www.zeronights.orgMoscow, Izmailovo Concert Hall, Izmailovskoe Ave., 71, bld. 5

Track 1 Track 2 Workshop 1 Workshop 2

10.00 Registration

11.30 Opening

12.00 – 12.50 “Is infosec a game?”,Alexander ‘Solar Designer’ Peslyak

13.00 – 13.50 “Crypto coding v2”,Jean-Philippe Aumasson

“Hunting for top bounties”,Nicolas Gregoire

“Computer forensic investigation of {mobile} banking Trojan”,Boris Ivanov

“Using radare2 framework forreversing and debuggingmalware and firmware”, Part 1Anton Kochkov, Julien Voisin

14.00 – 14.50 “Chip reversing”,Dmitry Nedospasov

“Steroids for your App Security assessment”,Marco Grassi

15.00 – 17.00 Lunch

17.00 – 17.50 “Project Heapbleed”,Patroklos Argyroudis

“DTM components: shadow keys to the ICS kingdom”, Alexander Bolshev,Gleb Cherbov,Svetlana Cherkasova

“iOS forensics with OpenSource tools”,Andrey Belenko

“Using radare2 framework forreversing and debuggingmalware and firmware”, Part 2Anton Kochkov, Julien Voisin

18.00 – 18.50 “The past, the present and the future of software exploitation techniques”,Nikita Tarakanov

“Non-cryptographic research of orthodox cryptographic media, or How we tested the security of key data storage on tokens…”,Sergey Soldatov, Mikhail Egorov

Program | 13 november

www.zeronights.orgMoscow, Izmailovo Concert Hall, Izmailovskoe Ave., 71, bld. 5

Track 1 Track 2 Workshop 1 Workshop 2

11.00 – 11.50 “How to *really* piss off the surveillance state with your privacy tool”,Jake McGinty

“4x4G: from SIM to GGSN”,Alexey Osipov, Timur Yunusov, Kirill Nesterov

Defensive Track (20 min)

“DPI as a means of access segrega-tion in a corporate network”,Igor Bulatenko

“WAF in scale”, Alexey Sintsov “SMM monitoring guarding the security of Internet services”,Karim Valiev

“Building a complex incoming mail analysis system based on OpenSource solutions”,Alexey Karyabkin, Pavel Kulikov “Preventing mobile malware in CSP’s network. Android honeypot for antifraud”,Denis Gorchakov, Nikolay Goncharov

12.00 – 12.50 “Racing with Droids”,Peter Hlavaty

“Deobfuscation and beyond”,Dmitry Schelkunov,Vasily Bukasov

“Deriving cryptographic keysvia power consumption”,Part 1Roman Korkikyan

13.00 – 13.50 “EMET 5.0 – armor or curtain?”, Freingruber Renй

“De-anonymization and total espionage”,Dmitry Boomov

Live discussion

14.00 – 16.00 Lunch

16.00 – 16.50 “Unexpected expectedexception: think different about web-related vulnerabilities”,Ivan Novikov

“Fuzzer of the State - Evolution-ary Black-Box Fuzzing”,Fabien DUCHENE

FastTrack (15 min)

“Unsafe factory settings and firmwares”,Victor Alyushin “Parkomagic: substandard look on parking terminals”,Denis Makrushin, Stas Merzlyakov “Hidden timing channels based on HTTP caching headers”,Denis Kolegov, Oleg Broslavsky, Nikita Oleksov “A pentester’s view of Oracle Da-tabase Communication Protocol, or Rude Oracle experiments”,Roman Bazhin “Fast (and almost automatic) SSRF detection”,Eldar ‘kyprizel’ Zaitov “+22: reversing 64-bit binaries using Hex-Rays x86 Decompiler”, Vlad ‘vos’ Roskov “Bypassing kernel patch guard on Windows 8.1 and Windows 10”, Artem Shishkin, Mark Ermolov “Go in a virmaker production”, Boris Ryutin “Kernel AddressSanitizer: search-ing for vulnerabilities in Linux kernel”,Dmitry Vyukov “Roaming tiger”,Anton Cherepanov

“Deriving cryptographic keysvia power consumption”,Part 2Roman Korkikyan

17.00 – 17.50 “Hardware assisted virtualization in AV software”,Peter Kamensky

“Security vulnerabilities in DVB-C networks: Hacking Cable tV network part 2”,Rahul Sasi

18.00 – 18.50 “Your Q is my Q”,Georgi Geshev

“Miniturization (Fitting a full pro-cess control attack into a small microcontroller)”,Jason Larsen

19.00 – 19.30 Closing

Program | 14 november