zeronights 2016 program · a blow under the belt. how to avoid waf/ips/dlp anton lopanitzyn...
TRANSCRIPT
ZERONIGHTS 2016 PROGRAM
17 november (thursday)
Track 1 Track 2 Workshop 1 Workshop 2
10.0011.00
Registration of participants
11.0011.30
The opening ceremony
11.3012.20
Welcome to the Physical LayerMichael Ossmann
12.3013.20
The UEFI Firmware Rootkits: Myths and RealityAlex Matrosovand Eugene Rodionov
Breaking Crypto for DummiesNikita Abdullin
BeyondOWASP Top 10
Reverse engineering of binary data files using Kaitai Struct Mikhail Yakshin
13.3014.20
Excite project: all the truth about symbolic execution for BIOS securityAlex Matrosov and Ilia Safonov
Of Mice and Keyboards:On the Security of Modern Wireless Desktop SetsMatthias Deegand Gerhard Klostermeier
14.5016.00
Lunch
16.0016.50
Safeguarding Rootkits: Intel BootGuardAleksandr Ermolov
Hacking ElasticSearchIvan Novikov
Modern fuzzingof C/C++ ProjectsMax Moroz
Reverse engineering of binary data files using Kaitai Struct Mikhail Yakshin
17.0017.50
JETPLOW is dead.Long live the JETPLOW!Roman Bazhinand Maxim Malyutin
Hadoop safari – Hunting for vulnerabilitiesThomas DEBIZEand Mahdi BRAIK
Community
18.0019.00
Gateway Internalsof Tesla MotorsSen Nie and Ling Liu
Advanced WebApplication FuzzingMichael Stepankin
Sixth annual international cybersecurityconference, devoted to practical
aspects of cybersecurity
www.zeronights.org
ZERONIGHTS 2016 PROGRAM
18 november (friday)
11.0011.50
You’re off the hook: blinding security softwareJeffrey Tang and Alex Matrosov
CICS Breakdown: Hack your way to transaction cityAyoub Elaassal
Defensive Track *(20 minutes)
Searching for vulnerabilities in the Computer-Aided Process Control System (CAPCS) with blackbox analysis under tight deadlinesBoris Savkov
12.0012.50
I know where your page lives: Derandomizing the latest Windows 10 KernelEnrique Nissim
Dissecting complex code-re-use attacks with ROPMEMUMariano Graziano
13.0013.50
The approach to developing LPE exploits on Windows 10 with allowances to the latest security updatesYuri Drozdovand Ludmila Drozdova
FIRST: Changing How You Reverse EngineerAngel Villegas
14.0016.00
Lunch
16.0016.50
Defeating Pin Control in Pro-grammable Logic ControllersAli Abbasi & Majid Hashemi
Cisco Smart Install. Pentester’s opportunitiesAlexander Evstigneevand Dmitry Kuznetzov
FastTrack **(15 minutes) Community
17.0017.50
DPTrace: Dual Purpose Trace for Exploitability Analysis of Program CrashesRodrigo Rubira Branco& Rohit Mothe
How to circumvent ADconverter, part 3, or tools for attacking converting analog data to digitalAlexander Bolshev
18.0018.50
Poking on Macs Recovery OS and Local OS Update ProcessPatrick Wardle
Stories about hackinglow-cost phonesAlexey Rossovsky
19.0019.30
Closing ceremony. Winner’s reward ceremony.
A threat hunter himselfTeymur Kheirkhabarov and Sergey Soldatov
HexRaysPyToolsIgor Kirillov
Fear and rage of two-factor authenticationIgor Bulatenko
Neurotechnology for SecurityKsenia Gnitko
How to manage digital apps signatures in a big companyEvgeniy Sidorov and Eldar Zaitov
You are not the same as…Andrey Kovalev
Automating iOS blackbox security scanningMikhail Sosonkin
A blow under the belt. How to avoid WAF/IPS/DLPAnton Lopanitzyn
Monitoring and analysis of emails or a primitive toolto detect a cyber attackAlexey Karyabkin and Pavel Grachev
F5 BIG-IP vulnerabilities: detection and remedyingDenis Kolegov
Enterprise Vulnerability ManagementEkaterina Pukhareva and Alexander Leonov
Entity provider selection confusion attacksin JAX-RS applicationsMikhail Egorov
20% of investment and 80% of profit. How to implement security requirements and maintain internal freedomNatalia Kukanova and Igor Gotz
Reversing golangGeorgy Zaytzev
Diving into Malware’s Furtive PlumbingOr Safran & Omer Yair
www.zeronights.org