H2HC 19 Anos

REPOSITÓRIO

Os materiais dos eventos anteriores estao disponiveis no GitHub / The materials from past editions are all available on GitHub

Os videos dos eventos anteriores estao disponiveis no YouTube / The videos from past editions are all available on YouTube

Palestras H2HC 15th Edition - 2018

TALK TITLE	BR	ENG	Video
All the Tiny Features Natalie Silvanovich
Attacking VMware NSX Luft & Harrie
DSL: Dismantling Secret Layers Brian Butterly
Evoting from Argentina to the World Ivan A. Barrera Oro
Exploring the Safari: JustInTime Exploitation Jasiel Spelman
Finding 0days in embedded systems with code coverage guided fuzzing Anh Quynh & Lau
GCC is the new pincc: Compiler plugins and what they can do for code security Marion Marschalek
Getting Malicious in 2018: A Deep Dive into 2018s Most Impactful Malware in the Android Ecosystem Stone & McRoberts
H2HC University: Abusando da Virtualizacao Gabriel Negreira Barbosa
H2HC University: A little bit about Code and Command Injection flaws in Web Applications Frameworks and Libraries with bonus: 0day RCE Joao Matos
H2HC University: Constraint solvers for Reverse Engineering Edgar Barbosa
H2HC University: Cracking the Craptcha Gustavo Scotti
H2HC University: Cyber Mercenaries: When States Exploit the Hacker Community Michelle Ribeiro
H2HC University: Fault Injection Attacks com Enfase em Ultrassom Julio Della Flora
H2HC University: Hacking the Brazilian Voting System Paulo Matias
H2HC University: Internet of Sh!t: Hacking de Dispositivos Embarcados Maycon Vitali
H2HC University: SegDSP (Segmentation Digital Signal Processor) Lucas Teske
H2HC University: SPLITTER: An Approach to Difficult Correlation, Traffic Analysis and Statistical Attacks Inside TOR Network Rener Silva aka Gr1nch
H2HC University: The (not so profitable) path towards automated heap exploitation Thais Moreira Hamasaki
Hacking the international RFQ Process #killthebuzzwords Dino Covotsos
Is visualization still necessary? bigezy
Keynote Jayson E. Street
Linux Kernel Rootkits Matveychikov & f0rb1dd3n
Mobile Medical Records and Storage Nina Alli
SMAPwn: a faster way for detecting double fetch vulnerabilities in Windows kernel Artem Shishkin
Sonic attacks to spinning hard drives Alfredo Ortega

Palestras H2HC 14th Edition - 2017

TALK TITLE	BR	ENG	Video
50 shades of Visual Studio Marion Marschalek
Attacking Cellular Networks Butterly & Schmidt
Betraying the BIOS Alex Matrosov
Bioinformatics in SP Nina Ali
Content Security Policy Sergey Shekyan
H2HC University: Cripto HW com FPGA Luckas Farias
H2HC University: Data Mining Using Tracing and Profiling Tools Francisco Junior
H2HC University: Firmware is the new Black Rodrigo Branco
H2HC University: H2HC Badge Chris & Daniel
H2HC University: Hacking Ultrasond Machines Victor Pasknel
H2HC University: IA para Web Attacks Glaudson Ocampos
H2HC University: Introducao a Virtualizacao Gabriel Barbosa
H2HC University: Keynote Nelson Brito
H2HC University: Leave Crypto Alone Diego Aranha
H2HC University: Overview of Deserialization Vulns in the Java VM Joao Figueiredo
H2HC University: ParasiteOS Gustavo Scotti
H2HC University: PenTest Evolution and Tricks Ygor Parreira
H2HC University: SMT Solvers Thais Hamasaki
Hacking Smart Home Devices Fernando Gont
Keynote Mike Ossmann
Keynote Shay Gueron
Medical Records Black Market Matias Katz
Pentesting DevOps Environments Matthias Luft
Porosity Matt Suiche
Software Attacks on Different System Firmware Oleksandr Bazhaniuk
UEFI BIOS Holes Ermolov & Zakirov

