Speaking Engagements & Presentations: Turbo Talks

(see full-length presentations)

Blast From the Past: HackIt!

HTML | PDF | Flash

Blast From the Past: HackIt! is a short overview of an exploit framework designed and implemented by CAU in 1997 with some comparisons drawn between it and HD Moore’s Metasploit Framework.

2006.10.25 – Austin Hackers Association

DisAsterisk Sneak-Peek

HTML | PDF | Flash

A colleague and I’s newest project, DisAsterisk, is an exercise in leveraging Asterisk, other open source software, and our own custom code to create useful tools for VoIP security research. I’ll briefly describe the Asterisk extension module API, cover what we’ve developed so far, and list our future goals for the project.

2007.05.12 – ToorCon Seattle (Beta)

Media Injection

HTML | PDF | Flash

RTP audio injection, how the attack works, and a demo of some injection tools from researchers at SecureLogix that I’ve improved.

2007.05.30 – Austin Hackers Association

Metasploit Framework Telephony

HTML | PDF | Flash

An important attack vector missing in many penetration testing and attack tools available today is the tried-and-true telephony dialup. With the recent surge in popularity of VoIP connectivity, accessing such attack vectors has become both cheap and easy. Using the new Metasploit telephony components, users are now able to both scan for and dial up directly to telephony-accessible exploitation targets.

2009.07.29 – BlackHat USA 2009