Saturday from 12:00 – 13:50 in Sunset 4 at Planet Hollywood
Audience: Offense, Defense, Forensics, Hardware Ulf Frisk & Ian Vitek

PCILeech and MemProcFS: The PCILeech direct memory access attack toolkit was presented at DEF CON 24 and quickly became popular amongst red teamers, governments and game cheaters alike. We will demonstrate how to take total control of still vulnerable systems with PCIe DMA code injection using affordable FPGA hardware and the open source PCILeech direct memory access attack toolkit. MemProcFS - The Memory Process File System is memory forensics and analysis made super easy! Analyze memory by clicking on files in a virtual file system or by using the C and Python API. A wide range of memory acquisition methods are supported. Analyze memory dump files by point and click, analyze live memory acquired using PCILeech PCIe FPGA hardware devices or even live memory acquired in real time from remote hosts over the network. Zero-cost open source memory forensics and incident response?

https://github.com/ufrisk/pcileech https://github.com/ufrisk/MemProcFS

Ulf Frisk
Ulf is a pentester by day, and a Security Researcher by night. Ulf is the author of the PCILeech direct memory access attack toolkit and the Memory Process File System. Ulf has previously presented his work at DEF CON, the Chaos Communication Congress and BlueHatIL. Ulf is interested in things low-level and primarily focuses on Memory Analysis and Direct Memory Access.

Ian Vitek
Ian Vitek has a background as a pentester but now works with information security in the Swedish financial sector. Ian has held several presentations at DEF CON, BSidesLV and other IT security conferences. The last years also performed as a DJ (VJ Q.Alba) at DEF CON and related private parties. Interested in web, layer 2, DMA and local pin bypass attacks.