Palestras H2HC 13th Edition - 2016

TALK TITLE	BR	ENG	Video
Breaking the bank Thiago Valverde
Dumbster Driving Butterly & Schmidt
H2HC University: Android Resiliency Defense Strategy Felipe Boeira
H2HC University: Few Tricks Used by Malware Alexandre Borges
H2HC University: Internet s Fallen Heroes Anchises Moraes
H2HC University: Phishing Rafael Silva
H2HC University: Protecting Linux from Ring3 Rootkits Fernando Merces
Introduction to the Witchcraft Compiler Collection Jonathan Brossard
Keynote Part II Working PoC Shay Gueron2
Keynote Part I Shay Gueron
Lost your secure HDD PIN Lenoir & Rigo
Risk based design for automotive networks Evenchik & Zanero
Rogue Behavior Detection Marion Marschalek
Satellite Communications Reverse Engineering Lucas Teske
The intersection between virtualization and security Gabriel Barbosa
UEFI Firmware Rootkits Matrosov & Rodionov
Voting Among Sharks Guasch & Choliz

Palestras H2HC 12th Edition - 2015

TALK TITLE	BR	ENG	Video
Como derrotar algoritmos criptograficos Diego Aranha
Content Security Policy Sergey Shekyan
Dark Way Into the Windows Kernel Nikita Tarakanov
Investigation of Malware Incidents Yurii Khvyl
Keynote Ilfak Guilfanov
Lame Hardware & Physical Access Schmidt & Butterly
RAP RIP ROP PaX Team
Security Appliances Security Vladimir Wolstencroft
Simulating Cyber Operations Bryan Fite
Super Pretty OSINT Tool Matias Katz

Palestras H2HC 11th Edition - 2014

TALK TITLE	BR	ENG	Video
Defeant Android Kernel Exploitation Breno Silva
Fillory of PHY Goodspeed & Bratus
Firmware Reversing with Radare Anton Kochkov
For want of a nail Sergey Bratus
H2HC University: 2.4GHz Jammer Noilson Caio
H2HC University: Arquitetura de Computadores para Pesquisadores de Seguranca Ygor Parreira
H2HC University: Computer Architecture Rodrigo Branco
H2HC University: Graylog Ricardo Katz
H2HC University: Kernel that I saw Andre Detsch
H2HC University: Keynote Julio Neves
H2HC University: Multiprocessamento Piter Punk
H2HC University: OpenDJ Claudio Borges
H2HC University: Optimizacao Lindolfo Rodrigues
H2HC University: Pentest Balestra & Espinhara
H2HC University: Router Backdoors Ewerson crash
H2HC University: Shodan e Jornalismo Paulo Brito
H2HC University: Toolchain Tulio Magno
Headless Browser Sergey Shekyan
HexRaysCodeXplorer Alex Matrosov
IPV6 Fernando Gont
Keynote Daniel J. Berstein
LTE Butterly & Schmidt
Optional ROMs Shikhin Seti
X11 Backdoor Matias Katz

Palestras H2HC 10th Edition - 2013

TALK TITLE	BR	ENG	Video
Android Game of Obfuscation Jurriaan Bremer
Automated Exploitation Grand Challenge Julien Vanegue
Automative Hacking Chris Valasek & Charlie Miller
Keynote 1 FX
Keynote 2 Charlie Miller
Keynote Otavio Cunha
Lula Project Fernando Merces
Memory Anti-Forensics in a nutshell Fuschini
Pivoting in Amazon Clouds Andres Riancho
Sandboxing is the shit Jonathan Brossard
SCADA Hacking Jan Seidl
Scanning in Low Earth Orbit Travis Goodspeed
Tracking and Characterizing Botnets Stefano Zanero
Using Online Activity as Digital DNA Espinhara & Albuquerque
Wannabe Badge Mike Ossmann

Palestras H2HC 9th Edition - 2012

TALK TITLE	BR	ENG	Video
A crazy mix: Hackers Profiling Project Raoul Chiesa
Automated and Scalable Behavior-Based Malware Analysis Stefano Zanero
Beyound Main() Sergey Bratus
BlueVoxing: Attacking Audio One Time Passwords at 1100Hz Graeme Neilson
Code Emulation and Translation Edgar Barbosa
Defending Critical Infrastructure or Beating the Kobayashi Maru Edmond Rogers
Desenvolvimento de Malware para Linux Tiago Natel de Moura
Hacking the market: FIX Protocol Anderson dos Santos Silva
Information Wars: Maintaining Your Tactical Advantage Alex Kirk
(In)Segurancas em Solucoes de Pagamento Movel Thiago Musa
Journey to the Clouds: Maturity, Agility, Risk & Trust Bryan Fite
Keynote Marc Van Hauser
PaX the untold story PaX Team
Predicting Human Behavior at the Telco Scale Carlos Sarraute
Recent Advances in IPV6 Attack and Defense Techniques Fernando Gont
SS7 Security Philippe Langlois
The case for Grsecurity Brad Spengler
Windows Kernel Pool Exploiting Tarjei Mandt
Windows Malware Reverse Engineering Pedro Drimel
Zeus Banking Trojan Leo Fernandes

