The Black Hat DC 2010 just concluded yesterday. If you missed it or want to review the presentations done during the conference, the official site has already posted the slideshows, white papers and a few videos from the event. You can get the first batch of files here and below we have a few sessions you might find interesting.
- Connection String Parameter Pollution Attacks
Access to databases over the Internet has become easier as well as riskier over the years. In this presentation, you will find out how to spoof and steal credentials to access Microsoft Internet Information Services as well as connecting to internal databases without credentials. PDF | PPT
- Neurosurgery With Meterpreter
Once a machine has been exploited, one of the best tools in the hacker’s toolbox is memory manipulation. This session will discuss techniques in exploiting memory via Meterpreter to siphon off passwords, hashes and other data. PDF
- Metasploit and Money
With the recent acquisition of Metasploit by Rapid7, HD Moore gained a lot of insight as to how to commercialize an open source project, how to maintain the community around it and how it affects the core group developing that product. This talk is one you should download if you are even remotely interested in bringing open source projects to market. PDF
- Hacking the Smartcard Chip
Smartcards are used in a variety of ways, from enabling cellphones and storing money to logging into computers and confirming identification. Even so, it’s not foolproof and this session will walk through how to compromise a smartcard and what tools to use for this. PPT
We’ll be keeping you updated with the video link once they are posted.