Presentations & Workshops

Speaker Workshops at DEF CON 25

AWS Persistence and Lateral Movement Techniques

Peter Ewane

CVE IDs and How to Get Them

Daniel Adinolfi and Anthony Singleton

Fooling the Hound: Deceiving Domain Admin Hunters

Tom Sela

Fortune 100 InfoSec on a State Government Budget

Eric Capuano

How Hackers Changed The Security Industry

Chris Wysopal

Hunting Down the Domain Admin and Rob Your Network

Keith Lee and Michael Gianarakis

IP Spoofing

Marek Majkowski

Iron Sights for Your Data

Leah Figueroa

Layer 8 and Why People are the Most Important Security Tool

Damon Small

Modern Day CovertTCP with a Twist

Mike Raggo and Chet Hosmer

Passwords on a Phone

Sam Bowne

Past, Present and Future of High Speed Packet Filtering on Linux

Gilberto Bertin

Stories from a 15 days SMB Honeypot: Mum, Tons of WannaCry and Evils Attacked Our Home!

Tan Kean Siong

Strengthen Your SecOps Team by Leveraging Neurodiversity

Megan Roddie

Threat Intel for All: There's More to Your Data Than Meets the Eye

Cheryl Biswas

Visual Network and File Forensics

Ankur Tyagi

When the Current Ransomware and Payload of the Day (CRAP of the day) Hits the Fan: Breaking the Bad News

Catherine Ullman and Chris Roberts

XSS FTW - What Can Really Be Done With Cross-Site Scripting

Brute Logic

YALDA - Large Scale Data Mining for Threat Intelligence

Gita Ziabari

You're Going to Connect to the Wrong Domain Name

Sam Erb

Speaker Workshops at DEF CON 24

Attacks on Enterprise Social Media

Mike Raggo

Automated Dorking for Fun and Profit^WSalary

Filip Reesalu

Building a Local Passive DNS Tool for Threat Intelligence Research

Kathy Wang

Chasing the Long Tail: Cracking Complex Passwords

Phil Trainor

Connections: From the Eisenhower Interstate System to the Internet

Chef

Deceive and Succeed: Measuring the Efficiency of a Deception Eco-System in Post-Breach Detection

Omer Zohar

Dynamic Population Discovery for Lateral Movement Detection (Using Machine Learning)

Rod Soto and Joseph Zadeh

Fuzzing For Humans: Real Fuzzing in the Real World

Joshua Pereyda

How to Find 1,352 WordPress XSS Plugin Vulnerabilities in 1 Hour (not really)

Larry Cashdollar

LTE and Its Collective Insecurity

Chuck McAuley and Chris Moore

Presenting Security Metrics to the Board / Leadership

Walt Williams

To Catch An APT: YARA

Jay DiMartino

You Are Being Manipulated

GrayRaven

Speaker Workshops at DEF CON 23

All videos are now available on YouTube: https://www.youtube.com/channel/UCnL9S5Wv_dNvO381slSA06w.

Creating REAL Threat Intelligence with Evernote

grecs

The Digital Cockroach Bait Station: How to Build Spam Honeypots

Robert Simmons

dnstap - A Standard Interface to Real Time DNS Transaction Flows

Paul Vixie

From XSS to Root on Your NAS

Tony Martin

Global Honeypot Trend

Elliott Brink

Hacker's Practice Playground

Lokesh Pidawekar

I See You

Brian Wohlwinder and Andrew Beard, Fidelis

Is Your Android App Secure?

Sam Bowne

MITM 101: Easy Traffic Interception Techniques Using Scapy

Bob Simpson

The Packets Made Me Do It: Getting Started with Distributed Full Packet Capture Using OpenFPC

Leon Ward

PowerShell for Penetration Testers

Nikhil Mittal

Speaker Workshops at DEF CON 22

Abusing Microsoft Kerberos: Sorry You Guys Don't Get It (Black Hat 2014 Encore)

Alva Duckwall
Benjamin Delpy

  • Presentation slides

The Art of Botnet Tracking and Attribution

Jozef Mlodzianowski, Malware Researcher at Sub0Day

  • Presentation slides

Data Hiding: A Peek at the Latest Innovations

Michael Raggo, Security Evangelist at MobileIron
Chet Hosmer, Founder & Chief Scientist at WetStone Technologies, Inc.

  • Presentation slides

Don't Get Owned at DEF CON: Single Packet Authorization and SSH Tunneling

Jay Beale, InGuardians

Exploit Development for Beginners

Sam Bowne, Instructor at CCSF

How Machine Learning Finds Malware Needles in an AppStore Haystack

Theodora Titonis, Vice President of Mobile Security at Veracode

  • Presentation slides

iOS Attachment Vulnerability

Michael Raggo, Security Evangelist at MobileIron

  • Presentation slides

Making Mongo Cry: Automated NoSQL exploitation with NoSQLMap

Russell Butturini

MetaData: PII at Risk

Sudesh Gadewar, Information Security Engineer at Cisco

Mobile Network Forensics

Michael Raggo, Security Evangelist at MobileIron

  • Presentation slides

Mobile SSL Failures

Tony Trummer, Senior Information Security Engineer, Vulnerability Research and Assessment at LinkedIn
Tushar Dalvi, Senior Information Security Engineer, Vulnerability Research and Assessment at LinkedIn

Multipath TCP: Breaking Today's Networks with Tomorrow's Protocols (Black Hat 2014 Encore)

Catherine (Kate) Pearce, Security Consultant at Neohapsis
Patrick Thomas, Security Consultant at Neohapsis

  • Presentation slides

Network Based File Carving

GTKlondike, Independent Security Researcher

One Social Profile To Rule Them All

Joseph Muniz, Consulting Security Engineer at Cisco
Aamir Lakhani, DrChaos.com

  • Presentation slides

Tools and Techniques Used at the Wall of Sheep

Ming Chow, Wall of Sheep

Vaccinating APK's and even Android

Milan Gabor, CEO of Viris Ltd.
Danijel Grah, Consultant at Viris d.o.o.

Violent Python

Sam Bowne, Instructor at CCSF

ZitMo NoM (ZeuS-in-the-Mobile No More)

David Schwartzberg, Senior Security Engineer at MobileIron

  • Presentation slides

Speaker Workshops at DEF CON 21

For abstract and bios, see original schedule

Got Spies in Your Wires?

Evan Peña, Mandiant Corporation
Chuck Willis Mandiant Corporation

Juice Jacking Unearthed

Robert Rowley Security Researcher, Trustwave

Owning a Fully Patched Windows 7 Machine with RDP

Wicked Clown

Reverse Engineering with DOSBox for LOLz and Profit

Michael Spicer

SO HOpelessly Broken: The Implications of Pervasive Vulnerabilities in SOHO Router Products

Jacob Holcomb Security Analyst, Independent Security Evaluators

Tools and Techniques to Succeed at the Wall of Sheep

Ming Chow, Wall of Sheep