Trainings august 1 - 4 CISO
Summit August 4 Briefings August 5 Arsenal August 5 Sponsored Sessions
August 5 Sponsored Workshops August 5 Briefings August 6 Arsenal August 6 Sponsored Sessions
August 6 Sponsored Workshops August 6

Briefings | August 6

08:00

Breakfast
Brought to you by Black Hat USA Diamond Sponsors

08:30

Registration

09:00

Attacking Your Trusted Core: Exploiting Trustzone on AndroidDi Shen Mandalay Bay EF 09:00 - 09:25
 
CrackLord: Maximizing Password Cracking BoxesLucas Morris & Michael McAtee Lagoon K 09:00 - 09:25
 
Exploiting XXE Vulnerabilities in File Parsing FunctionalityWillis Vandevanter South Seas GH 09:00 - 09:25
 
My Bro the ELK: Obtaining Context from Security EventsTravis Smith South Seas CDF 09:00 - 09:25
 
Remote Physical Damage 101 - Bread and Butter AttacksJason Larsen Mandalay Bay BCD 09:00 - 09:25
 
ROPInjector: Using Return Oriented Programming for Polymorphism and Antivirus EvasionGiorgos Poulios & Christoforos Ntantogian & Christos Xenakis South Seas ABE 09:00 - 09:25
 
Taxonomic Modeling of Security Threats in Software Defined NetworkingJennia Hizver South Seas IJ 09:00 - 09:25
 
The Applications of Deep Learning on Traffic IdentificationZhanyi Wang & Chuanming Huang & Zhuo Zhang & Bo Liu Jasmine Ballroom 09:00 - 09:25
 
TrustKit: Code Injection on iOS 8 for the Greater GoodAlban Diquet & Eric Castro & Angela On-kit Chow Mandalay Bay GH 09:00 - 09:25
 

09:25

Break

09:45

Battle of the SKM and IUM: How Windows 10 Rewrites OS ArchitectureAlex Ionescu Jasmine Ballroom 09:45 - 10:35
 
Bringing a Cannon to a Knife FightAdam Kozy & Johannes Gilger South Seas ABE 09:45 - 10:35
 
Bypass Surgery Abusing Content Delivery Networks with Server-Side-Request Forgery (SSRF), Flash, and DNSMike Brooks & Matthew Bryant South Seas GH 09:45 - 10:35
 
Certifi-gate: Front-Door Access to Pwning Millions of AndroidsOhad Bobrov & Avi Bashan South Seas CDF 09:45 - 10:35
 
Repurposing OnionDuke: A Single Case Study Around Reusing Nation State MalwareJoshua Pitts Mandalay Bay BCD 09:45 - 10:35
 
The Kali Linux Dojo Workshop #1: Rolling Your Own - Generating Custom Kali Linux 2.0 ISOs [Pre-Registration Required -- Now Full]Mati Aharoni South Seas IJ 09:45 - 10:35
 
The Memory Sinkhole - Unleashing an x86 Design Flaw Allowing Universal Privilege EscalationChristopher Domas Mandalay Bay GH 09:45 - 10:35
 
The NSA Playset: A Year of Toys and ToolsMichael Ossmann Mandalay Bay EF 09:45 - 10:35
 
Web Timing Attacks Made PracticalTimothy Morgan & Jason Morgan Lagoon K 09:45 - 10:35
 

10:35

Coffee Service
Brought to you by Black Hat USA Diamond Sponsors

11:00

Ah! Universal Android Rooting is BackWen Xu Mandalay Bay GH 11:00 - 11:50
 
Breaking Access Controls with BLEKeyEric Evenchick & Mark Baseggio Lagoon K 11:00 - 11:50
 
Defeating Machine Learning: What Your Security Vendor is Not Telling YouBob Klein & Ryan Peters Mandalay Bay EF 11:00 - 11:50
 
How to Implement IT Security After a Cyber MeltdownChristina Kubecka South Seas ABE 11:00 - 11:50
 
Panel: How the Wassenaar Arrangement's Export Control of "Intrusion Software" Affects the Security IndustryKim Zetter & Collin Anderson & Nate Cardozo & Katie Moussouris & Dino Dai Zovi Mandalay Bay BCD 11:00 - 11:50
 
Return to Where? You Can't Exploit What You Can't FindChristopher Liebchen & Ahmad-Reza Sadeghi & Andrei Homescu & Stephen Crane South Seas CDF 11:00 - 11:50
 
Staying Persistent in Software Defined NetworksGregory Pickett South Seas GH 11:00 - 11:50
 
Taking Event Correlation with YouRob King Jasmine Ballroom 11:00 - 11:50
 
The Kali Linux Dojo Workshop #2: Kali USB Setups with Persistent Stores and LUKS Nuke Support [Pre-Registration Required -- Now Full]Mati Aharoni South Seas IJ 11:00 - 11:50
 

11:50

Break

12:10

BGP StreamDan Hubbard & Andree Toonk South Seas IJ 12:10 - 13:00
 
Breaking Honeypots for Fun and ProfitDean Sysman & Gadi Evron & Itamar Sher South Seas GH 12:10 - 13:00
 
Bypass Control Flow Guard ComprehensivelyYunhai Zhang South Seas CDF 12:10 - 13:00
 
