• 08:50

  • Welcome & Introduction to Black Hat USA 2010

    Jeff Moss
    Wed, 08:50 - 09:00
    Augustus 1+2
  • 09:00

  • Keynote

     
    Wed, 09:00 - 09:50
    Augustus 1+2
  • 10:00

  • Payload Already Inside: Data Re-Use for ROP exploits

    Long Le
    Wed, 10:00 - 11:00
    Milano 1+2+3+4 - Programmatic

  • Attacking Kerberos Deployments

    Rachel Engel, Brad Hill, Scott Stender
    Wed, 10:00 - 11:00
    Milano 5+6+7+8 - OS Wars

  • The Emperor Has No Clothes: Insecurities in Security Infrastructure

    Ben Feinstein, Jeff Jarmoc, Dan King
    Wed, 10:00 - 11:00
    Roman - Infrastructure

  • ExploitSpotting: Locating Vulnerabilities Out Of Vendor Patches Automatically

    Jeongwook Oh
    Wed, 10:00 - 11:00
    Augustus 1+2 - Reverse Engineering

  • Base Jumping: Attacking GSM Base Station Systems and Mobile Phone Base Bands

    The Grugq
    Wed, 10:00 - 11:00
    Augustus 3+4 - Mobile

  • Optimizing the Security Researcher and CSO Relationship

    Bill Boni, Andrew Cushman, David Litchfield, Alex Stamos, John Stewart
    Wed, 10:00 - 11:00
    Pompeiian - Executive

  • Drivesploit: Circumventing both automated AND manual drive-by-download detection

    Wayne Huang, Caleb Sima
    Wed, 10:00 - 11:00
    Florentine - Cyber War & Peace

  • Malware Freak Show 2010: The Client-Side Boogaloo

    Jibran Ilyas, Nicholas J. Percoco
    Wed, 10:00 - 11:00
    Augustus 5+6 - Malware Fingerprinting

  • WPA Migration Mode: WEP is back to haunt you…

    Leandro Meiners, Diego Sor
    Wed, 10:00 - 11:00
    Forum 24 - Network

  • Industrial Bug Mining - Extracting, Grading and Enriching the Ore of Exploits

    Ben Nagy
    Wed, 10:00 - 11:00
    Neopolitan 1+2+3+4 - Bug Collecting

  • Cloud Security Alliance Summit

    Panel
    Wed, 10:00 - 15:00
    Forum 25 - Special Events
  • 11:15

  • Aleatory Persistent Threat

    Nicolas Waisman
    Wed, 11:15 - 12:30
    Milano 1+2+3+4 - Programmatic

  • Understanding the Windows SMB NTLM Weak Nonce Vulnerability

    Agustin Azubel, Hernan Ochoa
    Wed, 11:15 - 12:30
    Milano 5+6+7+8 - OS Wars

  • Electricity for Free? The Dirty Underbelly of SCADA and Smart Meters

    Joe Cummins, Jonathan Pollet
    Wed, 11:15 - 12:30
    Roman - Infrastructure

  • Crash Analysis using BitBlaze

    Noah Johnson, Charlie Miller
    Wed, 11:15 - 12:30
    Augustus 1+2 - Reverse Engineering

  • More Bugs In More Places: Secure Development On Moble Platforms

    David Kane-Parry
    Wed, 11:15 - 12:30
    Augustus 3+4 - Mobile

  • Systemic DNS Vulnerabilities and Risk Management: A Discussion With the Experts

    Rod Beckstrom, Dan Kaminsky, Paul Mockapetris, Ken Silva, Mark Weatherford
    Wed, 11:15 - 12:30
    Pompeiian - Executive

  • Balancing the Pwn Trade Deficit

    Colin Ames, Anthony Lai, Val Smith
    Wed, 11:15 - 12:30
    Florentine - Cyber War & Peace

  • Malware Attribution: Tracking Cyber Spies and Digital Criminals

    Greg Hoglund
    Wed, 11:15 - 12:30
    Augustus 5+6 - Malware Fingerprinting

  • Extreme-range RFID tracking

    Kristin Paget
    Wed, 11:15 - 12:30
    Forum 24 - Network

  • Virtual Forensics

    Christiaan Beek
    Wed, 11:15 - 12:30
    Neopolitan 1+2+3+4 - Bug Collecting
  • 13:45

  • Hacking Java Clients

    Stephen de Vries
    Wed, 13:45 - 15:00
    Milano 1+2+3+4 - Programmatic

  • Adventures in Limited User Post Exploitation

    Tim Elrod, Nathan Keltner
    Wed, 13:45 - 15:00
    Milano 5+6+7+8 - OS Wars

  • SCADA and ICS for Security Experts: How to avoid Cyberdouchery

    James Arlen
    Wed, 13:45 - 15:00
    Roman - Infrastructure

  • Jackpotting Automated Teller Machines Redux

    Barnaby Jack
    Wed, 13:45 - 15:00
    Augustus 1+2 - Reverse Engineering

  • These Aren't the Permissions You're Looking For

    Anthony Lineberry, David Richardson, Sr., Timothy Wyatt
    Wed, 13:45 - 15:00
    Augustus 3+4 - Mobile

  • Cyber war...Are we at war? And if we are, how should we fight it?

