Events Related

Resources

  • New hccapx format explained – hashcat.net
    A few days ago a user came into the #hashcat IRC channel and reported to have problems cracking one of his WPA handshake captures. No worries, the user knew the password to the WPA handshake so this seemed to be a ligitimate request.
  • Car Hacking: The Definitive Source – illmatics.com
    Instead of buying books or paying exorbitant amount of money to learn about car hacking, we (Charlie Miller and Chris Valasek) decided to publish all our tools, data, research notes, and papers to everyone for FREE! Feel free to reach out if you have any questions.

Techniques

  • Finding and Tracking Bluetooth Devices – Tradecraft – www.youtube.com
    In this video, we’ll be showcasing the utility of Great Scott Gadget’s Ubertooth One by using the device along with the open source program Blue Hydra to build a powerful and portable Bluetooth detection and tracking system along with a little script called BLE finder.
  • Hacking JSON Web Tokens – blog.websecurify.com
    JWT, or JSON Web Tokens, is the defacto standard in modern web authentication. It is used literally everywhere: from sessions to token-based authentication in OAuth, to custom authentication of all shapes and forms. There is actually a pretty good reason for this wide adoption and that is, for the most part, security and resilience.
  • Hacking WordPress 4.7.0-1 – blog.websecurify.com
    The guys from sucuri have recently published a blog post with details of a WordPress vulnerability which allows an unauthenticated attacker to easily edit any blog post of their liking by abusing a bug in the WordPress REST API.