کنفرانس بلک هت با سابقه‌ای 18 ساله در تلاش است که با گرد هم آوردن متخصصین امینت اطلاعات، هکرها و علاقه‌مندان این رشته در کنار هم و ارائه بهترین اندیشه‌ها و ایده‌ها، آخرین دستاوردهای علمی و تجارب آن‌ها را به اشتراک بگذارد. گفتنی است بلک هت با چنین سابقه درخشانی در برگزاری کنفرانس و دوره‌های آموزشی به‌نوعی الهام‌بخش متخصصین امنیتی در تمامی سطوح است. این کنفرانس مشوق پیشرفت و همکاری بین پژوهشگران، دانشگاهیان و رهبران و مدیران امنیتی بخش‌های خصوصی و دولتی است. بلک هت در سال 1997 توسط جف موس (بنیان‌گذار دفکان) از یک کنفرانس سالیانه در لاس‌وگاس فعالیت خود را آغاز کرد و پس از مدت کوتاهی به معتبرترین رویداد امنیت اطلاعاتی بین‌المللی تبدیل شد.

Now in its 21st year, Black Hat USA is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2018 opens with four days of technical Trainings (August 4 – 7) followed by the two-day main conference (August 8 – 9) featuring Briefings, Arsenal, Business Hall, and more.

Blackhat USA 2018 Contents

├───Applied Security
│ A Tangled Curl.mp4
│ AFLs Blindspot and How to Resist AFL Fuzzing for Arbitrary ELF Binaries.mp4
│ Applied Self-Driving Car Security.mp4
│ Are You Trading Stocks Securely Exposing Security Flaws in Trading Technologies.mp4
│ ARTist – A Novel Instrumentation Framework for Reversing and Analyzing Android Apps and the Middleware.mp4
│ Black Box is Dead – Long Live Black Box.mp4
│ Blockchain Autopsies – Analyzing Ethereum Smart Contract Deaths.mp4
│ Detecting Credential Compromise in AWS.mp4
│ Don’t (at) Me – Hunting Twitter Bots at Scale.mp4
│ Follow the White Rabbit – Simplifying Fuzz Testing Using FuzzExMachina.mp4
│ Lessons and Lulz – The 4th Annual Black Hat USA NOC Report.mp4
│ Meltdown – Basics Details Consequences.mp4
│ Real Eyes Realize Real Lies – Beating Deception Technologies.mp4
│ So I became a Domain Controller.mp4
│ The Air-Gap Jumpers.mp4
│
├───Community
│ Demystifying PTSD in the Cybersecurity Environment.mp4
│ Holding on for Tonight – Addiction in InfoSec.mp4
│ How can Communities Move Forward After Incidents of Sexual Harassment or Assault.mp4
│ How can Someone with Autism Specifically Enhance the Cyber Security Workforce.mp4
│ Legal Landmines – How Law and Policy are Rapidly Shaping Information Security.mp4
│ Mental Health Hacks – Fighting Burnout Depression and Suicide in the Hacker Community.mp4
│ Stress and Hacking – Understanding Cognitive Stress in Tactical Cyber Ops.mp4
│ The Science of Hiring and Retaining Female Cybersecurity Engineers.mp4
│
├───Cryptography
│ Blockchain Autopsies – Analyzing Ethereum Smart Contract Deaths.mp4
│ Compression Oracle Attacks on VPN Networks.mp4
│ Efail – Breaking SMIME and OpenPGP Email Encryption using Exfiltration Channels.mp4
│ Lowering the Bar – Deep Learning for Side Channel Analysis.mp4
│ Playback – A TLS 1.3 Story.mp4
│ Return of Bleichenbachers Oracle Threat – ROBOT.mp4
│ Screaming Channels – When Electromagnetic Side Channels Meet Radio Transceivers.mp4
│ Squeezing a Key through a Carry Bit.mp4
│ WireGuard – Next Generation Secure Network Tunnel.mp4
│
├───Data Forensics and Incident Response
│ Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Infrastructure.mp4
│ Detecting Credential Compromise in AWS.mp4
│ Dissecting Non-Malicious Artifacts – One IP at a Time.mp4
