Además del material de USENIX 17 , ya están disponibles también los vídeos de las charlas.

Aquí tenéis la lista completa:

• Opening Remarks and Awards
• When Your Threat Model Is “Everything”: Defensive Security in Modern Newsrooms
• How Double-Fetch Situations turn into Double-Fetch Vulnerabilities…
• Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts
• Ninja: Towards Transparent Tracing and Debugging on ARM
• Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX
• On the effectiveness of mitigations against floating-point timing channels
• Constant-Time Callees with Variable-Time Callers
• Neural Nets Can Learn Function Type Signatures From Binaries
• CAn’t Touch This…
• Efficient Protection of Path-Sensitive Control Security
• Digtool: A Virtualization-Based Framework for Detecting Kernel Vulnerabilities
• kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
• Venerable Variadic Vulnerabilities Vanquished
• Towards Practical Tools for Side Channel Aware Software Engineering…
• Strong and Efficient Cache Side-Channel Protection…
• CacheD: Identifying Cache-Based Timing Channels in Production Software
• An Ant in a World of Grasshoppers
• From Problems to Patterns to Practice…
• BinSim: Trace-based Semantic Binary Diffing…
• PlatPal: Detecting Malicious Documents with Platform Diversity
• Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART
• Global Measurement of DNS Manipulation
• Characterizing the Nature and Dynamics of Tor Exit Blocking
• DeTor: Provably Avoiding Geographic Regions in Tor
• SmartAuth: User-Centered Authorization for the Internet of Things
• AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings
• 6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices
• Identifier Binding Attacks and Defenses in Software-Defined Networks
• HELP: Helper-Enabled In-Band Device Pairing…
• Attacking the Brain: Races in the SDN Control Plane
• Detecting Credential Spearphishing in Enterprise Settings
• SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data
• When the Weakest Link is Strong…
• Hacking in Darkness: Return-oriented Programming against Secure Enclaves
• vTZ: Virtualizing ARM TrustZone
• Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing
• AuthentiCall: Efficient Identity and Content Authentication for Phone Calls
• Picking Up My Tab…
• TrustBase: An Architecture to Repair and Strengthen…
• Transcend: Detecting Concept Drift in Malware Classification Models
• Syntia: Synthesizing the Semantics of Obfuscated Code
• Predicting the Resilience of Obfuscated Code…
• Differential Privacy: From Theory to Deployment
• OSS-Fuzz - Google’s continuous fuzzing service for open source software
• Extension Breakdown…
• CCSP: Controlled Relaxation of Content Security Policies…
• Same-Origin Policy: Evaluation in Modern Browsers
• Locally Differentially Private Protocols for Frequency Estimation
• BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model
• Computer Security, Privacy, and DNA Sequencing…
• BootStomp: On the Security of Bootloaders in Mobile Devices
• Seeing Through The Same Lens…
• Oscar: A Practical Page-Permissions-Based Scheme…
• PDF Mirage: Content Masking Attack Against Information-Based Online Services
• Loophole: Timing Attacks on Shared Event Loops in Chrome
• Game of Registrars…
• Speeding up detection of SHA-1 collision attacks…
• Phoenix: Rebirth of a Cryptographic Password-Hardening Service
• Vale: Verifying High-Performance Cryptographic Assembly Code
• Exploring User Perceptions of Discrimination in Online Targeted Advertising
• Measuring the Insecurity of Mobile Deep Links of Android
• How the Web Tangled Itself
• Towards Efficient Heap Overflow Discovery
• DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers
• Dead Store Elimination (Still) Considered Harmful
• Telling Your Secrets without Page Faults…
• CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management
• AutoLock: Why Cache Attacks on ARM Are Harder Than You Think
• USENIX Security ’17 - Understanding the Mirai Botnet
• MPI: Multiple Perspective Attack Investigation…
• Detecting Android Root Exploits by Learning from Root Providers
• USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs
• Reverse Engineering x86 Processor Microcode
• See No Evil, Hear No Evil, Feel No Evil
• The Loopix Anonymity System
• MCMix: Anonymous Messaging via Secure Multiparty Computation
• ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service
• Adaptive Android Kernel Live Patching
• CHAINIAC: Proactive Software-Update Transparency…
• ROTE: Rollback Protection for Trusted Execution
• A Longitudinal, End-to-End View of the DNSSEC Ecosystem
• Measuring HTTPS Adoption on the Web
• “I Have No Idea What I’m Doing” - On the Usability of Deploying HTTPS
• Beauty and the Burst: Remote Identification of Encrypted Video Streams
• Walkie-Talkie…
• A Privacy Analysis of Cross-device Tracking
• SmartPool: Practical Decentralized Pooled Mining
• REM: Resource-Efficient Mining for Blockchains
• Ensuring Authorized Updates in Multi-user Database-Backed Applications
• Qapla: Policy compliance for database-backed systems
• Data Hemorrhage, Inequality, and You…

Seguro que la mayoría, sino tod@s, habéis oído la noticia sobre la que hasta la fecha parace ser la mayor filtración de datos. Me refiero a Equifax , una de las tres empresas en EEUU que se encargan de monitorizar el crédito o la solvencia de los habitantes de dicho país. El problema incluso ha ido más haya de EEUU, y también se han visto comprometidos datos de argentinos (por distintos motivos), canadienses y del Reino Unido.

Si no has vivido bajo una roca en los últimos años, además de que Donald Trump es presidente de los EEUU, también habrás oído sobre Docker. De hecho, aquí en el blog ya hemos hablado varias veces sobre éste.

Docker ha recibido muchas críticas desde la comunidad de seguridad. Además de correr como root, Docker también permite que los contenedores interactúen con el host, y esto supone un gran riesgo. Aunque la seguridad en Docker ha mejorado muchísimo, si no eres cuidadoso con su configuración, un contenedor malicioso podría escapar de su entorno virtual o sandbox y llegar al host.

Over The Wire es un sitio web muy popular el cual hospeda varios wargames para practicar conceptos de seguridad, y sean desde una consola en sistemas Linux, web, explotación. etc.

Basado en este mismo concepto, pero enfocado específicamente a Powershell, existe otro sitio web llamado Under The Wire . En éste puedes actualmente econtrar cuatro wargames , cada uno con 15 fases:

Hace una semana se celebró en Canadá la conferencia “académica” sobre ciber seguridad Usenix junto a un puñado de talleres . Todo el material está disponible de forma gratuita para descarga de ambos eventos: Sesiones Técnicas y Talleres .

