Security Tools

/Security Tools

Week 26 In Review – 2016

Events Related

BSides Cleveland 2016 Videos –
These are the videos from the Bsides Cleveland conference.


MonitorDarkly –
This repo contains the exploit for the Dell 2410U monitor. It contains utilities for communicating with and executing code on the device.

148 Projects –



Other News

Judge says the FBI can […]

Week 25 In Review – 2016

Events Related

Circle City Con 2016 Videos –

Area41 – 2016 –
I had the opportunity this year to attend Area41 conference in Zurich. The conference is organised by the DEFCON Switzerland group and the talks are mainly technical.

ShowMeCon 2016 Videos –

Recordings of talks and speakers at Security Fest 2016 –


ActBlue […]

Week 23 In Review – 2016


Out-of-Box Exploitation: A Security Analysis of OEM Updaters –
Original Equipment Manufacturers (OEM) refer to the first boot of a new PC as the out-of-box experience (OOBE). As you battle your way through modal dialogues for questionable software, and agree to some exciting 30 day antivirus trials, it’s pretty forgivable to want to throw your […]

Week 22 In Review – 2016

Events Related

NolaCon 2016 –


BlueCoat now has a CA signed by Symantec –

hitbsecconf2016ams –


Practical Malware Analysis Starter Kit –
This package contains most of the software referenced in Practical Malware Analysis. Some of the links have broken over time, some companies have folded or been bought.

1 alpha 20160525 (oe.eo) […]

Week 21 In Review – 2016


fwexpl –
PC firmware exploitation tool and library


The best part about open source software is there’s no hidden backdoors –

SPNs are used by Kerberos authentication to associate a service instance with a service logon account.

Kerberoasting – Part 1 –
Kerberoasting – Part 2 –
Kerberoasting – Part 3 […]

Week 19 In Review – 2016


Phrack –


Can’t Hack a Hacker: Reverse Engineering a Discovered ATM Skimmer –
Brian Krebs has produced numerous articles on ATM skimmers. He has essentially become the “go to” journalist on ATM fraud. From reading his stuff, I have learned how the “bad guys” think when it comes to ATM fraud.

exploit-poc – […]

Week 18 In Review – 2016

Events Related

OWASP AppSec California 2016 –


SyScan360 Singapore 2016 slides and exploit code –
The exploit for the bug I presented last March at SyScan360 is today one year old so I decided to release it. I wasn’t sure if I should do it or not since it can be used in the wild but […]

Week 16 In Review – 2016

Events Related

CanSecWest –

BSides Nashville 2016 Videos –

Infiltrate 2016 –


Ransomware: Past, Present, and Future –
The rise of ransomware over the past year is an ever growing problem. Businesses often believe that paying the ransom is the most cost effective way of getting their data back – and this may also be the […]

Week 15 In Review – 2016

Events Related

Tailoring the NIST Cybersecurity Framework for a Precise Fit –
One thing caught my attention right away: there were two digital clocks prominently displayed on either side of the auditorium. Both clocks were synchronized, and according to my phone, they were accurate to the second. It makes sense because NIST is the keeper of […]

Week 13 In Review – 2016


More on Purple Teaming –
Purple Teaming is “conducting focused Red Teams with clear training objectives for the Blue Team.”

SDR Radio Academy: Reverse engineering a wireless car key fob –
The Software Defined Radio Academy has the goals of attract Radio Amateurs to modern radio technology and show paths into SDR.


VolUtility –
Web Interface for Volatility […]