│ Lessons from Virginia – A Comparative Forensic Analysis of WinVote Voting Machines.mp4
│ Money-rity Report – Using Intelligence to Predict the Next Payment Card Fraud Victims.mp4
│ None of My Pixel is Your Business – Active Watermarking Cancellation Against Video Streaming Service.mp4
│ Reconstruct the World from Vanished Shadow – Recovering Deleted VSS Snapshots.mp4
│
├───Day Zero
│ Day Zero.mp4
│
├───Enterprise
│ A Deep Dive into macOS MDM and How it can be Compromised.mp4
│ An Attacker Looks at Docker – Approaching Multi-Container Applications.mp4
│ Compression Oracle Attacks on VPN Networks.mp4
│ Deep Neural Networks for Hackers – Methods Applications and Open Source Tools.mp4
│ From Workstation to Domain Admin – Why Secure Administration isn’t Secure and How to Fix it.mp4
│ Identity Theft – Attacks on SSO Systems.mp4
│ InfoSec Philosophies for the Corrupt Economy.mp4
│ Mainframe zOS Reverse Engineering and Exploit Development.mp4
│ Money-rity Report – Using Intelligence to Predict the Next Payment Card Fraud Victims.mp4
│ Open Sesame – Picking Locks with Cortana.mp4
│ Real Eyes Realize Real Lies – Beating Deception Technologies.mp4
│ Remotely Attacking System Firmware.mp4
│ So I became a Domain Controller.mp4
│ Stop that Release There’s a Vulnerability.mp4
│
├───Exploit Development
│ A Brief History of Mitigation – The Path to EL1 in iOS 11.mp4
│ Another Flip in the Row.mp4
│ Attacking Client-Side JIT Compilers.mp4
│ Automated Discovery of Deserialization Gadget Chains.mp4
│ Breaking Parser Logic – Take Your Path Normalization off and Pop 0days Out.mp4
│ DeepLocker – Concealing Targeted Attacks with AI Locksmithing.mp4
│ Exploitation of a Modern Smartphone Baseband.mp4
│ Fire and Ice – Making and Breaking macOS Firewalls.mp4
│ From Thousands of Hours to a Couple of Minutes – Automating Exploit Generation for Arbitrary Types of Kernel Vulnerabilities.mp4
│ Hardening Hyper-V through Offensive Security Research.mp4
│ Its a PHP Unserialization Vulnerability Jim but Not as We Know It.mp4
│ KeenLab iOS Jailbreak Internals – Userland Read-Only Memory can be Dangerous.mp4
│ Over-the-Air – How we Remotely Compromised the Gateway BCM and Autopilot ECUs of Tesla Cars.mp4
│ SirenJack – Cracking a Secure Emergency Warning Siren System.mp4
│ The Problems and Promise of WebAssembly.mp4
│ The Unbearable Lightness of BMCs.mp4
│ TLBleed – When Protecting Your CPU Caches is Not Enough.mp4
│
├───Hardware Embedded
│ For the Love of Money – Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems.mp4
│ GOD MODE UNLOCKED – Hardware Backdoors in x86 CPUs.mp4
│ I for One Welcome Our New Power Analysis Overlords.mp4
│ Last Call for SATCOM Security.mp4
│ Screaming Channels – When Electromagnetic Side Channels Meet Radio Transceivers.mp4
│ Software Attacks on Hardware Wallets.mp4
│ The Unbearable Lightness of BMCs.mp4
│ There will be Glitches – Extracting and Analyzing Automotive Firmware Efficiently.mp4
│ TLBleed – When Protecting Your CPU Caches is Not Enough.mp4
│ TRITON – How it Disrupted Safety Systems and Changed the Threat Landscape of Industrial Control Systems Forever.mp4
│ Understanding and Exploiting Implanted Medical Devices.mp4
│ Wrangling with the Ghost – An Inside Story of Mitigating Speculative Execution Side Channel Vulnerabilities.mp4
│
├───Human Factors
