Farewell, WAF – Exploiting SQL Injection from Mutation to Polymorphism
Wireless Exploitation: Attacking IoT/OT with SDR
Code Execution Analysis in Mobile Apps
Jiuwei – A cross platform multi arch shellcode executor
Functioning as the first-stage in an exploitation, shellcode play an important role in successfully triggering software vulnerability. Since this part of payload is written in low-level machine code, understanding how it works is not trivial for analysis.
This presentation introduces JiuWei, a cross-platform and multi architecture machine code analyzer. Based on Unicorn emulator (http://unicorn-engine.org), our tool is able to execute & analyze all kind of shellcodes, regardless of Operating System (Windows, Mac, Linux, Android, etc) or CPU architectures (Intel, Arm, Aarch64, Mips).
Thanks to a powerful instrumentation engine, the output report can show what the shellcode does inside, in a friendly high-level output format.
In this talk, we will give a brief introduction on the design & implementation of JiuWei, some technical challenges we had to solve, and some cool live demo on some modern shellcode.
Presented at VXCON and HITCON with some DEMO. As for we will be doing brand new demo with brand new modern shellcode. We will also ready to call release the tool public at Nanosec
Malware Classification using Deep Learning
Deep learning currently is an extremely popular tool that has been used to solve hard problems, ranging from computer vision until speech recognition. This talk is going to introduce the audience to how one can leverage this deep learning technique in order to predict/classify computer malware.
Attacking & Securing Healthcare Standards & Pentest Medical Devices
The Health Care Industry has evolved exponentially over the last decade. It’s no secret that advancement in technology & it’s adoption was the driving force behind this positive growth. Initially, interfaces between medical devices were custom designed & posed a huge challenge as far as interoperability was concerned. HealthCare standards like HL7 & DICOM standards have come to the rescue by providing interoperability to store, manage & exchange information among one or more devices, product, systems etc. Both of the standards are supported by the majority of vendors & hospitals however secure implementation of these standards is still a concern as security risks were given less importance while designing products (software & hardware) for healthcare services. This presentation will be primarily focused on HL7 2.x, FHIR & DICOM messages, their implementation, the sensitivity of the information and how to attack these messages. The talk will cover how to pentest medical devices / system in the hospital network and the approach that needs to be taken to pentest the hardened medical system. The talk will be concluded by sharing insights on the proper implementation of these standards to better defend healthcare devices & systems against cyber-attacks.