2025年美国黑帽大会（Black Hat USA 2025）嘉宾演讲PPT合集（共79套打包）

1、#BHUSA BlackHatEventsDark Corners:How a Failed Patch Dark Corners:How a Failed Patch Left VMware ESXi VM Escapes Left VMware ESXi VM Escapes Open for Two YearsOpen for Two YearsYuhao Jiang,0 x140ce,E。

2、#BHUSA BlackHatEventsFirewalls Under FireChinas ongoing campaign to compromise network protection devices worldwideAndrew Brandt#BHUSA BlackHatEventsAbout meThreat research at Webroot,Solera Networks。

3、#BHUSA BlackHatEventsTracking the TractorsTracking the TractorsAnalyzing Smart Farming Automation SystemsFelix EberstallerHead of Vulnerability ResearchBernhard RaderIT/OT Security Specialist2#BHUSA#。

4、#BHUSA BlackHatEventswww.cognitivesecurity.institute#BHUSA BlackHatEventsEvil Digital Twin,TooEvil Digital Twin,TooThe First 30 Months of Psychological Manipulation of Humans by AIBen D Sawyer,PhDAss。

5、#BHUSA BlackHatEventsClustered Points of FailureClustered Points of FailureAttacking Windows Server Failover ClustersAttacking Windows Server Failover ClustersGarrett Foster#BHUSA BlackHatEvents12390。

6、#BHUSA BlackHatEventsAdvanced Active Directory to Entra ID Advanced Active Directory to Entra ID lateral movement techniqueslateral movement techniquesDirk-jan MollemaAbout me Dirk-jan Mollema From T。

7、Thinking Outside the Sink How Tree-of-AST Redefines the Boundaries of Dataflow AnalysisAlexander ZyuzinRuikai PengCONTENTS01ALGORITHMIC02TECHNICAL03CONCLUSIONS#BHUSA BlackHatEvents1 PICTURE WORTH 100。

8、#BHUSA BlackHatEventsCross-Origin Web Attacks via HTTP/2 Server Push and Signed HTTP Exchange Speaker:Pinji ChenContributors:Jianjun Chen,Qi Wang,Mingming Zhang,Haixin Duan#BHUSA BlackHatEventsTalk R。

9、#BHUSA BlackHatEventsUncovering NASty 5G Baseband Vulnerabilities through Dependency-Aware FuzzingAli Ranjbar&Tianchang YangKai Tu,Saaman Khalilollahi,Kanika Gupta,Syed Rafiul Hussain#BHUSA Black。

10、Hillai Ben-SassonhillaiAndres RianchoAndresRianchoAbout usHillai Ben-Sassonhillai Hillai and Andres Based in Israel and Argentina Security Researchers at Wiz Specialize in cloud security research And。

11、#BHUSA BlackHatEventsAutonomous Timeline Analysis and Threat HuntingAI Log Reasoning Capability in TimesketchAlex Kantchelian,Marteen Van Dantzig,Diana Kramer,Janosch Kpper,Eric Morley,Sadegh Momeni,。

12、#BHUSA BlackHatEventsWatching the WatchersExploring and Testing Defenses of Anti-Cheat SystemsSam Collins,Marius Muench,Tom Chothia#BHUSA BlackHatEventsThis talkIn this context:-Cheats&Cheaters a。

13、#BHUSA BlackHatEventsE-Trojans:Ransomware,Tracking,DoS,and Data Leaks on Battery-powered Embedded SystemsM.Casagrande(KTH),D.Antonioli(EURECOM).#BHUSA BlackHatEvents Postdoc at KTH(Sweden),Prof.Papad。

14、#BHUSA BlackHatEventsVulnerability HaruspicyVulnerability HaruspicyPicking Out Risk Signals from Scoring System EntrailsPicking Out Risk Signals from Scoring System EntrailsTod Beardsley,runZero VP o。

15、ghosts in the machine checkdomas/xoreaxeaxeax/Black Hat 2025(demo)state disruptionInterrupts and Exceptionsstatic void main(void)int x;int y;x=1;y=2;CPUstatic void main(void)int x;int y;x=1;y=2;CPUPC。

16、#BHUSA BlackHatEvents#BHUSA BlackHatEventsAmplify and Annihilate:Discovering andExploiting Vulnerable Tunnelling HostsAngelos Beitis,Mathy Vanhoef1#BHUSA BlackHatEvents2#BHUSA BlackHatEventsIntroduct。