│ AI and ML in Cyber Security – Why Algorithms are Dangerous.mp4
│ Catch me Yes we can – Pwning Social Engineers using Natural Language Processing Techniques in Real-Time.mp4
│ Dont (at) Me – Hunting Twitter Bots at Scale.mp4
│ Every ROSE has its Thorn – The Dark Art of Remote Online Social Engineering.mp4
│ Exposing the Bait – A Qualitative Look at the Impact of Autonomous Peer Communication to Enhance Organizational Phishing Detection.mp4
│ InfoSec Philosophies for the Corrupt Economy.mp4
│ Is the Mafia Taking Over Cybercrime.mp4
│ Stress and Hacking – Understanding Cognitive Stress in Tactical Cyber Ops.mp4
│ Two-Factor Authentication Usable or Not – A Two-Phase Usability Study of the FIDO U2F Security Key.mp4
│ Your Voice is My Passport.mp4
│
├───Internet of Things
│ Back to the Future – A Radical Insecure Design of KVM on ARM.mp4
│ Breaking the IIoT – Hacking industrial Control Gateways.mp4
│ How I Learned to Stop Worrying and Love the SBOM.mp4
│ I for One Welcome Our New Power Analysis Overlords.mp4
│ IoT Malware – Comprehensive Survey Analysis Framework and Case Studies.mp4
│ Legal Liability for IOT Cybersecurity Vulnerabilities.mp4
│ Outsmarting the Smart City.mp4
│ Over-the-Air – How we Remotely Compromised the Gateway BCM and Autopilot ECUs of Tesla Cars.mp4
│ Pestilential Protocol – How Unsecure HL7 Messages Threaten Patient Lives.mp4
│ Reversing a Japanese Wireless SD Card – From Zero to Code Execution.mp4
│ Snooping on Cellular Gateways and Their Critical Role in ICS.mp4
│ Understanding and Exploiting Implanted Medical Devices.mp4
│ Your Voice is My Passport.mp4
│
├───Key Note
│ Optimistic Dissatisfaction with the Status Quo – Steps We Must Take to Improve Security in Complex Landscapes.mp4
│
├───Malware
│ Decompiler Internals – Microcode.mp4
│ Deep Neural Networks for Hackers – Methods Applications and Open Source Tools.mp4
│ DeepLocker – Concealing Targeted Attacks with AI Locksmithing.mp4
│ Dissecting Non-Malicious Artifacts – One IP at a Time.mp4
│ IoT Malware – Comprehensive Survey Analysis Framework and Case Studies.mp4
│ Kernel Mode Threats and Practical Defenses.mp4
│ Measuring the Speed of the Red Queens Race – Adaption and Evasion in Malware.mp4
│ Miasm2 – Reverse Engineering Framework.mp4
│ No Royal Road – Notes on Dangerous Game.mp4
│ Protecting the Protector – Hardening Machine Learning Defenses Against Adversarial Attacks.mp4
│ Reconstruct the World from Vanished Shadow – Recovering Deleted VSS Snapshots.mp4
│ Stealth Mango and the Prevalence of Mobile Surveillanceware.mp4
│ Subverting Sysmon – Application of a Formalized Security Product Evasion Methodology.mp4
│ The Air-Gap Jumpers.mp4
│ Windows Offender – Reverse Engineering Windows Defenders Antivirus Emulator.mp4
│
├───Mobile
│ ARTist – A Novel Instrumentation Framework for Reversing and Analyzing Android Apps and the Middleware.mp4
│ Back to the Future – A Radical Insecure Design of KVM on ARM.mp4
│ Exploitation of a Modern Smartphone Baseband.mp4
│ For the Love of Money – Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems.mp4
│ KeenLab iOS Jailbreak Internals – Userland Read-Only Memory can be Dangerous.mp4
│ LTE Network Automation Under Threat.mp4
│ Malware Analysts vs Malware Authors.mp4
│ Stealth Mango and the Prevalence of Mobile Surveillanceware.mp4
