Download the FREE iPhone app to take your Blackhat schedule on-the-go »8:00 AM
8:45 AM
9:00 AM
9:45 AM
10:00 AM
ExploitSpotting: Locating Vulnerabilities Out Of Vendor Patches AutomaticallyDay 1 - Reverse Engineering
Base Jumping: Attacking GSM Base Station Systems and mobile phone Base BandsDay 1 - Mobile
Malware Freak Show 2010: The Client-Side BoogalooDay 1 - Malware +Fingerprinting
The Chinese Cyber Army: An Archaeological Study from 2001 to 2010Day 1 - Cyber War & Peace
WPA Migration Mode: WEP is back to haunt you...Day 1 - Network
Optimizing the Security Researcher and CSO RelationshipDay 1 - Executive Briefings
Payload Already Inside: Data Re-Use for ROP ExploitsDay 1 - Programmatic
Attacking Kereberos DeploymentsDay 1 - OS Wars
Industrial Bug Mining - Extracting, Grading and Enriching the Ore of ExploitsDay 1 - Bug Collecting
CSA: Cloudersize: A cardio, strength & conditioning program for a firmer, more toned *aaSDay 1 - Special Events
The Emperor Has No Clothes: Insecurities in Security InfrastructureDay 1 - Infrastructure
10:30 AM
11:00 AM
11:15 AM
Crash Analysis using BitBlazeDay 1 - Reverse Engineering
More Bugs In More Places: Secure Development On Moble PlatformsDay 1 - Mobile
Malware Attribution: Tracking Cyber Spies and Digital CriminalsDay 1 - Malware +Fingerprinting
Balancing the Pwn Trade DeficitDay 1 - Cyber War & Peace
Extreme-range RFID trackingDay 1 - Network
Systemic DNS Vulnerabilities and Risk Management: A Discussion with the ExpertsDay 1 - Executive Briefings
Aleatory Persistent ThreatDay 1 - Programmatic
Understanding the Windows SMB NTLM Weak Nonce vulnerabilityDay 1 - OS Wars
Virtual ForensicsDay 1 - Bug Collecting
Electricity for Free? The Dirty Underbelly of SCADA and Smart MetersDay 1 - Infrastructure
11:30 AM
12:00 PM
12:30 PM
1:30 PM
1:45 PM
Jackpotting Automated Teller Machines ReduxDay 1 - Reverse Engineering
These Aren't the Permissions You're Looking ForDay 1 - Mobile
mod_antimalware: a novel apache module for containing web-based malware infectionsDay 1 - Malware +Fingerprinting
Social Networking Special Ops: Extending data visualization tools for faster PwnageDay 1 - Cyber War & Peace
Burning Asgard - What happens when Loki breaks freeDay 1 - Network
Cyber war... Are we at war? And if we are, how should we fight it?Day 1 - Executive Briefings
Hacking Java ClientsDay 1 - Programmatic
Adventures in Limited User Post ExploitationDay 1 - OS Wars
Network Stream Debugging with MalloryDay 1 - Bug Collecting
SCADA and ICS for Security Experts: How to avoid CyberdoucheryDay 1 - Infrastructure
2:00 PM
3:00 PM
3:15 PM
Blue Screen Of the Death is deadDay 1 - Reverse Engineering
Everybody be cool this is a roppery!Day 1 - Mobile
BlindElephant: WebApp Fingerprinting and Vulnerability InferencingDay 1 - Malware +Fingerprinting
Finger Pointing for Fun, Profit and War?Day 1 - Cyber War & Peace
Exploiting timing attacks in widespread systemsDay 1 - Network
One on One Interview with General (Ret.) Michael V. HaydenDay 1 - Executive Briefings
Harder, Better, Faster, Stronger: Semi-Auto Vulnerability ResearchDay 1 - Programmatic
Hacking the Trading FloorDay 1 - OS Wars
JavaSnoop: How to hack anything written in JavaDay 1 - Bug Collecting
Hacker CourtDay 1 - Special Events
Black Ops Of Fundamental Defense: Web EditionDay 1 - Infrastructure
4:30 PM
4:45 PM
TBADay 1 - Reverse Engineering
App Attack: Surviving the Mobile Application ExplosionDay 1 - Mobile
Mastering the Nmap Scripting EngineDay 1 - Malware +Fingerprinting
Getting In Bed With Robin SageDay 1 - Cyber War & Peace
PSUDP: A Passive Approach to Network-Wide Covert CommunicationDay 1 - Network
Security Innovation Network Panel: Connecting Buyers, Builders, and the Research CommunityDay 1 - Executive Briefings
SAP Backdoors: A ghost at the heart of your businessDay 1 - Programmatic
Standing on the shoulders of the blue monster - Hardening Windows applicationsDay 1 - OS Wars
Exploiting the Forest with TreesDay 1 - Bug Collecting
Hacker Court ContinuedDay 1 - Special Events