17、Pwning Phishing Training Through Scientific Lure CraftingDr.Christian Dameff,MD&Dr.Ariana Mirian,PhDBlack Hat 2025,Human Factors TrackWho are we?Associate professor UCSDCo-director UCSD Center fo。

18、#BHUSA BlackHatEventsSmashing Model ScannersAdvanced Bypass Techniques and a Novel Detection ApproachBy Itay RaviaHead of Aim Labs#BHUSA BlackHatEventsOn a mission to secure the AI revolution,which i。

19、#BHUSA BlackHatEventsDetecting Taint-Style Vulnerabilities in Detecting Taint-Style Vulnerabilities in Microservice-Structured Web ApplicationsMicroservice-Structured Web ApplicationsSpeaker:Fengyu L。

20、#BHUSA BlackHatEvents#BHUSA BlackHatEventsLost In:Exploiting Unicode NormalizationRyan BarnettIsabella Barnett#BHUSA BlackHatEvents#BHUSA BlackHatEventsBlackhat isgonna beawesome!Backpack isgonna be 。

21、#BHUSA BlackHatEventsAdversarial Fuzzer for Teleoperation Commands:Zhisheng Hu,Shanit Gupta,Cooper de NicolaEvaluating Autonomous Vehicle Resilience#BHUSA BlackHatEventsZhisheng HuDirector of Product。

22、#BHUSA BlackHatEventsDiving into Windows HTTP:Diving into Windows HTTP:Unveiling Hidden Unveiling Hidden PreauthPreauthVulnerabilities in Windows HTTP Vulnerabilities in Windows HTTP ServicesServices。

23、#BHUSA BlackHatEventsMore Flows,More Bugs:More Flows,More Bugs:Empowering SAST with LLMs and Customized DFAEmpowering SAST with LLMs and Customized DFAYuan Luo&Zhaojun Chen&Yi Sun&Rhettxi。

24、#BHUSA BlackHatEventsTurning the Tables on GlobalProtectTurning the Tables on GlobalProtectUse and Abuse of Palo Altos Remote Access SolutionSpeaker:Alex BourlaContributor:Graham Brereton#BHUSA Black。

25、#BHUSA BlackHatEventsAnomaly Detection Betrayed Us,so We Gave It a New Job:Anomaly Detection Betrayed Us,so We Gave It a New Job:Enhancing Command Line Classification with Benign Enhancing Command Li。

26、#BHUSA BlackHatEventsUniversal and Context-Independent Triggers for Precise Control of LLM OutputsJiashuo Liang,Guancheng Li#BHUSA BlackHatEventsTeamJiasho LiangliangjsSecurity ResearcherGuancheng Li。

27、#BHUSA BlackHatEventsClue-driven Reverse Engineering by LLMin Real-world Malware AnalysisPay Attention to the ClueResearch Team Lead CyCraft TechnologyResearch focusesAI/LLMRed TeamingCloud SecurityC。

28、#BHUSA BlackHatEventsSafe Harbor or Hostile Waters:Unveiling the Hidden Perils of the TorchScriptEngine in PyTorchJian Zhou,Lishuo Song1#BHUSA BlackHatEventsJian ZhouSecurity Engineer from Alibaba Cl。

29、#BHUSA BlackHatEventsSmart Charging,Smarter Hackers:The Unseen Risks of ISO 15118 Salvatore Gariuolo#BHUSA BlackHatEventsDr.Salvatore GariuoloSenior Threat ResearcherAbout me#BHUSA BlackHatEvents.1.T。

30、#BHUSA BlackHatEventsDeath by Noise:Abusing Alert Fatigue to Bypass the SOC(EDR Edition)Rex Guo Khang NguyenAlert Fatigue in Enterprise SOC 1K-10K+99%alerts/day false positives https:/ are medium and。

31、#BHUSA BlackHatEventsBreaking Chains:Hacking Android Key AttestationAlex Gonzalez#BHUSA BlackHatEventsIntroductionAlex GonzalezSenior Red Team Engineerlinkedin/in/alex-gonzalez-63b01426bdubfr33/dubfr。

32、#BHUSA BlackHatEventsLeveraging Jamf for Red Teaming in Leveraging Jamf for Red Teaming in Enterprise EnvironmentsEnterprise EnvironmentsByLance Cain and Daniel Mayer#BHUSA BlackHatEventsLance and Da。

