Here is a consolidated view of all of our presentation slides available for download. These slide decks come from speaking at various security conferences and gatherings on a multitude of security research topics.
DISCLAIMER: These slides are intended for security training purposes only.
You can also see some of our slides on Slideshare.
- Kaspersky SAS - Ghost in the Browser: Broad-Scale Espionage with Bitsquatting - 10Apr2019 - Slides (1664 downloads )
- BSides SF - Twist and Shout: Ferris Bueller’s Guide to Abuse Domain Permutations - 03Mar2019 - Slides (2067 downloads )
- BSides CMH - Check Your Privilege (Escalation) - 01Mar2019 - Slides (1810 downloads )
- Day of Shecurity Boston 2019 - Introduction to Linux Privilege Escalation Methods - 22Feb2019 - Slides (1816 downloads )
- Day of Shecurity Boston 2019 - Network Penetration Testing Toolkit - 22Feb2019 - Slides (1908 downloads )
- OWASP AppSecCali 2019 - How Perceptual Analysis Helps Bug Hunters - 24012019 - Slides (1885 downloads )
- Kiwicon 2038AD - Getting Buzzed on Buzzwords - DeMesy - 16Nov2018 - Slides (1800 downloads )
- Practising Law Institute SFO - Cybersecurity: A Hacker’s Perspective - Evolving Cyber Adversary Simulation - 06Nov2018 - Slides (1682 downloads )
- 2018 Cybersecurity Symposium – Breaking Into a Career of Breaking In - 19Oct2018 - Slides (1991 downloads )
- CactusCon 2018 - Anatomy of an AppSec Program - 29Sept2018 - Slides (2429 downloads )
- Empire Hacking NYC Meetup - Server-side Spreadsheet Injections in High Impact Attacks - 12June2018 - Slides (4041 downloads )
- DEF CON 25 (2017) - DeepHack - 30Jul2017 - Slides (3013 downloads )
- DEF CON 25 (2017) - Game of Drones - Brown Latimer - 29July2017 - Slides.PDF (11800 downloads )
- Interop 2017 - Defeating Social Engineering, BECs, and Phishing - 17May2017 - Slides (2308 downloads )
- Interop 2017 - Developing and Testing an Effective Incident Response Program - 16May2017 - Slides (2109 downloads )
- QCon London - Out of the Browser Into the Fire - 08Mar2017 - Slides (2362 downloads )
- Dark Reading Virtual Event - Preparing a Next-Generation IT Security Strategy - 15Nov2016 - Slides (2573 downloads )
- Critical Infrastructure Luncheon 2016 - Laika Boss - 03Nov2016 - Slides (2342 downloads )
- BetterCloud Cloud IT Live - Creating a Security Blueprint - 25Oct2016 - Slides (2503 downloads )
- 2016 Kennesaw State Cyber Security Awareness Day - Exploiting Smart Devices - 06Oct2016 (2572 downloads )
- Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides.pdf (4498 downloads )
- CactusCon 2016 - Telling Lies & Making Friends: Penetrating People's Emotional Barriers - 6May2016 - Slides (3107 downloads )
- CactusCon 2016 - Developing and Testing an Effective Incident Response Program - 6May2016 - Slides (3006 downloads )
- Interop Las Vegas - Social Engineering: The Bad, Better, and Best Incident Response Plans - 4May2016 - Slides (2783 downloads )
- InfoSec World 2016 - RFIDiggity - Pentester Guide to Hacking HF/NFC and UHF RFID - 05Apr2016 - Slides (5712 downloads )
- ITAC 2015 - Putting Your Logs On a Diet - Network Intrusion Detection - Best Practices - 01Oct2015 - Slides (2757 downloads )
- ITAC 2015 - Internet of Things (IoT) - Hacking Smart Devices - 29Sept2015 - Slides (2738 downloads )
- ITAC 2015 - CloudBots - Abusing Free Cloud Services to Build Botnets in the Cloud - 29Sept2015 - Slides (2598 downloads )
- Phoenix Security & Audit Conference - The Active Directory Kill Chain - 10Sept2015 - Slides (4050 downloads )
- ISC(2) Phoenix - Effectively Operating a Bug Bounty Program - 13Aug2015 - Slides (3362 downloads )
- DEF CON 23 (2015) - RFIDiggity - Pentester Guide to Hacking HF/NFC and UHF RFID - 09Aug2015 - Slides (4810 downloads )
- Black Hat USA 2015 - Bypass Surgery - 6Aug2015 - Slides (9891 downloads )
- Converge Detroit - Homebrew Censorship Detection by Analysis of BGP Data - 16July2015 - Slides (4914 downloads )
- OWASP Phoenix - If You Like It, Then You Shouldn't Put a Ring3 On It - 9June2015 - Slides (2685 downloads )
- CactusCon 2015 - Wireless Network Risk and Controls - 13March2015 - Slides (2887 downloads )
- ISACA Phx - Wireless Network Risks and Controls - 22Jan2015 - Slides (2990 downloads )
- CalPoly SLO - So You Wanna Be a Hacker? - 10Nov2014 - Slides (3270 downloads )
- UAT TechTrek - Lessons on Security Consulting - 6Nov2014 - Slides (3054 downloads )
- ISSA Tucson - Untwisting the Mersenne Twister - Slides - 5Nov2014 (2638 downloads )
- Dark Reading University - Monitoring Threats and Measuring Risk - 31Oct2014 - Slides (3139 downloads )
- Dark Reading University - Protecting Backend Systems - 28Oct2014 - Slides (2594 downloads )