Palestras H2HC 8th Edition - 2011

TALK TITLE	BR	ENG	Video
Analyzing the attack surface of kernel registry filters Matthieu Suiche
Anatomy of a Remote Kernel Exploit Dan Rosenberg
Caixa de Pandora. Ate onde pode chegar o descuido com o descarte de informaes? Thiago Bordini
CDCiber, Renasic e a importancia da defesa cibernetica brasileira Antonio Monclaro
Control Flow Analysis Edgar Barbosa
Heads of the Hydra: Malware for Network Devices Fabio Assolini
How to take over the TOR network operationally Eric Filiol
"I Know Kung-Fu!": Analyzing Mobile Malware Alex Kirk
Inception: The extended edition Nelson Brito
Layers of misunderstanding, or how digital radio is not what you think Travis Goodspeed
Modern Heap Exploitation using the Low Fragmentation Heap Chris Valasek
Privacy Hacker Officer: The new model of handling sensitive data Jose Milagre
Results of a Security Assessment of the Internet Protocol version 6 (IPv6) Fernando Gont
Some Research Directions in Automated Pentesting Carlos Sarraute
Squeezing the Web: Combining Drops of Information to Own Any Brazilian Cesar Cerrudo
The Science of Insecurity Len Sassaman & Sergey Bratus
(Un)protecting USB storage media Fernando Merces
Welcome To Rootkit Country Graeme Neilson
Windows Kernel Pool Exploitation Tarjei Mandt

Palestras H2HC 7th Edition - 2010

TALK TITLE	BR	ENG	Video
Aindar quer tc? Jordan Bonagura
Blue Screen of Death is Dead Matthieu Suiche
Detecting Obfuscated Malicious JavaScript with Snort and Razorback Alex Kirk
Finding bugs and publishing advisories – the Core Security way Carlos Sarraute
Generic exploitation of invalid memory writes Jonathan Brossard
Hacking the Fast Lane: security issues in 802.11p, DSRC and WAVE Bruno Oliveira & Rob Havelt
HTML5 Seguro ou Inseguro? Wagner Elias
Keynote: Strategies for Envolving Threats Andrew Chusman
Malicious Cryptography Techniques for Unreversable (malicious or not) binaries Eric Filiol
Realidade das BotNets Atuais Ranieri Romera
Sandboxes Uncovered: Desmistificando sistemas de análise de malware Dario Filho
The EDB Project Fernando Mercês
Urgente: Hackers causaram a erupção do vulcão Eyjafjallajokull Anchises de Paula

Palestras H2HC 6th Edition - 2009

TALK TITLE	BR	ENG	Video
A arte da defesa Antonio Milagre
Abusing bitmask Nicolas Waisman
Anti Anti Forense: Correlacao Tony Rodrigues
Breaking the perimeter through human stupidity Bruno Oliveira
Bruteforcing HD Encryption Systems Jonathan Brossard
Ciber Terrorismo, Hacktivismo religioso Paulo Roizman
Kernel Do Windows: Historia, Evolucao e Debug Weber Ress
Life Cycle of a Snort Rule: From Vulnerability to Coverage Alex Kirk
Netifera platform demo Juliano Rizzo
Panel: Cyberware Multiple
Playing Web Fuzzer Wagner Elias
Privacidade na era da internet Anderson Ramos
Probabilistic Attack Planning in Network + WebApps Scenarios Carlos Sarraute
Ring 0x64 Gustavo Scotti
Sniffing Remote Networks Joaquim Espinhara
Taint Analysis Edgar Barbosa
The departed: exploit next generation. The philosophy. Nelson Brito
The Departed: Exploit Next Generation, The Philosophy Nelson Brito
The Reverse Engineering Intermediate Language REIL and its Applications Sebastian Porst
Token Kidnapping's Revenge Cesar Cerrudo
Toward the HLR, attacking the SS7 & SIGTRAN applications one step further and mapping the phone system Philippe Langlois
w3af. A framework to own the web Andres Riancho

