CanSecWest 2011

CanSecWest 2011

CanSecWest 2011 Files

Network Application Firewalls vs. Contemporary Threats
- Brad Woodberg, Juniper 1.6M

Black Box Auditing Adobe Shockwave
- Aaron Portnoy, Logan Brown, Tipping Point / H.P. Zero Day Initiative 3.9M

SMS-o-Death: From Analyzing To Attacking Mobile Phones on a Large Scale
- Nico Golde and Collin Mulliner, TU-Berlin 3.1M

Runtime Firmware Integrity Verification: What Can Now Be Achieved
- Yves-Alexis Perez and Loic Duflot, ANSSI 288K

The Law of Web Application Hacking
- Marcia Hofmann, EFF 247K

Is Your Gaming Console Safe?: Embedded Devices, an AntiVirus-free Safe Hideout for Malware
- DongJoo Ha and KiChan Ahn, AhnLab Inc and Korea Financial Telecommunications & Clearings Institute 723K

Dymanic Cryptographic Trapdoors
- Eric Filiol, ESIEA Laval CVO Lab & French DoD 1.2M

Understanding and Exploiting Flash ActionScript Vulnerabilities
- Haifei Li, Fortinet 1.4M

Chip & PIN is Definitely Broken
- Andrea Barisani and Daniele Bianco, Inversepath 2.0M

iPhone and iPad Hacking
- Ilja van Sprundel, IOActive 2.5M

Welcome To Rootkit Country
- Graeme Neilson, Aura Software Security 11M

Project Ubertooth: Building a Better Bluetooth Adapter - Michael Ossmann, Great Scott Gadgets23M

Borken Fonts: The Story of Naive Parsers and Attacker Controlled Reboots
- Marc Schönefeld, Red Hat 49M

Deconstructing ColdFusion
- Chris Eng & Brandon Creighton, Veracode 1.4M

Stale Pointers Are The New Black
- Vincenzo Iozzo and Giovanni Gola, Zynamics GmbH 2.4M

A Castle Made of Sand: Adobe Reader X Sandbox
- Richard Johnson, Sourcefire 933K

Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
- Dan Kaminski, Adam Cecchetti and Mike Eddington, Doxpara & Deja Vu Security 2.0M

Security Defect Metrics for Targeted Fuzzing
- Dustin Duran, Matt Miller, David Weston, Microsoft 700K

GRAPE: Generative Rule-based Generic Stateful Fuzzing
- Nicholas Green, FourteenForty 1.2M