Nullcon Berlin 2022


Download Collection

Keynote | High-assurance code reviews: How consulting works when the risks are high by Dan Guido

Keynote | Hunting evasive vulnerabilities: finding flaws that others miss by James Kettle

A broken commercial metaverse-based virtual office platform by YoungWoon Kim, YeChan Jeon, Duyeong Kim & Hee Seong An

Attack Surfaces for 5G Networks? by Altaf Shaik

badkeys: Finding weak cryptographic keys at scale by Hanno Böck

Bheem OS - A next-generation reasonably secure OS using Rust MicroVMs by Subash SN & Mohd Akram Ansari

Careful Who You Trust: Compromising P2P Cameras at Scale by Erik Barzdukas, Jake Valletta & Dillon Franke

CXO Panel | Digital identity in the age of Fintechs by Alessandro Avagliano, Benoit Flippen, Guido Reismueller, Sheetal Joseph & Travis Carelock

CXO Panel | Bug Bounty? Great! Now What? by David Calligaris, Dominic Couture, Madeline Eckert, Ryan Black & Thomas Roth

CXO Panel | Diversity in Bug Hunting by Franziska Bühler, Sarah Jacobus & Yan Zhu

CXO Panel | Web3: The Great Debate by Addie Wagenknecht, Jean-Baptiste Bédrune & Nathan Hamiel

Deep Links can be Friends of Spyware - Analysis The Dangerous Role Of Deep Links by Rahul Kankrale & Yogesh Anil Tantak

Finding and Exploiting Critical Bugs in TLS Libraries used by “Smart” UPS Devices by Yuval Sarel & Gal Levy

Fuzzware: Automating and Scaling Fuzzing for Firmware by Tobias Scharnowski & Marius Muench

GPG memory forensics by Nils Amiet & Sylvain Pelissier

GNU Anastasis: Privacy-Preserving Key Backup and Recovery by Christian Grothoff

How to bypass AM-PPL (Antimalware Protected Process Light) and disable EDRs - a Red Teamer's story by Stephen Kho & Juan Sacco

Jailbreaking the AppleTV3 - Tales from a full stack hack by Tihm Star

Making of: the Sanitizer API by Frederik Braun

Workshop | Firmware Security Village by Christopher Krah & Johannes vom Dorp

Workshop | Offensive Payment Security by Timur Yunusov

Workshop | Template Injection On Hardened Targets by BitK

Workshop | Shell Language Processing: parsing Unix commands for Machine Learning by Dmitrijs Trizna