Ehemalige Referenten

Besten Dank geht nochmals an folgende Referenten aus Industrie und Forschung, die bereits im Rahmen des HackerPraktikums einen Vortrag gehalten haben:

Mario Heiderich Busi­ness IN Inc. XSS-Wür­mer 1 2 3
An­dre­as Kurtz Ci­ro­sec Gmbh Li­ve-Ha­cking 2.0 - Ak­tu­el­le An­griffs­tech­ni­ken auf Web-Ap­pli­ka­tio­nen 1, Vortrag
Ste­fan Esser,
Ben Fuhr­man­nek,
Sek­tionEins GmbH Ad­van­ced Web Ha­cking 1 2, Vortrag
Armin Bü­scher G DATA Soft­ware AG Mon­key­Wrench: ein low-in­ter­ac­tion Ho­ney­cli­ent zur Ana­ly­se der Aus­nut­zung von Ja­va­script-ba­sier­ten Ver­wund­bar­kei­ten 1
Jan Käst­le ,
Ste­fan Hölz­ner
KPMG AG Web­ap­pli­ka­ti­ons-Si­cher­heit - Er­fah­run­gen aus der Pra­xis 1
Dr. Jo­han­nes
XING AG XING - how to ope­ra­te a large Web­site 1
Red-Data­ba­se-Se­cu­ri­ty GmbH Ad­van­ced SQL-In­jec­tion 1
Pa­trick Hof,
Jens Lieb­chen
Red­Team Pen­tes­ting GmbH Apa­che Tom­cat - Who's the JBoss now? 1 Vortrag
TU Dort­mund Jen­seits von An­griffs­mus­tern - Po­si­ti­ve Si­cher­heits­mo­del­le in Web-An­wen­dun­gen 1
Dr. Mar­tin Johns SAP Re­se­arch Cross-si­te Re­quests: One me­cha­nism, many at­tacks 1 Vortrag
ci­ro­sec GmbH Web Ap­p­li­ca­ti­on Fire­walls 1 Vortrag
Mo­ritz Jo­d­eit n.runs AG At­ta­cking Ad­ja­cent Lay­ers 1 Vortrag
Mario Heiderich Busi­ness IN Inc. HTML 5: The good, the bad, the ugly 1
Felix Gröbert Google From XSS to Ring 0 1
Sebastian Schinzel Virtual Forge GmbH Side Channel Attacks im Web - Software Security für SAP Systeme 1 2 3 Vortrag
Eray Basar 9elements Ninja Webtechnologies 1 Vortrag
Karsten Tellmann G Data Software AG Exploiting Adobe's PDF 1 2 Vortrag
ci­ro­sec GmbH Apple iPhoneund iPad im Unternehmen 1 Vortrag
n.runs AG Secure by design - It's a bug, not a feature 1
Stefan Esser
Ben Fuhrmannek
Sek­tionEins GmbH Si­cher­heits­pro­ble­me in Web­ap­pli­ka­ti­on fern­ab der üb­li­chen In­jek­ti­ons­ver­wund­bar­kei­ten 1 Vortrag
Collin Mulliner Technische Universität Berlin Random tales from a mobile phone hacker 1
Marcus Niemietz RUB UI Redressing: Attacks and Countermeasures Revisited 1
An­dre­as Schmidt si­be­ras WATOBO - The Web Application Toolbox 1 Vortrag
Gre­gor Kopf Re­cu­ri­ty Labs GmbH Non-Obvious Bugs by Example Vortrag
Aleksandr Matrosov
Eugene Rodionov
ESET Defeating x64: Modern Trends of Kernel-Mode Rootkits Vortrag
Krzysztof Kotowicz SecuRing HTML5: Something wicked this way comes
Erlend Oftedal Bekk Consulting AS Practical attacks on web crypto Vortrag
Ste­fa­no Di Paola Minded Security Analysis and Identification of DOM Based XSS Issues 1 Vortrag
Ga­reth Heyes Non alphanumeric code with JavaScript & PHP; Shazzer - Shared online fuzzing Vortrag
John Wi­lan­der Svenska Handelsbanken The Developer Part of the Problem, Buffer Overflows, Modeling Security Bugs, Safety & Liveness Properties, CSRF Against RESTful Services, Multi-Ste, Semi-Blind CSRF
Abraham Aranguren Legal And Efficient Web App Testing Without Permission Vortrag
Alexey Sintsov ERPscan Lotus Domino: Penetration Through the Controller Vortrag
Vladimir Vorontsov ONsec Blind XXE injections Vortrag
Michele Orru Trustwave SpiderLabs Beef, what a tasty piece of meat Vortrag
Paul Stone Context Information Security Browser Timing Attacks via the Graphics Stack Vortrag
Nicolas Gregoire Agarri Attacking <?xml?> processing Vortrag
Arthur Gerkis Dynamic PHP web-appliaktion analysis Vortrag
Roberto Suggi Liverani Cross Context Scripting (XCS) - Attacks and Exploitation Vortrag
Soroush Dalili File in the hole! [1], Vortrag
Tuomas Kärkkäinen Fuzzing at Scale and in Style Vortrag
Ange Albertini A challenge in your pocket, an introduction to brainteasers Vortrag
Sandro Gauci Webapp Exploit Payloads - tools built for & during the job Vortrag
Svetlana Gaivoronski Lomonosov Moscow State University Shellcode detection techniques Vortrag
Felix 'FX' Lindner Recurity Labs Security is Privacy - Future Research Vortrag
Jürgen Pabel Deutsche Post Information Security Management - A Hacker's Perspective 1 Vortrag