Aquí tenéis la lista completa de las charlas y sus correspondientes enlaces:

Sesiones técnicas de Usenix Security ‘17

• When Your Threat Model Is “Everything”: Defensive Security in Modern Newsrooms
• Erinn Clark, Lead Security Architect, First Look Media/The Intercept
• How Double-Fetch Situations turn into Double-Fetch Vulnerabilities: A Study of Double Fetches in the Linux Kernel
  • Paper
  • Slides
• Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts
  • Paper
• Ninja: Towards Transparent Tracing and Debugging on ARM
  • Paper
  • Slides
• Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX
  • Paper
• On the effectiveness of mitigations against floating-point timing channels
  • Paper
  • Slides
• Constant-Time Callees with Variable-Time Callers
  • Paper
  • Slides
• Neural Nets Can Learn Function Type Signatures From Binaries
  • Paper
• CAn’t Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory
  • Paper
• Efficient Protection of Path-Sensitive Control Security
  • Paper
• Digtool: A Virtualization-Based Framework for Detecting Kernel Vulnerabilities
  • Paper
• kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
  • Paper
• Venerable Variadic Vulnerabilities Vanquished
  • Paper
• Towards Practical Tools for Side Channel Aware Software Engineering: ‘Grey Box’ Modelling for Instruction Leakages
  • Paper
  • Slides
• Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory
  • Paper
  • Slides
• CacheD: Identifying Cache-Based Timing Channels in Production Software
  • Paper
• An Ant in a World of Grasshoppers
• Ellen Cram Kowalczyk, Microsoft
• From Problems to Patterns to Practice: Privacy and User Respect in a Complex World
• Lea Kissner, Google
• BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking
  • Paper
• PlatPal: Detecting Malicious Documents with Platform Diversity
  • Paper
  • Slides
• Malton: Towards On-Device Non-Invasive Mobile Malware Analysis for ART
  • Paper
• Global Measurement of DNS Manipulation
  • Paper
• Characterizing the Nature and Dynamics of Tor Exit Blocking
  • Paper
• DeTor: Provably Avoiding Geographic Regions in Tor
  • Paper
• SmartAuth: User-Centered Authorization for the Internet of Things
  • Paper
• AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings
  • Paper
  • Slides
• 6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices
  • Paper
• Identifier Binding Attacks and Defenses in Software-Defined Networks
  • Paper
• HELP: Helper-Enabled In-Band Device Pairing Resistant Against Signal Cancellation
  • Paper
• Attacking the Brain: Races in the SDN Control Plane
  • Paper
• Detecting Credential Spearphishing in Enterprise Settings
  • Paper
• SLEUTH: Real-time Attack Scenario Reconstruction from COTS Audit Data
  • Paper
• When the Weakest Link is Strong: Secure Collaboration in the Case of the Panama Papers
  • Paper
  • Slides
• Hacking in Darkness: Return-oriented Programming against Secure Enclaves
  • Paper
• vTZ: Virtualizing ARM TrustZone
  • Paper
  • Slides
• Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing
  • Paper
• AuthentiCall: Efficient Identity and Content Authentication for Phone Calls
  • Paper
• Picking Up My Tab: Understanding and Mitigating Synchronized Token Lifting and Spending in Mobile Payment
  • Paper
  • Slides
• TrustBase: An Architecture to Repair and Strengthen Certificate-based Authentication
  • Paper
• Transcend: Detecting Concept Drift in Malware Classification Models
  • Paper
• Syntia: Synthesizing the Semantics of Obfuscated Code
  • Paper
• Predicting the Resilience of Obfuscated Code Against Symbolic Execution Attacks via Machine Learning
  • Paper
• Differential Privacy: From Theory to Deployment
• Abhradeep Guha Thakurta, University of California, Santa Cruz
• OSS-Fuzz - Google’s continuous fuzzing service for open source software
  • Slides
• Kostya Serebryany, Google
• Extension Breakdown: Security Analysis of Browsers Extension Resources Control Policies
  • Paper
• CCSP: Controlled Relaxation of Content Security Policies by Runtime Policy Composition
  • Paper
• Same-Origin Policy: Evaluation in Modern Browsers
  • Paper
• Locally Differentially Private Protocols for Frequency Estimation
  • Paper
• BLENDER: Enabling Local Search with a Hybrid Differential Privacy Model
  • Paper
• Computer Security, Privacy, and DNA Sequencing: Compromising Computers with Synthesized DNA, Privacy Leaks, and More
  • Paper
• BootStomp: On the Security of Bootloaders in Mobile Devices
  • Paper
  • Slides
• Seeing Through The Same Lens: Introspecting Guest Address Space At Native Speed
  • Paper
• Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers
  • Paper
• PDF Mirage: Content Masking Attack Against Information-Based Online Services
  • Paper
• Loophole: Timing Attacks on Shared Event Loops in Chrome
  • Paper
• Game of Registrars: An Empirical Analysis of Post-Expiration Domain Name Takeovers
  • Paper
• Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions
  • Paper
• Phoenix: Rebirth of a Cryptographic Password-Hardening Service
  • Paper
• Vale: Verifying High-Performance Cryptographic Assembly Code
  • Paper
• Exploring User Perceptions of Discrimination in Online Targeted Advertising
  • Paper
• Measuring the Insecurity of Mobile Deep Links of Android
  • Paper
• How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security
  • Paper
• Towards Efficient Heap Overflow Discovery
  • Paper
• DR. CHECKER: A Soundy Analysis for Linux Kernel Drivers
  • Paper
• Dead Store Elimination (Still) Considered Harmful
  • Paper
• Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution
  • Paper
• CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management
  • Paper
• AutoLock: Why Cache Attacks on ARM Are Harder Than You Think
  • Paper
• Understanding the Mirai Botnet
  • Paper
• MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning
  • Paper
• Detecting Android Root Exploits by Learning from Root Providers
  • Paper
• USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs
  • Paper
• Reverse Engineering x86 Processor Microcode
  • Paper
• See No Evil, Hear No Evil, Feel No Evil, Print No Evil? Malicious Fill Patterns Detection in Additive Manufacturing
  • Paper
• The Loopix Anonymity System
  • Paper
• MCMix: Anonymous Messaging via Secure Multiparty Computation
  • Paper
• ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service
  • Paper
• Adaptive Android Kernel Live Patching
  • Paper
• CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds
  • Paper
• ROTE: Rollback Protection for Trusted Execution
  • Paper
• A Longitudinal, End-to-End View of the DNSSEC Ecosystem
  • Paper
• Measuring HTTPS Adoption on the Web
  • Paper
• “I Have No Idea What I’m Doing” - On the Usability of Deploying HTTPS
  • Paper
• Beauty and the Burst: Remote Identification of Encrypted Video Streams
  • Paper
• Walkie-Talkie: An Efficient Defense Against Passive Website Fingerprinting Attacks
  • Paper
• A Privacy Analysis of Cross-device Tracking
  • Paper
• SmartPool: Practical Decentralized Pooled Mining
  • Paper
• REM: Resource-Efficient Mining for Blockchains
  • Paper
• Ensuring Authorized Updates in Multi-user Database-Backed Applications
  • Paper
• Qapla: Policy compliance for database-backed systems
  • Paper
• Data Hemorrhage, Inequality, and You: How Technology and Data Flows are Changing the Civil Liberties Game
• Shankar Narayan, Technology and Liberty Project Director, American Civil Liberties Union of Washington

