applied security conferences and training: CanSecWest | PacSec | EUSecWest |

History

The CanSecWest conference was established in 2000. Archives of presented material may be found below.

Material Archives - 2014, 2013, 2012, 2011, 2010, 2009, 2008,
                    2007, 2006, 2005, 2004, 2003, 2002, 2001, 2000

CanSecWest 2011 Files

Network Application Firewalls vs. Contemporary Threats
- Brad Woodberg, Juniper
1.6M

Black Box Auditing Adobe Shockwave
- Aaron Portnoy, Logan Brown, Tipping Point / H.P. Zero Day Initiative
3.9M

SMS-o-Death: From Analyzing To Attacking Mobile Phones on a Large Scale
- Nico Golde and Collin Mulliner, TU-Berlin
3.1M

Runtime Firmware Integrity Verification: What Can Now Be Achieved
- Yves-Alexis Perez and Loic Duflot, ANSSI
288K

The Law of Web Application Hacking
- Marcia Hofmann, EFF
247K

Is Your Gaming Console Safe?: Embedded Devices, an AntiVirus-free Safe Hideout for Malware
- DongJoo Ha and KiChan Ahn, AhnLab Inc and Korea Financial Telecommunications & Clearings Institute
723K

Dymanic Cryptographic Trapdoors
- Eric Filiol, ESIEA Laval CVO Lab & French DoD
1.2M

Understanding and Exploiting Flash ActionScript Vulnerabilities
- Haifei Li, Fortinet
1.4M

Chip & PIN is Definitely Broken
- Andrea Barisani and Daniele Bianco, Inversepath
2.0M

iPhone and iPad Hacking
- Ilja van Sprundel, IOActive
2.5M

Welcome To Rootkit Country
- Graeme Neilson, Aura Software Security
11M

Project Ubertooth: Building a Better Bluetooth Adapter - Michael Ossmann, Great Scott Gadgets 23M

Borken Fonts: The Story of Naive Parsers and Attacker Controlled Reboots
- Marc Schönefeld, Red Hat
49M

Deconstructing ColdFusion
- Chris Eng & Brandon Creighton, Veracode
1.4M

Stale Pointers Are The New Black
- Vincenzo Iozzo and Giovanni Gola, Zynamics GmbH
2.4M

A Castle Made of Sand: Adobe Reader X Sandbox
- Richard Johnson, Sourcefire
933K

Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
- Dan Kaminski, Adam Cecchetti and Mike Eddington, Doxpara & Deja Vu Security
2.0M

Security Defect Metrics for Targeted Fuzzing
- Dustin Duran, Matt Miller, David Weston, Microsoft
700K

GRAPE: Generative Rule-based Generic Stateful Fuzzing
- Nicholas Green, FourteenForty
1.2M