- Dark Reading University - Protecting the Customer-Facing Website - 27Oct2014 - Slides (2767 downloads )
- ToorCon 2014 - If You Like It Then You Shouldn't Put a Ring3 On It - 25Oct2014 - Slides (2920 downloads )
- ITAC 2014 - SCADA Hacking - Clear and Present Danger - 02Oct2014 - Slides (3198 downloads )
- ITAC 2014 - Mobile Application Testing and Code Review - 30Sept2014 - Slides (2836 downloads )
- Black Hat USA - CloudBots Harvesting Crypto Coins Like a Botnet Farmer - 6Aug2014 - Slides (3388 downloads )
- BSides LV - Untwisting the Mersenne Twister - 5Aug2014 - Slides (2680 downloads )
- HOPE - Rickrolling your Neighbors with Google Chromecast - 18July2014 - Slides (3186 downloads )
- CCOAITS - Not the Weakest Link - 10Jul2014 - Slides (2310 downloads )
- CCOAITS - Incident Response Preparation - 10Jul2014 - Slides (2840 downloads )
- CactusCon 2014 - Malware and the Syrian Civil War - 4Apr2014 - Slides (3302 downloads )
- RSA 2014 - Cloud Ninja - 27Feb2014 - Slides (5614 downloads )
- ISACA Phx - Protection of Information Assets - 27Feb2014 - Slides (2681 downloads )
- MISTI - Mobile 2013 - Mobile App Testing and Code Review - 19Nov2013 - Slides (5825 downloads )
- Bsides PDX - Resistance Networks - 27Sept2013 - Slides (3748 downloads )
- DEFCON 21 (2013) - RFID Hacking - 03 Aug 2013 - Slides (38162 downloads )
- Black Hat USA 2013 - RFID Hacking - 01 Aug 2013 - Slides (12723 downloads )
- Black Hat USA 2013 - Lets Get Physical - 31July2013 - Slides (11651 downloads )
- InfoSec World 2013 – W4 – Using Google to Find Vulnerabilities in Your IT Environment – 14Apr2013 – Slides (10507 downloads )
- BayThreat 2012 - Securing a Start Up - 07Dec2012 - Slides (3328 downloads )
- DEFCON 20 (2012) – Tenacious Diggity – 29July2012 – Slides (14978 downloads )
- OWASP Atlanta – Attack Chaining Advanced Maneuvers – May 2012 (3314 downloads )
- ISSA LA – 4th Annual InfoSec Summit – Pulp Google Hacking – 15May2012 – Slides (8127 downloads )
- TakeDownCon 2012 – Pulp Google Hacking – 08May2012 - Slides (8431 downloads )
- InfoSec World 2012 – Pulp Google Hacking – 02Apr2012 – Slides (6992 downloads )
- OWASP LA – SharePoint Hacking – 22Feb2012 – Slides (8999 downloads )
- ISSA LA – Pulp Google Hacking – 15Feb2012 – Slides (7006 downloads )
- BayThreat 2011 - Putting Logs on a Diet - 11Dec2011 - Slides (3173 downloads )
- BayThreat 2011 - Pulp Google Hacking - 09Dec2011 - Slides (7470 downloads )
- Hacker Halted USA 2011 – Pulp Google Hacking – 27Oct2011 - Slides (7356 downloads )
- Black Hat USA 2011 – Pulp Google Hacking – 03Aug2011 - Slides (8306 downloads )
- TakeDownCon 2011 – Lord of the Bing – 18May2011 - Slides (8112 downloads )
- InfoSec World 2011 – Google Hacking – To Infinity and Beyond – 21Apr2011 - Slides (7618 downloads )
- HackCon 2011 – SharePoint Hacking - 16Feb2011 - Slides (6690 downloads )
- HackCon 2011 – Lord of the Bing – 16Feb2011 - Slides (7127 downloads )
- Hacker Halted 2010 Singapore – Lord of the Bing – 26Oct2010 - Slides (7466 downloads )
- ToorCon 12 – Lord of the Bing – 24Oct2010 - Slides (3981 downloads )
- Security B-Sides Atlanta 2010 – Lord of the Bing – 08Oct2010 - Slides (7982 downloads )
- ISSA Phoenix Chapter – 05 Oct 2010 Presentation Slides (6059 downloads )
- DEFCON 18 – Lord of the Bing – 30July2010 - Slides (8745 downloads )
- Black Hat USA 2010 – Lord of the Bing – 29July2010 - Slides (9933 downloads )
- The Good, the Bad, and the Ridiculous - SANS Penetration Testing Summit 2010 (2846 downloads )
- InfoSec World 2010 – Google and Beyond – 21Apr2010 - Slides (6634 downloads )
- SANS - Pentest and AppSec Summit 2009 - Realworld Code Review - 02Jun2009 - Slides (3115 downloads )
- Microsoft BlueHat v8 - Real World Code Review - Liu - 17Oct2008 - Slides (5252 downloads )
- SANS - Pentest Security Summit 2008 - Success Stories and Lessons Learned - 02Jun2008 - Slides (3598 downloads )
- SPICON 2007 - Lessons Learned – Implementing an Application Security Program - 17Oct2007 - Slides (2771 downloads )
- SANS - AppSec Summit 2007 - Implementation Lessons Learned - 15Aug2007 - Slides (2609 downloads )
- CEIC 2006 - Defeating Forensic Analysis - 04May2006 - Slides (4030 downloads )
- InfoSec World 2006 - K2 - Bleeding-Edge Anti-Forensics - Brown and Liu - 03April2006 - Slides (6218 downloads )
- Microsoft BlueHat v2 - Introducing the Metasploit Anti-Forensics Project - 13Oct2005 - Slides (4324 downloads )
- Toorcon 7 - Introducing the Metasploit Anti-Forensics Project - 16Sept2005 - Slides (10072 downloads )
- Black Hat USA 2005 - Catch Me If You Can - 27July2005 - Slides (8321 downloads )