Material de los talleres

• Good tools gone bad: Are we on a slippery slope to communications chaos?
• Chester Wisniewski, Sophos
• dr0wned – Cyber-Physical Attack with Additive Manufacturing
  • Paper
• Automated PCB Reverse Engineering
  • Paper
• BADFET: Defeating Modern Secure Boot Using Second-Order Pulsed Electromagnetic Fault Injection
  • Paper
• From random block corruption to privilege escalation: A filesystem attack vector for rowhammer-like attacks
  • Paper
• Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery
  • Paper
• One Side-Channel to Bring Them All and in the Darkness Bind Them: Associating Isolated Browsing Sessions
  • Paper
• unCaptcha: A Low-Resource Defeat of reCaptcha’s Audio Challenge
  • Paper
• POTUS: Probing Off-The-Shelf USB Drivers with Symbolic Fault Injection
  • Paper
• Exploitations of Uninitialized Uses on macOS Sierra
  • Paper
  • Slides
• Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing
  • Paper
• Software Grand Exposure: SGX Cache Attacks Are Practical
  • Paper
• Stalling Live Migrations on the Cloud
  • Paper
• SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit
  • Paper
• Breaking and Fixing Gridcoin
  • Paper
• Adversarial Example Defense: Ensembles of Weak Defenses are not Strong
  • Paper
  • Slides
• AutoCTF: Creating Diverse Pwnables via Automated Bug Injection
  • Paper
• Shedding too much Light on a Microcontroller’s Firmware Protection
  • Paper
  • Slides
• Breaking (and Fixing) a Widely Used Continuous Glucose Monitoring System
  • Paper
• One Car, Two Frames: Attacks on Hitag-2 Remote Keyless Entry Systems Revisited
  • Paper
• Shattered Trust: When Replacement Smartphone Components Attack
  • Paper
• White-Stingray: Evaluating IMSI Catchers Detection Applications
  • Paper
  • Slides
• fastboot oem vuln: Android Bootloader Vulnerabilities in Vendor Customizations
  • Paper

Los Sims es una serie de vídeojuegos de simulación social. Inicialmente fue desarrollado por una empresa llamada Maxis (subsidaria de EA) y publicado por EA (Eletronic Arts). El primero de la serie fue lanzado en el año 2000. Desde entonces, Los Sims batió todo tipo de records de venta y se convirtió en uno los vídeojuegos más influenciales de la época.

Don Hopkins , quién después de pasar por Sun Microsystems, fue uno de los componentes que participaron en el desarrollo de dicho vídeojuego, tiene recopilado en su sitio web personal un gran número de documentos internos (y en su día confidenciales) sobre el desarrollo de Los Sims. Como nota curiosa, Don Hopkins fue quién acuño el término copyleft e inspiró a Richard Stallman a usarlo.

Este nuevo taller de análisis de malware es una continuación de otro taller de introducción del cual ya hablamos anteriormente [aquí] ( https://www.cyberhades.com/2017/03/28/taller-de-analisis-de-malware/) .

Titulado como: Reverse Engineering Malware 102 , Amanda Rousseau , nos guía a través del proceso de análisis de malware REAL. Con este taller aprenderás a analizar binarios Delphi, técnicas de evasión usadas por malware real para complicarnos la vida a la hora hacer uso de la ingeniería inversa. También aprenderamos a usar el motor Unicorn e identificar técnicas de compresión no comunes.

Pues ahora le toca el turno a DEF CON, en este caso la edición 25 que se acaba de celebrar y ya tienes también acceso a las presentaciones :

