Security Tools

Week 34 In Review – 2014

Events Related

USENIX Security ’14 Technical Sessions – usenix.org
The full Proceedings published by USENIX for the symposium are available for download here. Individual papers can also be downloaded from the presentation page.

WOOT ’14 Workshop Program -usenix.org
The full papers published by USENIX for the workshop are available for download as an archive or individually below.

DEF CON 22 ICS […]

Week 33 In Review – 2014

Events Related

Def Con 22

DEFCON 22: The Con That Keeps on Giving – lunalindsey.com
Luna Lindsey is redefining the conference experience. She had an amazing time this year, as always. But as a neophile, she crave new experiences.
Def Con: the ‘Olympics of hacking’ – www.ft.com
Welcome to Def Con, the Olympics of hacking, where for 21 years computer hackers […]

Week 32 In Review – 2014

Resources

Introducing LiveDump.exe – crashdmp.wordpress.com
Microsoft has added back the ability to dump physical memory to disk (in the form of a dump file) from user mode via NtSystemDebugControl. Sippy wrote a quick proof-of-concept tool and generated what appears to be a 250mb kernel bitmap dump.
About the USB Descriptor Collection – usbdescriptors.com
This site tries to build a collection […]

Week 31 In Review – 2014

Resources

REcon 2014 Videos – recon.cx
REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. Here is the index of REcon 2014 videos. Watch and download the videos from here.
RVAsec 2014 Videos – rvasec.com
Miss a talk or even the entire conference? No problem! All of the speaker videos and presentations are […]

Week 30 In Review – 2014

Resources

BSides Cleveland 2014 Videos – irongeek.com
These are the videos from the Bsides Cleveland conference. You can watch and download the videos from here.
Dispelling Confusion and Myths: iOS Proof-of-Concept – zdziarski.com
A quick POC demonstrating how File Relay and other services can be abused to dump a significant amount of personal data from an iOS device wirelessly, and […]

Week 29 In Review – 2014

Resources

BGA talk slides – twitter.com
Marshall twitted his BGA talk slides on twitter. You can download the pdf from here.
Building a Modern Security Engineering Organization – slideshare.net
Continuous deployment and the DevOps philosophy have forever changed the ways in which businesses operate. This talk with discuss how security adapts effectively to these changes.
Car Hacker’s Handbook – opengarages.org
Here you can […]

Week 28 In Review – 2014

Resources

Vendor Checklist app / Trust Metric app – archon.thewatchers.net
ISECOM (the Institute for Security and Open Methodologies) began with the release of the OSSTMM, the Open Source Security Testing Methodology Manual. It was a move to improve how security was tested and implemented.
Dumping Data from Memcached Servers – breenmachine.blogspot.com
Memcached servers provide a dynamic, distributed memory object caching […]

Week 27 In Review – 2014

Black Hat USA Briefings Giveaway
Enter to win an Black Hat USA 2014 Briefings ticket worth
$2,2000 from Infosec Events
Events Related

School on Applications of Open Spectrum and White Spaces Technologies – Schedule – wireless.ictp.it
ICTP School on Applications of Open Spectrum and White Spaces Technologies – 2014 workshop schedule is available here. You can download all of the […]

Week 25 In Review – 2014

Resources

Circle City Con 2014 Videos – www.irongeek.com
These are the Circle City Con 2014 videos. You can watch and download all of the recordings from here.
OWASP Security Shepherd – owasp.org
Security Shepherd has been implemented with the aim of fostering and improving security awareness among a varied skill-set demographic. This project enables users to learn or to improve […]

Week 24 In Review – 2014

Resources

CySCA2014-in-a-Box – cyberchallenge.com.au
CySCA2014-in-a-Box is a Virtual Machine that contains most of the challenges faced by players during CySCA2014. It allows players to complete challenges in their own time, to learn and develop their cyber security skills.
From a Username to Full Account Takeover – blog.spiderlabs.com
Usernames, email addresses and phone numbers are invaluable pieces of information for attackers. […]