2019 Video Collection

Three Heads are Better Than One: Mastering NSA’s Ghidra Reverse Engineering Tool

Alexei Bulazel / Jeremy Blackthorne

Video / Slides

A Bug’s Life: Story of a Solaris 0day

Marco Ivaldi

Video / Slides

DKOM 3.0: Hiding and Hooking with Windows Extension Hosts

Alex Ionescu / Gabrielle Viala / Yarden Shafir

Video / Slides

Full Steam Ahead: Remotely Executing Code in Modern Desktop Application Architectures

Thomas Shadwell

Video

After Memory Corruption: The Next Security Extinction Event

Window Snyder

Device Driver Debauchery and MSR Madness

Ryan Warns / Timothy Harrison

Slides

2PAC 2Furious: Envisioning an iOS Compromise in 2019

Marco Grassi / Liang Chen Slides

Having Fun with COM

James Forshaw Slides

Combina: RCE for Android’s Chrome

Almog Benin

Abusing Insecure WCF Endpoints for Fun and Profit

Christopher Anastasio

Slides

Adventures in Video Conferencing

Natalie Silvanovich Video / Slides

TEE Exploitation by Example: Exploiting Trusted Apps in Samsung’s TEE

Eloi Sanfelix

Slides

Pwning Browsers with Large-Scale JavaScript Compiler Fuzzing

Bruno Keith / Niklas Baumstark

EL3 Tour: Get the Ultimate Privilege of Android Phone

Guanxing Wen

Slides

2018 Video Collection

Technical Keynote: iOS War Stories

Marco Grassi / Liang Chen

Slides

Strategic Keynote: Updating How We Think About Security

Matt Tait

Video

Bochspwn Revolutions: Further Advancements in Detecting Kernel Infoleaks with x86 Emulation

Mateusz Jurczyk

Slides

A walk with Shannon - A walkthrough of a pwn2own baseband exploit

Amat Cama Slides

Chainspotting: Building Exploit Chains with Logic Bugs

Georgi Geshev / Robert Miller

Video / Slides

Attacking a co-hosted VM: A hacker, a hammer and two memory modules

Paul Fariello / Mehdi Talbi

Video / Slides

Dissecting QNX - Analyzing & Breaking QNX Exploit Mitigations and Secure Random Number Generators

Jos Wetzels

Slides

Bypassing Mitigations by Attacking JIT Server in Microsoft Edge

Ivan Fratric

Slides

L’art de l’Évasion: Modern VMWare Exploitation techniques

Brian Gorenc / Jasiel Spelman / Abdul-Aziz Hariri

Back To The Future - Going Back In Time To Abuse Android’s JIT

Benjamin Watson

Video / Slides

A Tale of Two Mallocs: On Android libc Allocators

Shmarya Rubenstein

Video

Exploiting Branch Target Prediction

Jann Horn

Slides

Ghost in the locks

Tomi Tuominen, Timo Hirvonen

Video / Slides

2017 Video Collection

Keynote: Beset on All Sides: A Realistic Take on Life in the Defensive Trenches

Justin Schuh

Video

Logic Bug Hunting in Chrome on Android

Georgi Geshev / Robert Miller

Slides

802.11 Protocol Chaos

Andres Blanco

Video

Sierra Had a Little Lamb

Stephanie Archibald

Slides / Video

Be a Binary Rockstar

Sophia d’Antoine / Peter LaFosse / Rusty Wagner

Slides / Video

Forget Enumerating a Network, Hack the SIEM and Win the War

John Grigg

Slides

Did I hear a shell popping in your baseband?

Ralf-Philipp Weinmann

COM in Sixty Seconds! (well minutes more likely)

James Forshaw

Slides / Video

BugID - Automated Bug Analysis

Berend-Jan Wever

Slides

Remotely Compromising a Modern iOS Device

Marco Grassi / Liang Chen

Cloud Post Exploitation Techniques

Andrew Johnson / Sacha Faust

PDF / PPTX / Video

The Shadow Over Android

Vasilis Tsaousoglou / Patroklos Argyroudis

Slides

Hunting for Vulnerabilities in Signal

Jean-Philippe Aumasson / Markus Vervier

2016 Video Collection

Keynote: Learning to win

Nate Fick

Video

Pwning Adobe Reader

Sebastian Apelt

Slides / Video

Why nation-state malwares target Telco Networks: Dissecting technical capabilities of Regin and its counterparts

