Event Related

  • Hacker Internship – nds.ruhr-uni-bochum.de
    Web applications are in the age of Web 2.0 increasingly become the target of attackers. Thus no problem SQL injection foreign databases are compromised, stolen by XSS vulnerability browser sessions and via cross-site request forgery you get from one day to the countless new friends in a social network.
  • AppSec USA 2012 – Austin – videos.2012.appsecusa.org
    These are the videos from the OWASP AppSec USA 2012 conference in Austin, TX. The schedule for the conference is at http://appsecusa2012.sched.org/ and the site for the conference is at http://2012.appsecusa.org/.

Resources

  • VU#281284 – Samsung Printer SNMP Backdoor – l8security.com
    In regards to http://www.kb.cert.org/vuls/id/281284 I don’t have time to write up a full post on this like I wanted to. Here’s the details you wanted anyways.

Tools

  • Nmap 6.25 holiday season release! – seclists.org
    Hi folks. It has been more than five months since the Nmap 6.01 release, and I’m pleased to announce a new version for you to enjoy during the holidays!

Techniques

  • Penetration Testing with Smartphones Part 1 – tripwire.com
    When most people think of penetration testing, they think of a simulated external attack where the tester tries to break into a network remotely. Companies focus most of the security spending and policies on keeping hackers out remotely.
  • Detouring Win32 Function Calls in PowerShell – csharpening.net
    Detouring Win32 API function calls is a more common practice than some may think. A long standing Microsoft research project has made this very easy in unmanaged code.

Other News