Resources

  • A Visual Introduction to DSP for SDR – visual-dsp.switchb.org
    This is an animated slide deck providing a tour of digital signal processing topics relevant to implementation of software-defined radios, focusing on building visual/geometric intuition for signals.
  • Anatomy of A Hack – theverge.com
    Partap Davis online life had been compromised. Read the full story here. A step-by-step account of an overnight digital heist.
  • Net-Creds – github.com
    Sniffs sensitive data from interface or pcap.  Concatenates fragmented packets and does not rely on ports for service identification.
  • NIST Cybersecurity Framework vs. NIST Special Publication 800-53 – praetorian.com
    Recently, a new framework has come into play: NIST’s “Framework for Improving Critical Infrastructure Cybersecurity.” While the Framework was written primarily by NIST, the same organization behind 800-53, there are several differences between them.
  • OpenSSL Cookbook – feistyduck.com
    A short book that covers the most frequently used OpenSSL features and commands, by Ivan Ristić. It’s free. Read now.

Tools

  • Tool Release – Digital Bond CANBus-Utils – digitalbond.com
    Corey Thuen would like to make a quick post with the release of some CANBus analysis tools he wrote. The tools are written in javascript using nodejs, which comes preinstalled on the Beaglebone black.
  • No Wireshark? No TCPDump? No Problem! – isc.sans.edu
    “netsh trace” is your friend. And yes, it does exactly what it sounds like it does. The cool thing about this is that it doesn’t need a terminal session (with a GUI, cursor keys and so on).

Techniques

  • Thousand ways to backdoor a Windows domain (forest) – jumpespjump.blogspot.com
    There are countless of documented methods to backdoor a computer, but David Szili has never seen a post where someone collects all the methods to backdoor a domain. In the following, he will refer to domain admin, but in reality, he means Domain Admins, Enterprise Admins, and Schema Admins.

Vulnerabilities

  • Tracking the FREAK Attack – freakattack.com
    On Tuesday, March 3, 2015, researchers announced a new SSL/TLS vulnerability called the FREAK attack. It allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data.

  • phpMoAdmin 0-day Nmap Script – blog.rootshell.be
    Xavier wrote a quick and dirty Nmap script which tests the presence of a phpMoAdmin page and tries to exploit the vulnerability.
  • Exploiting CVE-2015-0311: A Use-After-Free in Adobe Flash Player – blog.coresecurity.com
    Although the exploit code was highly obfuscated using the SecureSWF obfuscation tool, malware samples taking advantage of this vulnerability became publicly available, so Francisco decided to dig into the underlying vulnerability in order to exploit it and write the corresponding module for Core Impact Pro and Core Insight.