- BSides San Francisco 2016 Videos – www.irongeek.com
These are the videos from the BSides San Francisco conference.
- BSides Indy 2016 Videos – www.irongeek.com
These are the videos from the BSides Indy conference.
- HTCAP – www.htcap.org
htcap is a web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes.
- Getting Domain Admin with Kerberos Unconstrained Delegation – www.labofapenetrationtester.com
A recent penetration test was one of the rare ones where it was not possible to locate a domain admin credential (password/hash/ticket) using the usual methods.
- repairing the hackrf – www.t4f.org
The HackRF One uses two Avago MGA-81563 amplifiers. This chip amplifies the input signal by 14dB. In the HackRF this chip is used as a power amplifier (PA) for transmitting and as a Low Noise Amplifier (LNA) for receiving.
- Quick Analysis of a Recent MySQL Exploit – isc.sans.edu
We had a mysql honeypot getting hit hard with this “exploit” recently. I am enclosing the word “exploit” in quotes as the MySQL server was configured to allow logging in without password.
- OpenSSL Security Advisory – mta.openssl.org
OpenSSL is disabling the SSLv2 protocol by default, as well as removing SSLv2 EXPORT ciphers.
- The DROWN Attack – drownattack.com
DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security.
- S. Announces ‘Hack The Pentagon’ Bug Bounty Program – www.npr.org
Announcing what it calls “the first cyber bug bounty program in the history of the federal government,” the Department of Defense says it’s inviting hackers to test the security of its Web pages and networks.
- Why Your Security Tools Are Exposing You to Added Risks – darkreading.com
Remember that there is no foundation of trust on any piece of software; think of each of them as a potential vector. Plan your incident response around this idea, maximize your advantages as a defender and become a hard target.