50 Shades of RED: Stories from the “Playroom”
Abusing LFI-RFI for Fun,Profit and Shells
A developer’s guide to pentesting
After SS7 its LTE
Alice Goes Deeper (Down the Rabbit Hole) – Redirection 2.0
A n00bie’s perspective on Pentesting…
An Anti-Forensics Primer
Android 4.0: Ice Cream “Sudo Make Me a” Sandwich
An Encyclpwnia of Persistence
ANOTHER Log to Analyze – Utilizing DNS to Discover Malware in Your Network
Anti-Forensics: Memory or something, I forget.
Antivirus Evasion: Lessons Learned
Antivirus Evasion through Antigenic Variation (Why the Blacklisting Approach to AV is Broken)
Applying the 32 Zombieland Rules to IT Security
Appsec Tl;dr
A SysCall to ARMs
Attacking the Next Generation Air Traffic Control System; Hackers, liquor and commercial airliners.
Battle Scars And Friendly Fire: Threat Research Team War Stories
Beyond Information Warfare “You Ain’t Seen Nothing Yet”
Big Hugs for Big Data
Browser Pivoting (FU2FA)
Building An Information Security Awareness Program from Scratch
Burning the Enterprise with BYOD
Cash is King: Who’s Wearing Your Crown?
Cheat Codez: Level UP Your SE Game
Closing Ceremonies
Cognitive Injection: Reprogramming the Situation-Oriented Human OS
Collaborative Penetration Testing With Lair
Cracking Corporate Passwords – Exploiting Password Policy Weaknesses
Crypto-Exploit Exercises: A tool for reinforcing basic topics in Cryptography
Dancing with Dalvik
Decoding Bug Bounty Programs
DEF CON Documentary
Digital Energy – BPT
DIY Command & Control For Fun And *No* Profit
DIY Forensics: When Incident Response Morphs into Digital Forensics
Electronic Safe Fail: Common Vulnerabilities in Electronic Safes
Emergent Vulnerabilities: What ant colonies, schools of fish, and security have in common.
Everything you ever wanted to know on how to start a Credit Union, but were afraid to ask.
Evolutionary Security – Embracing Failure to Attain “Good Enough”
Exploiting_the_Zeroth_Hour(); Developing your Advanced Persistent Threat to Pwn the Network
Finding The Signal in the Noise: Quantifying Advanced Malware
First line of defense
Follow the Foolish Zebras: Finding Threats in Your Logs
Gen Y—Getting Them to Talk Rather than Text at Work
Getting Schooled: Security with no budget in a hostile environment.
Getting the goods with smbexec
gitDigger: Creating useful wordlists from public GitHub repositories
Grim Trigger
Hacking Back, Active Defense and Internet Tough Guys
Hack the Hustle!
Hardening Windows 8 apps for the Windows Store
Hello ASM World: A Painless and Contextual Introduction to x86 Assembly
help for the helpdesk
Hiding @ Depth – Exploring & Subverting NAND Flash memory
How can I do that? Intro to hardware hacking with an RFID badge reader
How Good is Your Phish
How Im going to own your organization in just a few days.
How the Grid Will Be Hacked
How to Fight a War Without Actually Starting One
Identifying Evil: An introduction to Reverse Engineering Malware and other software
Intro to Dynamic Access Control in Windows Server 2012
IOCAware – Actively Collect Compromise Indicators and Test Your Entire Enterprise
iOS.reverse #=> iPwn Apps
IPv6 is here (kind of), what can I do with it?
Is Auditing C/C++ Different Nowadays?
It’s Okay to Touch Yourself
It’s Only a Game: Learning Security through Gaming
JTAGulator: Assisted discovery of on-chip debug interfaces
Kinetic Pwnage: Obliterating the Line Between Computers and the Physical World
Living Off the Land: A Minimalist’s Guide to Windows Post-Exploitation
Look Ma, No Exploits! – The Recon-ng Framework
Love letters to Frank Abagnale (How do I pwn thee let me count the ways)
Malware Automation
Malware : testing malware scenarios on your network
My Experiments with truth: a different route to bug-hunting
My Security is a Graph – Your Arguement is Invalid
New Shiny in the Metasploit Framework
Ooops, Now What? :: The Stolen Data Impact Model (SDIM)
Opening Ceremonies
Operationalizing Security Intelligence in the Enterprise
Ownage From Userland: Process Puppeteering
Owning Computers Without Shell Access
Panel: Building and Growing a Hacker Space
Passive Aggressive Defense
Pass-The-Hash 2: The Admin’s Revenge
Password Intelligence Project – Advanced Password Recovery and Modern Mitigation Strategies
Patching Windows Executables with the Backdoor Factory
Phishing Frenzy: 7 seconds from hook to sinker
Phishing Like The Pros
Pigs Don’t Fly – Why owning a typical network is so easy, and how to build a secure one.
PowerShell and Windows Throw the Best Shell Parties
Practical Exploitation Using A Malicious Service Set Identifier (SSID)
Practical File Format Fuzzing
Practical OSINT
Promoting Your Security Program Like A Lobbyist.
Put Me In Coach: How We Got Started In Infosec
Raising Hacker Kids: For Good or for Awesome
Raspberry Pi, Media Centers, and AppleTV
RAWR – Rapid Assessment of Web Resources
Sandboxes from a pen tester’s view
Scanning Darkly
Security Sucks, and You’re Wearing A Nursing Bra
Security Training and Research Cloud (STRC)
Seeing red in your future?
Shattering the Glass: Crafting Post Exploitation Tools with PowerShell
Sixnet Tools: for poking at Sixnet Things
SO Hopelessly Broken: the implications of pervasive vulnerabilities in SOHO router products.
Some defensive ideas from offensive guys.
So you want to be a pentester?
SQL injection with sqlmap
Steal All of the Databases.
Stealth servers need Stealth Packets
Stop Fighting Anti-Virus
Stop making excuses; it’s time to own your HIV (High Impact Vulnerabilities)
Surviving the Dead
Taking the BDSM out of PCI-DSS Through Open-Source Solutions
Terminal Cornucopia
The Art and Science of Hacking Any Organization
The Cavalry Is Us: Protecting the public good and our profession
The Good Samaritan Identity Protection Project – www.thegsipp.org
The High Risk of Low Risk Applications
The Internet of Things: Vulns, Botnets and Detection
The Malware Management Framework, a process you can use to find advanced malware. We found WinNTI with it!
The Message and The Messenger
The Mysterious Mister Hokum
The Netsniff-NG Toolkit
Tizen Security: Hacking the new mobile OS
TMI: How to attack SharePoint servers and tools to make it easier
Uncloaking IP Addresses on IRC
‘) UNION SELECT `This_Talk` AS (‘New Exploitation and Obfuscation Techniques’)%00
Unmasking Miscreants
Using Facial Recognition Software In Digital Forensics And Information Security
Wait; How is All This Stuff Free?!?
Weaponizing your Coffee Pot
What if Petraeus was a hacker? Email privacy for the rest of us
What’s common in Oracle and Samsung? They tried to think differently about crypto.
Why Dumpster Dive when I can pwn right in?
Why Your IT Bytes
Windows 0wn3d By Default
Windows Attacks: AT is the new black
Your Turn!