Talks

1

• 100 bugs in 100 days: An analysis of ICS (SCADA) software

7

• 73o7\/\/@\/\/Ki – Survival Hacking your way out of Armageddon

A

• Adaptive Penetration Testing

• Advanced Nmap Scripting: Make Nmap work for you!

• Advanced Penetration Techniques for the non-technical n00b

• Anti-Forensics for the Louise

• A Tribute to Dr. Strangelove

• Avoiding the Landmines in your own Backyard

B

• Battery Firmware Hacking

• Beat to 1337: Creating A Successful University Cyber Defense Organization

• BioMining: Data Mining for (Neuro) hackers

• Blue team is sexy — refocusing on defense — Part II — All you baseline are belong to us

• Building a Svartkast: Cheap hardware to leave behind on someone else’s network

C

• Closing Ceremony

• Collecting Underpants To Win Your Network

• Compliance: An Assault on Reason

• Covert Channels using IP Packet Headers

D

• Desktop Betrayal: Exploiting Clients through the Features They Demand

• Dirty Red Team tricks

• Distinguishing Lockpicks: Raking vs Lifting vs Jiggling and More

E

• Exploiting Java Memory Corruption Vulnerabilities

• Exploiting PKI for Fun & Profit or The Next Yellow Padlock Icon?

F

• Free Floating Hostility

G

• Get Off of My Cloud: Cloud Credential Compromise and Exposure

H

• Hackers for Charity Update

• Hide yo kids, hide yo wife: Residential security and monitoring the bottom line

• Hook, Line and Syncer: The Liar for Hire’s Ultimate Tacklebox

• How I learned to roll my own: Building custom pen testing platforms on the fly

I

• Infectious Media – Bypassing AutoRun once and for all

• Is locksport a sport?

J

• Jason Scott’s Shareware Calvacade

K

• Keynote - Acoustic Intrusions

M

• Mining Sensitive Information From Images Using Command-Line OCR

• Mobile App Moolah: Profit taking with Mobile Malware

O

• Offensive Countermeasures: Still trying to bring sexy back

• Open source firewalling with pfSense

• OpenWIPS-ng

• OSINT Beyond the Basics

P

• Pentesting over Powerlines

R

• Rule 1: Cardio (and 9 other rules to keep intruders out)

S

• Smile for the Grenade! Camera go Bang!

• Social Engineering is a Fraud

• sploit me if you can

• State of the Framework Address

• Steal Everything, Kill Everyone, Cause Total Financial Ruin! (Or How I Walked In And Misbehaved)

• Surviving a Teleporter Accident (It could happen to you)

T

• Tactical Post Exploitation

• The Details Don’t Matter

• The Dirty Little Secrets They Didn’t Teach You In Pentesting Class

• The Hidden XSS – Attacking the Desktop

• The Penetration Testing Execution Standard (PTES) Panel

• Throw It in the River? Towards Real Live Actual Smartphone Security

• Tomorrow you can patch that 0day – but your users will still get you p0wn3d

V

• Virtual trust, Virtual Permission and the Illusion of Security

W

• Walking the Green Mile: How to Get Fired After a Security Incident

• Welcome to DerbyCon 2011 – Intro to the con and events

• When Fuzzers Miss: The no Hanging Fruit.

• Why InfoSec Practitioners Are Failing

• Win32 Exploit Development With Mona and the Metasploit Framework

Y

• You are the Smart Meter: Making (and hacking) of the 2011 MA-CCDC electronic badges

• You’re Going to Need a Bigger Shovel – A Critical Look at Software Security Assurance

• Your perimeter sucks