• 5A1F/
  • 5A1F-Demystifying-Kernel-Exploitation-By-Abusing-GDI-Objects-WP.pdf
  • 5A1F-Demystifying-Kernel-Exploitation-By-Abusing-GDI-Objects.pdf
• Cheng Lei/
  • Cheng-Lei-The-Spear-to-Break-the-Security-Wall-of-S7CommPlus-WP.pdf
  • Cheng-Lei-The-Spear-to-Break-the-Security-Wall-of-S7CommPlus.pdf
• Denton Gentry/
  • Denton-Gentry-I-Know-What-You-Are-By-The-Smell-Of-Your-Wifi-WP.pdf
  • Denton-Gentry-I-Know-What-You-Are-By-The-Smell-Of-Your-Wifi.pdf
• Dimitry Snezhkov/
  • Dimitry Snezhkov - Extras/
  • Dimitry-Snezhkov-Abusing-Web-Hooks.pdf
• Dor Azouri/
  • Dor-Azouri-BITSInject-WP.pdf
  • Dor-Azouri-BITSInject.pdf
• Duncan Woodbury and Nicholas Haltmeyer/
  • Woodbury-and-Haltmeyer-Linux-Stack-Based-V2X-Framework-Hack-Connected-Vehicles-WP.pdf
  • Woodbury-and-Haltmeyer-Linux-Stack-Based-V2X-Framework-Hack-Connected-Vehicles.pdf
• Itzik Kotler and Amit Klein/
  • Itzik-Kotler-and-Amit-Klein-The-Adventures-of-AV-and-the-Leaky-Sandbox-WP.pdf
  • Itzik-Kotler-and-Amit-Klein-The-Adventures-of-AV-and-the-Leaky-Sandbox.pdf
• Josh Pitts/
  • Josh Pitts - Extras/
  • Josh-Pitts-Teaching-Old-Shellcode-New-Tricks.pdf
• Mark Newlin Logan Lamb and Christopher Grayson/
  • Newlin-Lamb-Grayson-CableTap-Wirelessly-Tapping-Your-Home-Network.pdf
• Matt Knight and Marc Newlin/
  • Matt-Knight-and-Marc-Newlin-Radio-Exploitation-WP.pdf
  • Matt-Knight-and-Marc-Newlin-Radio-Exploitation.pdf
• Matt Suiche/
  • Matt-Suiche-Porosity-Decompiling-Ethereum-Smart-Contracts-WP.pdf
  • Matt-Suiche-Porosity-Decompiling-Ethereum-Smart-Contracts.pdf
• Morten Schenk/
  • Morten-Schenk-Taking-Windows-10-Kernel-Exploitation-to-the-next-level-Leveraging-vulns-in-Creators-Update-WP.pdf
  • Morten-Schenk-Taking-Windows-10-Kernel-Exploitation-to-the-next-level-Leveraging-vulns-in-Creators-Update.pdf
• Phillip Tully and Michael Raggo/
  • Phillip-Tully-Michael-Raggo-A-Picture-is-Worth-a-Thousand-Words-Literally-WP.pdf
  • Phillip-Tully-Michael-Raggo-A-Picture-is-Worth-a-Thousand-Words-Literally.pdf
• Romain Coltel and Yves Le Provost/
  • Coltel-LeProvost-WSUSpendu-How-To-Hang-Its-Clients-WP.pdf
  • Coltel-LeProvost-WSUSpendu-How-To-Hang-Its-Clients.pdf
• Steinthor Bjarnason and Jason Jones/
  • Steinthor-Bjarnason-and-Jason-Jones-The-Call-Is-Coming-From-Inside-The-House-WP.pdf
  • Steinthor-Bjarnason-and-Jason-Jones-The-Call-Is-Coming-From-Inside-The-House.pdf
• Tomer Cohen/
  • Tomer-Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-WP.pdf
  • Tomer-Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions.pdf
• 0ctane-Untrustworthy-Hardware.pdf
• Alvaro-Munoz-JSON-attacks.pdf
• Andrew-Robbins-and-Will-Schroeder-An-Ace-Up-The-Sleeve.pdf
• Artem-Kondratenko-Cisco-Catalyst-Exploitation.pdf
• Ayoul3-Dealing-the-Perfect-Hand-Shuffling-memory-blocks-on-zOS.pdf
• Caleb-Madrigal-IOT-Hacking-With-SDR.pdf
• Chris-Thompson-MS-Just-Gave-The-Blue-Teams-Tactical-Nukes.pdf
• Christopher-Domas-Breaking-The-x86-ISA.pdf
• Cincvolflt-Inside-The-Meet-Desai-Attack.pdf
• Damien-Cauquil-Weaponizing-the-BBC-MicroBit.pdf
• Daniel-Bohannon-and-Lee-Holmes-Revoke-Obfuscation.pdf
• Datko-and-Quartier-Breaking-Bitcoin-Hardware-Wallets.pdf
• Dhia-Mahjoub-and-Thomas-Mathew-Malicious-CDNs-Identifying-Zbot-Domains-en-Masse.pdf
• Foofus-Secret-Tools-Learning-About-Gov-Surveillance-Software.pdf
• Gabriel-Ryan-Advanced-Wireless-Attacks-Against-Enterprise-Networks-Course-Guide.pdf
• Gabriel-Ryan-Advanced-Wireless-Attacks-Against-Enterprise-Networks-Lab-Setup-Guide.pdf
• Gabriel-Ryan-Advanced-Wireless-Attacks-Against-Enterprise-Networks.pdf
• Gerald-Steere-and-Sean-Metcalf-Hacking-the-Cloud.pdf
• Gil-Cohen-Call-The-Plumber-You-Have-A-Leak-In-Your-(named)-Pipe.pdf
• Gus-Frischie-and-Evan-Teitelman-Backdooring-the-Lottery.pdf
• Hanno-Boeck-Abusing-Certificate-Transparency-Logs.pdf
• Haoqi-Shan-and-Jian-Yuan-Man-in-the-NFC.pdf
• Hernandez-Richards-MacDonald-Evoy-Tracking-Spies-in-the-Skies.pdf
• Hyrum-Anderson-Evading-Next-Gen-AV-Using-AI.pdf
• Ilja-van-Sprundel-BSD-Kern-Vulns.pdf
• Inbar-and-Eden-Story-of-Early-Israeli-Hacking-Community.pdf
• Jason-Staggs-Breaking-Wind-Hacking-Wind-Farm-Control-Networks.pdf
• Jesse-Michael-and-Mickey-Shkatov-Driving-Down-the-Rabbit-Hole.pdf
• Jhaddix-HUNT-Data-Driven-Web-Hacking-and-Manual-Testing.pdf
• Jim-Nitterauer-DNS-Devious-Name-Services-Destroying-Privacy-Anonymity-Without-Your-Consent.pdf
• Joe-Rozner-Wiping-Out-CSRF.pdf
• Karit-ZX-Security-Using-GPS-Spoofing-To-Control-Time.pdf
• Konstantinos-Karagiannis-Hacking-Smart-Contracts.pdf
• Lee-Holmes-Attacking-Battle-Hardened-Windows-Server.pdf
• Marina-Simakov-and-Igal-Gofman-Here-to-stay-Gaining-persistence-by-abusing-auth-mechanisms.pdf
• Matt-Wixey-See-No-Evil-Hear-No-Evil.pdf
• Max-Bazaliy-Jailbreaking-Apple-Watch.pdf
• Mikhail-Sosonkin-Hacking-Travel-Routers-Like-1999.pdf
• Min-Spark-Zheng-macOS-iOS-Kernel-Debugging.pdf
• Nathan-Seidle-Open-Source-Safe-Cracking-Robots.pdf
• Omar-Eissa-Attacking-Autonomic-Networks.pdf
• Orange-Tsai-A-New-Era-of-SSRF-Exploiting-URL-Parser-in-Trending-Programming-Languages.pdf
• Owen-Snide-Phone-System-Testing-and-other-fun-tricks.pdf
• Patrick-DeSantis-From-Box-to-Backdoor-Using-Old-School-Tools.pdf
• Patrick-Wardle-Offensive-Malware-Analysis-Fruit-Fly.pdf
• Plore-Popping-a-Smart-Gun.pdf
• Professor-Plum-Digital Vengeance-Exploiting-Notorious-Toolkits.pdf
• Roger-Dingledine-Next-Generation-Tor-Onion-Services.pdf
• Ryan-Baxendale-Microservices-and-FaaS-for-Offensive-Security.pdf
• Salvador-Mendoza-Exploiting-0ld-Magstripe-Info-with-New-Technology.pdf
• Scott-Behrens-and-Jeremy-Heffner-Starting-The-Avalanche-Application-DoS-In-Microservice-Architectures.pdf
• Slava-Makkaveev-and-Avi-Bashan-Unboxing-Android.pdf
• Stephan-Huber-and-Seigfried-Rasthofer-Password-Manager-Investigation.pdf
• Suggy-Sumner-Rage-Against-The-Weaponized-AI-Propaganda-Machine.pdf
• Svea-Eckert-Andreas-Dewes-Dark-Data.pdf
• Tess-Schrodinger-Total-Recall.pdf
• Tomer-Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-WP.pdf
• Tomer-Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions.pdf
• Vasillios-Mavroudis-Trojan-Tolerant-Hardware.pdf
• Weston-Hecker-Opt-Out-or-Deauth-Trying.pdf
• Whitney-Merrill-and-Terrell-McSweeny-Tick-Tick-Boom-Tech-and-the-FTC.pdf
• William-Knowles-Persisting-With-Microsoft-Office.pdf
• XlogicX-Assembly-Language-Is-Too-High-Level.pdf
• Yuwei-Zheng-UnicornTeam-Ghost-Telephonist.pdf
• chaosdata-Ghost-in-the-Droid-ParaSpectre.pdf
• r00killah-and-securelyfitz-Secure-Tokin-and-Doobiekeys.pdf
• skud-and-Sky-If-You-Give-A-Mouse-A-Microchip.pdf
• spaceB0x-Exploiting-Continuous-Integration.pdf
• zerosum0x0-alephnaught-Koadic-C3.pdf