Omer Coskun

Slides / Video

Making a scalable automated hacking system: from DevOps to Pwning

Artem Dinaburg

Slides / Video

The Tao of Hardware, the Te of Implants

Joseph FitzPatrick

Automatic Root-Cause Identification for Crashing Executions

Sean Heelan

Slides / Video

Java deserialization vulnerabilities - The forgotten bug class

Matthias Kaiser

Slides

Genetic Malware: Designing Payloads For Specific Targets

Travis Morrow / Josh Pitts

Slides / Demo 1 / Demo 2 / Demo 3 / Video

The Secret Life of ActionScript

Natalie Silvanovich

Slides / Video

Swift Reversing

Ryan Stortz

Slides / Video

All Your Browsers Belong To Us : Tales of Android Browser Exploitation

Benjamin Watson

Slides / Video

Xenpwn: Breaking Paravirtualized Devices

Felix Wilhelm

Slides / Video

Hack the Pentagon

Lisa Wiswell

2015 Video Collection

Keynote: Abyss or Turning Point: Strategy, Skills and Tradecraft in the Age of 21st Century Warfare

Ray Boisvert

Video

Insection: AWEsomely Exploiting Shared Memory Objects

Alex Ionescu

Video

Data Driven Offense

Ram Shankar / Sacha Faust

Video

Modern Objective-C Exploitation

Neil Archibald

Video

A Link to the Past: Abusing Symbolic Links on Windows

James Forshaw

Video

Hacking Games in a Hacked Game

Rusty Wagner / Jordan Wiens

Video

Technical Keynote: Practical Attacks on DOCSIS

Braden Thomas

Video

Problems in Symbolic Fuzzing

Nathan Rittenhouse

Video

MIMOSAWRITERROUTER - Abusing EPC on Cisco Router to collect data

Joaquim Espinhara / Rafael Silva

Video

Writing Bad@ss OS X Malware

Patrick Wardle

Video

HARES: Hardened Anti-Reverse Engineering System

Jacob Torrey

Video

Fuzzing OSX At Scale

Ben Nagy

Video

The Shadow Over Firefox

Patroklos Argyroudis

Slides

Full schedule (PDF): Day 1 / Day 2 / 2014 Video Collection

Keynote: Life at Both Ends of the Barrel: An NSA Targeting Retrospective

Richard “Dickie” George

Video

Ghosts of Christmas Past: Fuzzing Language Interpreters Using Regression Tests

Sean Heelan

Slides

Analytics, And Scalability, And UEFI Exploitation! Oh My!

Teddy Reed

Video

A Curious Cyber War: Business Owners vs. Investors

Suzanne E. Kecmer

Video

Python, Deflowered: Shangrila

Christos Kalkanis

PDF

Full schedule (PDF): Day 1 / Day 2 / 2013 Video Collection

Keynote: Chris Eagle

Chris Eagle

Video

Keynote: Stephen Watt

Stephen Watt

Video

Enterprise Malware: There Is Always A Way

Alberto Garcia Illera

Video

Exfiltrate

Miguel Turner

Video

Jurassic Jar: Their World, Our Rules

Esteban Guillardoy

Video

Advanced Heap Manipulation in Windows 8

Zhenhua (Eric) Liu

Video

Keynote: Thomas Lim

Thomas Lim

Video

Keynote: Andrew Cushman

Andrew Cushman

Video

Effective Denial of Service attacks against web application platforms

Alexander Klink / Julian Waelde

PDF

A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator

Dan Rosenberg

PDF

Modern Static Security Checking For C / C++ Programs

Julien Vanegue

PDF

Secrets in Your Pocket

Mark Wuergler

Prezi / Video

Unearthing the World’s Best Bugs

Michel Aubizzierre

PDF

Android Attacks

Bas Alberts / Massimiliano Oldani

PDF

Attacking the WebKit Heap

Agustin Gianni / Sean Heelan

PDF

Bypassing Windows Services Protections

Cesar Cerrudo

PDF

Don’t Give Credit: Hacking Arcade Machines

Ronald Huizer

PDF

Exploitation and State Machines

Thomas Dullien / Halvar Flake

PDF

The Listening

Esteban Guillardoy

PDF

Modern Kernel Pool Exploitation

Tarjei Mandt

PDF

Stackjacking Your Way to grsecurity/PaX Bypass

Jon Oberheide / Dan Rosenberg

PDF

Strategic Surprise

Nico Waisman

PDF