Palestras H2HC Fifth Edition - 2008

PALESTRA	BR	ENG	Video
PCI Rootkits Bruno Cardoso Lopes / João Batista Correa
Hypervisor Framework Edgar Barbosa
Analise de Seguranca do Protocolo Wireless USB Felipe Zimmerle
evilgrade, "You have pending upgrades..." Francisco Amato
Raising GPRS Security Awareness by Observing Real World Security Events Guto Motta
Practical (Introduction to) Reverse Engineering Julio Auto
Apology of 0days Nicolas Waisman
Defeating DEP, the Immunity Debugger way Pablo Sole
Hack into Samba Rodrigo Costa
Onde estão as ferramentas de segurança do Brasil? Ronaldo Vasconcelos
Secure the Planet! New Strategic Initiatives from Microsoft to Rock Your World Steve Adegbite
Extreme Web Hacking Wagner Elias
Playing with Web Application Firewalls Wendel G. Henrique / Sandro Gauci

Palestras H2HC Fourth Edition - 2007

PALESTRA	BR	ENG
Call for papers The Bug Magazine The Bug Magazine Staff
Capture the flag - Results Intruders Tiger Team
Hacking well-protected databases Alexander Kornbrust
Detecting Blue Pill Edgar Barbosa
The Computer Forensics Challenge and Anti-forensics Techniques Domingo Montanaro
Hacking iPod Touch/iPhone Marcos Azevedo
Malwares x AntiVirus Wendel Guglielmetti Henrique
Next-Generation Debuggers for Reverse Engineering Julio Auto - Member of ERESI Team
DNS Amplification Attack Bruno Goncalves de Oliveira
PE Binary Infection Maycon Maia Vitali
Hack into apache Rodrigo Carvalho Costa
REST Insecurity Wagner Elias
Hacking the big brother Joao Batista Moreira & Julio Cesar Fort
KIDS - Kernel Intrusion Detection System Rodrigo Rubira Branco (BSDaemon)

Palestras H2HC Third Edition - 2006

PALESTRA	BR	ENG
Syscall Proxying \|\| Pivoting Rodrigo Rubira Branco (BSDaemon) / Filipe Balestra
Process Infection Carlos Barros
Windows Driver Development Kit (Driver exploitation) Rodrigo Carvalho Costa (Nibble)
Lock picking Eduardo Madeira Fleury / Artur Duque de Souza
Introducao a Engenharia Reversa Maycon Maia Vitali
VOIP Insecurity Luiz Eduardo
Polutin sys_execve Federico Kirschbaum
Old School Hacking Julio Cesar Fort
Inseguranca em Web 2.0 e Pen-test em Aplicações Web Wagner Elias e Thiago Zaninotti - N-Stalker
Hostile Wireless Ambients Luiz Eduardo
Rootkits kernel 2.6 Julio Auto
Bricando com IPS: Uma maneira mais simples de contorná-los Anônimo
Shellcode Evolution Itzik Kotler

Palestras H2HC Second Edition - 2005

PALESTRA	BR	ENG
Fun With Assembly Everson da Silva Tavares (IP_FIX)
Backdoors x Firewalls de Aplicação: Praticando em Kernel Linux Rodrigo Rubira Branco (BSDaemon)
Discovering Vulnerabilities Rodrigo Carvalho Costa (Nibble)
Breaking PaX ASLR in the Wild Tiago Assumpção
Anti-Forensics Domingo Montanaro
Dog_Crawler x PHP_GUARD do Saumil Shah Bruno Luiz Cordeiro Ramos
Linux Kernel Exploiting Glaudson Ocampos (Nash Leon) Wendel Guglielmetti Henrique (dum_dum)
Vulnerabilidades em aplicações bluetooth Nelson Murilo
Windows DLL instrumentation + feedback fuzzing + code breaking Joachim de Zutter (Byte Rage)
Hacktivismo Fernanda Serpa	Sem material	Sem material

Palestras H2HC First Edition - 2004

PALESTRA	BR	ENG
Ataques em redes Wi-Fi Nelson Murilo de Oliveira Rufino
Detecção e ataques a HoneyPots Felix Alvez Coutinho Júnior (Skynet45)
OSSTMM - Open Source Security Testing Methodology Manual Eduardo Jorge Feres Serrano Neves
Cryptography and Clusters Rodrigo Carvalho Costa (Nibble)
Assinaturas de Ataques: Como Livrar-se Delas Rodrigo Rubira Branco (BSDaemon)

ORGANIZAÇÃO

PATROCINADORES PLATINUM

PATROCINADORES GOLD

PATROCINADORES SILVER

HACKING

APOIO