Skip to content

Latest commit

 

History

History
463 lines (326 loc) · 23.3 KB

talks.md

File metadata and controls

463 lines (326 loc) · 23.3 KB

Talks, keynotes, tutorials, workshops, articles, podcasts...

Faster alone, further together.

Chronological Youtube playlist
SpeakerDesk

Contents

Brainteasers

A challenge in your pocket: an introduction to brainteasers HackPra 2013 slides / video

For kids

How people can create better video games Hack.lu 2015 slides
Hacking: spend time to understand how things really work (and get awesome results)

Tools-assisted speedruns

TASBot - the perfectionist 2016 DEF CON
w/ dwangoAC, slides / video

Arcade games preservation (via hacking)

Preserving arcade games Exceptional games, exceptional security, exceptional hacking
slides / live animated prezo (1Gb) / video / video (fr)

  • 2013: Recon, T2
  • 2014: Nuit du Hack, RaumZeitLabor , CCC
  • 2015: HackPra All Stars

Drawing

an introduction to Inkscape 2017 (workshop) DEFCON Zürich slides

Keynotes

Beyond your studies HackPra 2018, ESIEA 2019, University of Warwick 2021 slides / video
about your future - as a student or young professional.

Infosec & Failures Hack.lu 2017 slides / video
about you.

Connecting Communities RMLLSec 2016 slides / video
about connecting with your peers.

Education & Communication Hack.lu 2018 slides / video
about your surroundings.

You are not an idiot NorthSec 2021 slides / video
about things you could get wrong in general.

File formats

Messing with binary formats 2013 44Con, SSTIC slides / video

Schizophrenic files 2014 Area41, MRMCD slides / video
w/ Gynvael Coldwind

Funky file formats CCC 2014 slides / video /

Funky file formats NoLimitSecu, March 2015 [podcast] (fr)

Trusting files (and their formats) Hack.lu 2015 slides

Caring for file formats Troopers 2016 slides / video

Binary stuff Gynvael ColdWind livestream, 13 Dec. 2017 video

Formats de fichiers: structures et conséquences ESIEA, November 2019 Groupe de Travail "Sécurité des Systèmes, des Logiciels et des Réseaux", slides

Generating weird files - an introduction to Mitra Pass the Salt 2021 slides / video
polymocks, polyglots, near polyglots

Talking about file formats LiveOverFlow livestream, 26th Aug. 2021 YouTube / Twitch

Portable Document Format

PDF secrets 2014, RaumZeitLabor, MRMCD slides / video

an overview of PDF potential leaks 2015 slides

Advanced PDF tricks (workshop) Troopers 2015 slides / video
w/ Kurt Pfeifle

Let's write a PDF file (tutorial) 2017 slides

Portable Executable

x86 & PE 2011, HashDays, BerlinSides slides / video

a bit more of PE Hack in Paris 2012 slides / video

Binary art: Byte-ing the PE that fails you Hashdays 2012 slides / video

Exploring the PE format (workshop) 44con 2013 slides

with cryptography

AngeCryption

when AES(☢) = ☠, May 2014 slides / video

Let's play with crypto June 2014 RaumZeitLabor, RMLL, MRMCD slides (en) / slides (fr) / video (fr) / video
AngeCryption / TrueCrypt / polyglots

Hide Android Applications in Images BlackHat Europe 2014, slides / video
w/ Axelle Apvrille

Hash collisions

SHA-1 backdooring and exploitation, BSidesLV 2014 slides / video
w/ Maria Eichlseder, Florian Mendel, Martin Schäffler, Jean-Philippe Aumasson
MalSHA1 collisions

Exploiting hash collisions w/ Marc Stevens, BlackAlps 2017 slides / video
MalSHA1, Shattered, MD5 collisions & hashquines

KILL MD5 - Demystifying hash collisions w/ Marc Stevens, slides

CollTris - Hash collisions exploitations workshop w/ Marc Stevens, slides / video

  • 2019/07/02 150p, Pass The Salt
  • 2019/07/24 199p, Google
  • 2019/08/19 208p, Google
  • 2019/10/23 222p, Hack.lu
  • 2019/11/07 225p, Black Alps
  • 2019/12/03 229p, Google

Collisions de hash NoLimitSecu #249, December 2019 [podcast] (fr)

Inside Out - Abusing archive file formats Generic and reusable hash collisions of Gzip and ZIP(XML) archives. Pass The Salt 2022 slides / video

TimeCryption

TimeCryption - clean now, malicious later. Abusing one-time pads with binary polyglots. DEFCON CH 2021 w/ Stefan Kölbl, slides / video

How to Abuse and Fix Authenticated Encryption Without Key Commitment. USENIX Security 2022, presented by Stefan Kölbl, slides / video

Digital preservation

PDF: myths vs facts "When is a PDF not a PDF?" DPC briefing, Oxford university, July 2015 slides

the Challenges of file formats Nestor Praktikertag, Kiel, July 2017 slides

Improving file formats -, May 2019 slides

Technical challenges with file formats DPC CyberSec & DigiPres event, Dec 2022 slides

Visualisation & dissection

Binary art - funky PoCs & visual docs Insomni'hack, Geneva, March 2014, slides

No more dumb hex! Rethinking binary tooling Troopers 2019, slides / video
w/ Rafał Hirsz

Sbud: Infovis in Infosec CTI Summit 2023 slides / video

Academic papers

Malicious Hashing: Eve’s Variant of SHA-1, Aug 2014
Ange Albertini, Jean-Philippe Aumasson, Maria Eichlseder, Florian Mendel, and Martin Schlaeffer
hash collisions

Fillory of PHY: Toward a Periodic Table of Signal Corruption Exploits and Polyglots in Digital Radio, WOOT 2016
Sergey Bratus, Travis Goodspeed, Ange Albertini, Debanjum S. Solanky
polyglots

The first collision for full SHA-1, Feb 2017
Marc Stevens, Elie Bursztein, Pierre Karpman, Ange Albertini, Yarik Markov
hash collisions

How to Abuse and Fix Authenticated Encryption Without Key Commitment, Nov 2020 - Dec 2021
Ange Albertini, Thai Duong, Shay Gueron, Stefan Kölbl, Atul Luykx, Sophie Schmieg
key commitment, timecryption

Articles

2019/08 Adding any external data to any PDF, Paged Out! p17 (=> extended version)

2020/07 Exploitations de collisions MD5, Misc Hors série 21 p118
hash collisions

2023/11 Classification et création de fichiers bizarres, Misc 130 p72

2024/01 Abus des modes de chiffrement via des fichiers bizarres, Misc 131 p72

Notable appearances

Programista 2013/11, p102-103

PoC or GTFO

In Proof of Concept or Get the F*ck Out

2013/10

2013/12

2014/03

2014/06

2014/08

2014/11

2015/03

2016/01

2016/03

2016/06

2016/10

2017/03

2017/06

2018/06

2019/03

2024/02