Fingerprints on Mobile Devices: Abusing and LeakingYulong Zhang & Tao Wei Mandalay Bay GH 12:10 - 13:00
 
Forging the USB Armory, an Open Source Secure Flash-Drive-Sized ComputerAndrea Barisani & Daniele Bianco Lagoon K 12:10 - 13:00
 
From False Positives to Actionable Analysis: Behavioral Intrusion Detection, Machine Learning, and the SOCJoseph Zadeh Mandalay Bay EF 12:10 - 13:00
 
Information Access and Information Sharing: Where We are and Where We are GoingAlejandro Mayorkas Mandalay Bay BCD 12:10 - 13:00
 
Internet-Facing PLCs - A New Back OrificeJohannes Klick & Stephan Lau & Daniel Marzin & Jan-Ole Malchow & Volker Roth Jasmine Ballroom 12:10 - 13:00
 
ZigBee Exploited the Good, the Bad, and the UglyTobias Zillner & Sebastian Strobl South Seas ABE 12:10 - 13:00
 

13:00

Lunch Break

14:30

Assessing and Exploiting BigNum VulnerabilitiesRalf-Philipp Weinmann South Seas CDF 14:30 - 15:20
 
Automated Human Vulnerability Scanning with AVALaura Bell Mandalay Bay EF 14:30 - 15:20
 
Broadcasting Your Attack: Security Testing DAB Radio in CarsAndy Davis South Seas ABE 14:30 - 15:20
 
Internet-Scale File AnalysisZachary Hanif & Tamas Lengyel & George Webster Jasmine Ballroom 14:30 - 15:20
 
Is the NSA Still Listening to Your Phone Calls? A Surveillance Debate: Congressional Success or Epic FailMark Jaycox & Jamil Jaffer Mandalay Bay BCD 14:30 - 15:20
 
Pen Testing a CityGreg Conti & Tom Cross & David Raymond Mandalay Bay GH 14:30 - 15:20
 
Review and Exploit Neglected Attack Surfaces in iOS 8Tielei Wang & HAO XU & Xiaobo Chen South Seas IJ 14:30 - 15:20
 
Understanding the Attack Surface and Attack Resilience of Project Spartan's New EdgeHTML Rendering EngineMark Vincent Yason South Seas GH 14:30 - 15:20
 
When IoT Attacks: Hacking a Linux-Powered RifleRuna A. Sandvik & Michael Auger Lagoon K 14:30 - 15:20
 

15:20

Ice Cream Social
Brought to you by Black Hat USA Platinum Plus Sponsors

15:50

Abusing XSLT for Practical AttacksFernando Arnaboldi Lagoon K 15:50 - 16:40
 
Advanced IC Reverse Engineering Techniques: In Depth Analysis of a Modern Smart CardOlivier Thomas Mandalay Bay EF 15:50 - 16:40
 
Breaking Payloads with Runtime Code Stripping and Image FreezingCollin Mulliner & Matthias Neugschwandtner South Seas IJ 15:50 - 16:40
 
Deep Learning on DisassemblyMatt Wolff & Andrew Davis South Seas ABE 15:50 - 16:40
 
HI THIS IS URGENT PLZ FIX ASAP: Critical Vulnerabilities and Bug Bounty ProgramsKymberlee Price South Seas CDF 15:50 - 16:40
 
Rocking the Pocket Book: Hacking Chemical Plant for Competition and ExtortionMarina Krotofil Mandalay Bay BCD 15:50 - 16:40
 
Social Engineering the Windows Kernel: Finding and Exploiting Token Handling VulnerabilitiesJames Forshaw Mandalay Bay GH 15:50 - 16:40
 
ThunderStrike 2: Sith StrikeXeno Kovah & Corey Kallenberg & Trammell Hudson Jasmine Ballroom 15:50 - 16:40
 
Using Static Binary Analysis to Find Vulnerabilities and Backdoors in FirmwareChristopher Kruegel & Yan Shoshitaishvili South Seas GH 15:50 - 16:40
 

16:40

Break

17:00

API Deobfuscator: Resolving Obfuscated API Functions in Modern PackersSeokwoo Choi South Seas GH 17:00 - 18:00
 
Dance Like Nobody's Watching, Encrypt Like Everyone Is: A Peek Inside the Black Hat NetworkNeil Wyler & Bart Stump South Seas IJ 17:00 - 18:00
 
Dom Flow - Untangling the DOM for More Easy-Juicy BugsAhamed Nafeez Jasmine Ballroom 17:00 - 18:00
 
Exploiting Out-of-Order Execution for Covert Cross-VM CommunicationSophia D'Antoine South Seas ABE 17:00 - 17:25
 
FileCry - The New Age of XXEXiaoran Wang & Sergey Gorbaty Mandalay Bay GH 17:00 - 18:00
 
Fuzzing Android System Services by Binder Call to Escalate PrivilegeGuang Gong Lagoon K 17:00 - 17:25
 
Harnessing Intelligence from Malware RepositoriesArun Lakhotia & Vivek Notani Mandalay Bay BCD 17:00 - 18:00
 
Hidden Risks of Biometric Identifiers and How to Avoid ThemThomas Keenan South Seas CDF 17:00 - 18:00
 
Most Ransomware Isn't as Complex as You Might ThinkEngin Kirda Mandalay Bay EF 17:00 - 17:25