2FA-Enabled Fraud: Dissecting Operation High Roller

4140 Ways Your Alarm System Can Fail

Active Directory Reconnaissance, Attacks, and Post-Exploitation

A Fool’s Game: Building an Awareness & Training Program

Alice in Exploit Redirection-land – A trip down the rabbit hole

Ambush – Catching Intruders At Any Point

Android in the Healthcare Workplace: A Case Study

An Introduction to Reverse Engineering with Ida Pro Free

Appearance Hacking 101: The Art of Everyday Camouflage

Are You HIPAA to the Jive?: How Focus on HIPAA Compliance Over Better Security Practices Hurts Us All

Becoming Mallory – How to Win Creds and Influence Devices

Beyond Strings – Memory Analysis during Incident Response

Black Ops

Breaking into Security

Building a Database Security Program

Building Dictionaries and Destroying Hashes Using Amazon EC2

Building Security into your Mobile Application

Building the Next Generation IDS with OSINT

Business Ramifications of Internet’s unclean conflicts

BYOD: “Bring Your Own Doom or Sane Business Decision?”

Closing Ceremonies

Collecting Underpants To Win Your Network

Cookie Cadger: Taking Cookie Hijacking To A New Level

CounterSploit! (MSF as a defense platform)

Creating A Powerful User Defense Against Attackers

Current Trends in Computer Law

Cyber Fast Track: from the trenches

Dirty Little Secrets Part 2

Dirty Red Team Tricks II

DNS Reconnaissance

Doubt – Deceit – Deficiency and Decency – a Decade of Disillusionment

Doxing and Anti-Doxing: Information Reconnaissance for the Stalker and the Stalked

Easy Cracking with NetLM Downgrade Attacks

Easy Passwords = Easy Break-Ins

Everything they told me about security was wrong

Everything you wanted to know about Academia (But were too afraid to ask)

Exploit Development with Ruby – An Intro

Flex Your Rights: The Constitution & Political Activism in the Hacker Community

Format String Vulnerabilities 101

Ghost in the Wires: The Unbelievable True Story of Kevin Mitnick’s Life as a the World’s Most Wanted Computer Hacker

Hacking Survival: So. You want to compute post-apocalypse?

Hack Your Way Into A DoD Security Clearance

House of Cards

How I Learned To Stop Worrying and Love the Smart Meter

How I Owned Your Vending Machine

How screwed are we?

How to create a one man SOC

Hunting Evil

Information Overload, Future Shock, IBM & The Nature of Modern Crime

Introducing the Smartphone Pentest Framework

Introduction to Metasploit Post Exploitation Modules

Intro to Linux System Hardening, and Applying it to BackTrack Linux

Is it time for another firewall or a security awareness program?

ISO8583: How to pentest when given a target that is not your “normal” target.

It’s Not Your Perimeter, It’s You That Sucks!

Ma and Pa Sleep with the Door Unlocked: A Look at Information Security in the Small Business

Managed Service Providers: Pwn One and Done

Maturing The Penetration Testing Profession

Medical Device Security: Current State of the Art

Moar Anti-Forensics – Moar Louise

Next Generation Web Reconnaissance

Nice to Meet You

Nonverbal Human Hacking

Off-Grid Communications with Android: Meshing the Mobile World

Opening Ceremony

Penetration Testing from a Hot Tub Time Machine

Pentesting for non-pentesters: learning through virtual machines

Pentesting iOS Applications

Pen Testing Security Vendors

PHP Website Security, Attack Analysis, & Mitigations

Physical Drive-By Downloads

Privilege Escalation with the Metasploit Framework

Professional Pen Testing and Learning From Your Mistakes

“Puff, Puff, Pass: Getting the Most Out of Your Hash” An Intro to Linux Post-Exploitation Fun With Windows Hashes

Pwned in 60 Seconds, From Network Guest To Windows Domain Admin

Rapid Blind SQL Injection Exploitation with BBQSQL

Rescuing the Prince of Persia from the Sands of Time

RfCat: subghz or bust!

Running a successful Red Team

Securing the Internet: YOU’re doing it wrong. (An INFOSEC Intervention)

Security Epistemology: Beliefs, Truth, and Knowledge in the Infosec Community

Security Onion: Network Security Monitoring in Minutes

Security Vulnerability Assessments – Process and Best Practices

SE me, SE you

Separating Security Intelligence from Security FUD

SexyDefense – The Red Team tore you a new one. NOW WHAT?

SH5ARK ATTACK- taking a byte out of HTML5!

Simple Security Defense to Thwart an Army of Cyber Ninja Warriors

Slow Down, Cowpoke: When Enthusiasm Outpaces Common Sense

Social Engineering Defense Contractors on LinkedIN & Facebook: Who’s plugged in to your employees?

Social Zombies: Rise of the Mobile Dead

So you got yourself an InfoSec Manager job. Great! Now what?

Sprinkler: IR

SQL Injection 101

Tactical Surveillance: Look at me now!

Taming Skynet : Using the Cloud to Automate Baseline Scanning

TBA

The Art and Science of Hacking Any Target

The Badmin project: (Na-na-nanana Na-na-nanana BADMIN)

The Devil's in the Details: A look at bad SE and how to do better

The Evolution of HFC

The Future of RE: Dynamic Binary Visualization

The Hacker Ethos meets The FOSS Ethos

The Patsy Proxy: Getting others to do your dirty work

The Wild West

Think differently about database hacking

Using McAfee Secure/TrustGuard as Attack Tools

Vulnerability Spidey Sense – Demystifying Pen Testing Intuition

We go in over the phone lines, pop the firewall, drop in the hydra and wait for the money” and other movie lines that fail.

What locksport can teach us about security

Why Integgroll sucks at Python, and you can too!

Why Isn’t Everyone Pulling Security, This is Combat

Wielding Katana: A Live Security Suite

Write Your Own Tools With Python!

You Can't Buy Security. Building an Open Sourced Information Security Program