INFILTRATE 2018 – Vote on Papers – Closes 14 December 2017


Cast your vote for the talks you want to see at INFILTRATE 2018.

As of today, 6 December 2017, I count 26 presentations.

The titles alone are enough to sell the conference:

  1. Energy Larceny-Breaking into a solar power plant
  2. Chainspotting: Building Exploit Chains with Logic Bugs
  3. Back To The Future – Going Back In Time To Abuse Android's JIT
  4. Windows Offender: Attacking The Windows Defender Emulator
  5. Bypassing Mitigations by Attacking JIT Server in Microsoft Edge
  6. A year of inadvertent macOS bugs
  7. L'art de l’Évasion: Modern VMWare Exploitation techniques
  8. Unboxing your VirtualBoxes: A close look at a desktop hypervisor
  9. Fuzzing the ‘Unfuzzable’
  10. How to become a Penetration tester – an attempt to guide the next generation of hackers
  11. Parasite OS
  12. Detecting Reverse Engineering with Canaries
  13. Discovering & exploiting a Cisco ASA pre-auth RCE vulnerability
  14. Synthetic Reality; Breaking macOS One Click at a Time
  15. Dissecting QNX – Analyzing & Breaking QNX Exploit Mitigations and Secure Random Number Generators
  16. Malware​ ​ tradecrafts​ ​ and nasty​ ​ secrets​ ​ of​ ​ evading​ ​ to escalating
  17. Sandbox evasion using VBA Referencing
  18. Exploits in Wetware
  19. How to escalate privileges to SYSTEM in Windows 10
  20. Pack your Android: Everything you need to know about Android Boxing
  21. How to hide your browser 0-days
  22. So you think IoT DDoS botnets are dangerous – Bypassing ISP and Enterprise Anti-DDoS with 90's techn
  23. Making love to Enterprise Software
  24. I Did it Thrawn’s Way- Spiels and the Symbiosis of Red Teaming & Threat Intelligence Analysis
  25. Digital Vengeance: Exploiting Notorious C&C Toolkits
  26. Advanced Social Engineering and OSINT for Penetration Testing

Another example of open sharing as opposed to the hoard and privilege approach of the defensive cybersecurity community. White hats are fortunate to only be a decade behind. Consider it the paranoia penalty. Fear of sharing knowledge harms you more than anyone else.

Speaking of sharing, the archives for INFILTRATE 2011 through INFILTRATE 2017 are online.

May not be true for any particular exploit, but given the lagging nature of cyberdefense, not to mention shoddy patch application, any technique less than ten years old is likely still viable. Remember SQL injection turned 17 this year and remains the #1 threat to websites.

Vote on your favorite papers for INFILTRATE 2018 – OPEN CFP
and let’s see some great tweet coverage for the conference!

INFILTRATE Security Conference, April 26 & 27 2018, @Fountainbleau Hotel

INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere. INFILTRATE is the single-most important event for those who are focused on the technical aspects of offensive security issues, for example, computer and network exploitation, vulnerability discovery, and rootkit and trojan covert protocols. INFILTRATE eschews policy and high-level presentations in favor of just hard-core thought-provoking technical meat.

Registration: infiltrate@immunityincdotcom

Twitter: @InfiltrateCon.


Comments are closed.