    General Michael V. Hayden
    Wed, 13:45 - 15:00
    Pompeiian - Executive

  • One on One Interview with General (Ret.) Michael V. Hayden

    General Michael V. Hayden, Robert Rodriguez
    Wed, 13:45 - 15:00
    Pompeiian - Executive

  • Social Networking Special Ops: Extending Data Visualization Tools for faster Pwnage

    Chris Sumner
    Wed, 13:45 - 15:00
    Florentine - Cyber War & Peace

  • mod_antimalware: A Novel Apache Module for Containing web-based Malware Infections

    Neil Daswani
    Wed, 13:45 - 15:00
    Augustus 5+6 - Malware Fingerprinting

  • Burning Asgard - What happens when Loki breaks free

    Daniel Mende, Enno Rey
    Wed, 13:45 - 15:00
    Forum 24 - Network

  • Network Stream Debugging with Mallory

    Jeremy Allen, Raj Umadas
    Wed, 13:45 - 15:00
    Neopolitan 1+2+3+4 - Bug Collecting
  • 15:15

  • Harder, Better, Faster, Stronger: Semi-Auto Vulnerability Research

    Lurene Grenier, Richard Johnson
    Wed, 15:15 - 16:30
    Milano 1+2+3+4 - Programmatic

  • Standing on the Shoulders of the Blue Monster: Hardening Windows Applications

    olle b
    Wed, 15:15 - 16:30
    Milano 5+6+7+8 - OS Wars

  • Black Ops Of Fundamental Defense: Web Edition

    Dan Kaminsky
    Wed, 15:15 - 16:30
    Roman - Infrastructure

  • Blue Screen Of the Death is Dead.

    Matthieu Suiche
    Wed, 15:15 - 16:30
    Augustus 1+2 - Reverse Engineering

  • Everybody be cool this is a roppery!

    Vincenzo Iozzo, Tim Kornau, Ralf-Philipp Weinmann
    Wed, 15:15 - 16:30
    Augustus 3+4 - Mobile

  • Security Innovation Network: Connecting Buyers, Builders, and the Research Community

    Steve Elefant, Melissa Hathaway, General Michael V. Hayden, Dr. Doug Maughan, Professor John Mitchell, Robert Rodriguez
    Wed, 15:15 - 16:30
    Pompeiian - Executive

  • Finger Pointing for Fun, Profit and War?

    Tom Parker
    Wed, 15:15 - 16:30
    Florentine - Cyber War & Peace

  • BlindElephant: WebApp Fingerprinting and Vulnerability Inferencing

    Patrick Thomas
    Wed, 15:15 - 16:30
    Augustus 5+6 - Malware Fingerprinting

  • Exploiting Timing Attacks in Widespread Systems

    Nate Lawson, Taylor Nelson
    Wed, 15:15 - 16:30
    Forum 24 - Network

  • JavaSnoop: How to Hack Anything Written in Java

    Arshan Dabirsiaghi
    Wed, 15:15 - 16:30
    Neopolitan 1+2+3+4 - Bug Collecting

  • Hacker Court

    Kevin Bankston, Carole Fennelly, Jonathan Klein, Kevin Manson, Paul Ohm, Kurt Opsahl, Panel, Richard Salgado, Richard Thieme
    Wed, 15:15 - 18:00
    Forum 25 - Special Events
  • 16:45

  • SAP Backdoors: A Ghost at the Heart of Your Business

    Mariano Nuñez Di Croce
    Wed, 16:45 - 18:00
    Milano 1+2+3+4 - Programmatic

  • Ushering in the Post-GRC World: Applied Threat Modeling

    Alex Hutton, Allison Miller
    Wed, 16:45 - 18:00
    Milano 5+6+7+8 - OS Wars

  • Wardriving the Smart Grid: Practical Approaches to Attacking Utility Packet Radios

    Nathan Keltner, Shawn Moyer
    Wed, 16:45 - 18:00
    Roman - Infrastructure

  • App Attack: Surviving the Mobile Application Explosion

    John Hering, Kevin Mahaffey
    Wed, 16:45 - 18:00
    Augustus 3+4 - Mobile

  • Reception: Security Innovation Network

     
    Wed, 16:45 - 18:00
    Pompeiian - Executive

  • Getting In Bed With Robin Sage

    Thomas Ryan
    Wed, 16:45 - 18:00
    Florentine - Cyber War & Peace

  • Mastering the Nmap Scripting Engine

    David Fifield, Fyodor Vaskovitch
    Wed, 16:45 - 18:00
    Augustus 5+6 - Malware Fingerprinting

  • PSUDP: A Passive Approach to Network-Wide Covert Communication

    Kenton Born
    Wed, 16:45 - 18:00
    Forum 24 - Network

  • Exploiting the Forest with Trees

    Meredith L. Patterson, Len Sassaman
    Wed, 16:45 - 18:00
    Neopolitan 1+2+3+4 - Bug Collecting