Hack In The Box Security Conference Courses

API Security in the Age of Microservices

1 review

Explore API security challenges in microservices architectures and learn strategies for distributed security, including gateways, service mesh, authentication, and network segmentation.

• YouTube
• 30 minutes
• On-Demand
• Conference Talk

I Own Your Building - Management System

1 review

Explore vulnerabilities in Building Management Systems, their impact on critical facilities, and the research process behind discovering these security flaws in various BMS components and products.

• YouTube
• 37 minutes
• On-Demand
• Conference Talk

Breaking Siemens SIMATIC S7 PLC Protection Mechanism

1 review

Detailed analysis of vulnerabilities in Siemens SIMATIC PLC protection mechanisms, including hacking methods and security recommendations for various models. Essential for industrial control system security professionals.

• YouTube
• 29 minutes
• On-Demand
• Conference Talk

Blockchain - The New Line Of Defense

1 review

Explore blockchain technology as a cutting-edge defense mechanism in cybersecurity, examining its potential applications and impact on digital security strategies.

• YouTube
• 32 minutes
• On-Demand
• Conference Talk

How to Hack Medical Imaging Applications via DICOM

1 review

Explore critical security vulnerabilities in DICOM servers, protocols, and libraries used in medical imaging systems. Learn to identify and fix bugs in the DICOM ecosystem.

• YouTube
• 26 minutes
• On-Demand
• Conference Talk

Android MRI Interpreter: Taking Pictures of App Code for Vulnerability Analysis

Explore Android app vulnerability detection through a novel OS with MRI-like functionality, enabling non-invasive code analysis and data flow tracing for enhanced mobile security.

• YouTube
• 52 minutes
• On-Demand
• Free Video

GPTHound: Your Active Directory Security Assistant - Enhancing AD Assessment

Explore GPTHound, an AI-powered tool enhancing Active Directory security assessments. Learn how it simplifies query generation, asset classification, sensitive information detection, and attack path analysis across multiple languages.

• YouTube
• 46 minutes
• On-Demand
• Free Video

Scarlet OT: Adversary Emulation for Industrial Control Systems - HITB 2023

Explore Scarlet OT, an open-source tool for ICS security testing. Learn about OT adversary emulation, protocol support, and real-world applications in industrial environments.

• YouTube
• 43 minutes
• On-Demand
• Free Video

Hacking Into iOS's VoLTE Implementation

Unveiling a critical VoLTE vulnerability in iOS devices, exploring its technical details, impact on user privacy, and Apple's response to this long-standing security flaw in 4G implementation.

• YouTube
• 38 minutes
• On-Demand
• Free Video

Systems Alchemy: The Transmutation of Hacking

Exploring systems thinking in hacking, this keynote reveals how understanding complex systems creates new opportunities to manipulate critical infrastructure and the fabric of cyberspace.

• YouTube
• 31 minutes
• On-Demand
• Free Video

A Deep Dive Into Two Windows Exploits Demonstrated at Pwn2Own

Explore Windows kernel exploitation through analysis of two Pwn2Own exploits. Learn about vulnerability discovery, exploit development, and evolving kernel mitigations in this deep dive into advanced Windows security research.

• YouTube
• 52 minutes
• On-Demand
• Free Video

Unexpected Intrusion Testing Results in SAP Systems - Critical Vulnerabilities and Exploits

Unveiling critical vulnerabilities in SAP Start Service, from local to remote exploits. Explores memory corruption and OS command injection leading to root-level RCE, with live demo and recommendations.

• YouTube
• 43 minutes
• On-Demand
• Free Video

NVMe: New Vulnerabilities Made Easy - Exploiting Cloud Storage Protocols

Exploring pre-auth remote vulnerabilities in NVMe implementation, emphasizing the importance of SCA tools in production pipelines and showcasing discoveries in Linux kernel and NVIDIA.

• YouTube
• 38 minutes
• On-Demand
• Free Video

Hunting for Amazon Cognito Security Misconfigurations

Explore Amazon Cognito security misconfigurations, learn testing techniques for audits and bug bounty hunting, and discover mitigation strategies through a real-world account takeover case study.

• YouTube
• 39 minutes
• On-Demand
• Free Video

Shining a Light on Solar System Cyber Security

Exploring critical vulnerabilities in residential and commercial power control systems, highlighting potential catastrophic risks and novel attack scenarios in the energy sector.

• YouTube
• 1 hour
• On-Demand
• Free Video