Ya están disponible las presentaciones de Black Hat USA 2017 :

• Stepping Up Our Game: Re-focusing the Security Community on Defense and Making Security Work for Everyone
• ‘Ghost Telephonist’ Link Hijack Exploitations in 4G LTE CS Fallback
  • Yuwei-Ghost-Telephonist-Link-Hijack-Exploitations-In-4G-LTE-CS-Fallback.pdf
• (in)Security in Building Automation: How to Create Dark Buildings with Light Speed
  • Brandstetter-insecurity-In-Building-Automation-How-To-Create-Dark-Buildings-With-Light-Speed.pdf
  • Brandstetter-insecurity-In-Building-Automation-How-To-Create-Dark-Buildings-With-Light-Speed-wp.pdf
• A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
  • Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages.pdf
• Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
• Adventures in Attacking Wind Farm Control Networks
  • Staggs-Adventures-In-Attacking-Wind-Farm-Control-Networks.pdf
• All Your SMS & Contacts Belong to ADUPS & Others
  • Johnson-All-Your-SMS-&-Contacts-Belong-To-Adups-&-Others.pdf
  • Johnson-All-Your-SMS-&-Contacts-Belong-To-Adups-&-Others-wp.pdf
• An ACE Up the Sleeve: Designing Active Directory DACL Backdoors
  • Robbins-An-ACE-Up-The-Sleeve-Designing-Active-Directory-DACL-Backdoors.pdf
  • Robbins-An-ACE-Up-The-Sleeve-Designing-Active-Directory-DACL-Backdoors-wp.pdf
• And Then the Script-Kiddie Said Let There be No Light. Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
  • Keliris-And-Then-The-Script-Kiddie-Said-Let-There-Be-No-Light-Are-Cyberattacks-On-The-Power-Grid-Limited-To-Nation-State-Actors-wp.pdf
• Attacking Encrypted USB Keys the Hard(ware) Way
• Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
• Automated Testing of Crypto Software Using Differential Fuzzing
  • Aumasson-Automated-Testing-Of-Crypto-Software-Using-Differential-Fuzzing.pdf
• AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
  • Jung-AVPASS-Leaking-And-Bypassing-Anitvirus-Detection-Model-Automatically.pdf
• Behind the Plexiglass Curtain: Stats and Stories from the Black Hat NOC
• Betraying the BIOS: Where the Guardians of the BIOS are Failing
  • Branco-Firmware-Is-The-New-Black-Analyzing-Past-Three-Years-Of-BIOS-UEFI-Security-Vulnerabilities
• Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game
  • Shortridge-Big-Game-Theory-Hunting-The-Peculiarities-Of-Human-Behavior-In-The-Infosec-Game.pdf
• Blue Pill for Your Phone
• Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking
  • Jurczyk-Bochspwn-Reloaded-Detecting-Kernel-Memory-Disclosure-With-X86-Emulation-And-Taint-Tracking.pdf
• Bot vs. Bot for Evading Machine Learning Malware Detection
  • Anderson-Bot-Vs-Bot-Evading-Machine-Learning-Malware-Detection.pdf
  • Anderson-Bot-Vs-Bot-Evading-Machine-Learning-Malware-Detection-wp.pdf
• Break
• Breakfast (Sponsored by FireEye McAfee Qualys & Tenable Network Security)
• Breaking Electronic Door Locks Like You’re on CSI: Cyber
  • OFlynn-Breaking-Electronic-Locks.pdf
• Breaking the Laws of Robotics: Attacking Industrial Robots
  • Quarta-Breaking-The-Laws-Of-Robotics-Attacking-Industrial-Robots.pdf
  • Quarta-Breaking-The-Laws-Of-Robotics-Attacking-Industrial-Robots-wp.pdf
• Breaking the x86 Instruction Set
  • Domas-Breaking-The-x86-ISA.pdf
  • Domas-Breaking-The-x86-Instruction-Set-wp.pdf
• Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom’s Wi-Fi Chipsets
• Bug Collisions Meet Government Vulnerability Disclosure
  • Ablon-Bug-Collisions-Meet-Government-Vulnerability-Disclosure-Zero-Days-Thousands-Of-Nights-RAND.pdf
  • [Herr-Bug-Collisions-Meet-Government-Vulnerability-Disclosure-Taking Stock - Vulnerability-Rediscovery-HKS.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Herr-Bug-Collisions-Meet-Government-Vulnerability-Disclosure-Taking Stock - Vulnerability-Rediscovery-HKS.pdf)
• Business Hall Welcome Reception (Sponsored by Forcepoint McAfee LogRhythm & Tenable Network Security)
• Challenges of Cooperation Across Cyberspace
• Champagne Toast (Sponsored by ESET North America Fidelis Cybersecurity Fortinet Leidos Palo Alto Networks Raytheon & Symantec)
• Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
  • Fratantonio-Cloak-And-Dagger-From-Two-Permissions-To-Complete-Control-Of-The-UI-Feedback-Loop.pdf
  • Fratantonio-Cloak-And-Dagger-From-Two-Permissions-To-Complete-Control-Of-The-UI-Feedback-Loop-wp.pdf
• Coffee Service
• Cracking the Lens: Targeting HTTP’s Hidden Attack-Surface
  • Kettle-Cracking-The-Lens-Exploiting-HTTPs-Hidden-Attack-Surface.pdf
  • Kettle-Cracking-The-Lens-Exploiting-HTTPs-Hidden-Attack-Surface-wp.pdf
  • Kettle-Cracking-The-Lens-Exploiting-HTTPs-Hidden-Attack-Surface-tool.zip
• Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
  • Nichols-Cyber-Wargaming-Lessons-Learned-In-Influencing-Stakeholders-Inside-And-Outside-Your-Organization.pdf
  • Nichols-Cyber-Wargaming-Lessons-Learned-In-Influencing-Stakeholders-Inside-And-Outside-Your-Organization-wp.pdf
