THE MYTH OF TWELVE MORE BYTES: SECURITY ON THE POST-SCARCITY INTERNET
Alonso
OWNING BAD GUYS {AND MAFIA} WITH JAVASCRIPT BOTNETS
Galbally
GHOST IS IN THE AIR(TRAFFIC)
Percoco, Schulte
ADVENTURES IN BOUNCERLAND
Johnson, Miller
EXPLOIT MITIGATION IMPROVEMENTS IN WIN 8
Nils, Vega
PINPADPWN
Santamarta
HERE BE BACKDOORS: A JOURNEY INTO THE SECRETS OF INDUSTRIAL FIRMWARE
Galbally
FROM THE IRISCODE TO THE IRIS: A NEW VULNERABILITY OF IRIS RECOGNITION SYSTEMS
Black Hat USA 2012 - Thursday, July 26
09:00
Stephenson
AN INTERVIEW WITH NEAL STEPHENSON
10:15
Schneier
TRUST, SECURITY, AND SOCIETY
Shah
HTML5 TOP 10 THREATS – STEALTH ATTACKS AND SILENT EXPLOITS
Branco
A SCIENTIFIC (BUT NON ACADEMIC) STUDY OF HOW MALWARE EMPLOYS ANTI-DEBUGGING, ANTI-DISASSEMBLY AND ANTI-VIRTUALIZATION TECHNOLOGIES
Grier
CATCHING INSIDER DATA THEFT WITH STOCHASTIC FORENSICS
Pan, Tsai
THE SUBWAY LINE 8 - EXPLOITATION OF WINDOWS 8 METRO STYLE APPS
De Atley
IOS SECURITY
Campbell, Duckwall
STILL PASSING THE HASH 15 YEARS LATER? USING THE KEYS TO THE KINGDOM TO ACCESS ALL YOUR DATA
11:45
Weatherford
THE CHRISTOPHER COLUMBUS RULE AND DHS
Carettoni
AMF TESTING MADE EASY!
K
DE MYSTERIIS DOM JOBSIVS: MAC EFI ROOTKITS
Litchfield
FIND ME IN YOUR DATABASE: AN EXAMINATION OF INDEX SECURITY
Kohlenberg, Shkatov
WE HAVE YOU BY THE GADGETS
Esser
IOS KERNEL HEAP ARMAGEDDON REVISITED
Oh
RECENT JAVA EXPLOITATION TRENDS AND MALWARE
14:15
Clark
LEGAL ASPECTS OF CYBERSPACE OPERATIONS
Shekyan, Toukharian
HACKING WITH WEBSOCKETS
Strazzere
DEX EDUCATION: PRACTICING SAFE DEX
Holeman
PASSIVE BLUETOOTH MONITORING IN SCAPY
Hannay
EXCHANGING DEMANDS
Diquet, Osborne
WHEN SECURITY GETS IN THE WAY: PENTESTING MOBILE APPS THAT USE CERTIFICATE PINNING
Sabanal, Yason
DIGGING DEEP INTO THE FLASH SANDBOXES
Gunter, S
SNSCAT: WHAT YOU DON'T KNOW ABOUT SOMETIMES HURTS THE MOST
14:35
Patten, Steele
SYNFUL DECEIT, STATEFUL SUBTERFUGE
Cui
EMBEDDED DEVICE FIRMWARE VULNERABILITY HUNTING USING FRAK
14:55
Claudius, Reynolds
STAMP OUT HASH CORRUPTION, CRACK ALL THE THINGS
Lanier, Reiter
MAPPING AND EVOLUTION OF ANDROID PERMISSIONS
15:30
Aldridge
TARGETED INTRUSION REMEDIATION: LESSONS FROM THE FRONT LINES
Brashars, Purviance
BLENDED THREATS AND JAVASCRIPT: A PLAN FOR PERMANENT NETWORK COMPROMISE
Brossard
HARDWARE BACKDOORING IS PRACTICAL
Cesare
CLONEWISE - AUTOMATED PACKAGE CLONE DETECTION
Oi
WINDOWS PHONE 7 INTERNALS AND EXPLOITABILITY
Dubik, Engler, Law, Vo
IOS APPLICATION SECURITY ASSESSMENT AND AUTOMATION: INTRODUCING SIRA
Cutlip
SQL INJECTION TO MIPS OVERFLOWS: ROOTING SOHO ROUTERS
17:00
Philput
HACKING THE CORPORATE MIND: USING SOCIAL ENGINEERING TACTICS TO IMPROVE ORGANIZATIONAL SECURITY ACCEPTANCE
Jones
STATE OF WEB EXPLOIT TOOLKITS
Royal, Song
FLOWERS FOR AUTOMATED MALWARE ANALYSIS
Chastuhin, Polyakov
SSRF VS. BUSINESS CRITICAL APPLICATIONS
Cerrudo
EASY LOCAL WINDOWS KERNEL EXPLOITATION
Rowley
HOW MANY BRICKS DOES IT TAKE TO CRACK A MICROCELL?
Linn, Ocepek
HOOKIN' AIN'T EASY: BEEF INJECTION WITH MITM


Instructions

This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.

Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.