Wardriving the Smart Grid: Practical Approaches to Attacking Utility Packet RadiosDay 1 - Infrastructure
6:00 PM
8:00 AM
8:45 AM
9:45 AM
10:00 AM
Memory Corruption Attacks: The (almost) Complete History...Day 2 - Exploitation
CLOUDINOMICON: Idempotent Infrastructure, Survivable Systems & Bringing Sexy Back to Information CentricityDay 2 - Cloud Virtualization
How to Hack Millions of RoutersDay 2 - Client Side
Microsoft Powershell - It's time to ownDay 2 - Turbo Talks
State of SSL on the Internet: 2010 Survey, Results and ConclusionsDay 2 - Big Picture
CSI: TCP/IPDay 2 - Meet the Feds
Utilizing Code Reuse/Return Oriented Programming in PHP Web Application ExploitsDay 2 - Web Apps
Changing Threats To Privacy: From TIA To GoogleDay 2 - Privacy
pyREtic – Reversing obfuscated Python bytecode & live Python objectsDay 2 - Reverse Engineering Redux
Breakout Session: Regional Collegiate Cyberdefense CompetitionDay 2 - Special Events
Keeping the Good Stuff In: Confidential Information Firewalling with the CRM114 Spam Filter & Text ClassifierDay 2 - Where the Data Lives
10:30 AM
11:00 AM
11:15 AM
There's a party at Ring0 (and you're invited)Day 2 - Exploitation
Secure Use of Cloud StorageDay 2 - Cloud Virtualization
HTTPS Can Byte MeDay 2 - Client Side
You will be billed $90,000 for this callDay 2 - Turbo Talks
Becoming the six-million-dollar manDay 2 - Big Picture
Panel: Policy, Privacy, Deterrence and Cyber WarDay 2 - Meet the Feds
Constricting the Web: Offensive Python for Web HackersDay 2 - Web Apps
Unauthorized Internet Wiretapping: Exploiting Lawful InterceptDay 2 - Privacy
Voyage of the Reverser: A Visual Study of Binary SpeciesDay 2 - Reverse Engineering Redux
Your Career = Your BusinessDay 2 - Special Events
Hacking Oracle From Web AppsDay 2 - Where the Data Lives
11:45 AM
12:30 PM
1:45 PM
Return-Oriented ExploitationDay 2 - Exploitation
Virtually Pwned: Pentesting VirtualizationDay 2 - Cloud Virtualization
Blitzableiter - the ReleaseDay 2 - Client Side
Elevation of Privilege: The easy way to threat modelDay 2 - Turbo Talks
Defenseless in DepthDay 2 - Big Picture
Human IntelDay 2 - Meet the Feds
GWT Security: Don’t get distracted by bright shiny objectsDay 2 - Web Apps
The DMCA & ACTA vs. Academic & Professional Research: How Misuse of this Intellectual Property Legislation Chills Research, Disclosure and InnovationDay 2 - Privacy
TitanMist: Your First Step to Reversing NirvanaDay 2 - Reverse Engineering Redux
Things You Wanted To Know But Were Afraid To Ask About Managing Your Information Security CareerDay 2 - Special Events
Token Kidnapping's RevengeDay 2 - Where the Data Lives
2:15 PM
2:45 PM
3:00 PM
3:15 PM
Understanding the Low-Fragmentation Heap: From Allocation to ExploitationDay 2 - Exploitation
Virt-ICE: next generation debugger for malware analysisDay 2 - Cloud Virtualization
Hacking Browser's DOM - Exploiting Ajax and RIADay 2 - Client Side
SprayPAL: How capturing and replaying attack traffic can save your IDSDay 2 - Turbo Talks
Need a hug? I'm secure.Day 2 - Big Picture
Panel: Ex-Fed ConfessionsDay 2 - Meet the Feds
How I Met Your GirlfriendDay 2 - Web Apps
Attacking phone privacyDay 2 - Privacy
NEPTUNE: Dissecting Web-based Malware via Browser and OS InstrumentationDay 2 - Reverse Engineering Redux
Panel: ISSADay 2 - Special Events
Hacking and protecting Oracle Database VaultDay 2 - Where the Data Lives
3:45 PM
4:15 PM
4:30 PM
4:45 PM
Advanced AIX Heap Exploitation MethodsDay 2 - Exploitation
dirtbox, a highly scalable x86/Windows EmulatorDay 2 - Cloud Virtualization
Bad memoriesDay 2 - Client Side
USB - HID, The Hacking Interface DesignDay 2 - Turbo Talks
Lord of the Bing: Taking back search engine hacking from Google and BingDay 2 - Big Picture
Meet the Fed's ReceptionDay 2 - Meet the Feds
Deconstructing ColdFusionDay 2 - Web Apps
Carmen Sandiego is On the Run!Day 2 - Privacy
Goodware drugs for malware: on-the-fly malware analysis and containmentDay 2 - Reverse Engineering Redux
Cryptographic Agility: Defending Against the Sneakers ScenarioDay 2 - Where the Data Lives
5:15 PM
5:45 PM
6:00 PM