• Datacenter Orchestration Security and Insecurity: Assessing Kubernetes Mesos and Docker at Scale
• Defeating Samsung KNOX with Zero Privilege
  • Shen-Defeating-Samsung-KNOX-With-Zero-Privilege.pdf
  • Shen-Defeating-Samsung-KNOX-With-Zero-Privilege-wp.pdf
• Delivering Javascript to World+Dog
  • Randolph-Delivering-Javascript-to-World-Plus-Dog.pdf
  • Randolph-Delivering-Javascript-to-World-Plus-Dog-wp.pdf
• Developing Trust and Gitting Betrayed
• Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
  • Grange-Digital-Vengeance-Exploiting-The-Most-Notorious-C&C-Toolkits.pdf
  • Grange-Digital-Vengeance-Exploiting-The-Most-Notorious-C&C-Toolkits-wp.pdf
• Don’t Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
  • Lekies-Dont-Trust-The-DOM-Bypassing-XSS-Mitigations-Via-Script-Gadgets.pdf
• Electronegativity - A Study of Electron Security
  • Carettoni-Electronegativity-A-Study-Of-Electron-Security.pdf
  • Carettoni-Electronegativity-A-Study-Of-Electron-Security-wp.pdf
• Escalating Insider Threats Using VMware’s API
  • Ziv-Escalating-Insider-Threats-Using-Vmware’s-Api.pdf
• Evading Microsoft ATA for Active Directory Domination
  • Mittal-Evading-MicrosoftATA-for-ActiveDirectory-Domination.pdf
• Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
• Evilsploit – A Universal Hardware Hacking Toolkit
  • Chui-Evilsploit-A-Universal-Hardware-Hacking-Toolkit.pdf
  • Chui-Evilsploit-A-Universal-Hardware-Hacking-Toolkit-wp.pdf
• Evolutionary Kernel Fuzzing
  • Johnson-Evolutionary-Kernel-Fuzzing
• Exploit Kit Cornucopia
• Exploiting Network Printers
  • Mueller-Exploiting-Network-Printers.pdf
• Fad or Future? Getting Past the Bug Bounty Hype
• Fighting Targeted Malware in the Mobile Ecosystem
  • Ruthven-Fighting-Targeted-Malware-In-The-Mobile-Ecosystem.pdf
• Fighting the Previous War (aka: Attacking and Defending in the Era of the Cloud)
• Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
• FlowFuzz - A Framework for Fuzzing OpenFlow-Enabled Software and Hardware Switches
  • Gray-FlowFuzz-A-Framework-For-Fuzzing-OpenFlow-Enabled-Software-And-Hardware-Switches.pdf
• Fractured Backbone: Breaking Modern OS Defenses with Firmware Attacks
• Free-Fall: Hacking Tesla from Wireless to CAN Bus
  • Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus.pdf
  • Nie-Free-Fall-Hacking-Tesla-From-Wireless-To-CAN-Bus-wp.pdf
• Friday the 13th: JSON Attacks
  • Munoz-Friday-The-13th-Json-Attacks.pdf
  • Munoz-Friday-The-13th-JSON-Attacks-wp.pdf
• Game of Chromes: Owning the Web with Zombie Chrome Extensions
  • Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-wp.pdf
  • Cohen-Game-Of-Chromes-Owning-The-Web-With-Zombie-Chrome-Extensions-wp.pdf
• Garbage In Garbage Out: How Purportedly Great Machine Learning Models can be Screwed Up by Bad Data
  • Sanders-Garbage-In-Garbage-Out-How-Purportedly-Great-ML-Models-Can-Be-Screwed-Up-By-Bad-Data.pdf
  • Sanders-Garbage-In-Garbage-Out-How-Purportedly-Great-ML-Models-Can-Be-Screwed-Up-By-Bad-Data-wp.pdf
• Go Nuclear: Breaking Radiation Monitoring Devices
  • [Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices.pdf]( https://www.blackhat.com/docs/us-17/wednesday/us-17-Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices.pdf)
  • [Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices-wp.pdf]( https://www.blackhat.com/docs/us-17/wednesday/us-17-Santamarta-Go-Nuclear-Breaking Radition-Monitoring-Devices-wp.pdf)
• Go to Hunt Then Sleep
  • Bianco-Go-To-Hunt-Then-Sleep.pdf
• Hacking Hardware with a $10 SD Card Reader
  • Etemadieh-Hacking-Hardware-With-A-$10-SD-Card-Reader.pdf
  • Etemadieh-Hacking-Hardware-With-A-$10-SD-Card-Reader-wp.pdf
• Hacking Serverless Runtimes: Profiling AWS Lambda Azure Functions and More
  • Krug-Hacking-Severless-Runtimes.pdf
  • Krug-Hacking-Severless-Runtimes-wp.pdf
• Honey I Shrunk the Attack Surface – Adventures in Android Security Hardening
• How We Created the First SHA-1 Collision and What it Means for Hash Security
• Hunting GPS Jammers
  • Gostomelsky-Hunting-GPS-Jammers.pdf
• Ice Cream Social (Sponsored by Code42 Software Core Security Cybereason Darktrace F5 Networks iboss Malwarebytes & Optiv Security)
• Ichthyology: Phishing as a Science
  • Burnett-Ichthyology-Phishing-As-A-Science.pdf
  • Burnett-Ichthyology-Phishing-As-A-Science-wp.pdf
• Industroyer/Crashoverride: Zero Things Cool About a Threat Group Targeting the Power Grid
  • Lee-Industroyer-Crashoverride-Zero-Things-Cool-About-A-Threat-Group-Targeting-The-Power-Grid.pdf
• Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
  • Dods-Infecting-The-Enterprise-Abusing-Office365-Powershell-For-Covert-C2.pdf
• Influencing the Market to Improve Security
  • Nakibly-Automated-Detection-of-Vulnerabilities-in-Black-Box-Routers.pdf
  • Nakibly-Automated-Detection-of-Vulnerabilities-in-Black-Box-Routers-wp.pdf
• Intel AMT Stealth Breakthrough
