Black Hat Courses

Real-World Techniques in Network Security Management

Explore practical network security management techniques, focusing on real-world applications and strategies to enhance organizational cybersecurity posture.

• YouTube
• 1 hour 13 minutes
• On-Demand
• Conference Talk

Getting Rooted and Never Knowing It

Explore advanced hacking techniques and stealthy rootkit deployment methods to understand and defend against sophisticated cyber threats.

• YouTube
• 2 hours 2 minutes
• On-Demand
• Conference Talk

Advanced Buffer Overflow Techniques

Explore advanced buffer overflow techniques, including stack injection, heap exploitation, and protection bypassing. Learn about payload crafting, injection vectors, and dynamic function loading.

• YouTube
• 1 hour 8 minutes
• On-Demand
• Conference Talk

Policy to Technology - Translating U.S. Privacy Regulations for Implementation

Explore U.S. privacy regulations and their practical implementation in technology, bridging the gap between policy and technical solutions for data protection.

• YouTube
• 1 hour 3 minutes
• On-Demand
• Conference Talk

The Internet and the Death of Security

Explore the impact of the Internet on security paradigms with cryptography expert Bruce Schneier, examining evolving threats and challenges in the digital age.

• YouTube
• 40 minutes
• On-Demand
• Conference Talk

The Case for a National Cybersecurity Safety Board

Explores the need for a National Cybersecurity Safety Board to investigate and prevent cyber attacks, drawing parallels with the NTSB and addressing critical infrastructure vulnerabilities.

• YouTube
• 32 minutes
• On-Demand
• Conference Talk

President's Cup Cyber Competition - Finding the Best Cyber Talent in the US Government

Explore the behind-the-scenes story of the President's Cup Cybersecurity Competition, designed to identify and challenge top US government cyber talent.

• YouTube
• 34 minutes
• On-Demand
• Conference Talk

Bringing the Power of Symbolic Execution to the Fight Against Malicious Excel 4 Macros

Explore Symbexcel, a tool using symbolic execution to analyze and detect malicious Excel 4.0 macros, enhancing cybersecurity against this common attack vector.

• YouTube
• 35 minutes
• On-Demand
• Conference Talk

The Dark Age of Memory Corruption Mitigations in the Spectre Era

Explores how speculative execution attacks can bypass memory corruption defenses, challenging established security measures and revealing vulnerabilities in modern computer systems.

• YouTube
• 35 minutes
• On-Demand
• Conference Talk

Your Software IS - NOT Vulnerable - CSAF, VEX, and the Future of Advisories

Explore the future of software security advisories, focusing on CSAF and VEX, and learn how to manage the increasing volume of vulnerability information effectively.

• YouTube
• 24 minutes
• On-Demand
• Conference Talk

How I Used a JSON Deserialization 0day to Steal Your Money on the Blockchain

Explore a JSON deserialization vulnerability in Fastjson, its exploitation for remote code execution, and implications for blockchain security.

• YouTube
• 40 minutes
• On-Demand
• Conference Talk

Disappeared Coins - Steal Hashrate in Stratum Secretly

Unveils two novel man-in-the-middle attack schemes on Stratum, the main communication protocol for cryptocurrency mining pools, potentially compromising miners' computing power.

• YouTube
• 27 minutes
• On-Demand
• Conference Talk

The Cost of Complexity - Different Vulnerabilities While Implementing the Same RFC

Exploring security vulnerabilities in DNS implementations due to complexity and ambiguity in RFC 1035, focusing on message compression and its impact on TCP/IP stacks.

• YouTube
• 36 minutes
• On-Demand
• Conference Talk

Hunting Vulnerabilities of gRPC Protocol Armed Mobile - IoT Applications

Explore security vulnerabilities in gRPC-powered mobile and IoT apps. Learn about common pitfalls, attack vectors, and strategies to enhance protection in this high-performance protocol.

• YouTube
• 33 minutes
• On-Demand
• Conference Talk

Racing the Dark - A New TOCTTOU Story From Apple's Core

Unveils macOS kernel vulnerabilities, highlighting memory mapping issues and race conditions that bypass security updates. Emphasizes the need to reevaluate macOS/iOS memory mapping mechanisms.

• YouTube
• 35 minutes
• On-Demand
• Conference Talk