33、#BHUSA BlackHatEventsOpen RAN,Open Risk:Uncovering Threats and Open RAN,Open Risk:Uncovering Threats and Exposing Vulnerabilities in NextExposing Vulnerabilities in Next-Gen Cellular RANGen Cellular 。

34、From Prompts to Pwns:Exploiting and Securing AI AgentsBecca Lynch,Offensive Security ResearcherRich Harang,Principal Security ArchitectBlack Hat USA|August 6th,2025SpeakersRich Harang(he/him)Principa。

35、#BHUSA BlackHatEventsDecoding Signal:Understanding the Real Privacy Guarantees of E2EEIbrahim M.ElSayed#BHUSA BlackHatEvents Setting the scene Attack surface 1:1 Messages Linked devices ConclusionAge。

36、#BHUSA BlackHatEventsNot Sealed:Practical Attacks on Nostr,a Decentralized Censorship-Resistant ProtocolSpeakers:Hayato KimuraContributors:Ryoma Ito,Kazuhiko Minematsu,Shogo Shiraki and Takanori Isob。

37、#BHUSA BlackHatEventsHow to Secure Unique Ecosystem How to Secure Unique Ecosystem Shipping 1 Billion+Cores?Shipping 1 Billion+Cores?Adam pi3 Zabrocki,Marko Mitic#BHUSA BlackHatEvents/usr/bin/whoarew。

38、When Changed FilesChanged EverythingUncovering and Responding to the tj-actions Supply Chain BreachVarun Sharma,Ashish KurmiWhen Changed Files Changed Our Weekend PlansSpoiler:They were definitely ch。

39、#BHUSA BlackHatEventsBurning,Trashing,Spacecraft CrashingBurning,Trashing,Spacecraft CrashingA Collection of Vulnerabilities that will End your Space MissionA Collection of Vulnerabilities that will 。

40、#BHUSA BlackHatEventsWhen Guardrails Arent EnoughWhen Guardrails Arent EnoughReinventing Agentic AI Security With Architectural ControlsDavid Richards Brauchler III#BHUSA BlackHatEventsA Story:Consid。

41、#BHUSA BlackHatEventsBooting into BreachesHunting Windows SecureBootsRemote Attack SurfacesAzure Yang CyberKunlun#BHUSA BlackHatEventsAbout meAzure Yang 4zure9Security Researcher Cyber Kunlun|MSRC MV。

42、#BHUSA BlackHatEventsDigital Dominoes:Scanning the Internet to Expose Systemic Cyber RiskMorgan Herv-Mignucci#BHUSA BlackHatEventsMorgan Herv-Mignucci PhD,CFA,CISSP Lead Cyber Catastrophe Modeling at。

43、#BHUSA BlackHatEventsQUACK:Hindering Deserialization Attacks via Static Duck TypingSpeakers:Andreas Kellas,Neophytos Christou#BHUSA BlackHatEventswhoareweNeophytos ChristouPhD student,Brown Universit。

44、#BHUSA BlackHatEventsExploiting DNS for Stealthy User TrackingBla Genge,Ioan Pdurean,Dan Macovei#BHUSA BlackHatEventsDirector of Product ManagementSecurity Product StrategyJunior Security ResearcherA。

45、Turning Camera Surveillance on its AxisNoam Moshe Claroty Research,Claroty Team82$whoamiNoam MosheVulnerability researcher&Team Lead at Claroty Team82-mostly breaking IoT clouds.Master of Pwn Pwn。

46、S C I E N C EPA S S I O NT E C H N O L O G YDerandomizing the Location of Security-CriticalKernelObjectsintheLinuxKernelLukas MaarLukas GinerDaniel GrussStefan MangardAugust 6-7,2025Briefingsisec.tug。

47、BitUnlockerLeveraging Windows Recovery to Extract BitLocker SecretsMicrosoft Confidential|Internal Use OnlyAlon Leviev(alon_leviev)Security Researcher MicrosoftNetanel Ben Simon(NetanelBenSimon)Senio。

48、#BHUSA BlackHatEventsProtecting Small Organizations Protecting Small Organizations in the Era of AI Botsin the Era of AI BotsRama Carl Hoetzlein#BHUSA BlackHatEventsRAMA CARL HOETZLEIN PROTECTING SMA。