  • Evdokimov-Intel-AMT-Stealth-Breakthrough.pdf
  • Evdokimov-Intel-AMT-Stealth-Breakthrough-wp.pdf
• Intel SGX Remote Attestation is Not Sufficient
  • Swami-SGX-Remote-Attestation-Is-Not-Sufficient-wp.pdf
  • Swami-SGX-Remote-Attestation-Is-Not-Sufficient-wp.pdf
• Intercepting iCloud Keychain
  • Radocea-Intercepting-iCloud-Keychain.pdf
• IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
  • Luo-Iotcandyjar-Towards-An-Intelligent-Interaction-Honeypot-For-IoT-Devices.pdf
  • Luo-Iotcandyjar-Towards-An-Intelligent-Interaction-Honeypot-For-IoT-Devices-wp.pdf
• kR^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
  • [Pomonis-KR^X- Comprehensive- Kernel-Protection-Against-Just-In-Time-Code-Reuse.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Pomonis-KR^X- Comprehensive- Kernel-Protection-Against-Just-In-Time-Code-Reuse.pdf)
• Lies and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
  • Giuliano-Lies-And-Damn-Lies-Getting-Past-The-Hype-Of-Endpoint-Security-Solutions.pdf
• Lunch Break (Sponsored by Cisco Forcepoint LogRhythm & RSA)
• Many Birds One Stone: Exploiting a Single SQLite Vulnerability Across Multiple Software
  • Feng-Many-Birds-One-Stone-Exploiting-A-Single-SQLite-Vulnerability-Across-Multiple-Software.pdf
• Mimosa Bar (Sponsored by AlienVault Arbor Networks Carbon Black CrowdStrike Cylance DarkMatter Digital Guardian & IBM)
• Network Automation is Not Your Safe Haven: Protocol Analysis and Vulnerabilities of Autonomic Network
  • Eissa-Network-Automation-Isn’t-Your-Safe-Haven-Protocol-Analysis-And-Vulnerabilities-Of-Autonomic-Network.pdf
• New Adventures in Spying 3G and 4G Users: Locate Track & Monitor
  • Borgaonkar-New-Adventures-In-Spying-3G-And-4G-Users-Locate-Track-And-Monitor.pdf
• Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev
• Offensive Malware Analysis: Dissecting OSX/FruitFly via a Custom C&C Server
  • Wardle-Offensive-Malware-Analysis-Dissecting-OSXFruitFly-Via-A-Custom-C&C-Server.pdf
• OpenCrypto: Unchaining the JavaCard Ecosystem
  • Mavroudis-Opencrypto-Unchaining-The-JavaCard-Ecosystem.pdf
• Orange is the New Purple - How and Why to Integrate Development Teams with Red/Blue Teams to Build More Secure Software
  • Wright-Orange-Is-The-New-Purple.pdf
  • Wright-Orange-Is-The-New-Purple-wp.pdf
• PEIMA: Harnessing Power Laws to Detect Malicious Activities from Denial of Service to Intrusion Detection Traffic Analysis and Beyond
• Practical Tips for Defending Web Applications in the Age of DevOps
  • [Lackey-Practical Tips-for-Defending-Web-Applications-in-the-Age-of-DevOps.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Lackey-Practical Tips-for-Defending-Web-Applications-in-the-Age-of-DevOps.pdf)
• Protecting Pentests: Recommendations for Performing More Secure Tests
  • McGrew-Protecting-Pentests-Recommendations-For-Performing-More-Secure-Tests.pdf
  • McGrew-Protecting-Pentests-Recommendations-For-Performing-More-Secure-Tests-wp.pdf
• Protecting Visual Assets: Digital Image Counter-Forensics
  • Mazurov-Brown-Protecting-Visual-Assets-Digital-Image-Counter-Forensics.pdf
• Pwnie Awards
• Quantifying Risk in Consumer Software at Scale - Consumer Reports’ Digital Standard
• RBN Reloaded - Amplifying Signals from the Underground
• Real Humans Simulated Attacks: Usability Testing with Attack Scenarios
  • Cranor-Real-Users-Simulated-Attacks.pdf
• Redesigning PKI to Solve Revocation Expiration and Rotation Problems
  • Knopf-Redesigning-PKI-To-Solve-Revocation-Expiration-And-Rotation-Problems.pdf
  • Knopf-Redesigning-PKI-To-Solve-Revocation-Expiration-And-Rotation-Problems-wp.pdf
• Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
  • [Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science.pdf)
  • [Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science-wp.pdf]( https://www.blackhat.com/docs/us-17/thursday/us-17-Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And Evasion-Using-Science-wp.pdf)
• rVMI: A New Paradigm for Full System Analysis
  • Pfoh-rVMI-A-New-Paradigm-For-Full-System-Analysis.pdf
• ShieldFS: The Last Word in Ransomware Resilient File Systems
  • Continella-ShieldFS-The-Last-Word-In-Ransomware-Resilient-Filesystems.pdf
  • Continella-ShieldFS-The-Last-Word-In-Ransomware-Resilient-Filesystems-wp.pdf
• Skype & Type: Keystroke Leakage over VoIP
  • Lain-Skype-&-Type-Keystroke-Leakage-Over-VoIP.pdf
• Smoothie Social (Sponsored by Bromium Proofpoint Inc. Rapid7 SentinelOne Trend Micro Webroot StackPath & Tanium)
• So You Want to Market Your Security Product…
  • Alva-So-You-Want-To-Market-Your-Security-Product.pdf
• Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
  • Wang-Sonic-Gun-To-Smart-Devices-Your-Devices-Lose-Control-Under-Ultrasound-Or-Sound.pdf
• Splunking Dark Tools - A Pentesters Guide to Pwnage Visualization
  • Bates-Splunking-Dark-Tools-A-Pentesters-Guide-To-Pwnage-Visualization.pdf