│
├───Network Defense
│ Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Infrastructure.mp4
│ Detecting Malicious Cloud Account Behavior – A Look at the New Native Platform Capabilities.mp4
│ Edge Side Include Injection – Abusing Caching Servers into SSRF and Transparent Session Hijacking.mp4
│ Fire & Ice – Making and Breaking macOS Firewalls.mp4
│ From Workstation to Domain Admin – Why Secure Administration isnt Secure and How to Fix it.mp4
│ LTE Network Automation Under Threat.mp4
│ Open Sesame – Picking Locks with Cortana.mp4
│ Subverting Sysmon – Application of a Formalized Security Product Evasion Methodology.mp4
│ The Finest Penetration Testing Framework for Software-Defined Networks.mp4
│ WireGuard – Next Generation Secure Network Tunnel.mp4
│ ZEROing Trust – Do Zero Trust Approaches Deliver Real Security.mp4
│
├───Platform Security
│ A Deep Dive into macOS MDM and How it can be Compromised.mp4
│ A Dive in to Hyper-V Architecture snd Vulnerabilities.mp4
│ Another Flip in the Row.mp4
│ Behind the Speculative Curtain – The True Story of Fighting Meltdown and Spectre.mp4
│ Detecting Malicious Cloud Account Behavior – A Look at the New Native Platform Capabilities.mp4
│ Hardening Hyper-V through Offensive Security Research.mp4
│ Mainframe zOS Reverse Engineering and Exploit Development.mp4
│ Meltdown – Basics Details Consequences.mp4
│ Remotely Attacking System Firmware.mp4
│ The Windows Notification Facility – Peeling the Onion of the Most Undocumented Kernel Attack Surface Yet.mp4
│ WebAssembly – A New World of Native Exploits on the Browser.mp4
│ Why so Spurious – How a Highly Error-Prone x86 x64 CPU Feature can be Abused.mp4
│ Wrangling with the Ghost – An Inside Story of Mitigating Speculative Execution Side Channel Vulnerabilities.mp4
│ ZEROing Trust – Do Zero Trust Approaches Deliver Real Security.mp4
│
├───Policy
│ Demystifying PTSD in the Cybersecurity Environment.mp4
│ From Bot to Robot – How Abilities and Law Change with Physicality.mp4
│ How I Learned to Stop Worrying and Love the SBOM.mp4
│ New Norms and Policies in Cyber-Diplomacy.mp4
│
├───Pwnie Awards
│ Pwnie Awards.mp4
│
├───Reverse Engineering
│ A Brief History of Mitigation – The Path to EL1 in iOS 11.mp4
│ A Dive in to Hyper-V Architecture anf Vulnerabilities.mp4
│ Attacking Client-Side JIT Compilers.mp4
│ Decompiler Internals – Microcode.mp4
│ Finding Xori – Malware Analysis Triage with Automated Disassembly.mp4
│ Last Call for SATCOM Security.mp4
│ Malware Analysts vs Malware Authors.mp4
│ Miasm2 – Reverse Engineering Framework.mp4
│ Reversing a Japanese Wireless SD Card – From Zero to Code Execution.mp4
│ The Windows Notification Facility – Peeling the Onion of the Most Undocumented Kernel Attack Surface Yet.mp4
│ There will be Glitches – Extracting and Analyzing Automotive Firmware Efficiently.mp4
│ Windows Offender – Reverse Engineering Windows Defenders Antivirus Emulator.mp4
│
├───Security Development Lifecycle
│ SDL for the Rest of Us – Getting Started with Software Security.mp4
│ Threat Modeling in 2018 – Attacks Impacts and Other Updates.mp4
│
├───Smart Grid
│ Deep Dive into an ICS Firewall Looking for the Fire Hole.mp4
│
└───Web AppSec
Practical Web Cache Poisoning – Redefining Unexploitable.mp4