+1,000,000 -0: Cloning a Game Using Game Hacking and Terabytes of Data
Abusing Linux Trust Relationships: Authentication Back Alleys and Forgotten Features
Abusing RTF: Evasion, Exploitation and Counter Measures
Adaptation of the Security Sub-Culture
Advanced Persistent Thirst (APT)
.... and bad mistakes I've made a few.....
Android Patchwork: Convincing Apps to Do What You Want Them To
Anti-Forensics AF
ARRR Maties! A map to the legal hack-back
Attackers Hunt Sysadmins - It's time to fight back
Attacking ADFS Endpoints with PowerShell
Attacking EvilCorp: Anatomy of a Corporate Hack
AWShit. Pay-as-you-go Mobile Penetration Testing
A Year in the Empire
Better Network Defense Through Threat Injection and Hunting
Beyond The 'Cript: Practical iOS Reverse Engineering
Body Hacking 101 (or a Healthy Lifestyle for Security Pros)
Breaking Android Apps for Fun and Profit
Breaking Credit Card Tokenization Without Cryptanalysis
BurpSmartBuster - A smart way to find hidden treasures
Business Developement: The best non-four letter dirty word in infosec.
Closing Ceremony
Confronting Obesity in Infosec
CrackMapExec - Owning Active Directory by using Active Directory
Cruise Ship Security OR Hacking the High Seas
Data Obfuscation: How to hide data and payloads to make them "not exist" (in a mathematically optimal way)
Defeating The Latest Advances in Script Obfuscation
DevOops Redux
Dive into DSL: Digital Response Analysis with Elasticsearch
DNS in Enterprise IR: Collection, Analysis and Response
DNSSUX: Why DNSSEC Makes Us Weaker
Embrace the Bogeyman: Tactical Fear Mongering for Those Who Penetrate
Establishing A Foothold With JavaScript
Evolving your Office's Security Culture
Exploiting First Hop Protocols to Own the Network
Finding a Weak Link: Attacking Windows OEM Kernel Drivers
Finding Your Balance
Fire Away! Sinking the Next Gen Firewall
From Commodity to Advanced (APT) malware, are automated malware analysis sandboxes as useful as your own basic manual analysis?
From Gaming to Hacking The Planet
Fuzzing basics...how to break software
Garbage in, garbage out: generating useful log data in complex environments
Go with the Flow: Get Started with Flow Analysis Quickly and Cheaply
Hacking for Homeschoolers: STEM projects for under $20
Hacking Lync (or, 'The Weakest Lync')
Hacking with Ham Radios: What I have learned in 25 years of being a ham.
Hack Yourself: Building A Pentesting Lab
Hardening AWS Environments and Automating Incident Response for AWS Compromises
Hardware Hacking the Easyware Way
Hashcat State of the Union
Hashview, a new tool aimed to improve your password cracking endeavors.
How are tickets paid for?
How to Social Engineer your way into your dream job!
Hunting for Exploit Kits
I don't give one IoTA: Introducing the Internet of Things Attack Methodology
I Love myBFF (Brute Force Framework)
Information Security Proposed Solutions Series - 1. Talent
Internet of Things, Voice Control, AI, and Office Automation: BUILDING YOUR VERY OWN J.A.R.V.I.S.
Introducing DeepBlueCLI, a PowerShell module for hunt teaming via Windows event logs
Introducing PowerShell into your Arsenal with PS>Attack
Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To) D""e`Tec`T 'Th'+'em'
IoT Defenses - Software, Hardware, Wireless and Cloud
Is that a penguin in my Windows?
It’s Never So Bad That It Can’t Get Worse
Java RATS: Not even your Macs are safe
Keynote
Living Off the Land 2: A Minimalist's Guide to Windows Defense
Macs Get Sick Too
Make STEHM Great Again
Making Our Profession More Professional
Malicious Office Doc Analysis for EVERYONE!
Managed to Mangled: Exploitation of Enterprise Network Management Systems
MariaDB: Lock it down like a chastity belt
Metaprogramming in Ruby and doing it wrong.
Metasploit Townhall
Mind Reading for Fun and Profit using DISC
Mobile Device Forensics
Need More Sleep? REST Could Help
New Shiny in Metasploit Framework
Next Gen Web Pen Testing: Handling modern applications in a penetration test
Nobody gets fired by choosing IBM... but maybe they should.
No Easy Breach: Challenges and Lessons from an Epic Investigation
Nose Breathing 101: A Guide to Infosec Interviewing
Opening Ceremony
Open Source Intelligence - What I learned by being an OSINT creeper
Outlook and Exchange for the Bad Guys
Overcoming Imposter Syndrome (even if you?re totally faking it)
PacketKO - Data Exfiltration Via Port Knocking
Penetration Testing Trends
Phishing without Failure and Frustration
Poetically Opaque (or other John Updike Quotes)
Point of Sale Voyuer - Threat Actor Attribution Through POS Honeypots
PowerShell Secrets and Tactics
Privileged Access Workstations (PAWs)
Project MVP - Hacking and Protecting SharePoint
Python 3: It's Time
Ransomware: An Overview
Real World Attacks VS Check-box Security
Recharging Penetration Testing to Maximize Value
Responder for Purple Teams
Reverse engineering all the malware...and why you should stop.
Rotten Potato - Privilege Escalation from Service Accounts to SYSTEM
Samsung Pay: Tokenized Numbers, Flaws and Issues
Scripting Myself Out of a Job - Automating the Penetration Test with APT2
Security Automation in your Continuous Integration Pipeline
Security v. Ops: Bridging the Gap
Shackles, Shims, and Shivs - Understanding Bypass Techniques
So You've Inherited a Security Department, Now What?
SQL Server Hacking on Scale using PowerShell
Stagefright: An Android Exploitation Case Study
Static PIE: How and Why
The 1337 Gods of Geek Mythology -
The 90's called, they want their technology back
The Advanced Persistent Pentester (All Your Networks Are Belong 2 Us)
The Art of War, Attacking the Organization and Raising the Defense
The Beginner's Guide to ICS: How to Never Sleep Soundly Again
Thinking Purple
To Catch a Penetration Tester: Top SIEM Use Cases
Tool Drop 2.0 - Free As In Pizza
Top 10 2015-2016 compromise patterns observed & how to use non-traditional Internet datasets to detect & avoid them
Using Binary Ninja for Modern Malware Analysis
Web Security for Dummies
We're a Shooting Gallery, Now What?
Writing malware while the blue team is staring at you
Yara Rule QA: Can't I Write Code to do This for Me?