• SS7 Attacker Heaven Turns into Riot: How to Make Nation-State and Intelligence Attackers’ Lives Much Harder on Mobile Networks
  • Kacer-SS7-Attacker-Heaven-Turns-Into-Riot-How-To-Make-Nation-State-And-Intelligence-Attackers-Lives-Much-Harder-On-Mobile-Networks.pdf
  • Kacer-SS7-Attacker-Heaven-Turns-Into-Riot-How-To-Make-Nation-State-And-Intelligence-Attackers-Lives-Much-Harder-On-Mobile-Networks-wp.pdf
• Taking DMA Attacks to the Next Level: How to do Arbitrary Memory Reads/Writes in a Live and Unmodified System Using a Rogue Memory Controller
• Taking Over the World Through MQTT - Aftermath
  • Lundgren-Taking-Over-The-World-Through-Mqtt-Aftermath.pdf
• Taking Windows 10 Kernel Exploitation to the Next Level – Leveraging Write-What-Where Vulnerabilities in Creators Update
  • Schenk-Taking-Windows-10-Kernel-Exploitation-To-The-Next-Level–Leveraging-Write-What-Where-Vulnerabilities-In-Creators-Update.pdf
  • Schenk-Taking-Windows-10-Kernel-Exploitation-To-The-Next-Level–Leveraging-Write-What-Where-Vulnerabilities-In-Creators-Update-wp.pdf
• The Active Directory Botnet
  • Miller-The-Active-Directory-Botnet
• The Adventures of AV and the Leaky Sandbox
  • Kotler-The-Adventures-Of-Av-And-The-Leaky-Sandbox.pdf
  • Kotler-The-Adventures-Of-Av-And-The-Leaky-Sandbox-wp.pdf
• The Art of Securing 100 Products
  • Valtman-The-Art-Of-Securing-100-Products.pdf
• The Avalanche Takedown: Landslide for Law Enforcement
• The Epocholypse 2038: What’s in Store for the Next 20 Years
  • Hypponen-The-Epocholypse-2038-Whats-In-Store-For-The-Next-20-Years.pdf
• The Future of ApplePwn - How to Save Your Money
  • Yunusov-The-Future-Of-Applepwn-How-To-Save-Your-Money.pdf
• The Industrial Revolution of Lateral Movement
  • Beery-The-Industrial-Revolution-Of-Lateral-Movement.pdf
• The Origin of Array [@@species]: How Standards Drive Bugs in Script Engines
  • Silvanovich-The-Origin-Of-Array-Symbol-Species.pdf
• The Shadow Brokers – Cyber Fear Game-Changers
• They’re Coming for Your Tools: Exploiting Design Flaws for Active Intrusion Prevention
• Tracking Ransomware End to End
  • Invernizzi-Tracking-Ransomware-End-To-End.pdf
• Web Cache Deception Attack
  • Gil-Web-Cache-Deception-Attack.pdf
  • Gil-Web-Cache-Deception-Attack-wp.pdf
• Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
  • Cherny-Well-That-Escalated-Quickly-How-Abusing-The-Docker-API-Led-To-Remote-Code-Execution-Same-Origin-Bypass-And-Persistence.pdf
  • Cherny-Well-That-Escalated-Quickly-How-Abusing-The-Docker-API-Led-To-Remote-Code-Execution-Same-Origin-Bypass-And-Persistence_wp.pdf
• What They’re Teaching Kids These Days: Comparing Security Curricula and Accreditations to Industry Needs
  • Sanders-What-They’re-Teaching-Kids-These-Days-Comparing-Security-Curricula-And-Accreditations-To-Industry-Needs.pdf
• What’s on the Wireless? Automating RF Signal Identification
  • Ossmann-Whats-On-The-Wireless-Automating-RF-Signal-Identification.pdf
  • Ossmann-Whats-On-The-Wireless-Automating-RF-Signal-Identification-wp.pdf
• When IoT Attacks: Understanding the Safety Risks Associated with Connected Devices
  • Rios-When-IoT-Attacks-Understanding-The-Safety-Risks-Associated-With-Connected-Devices.pdf
  • Rios-When-IoT-Attacks-Understanding-The-Safety-Risks-Associated-With-Connected-Devices-wp.pdf
• White Hat Privilege: The Legal Landscape for a Cybersecurity Professional Seeking to Safeguard Sensitive Client Data
  • Osborn-White-Hat-Privilege-The-Legal-Landscape-For-A-Cybersecurity-Professional-Seeking-To-Safeguard-Sensitive-Client-Data.pdf
• Why Most Cyber Security Training Fails and What We Can Do About it
• WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
  • Ventura-Theyre-Coming-For-Your-Tools-Exploiting-Design-Flaws-For-Active-Intrusion-Prevention.pdf
  • Ventura-Theyre-Coming-For-Your-Tools-Exploiting-Design-Flaws-For-Active-Intrusion-Prevention-wp.pdf
  • Vanhoef-WiFuzz-Detecting-And-Exploiting-Logical-Flaws-In-The-Wi-Fi-Cryptographic-Handshake-tools.zip
• Wire Me Through Machine Learning
  • Singh-Wire-Me-Through-Machine-Learning.pdf
• WSUSpendu: How to Hang WSUS Clients
  • Coltel-WSUSpendu-Use-WSUS-To-Hang-Its-Clients.pdf
  • Coltel-WSUSpendu-Use-WSUS-To-Hang-Its-Clients-wp.pdf
• Zero Days Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
  • Ablon-Zero-Days-Thousands-Of-Nights-The-Life-And-Times-Of-Zero-Day-Vulnerabilities-And-Their-Exploits.pdf

Inspirada en la archi conocida distribución Kali Linux , FLARE VM es una distribución basada en Windows para el análisis de malware, respuesta de incidentes y auditorías de seguridad.

Esta distribución se instala sobre Windows 7 o posterior. Todo lo que tienes que hacer es acceder a través de Internet Explorer (otro navegador no sirve) a:

http://boxstarter.org/package/url?[FLAREVM_SCRIPT]

Donde FLAREVM_SCRIPT es el fichero que quieres instalar. Por ejemplo para instalar la edición de análisis de malware (única disponible hasta el momento):