Matthias Kaiser Daimler TSS Recent Java Exploitation Techniques 1 Vortrag
Jeremiah Grossman WhiteHat Security The Real State of Website Security and The Truth About Accountability and "Best-Practices" Vortrag
Giorgio Maone InformAction Defending the Indefensible - The Unsung Battles and Legacy of NoScript Vortrag
Karsten Nohl Security Research Labs In-depth crypto attacks - It always takes two bugs Vortrag
Andreas Kurtz NESO Security Labs GmbH Pentesting iOS Apps - Runtime Analysis and Manipulation Vortrag
Fabian Yamaguchi Georg-August-Universität Göttingen Information Retrieval and Machine Learning for Interactive Bug Hunting Vortrag
Miroslav Stampar Curious Case of SQLi Vortrag
Stefan Esser SektionEins iOS 7 Security Overview Vortrag
Mike West Google Locking Down the User Agent Vortrag
Felix Gröbert Google Security Analysis of Apple FileVault2 Vortrag
Mathias Bynens Opera Hacking with Unicode Vortrag
Mathias Karlsson Detectify Polyglot payloads in practice Vortrag
Collin Mulliner Northeastern University Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in GUIs Vortrag
Johannes Dahse Ruhr University Bochum Static Detection of Vulnerabilities in Modern PHP Applications Vortrag
Sebastian Schinzel Fachhochschule Münster Remote Timing Attacks Vortrag
Joern Schneeweisz Recurity Labs GmbH Bug Tales Vortrag
Thomas Patzke Near Field Communication Security Vortrag
Sebastian Lekies Google 25 Million Flows Later: Detection and Exploitation of DOM-based XSS vulnerabilities at scale Vortrag
Jan Kopecky ING Regional IT headquarters Exploitation – from past to nowadays 1
Christian Schneider Security DevOps - Free pentesters' time to focus on high-hanging fruits Vortrag
Matthias Kaiser Code White GmbH Exploiting Deserialization Vulnerabilities in Java Vortrag
Michele Orru Dark FairyTales from a Phisherman (Vol. III) Vortrag
Ibrahim Köse CSPi Managing Security Testing Vortrag
Dirk Wetter Intricacies testing SSL: sockets, schools, threa{t,d}s and sometimes no shake-hands Vortrag
Sven Schlueter Context Information Security Modern penetration testing Vortrag
Hanno Böck TLS - the most important crypto protocol Vortrag
Christian Rossow Saarland University Zeus P2PWNED: Monitoring and Disrupting Modern P2P Botnets Vortrag
Ben Stock Saarland University From Facepalm to Brain Bender - Exploring Client-Side Cross-Site Scripting Vortrag
Tom Van Goethem University of Leuven Breaking privacy and security by abusing cross-origin resource size Vortrag
Clémentine Maurice Graz University of Technology, Reverse-engineering CPUs for fun and profit Vortrag
Anders Fogh G-DATA Advanced Analytics GmbH Covert shotgun: Automatically finding covert channels in SMT Vortrag
Martin Schmiedecker SBA Research Turning Incident Response to Eleven Vortrag
Johannes Dahse RIPS Technologies An Advent Calendar full of PHP Security Bugs Vortrag
Victor van der Veen Vrije Universiteit Amsterdam Drammer: The Making-Of Vortrag
Mario Heiderich Cure53, RUB My Sweet Innocence Exposed - Eleven Reasons why we will all miss you, 'e' Vortrag
Nicolas Gregoire Nearly generic fuzzing of XML-based formats Slides
Enno Rey ERNW Properties of IPv6 and Their Implications for Offense & Defense Vortrag
Matthias Schmidt 1&1 Technical Security at a large ISP Slides
Florian Kohlar KPMG Tales from an IT-Security consultant Vortrag
Ange Albertini Google Beyond your studies - You studied X at Y. Now what? Vortrag
Mathy Vanhoef KU Leuven KRACKing WPA2 and Mitigating Future Vulnerabilities Vortrag
Johannes Dahse RIPS State-of-the-art PHP Exploitation Techniques Vortrag
Michele Orrù All your sessions are belong to us Vortrag
Gertjan Franken KU Leuven Who left open the cookie jar? Vortrag
Rene Freingruber SEC Consult An overview on modern fuzzing techniques Vortrag
Jens Müller RUB "Johnny, you are fired!" – Spoofing OpenPGP and S/MIME Signatures in Emails No recording
Hauke Gierow & Tim Berghoff G Data "How not to get the Cybers" - Talking with media representatives about infosec No recording
Christian Becker Context Red Team Exercises - A case study Vortrag