Security Tools

/Security Tools

Week 39 In Review – 2016

Resources

RECON 2016

Recon Recordings – recon.cx
Recon Slides – recon.cx

Derbycon 2016 Videos – www.irongeek.com
These are the videos of the presentations from Derbycon 2016.

Louisville Infosec 2016 Videos – www.irongeek.com
Videos from the Louisville Infosec 2016 conference.

R00tz 2016 – r00tz.org

Tools

PowerShell-Suite – github.com
Bypass-UAC is self-contained and does not have any dependencies, bar a requirement that the target […]

September 25th, 2016|Security Conferences, Security Tools, Week in Review|0 Comments

Week 38 In Review – 2016

Events Related

BSides Augusta 2016 Videos – www.irongeek.com
These are the videos from the BSides Augusta conference.

Resources

Long Secret Stingray Manuals Detail How Police Can Spy On Phones – theintercept.com
The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet.

Techniques

Reprogramming the Defcon 24 badge – diyevil.com
The Defcon 24 […]

Week 37 In Review – 2016

Resources

House of Keys: 9 Months later… 40% Worse – blog.sec-consult.com
In our initial study we analyzed SSH host key use as well. Unfortunately there is no recent scan data on SSH host keys available (however there is a ticket over at the awesome ZMap project).

Tools

FaceWhisperer – github.com
FaceWhisperer is a hardware add-on for the ChipWhisperer side-channel analysis tool, for […]

Week 36 In Review – 2016

Tools

WiFi-Pumpkin – github.com
Framework for Rogue Wi-Fi Access Point Attack

Python tools for penetration testers – github.com
Python tools for penetration testers

Nmap 7.25BETA2 Birthday Release – nmap.org
Nmap 7.25BETA1 includes dozens of performance improvements, bug fixes, and new features.

Vulnerabilities

Meet USBee, the malware that uses USB drives to covertly jump airgaps – arstechnica.com
The USBee—so named because […]

Week 35 In Review – 2016

Resources

DEF CON 24 Wireless Monitoring Services – palshack.org
One of the frequent things you hear leading up to DEF CON is that it is the most dangerous network in the world. Ask anyone, and they’ll tell you that if you don’t lock down your devices you will get pwn’d. I wanted to know if […]

Week 34 In Review – 2016

Events Related

Impressions From DEF CON 24: The Machines Are Rising – securityintelligence.com
DEF CON 24, the world’s largest hacker conference, ended Aug. 7, and I must say I enjoyed every moment of it. There was so much to see in so little time; I definitely regret missing some great stuff that happened. Even so, I […]

Week 32 In Review – 2016

Events Related

DARPA’s Cyber Grand Challenge: Early Highlights from the Competition – www.youtube.com
Early highlights from the world’s first all-machine hacking tournament, DARPA’s Cyber Grand Challenge (CGC). This computer security competition featured seven High Performance Computers as competitors. CGC took place on Thursday, August 4, 2016.

Building the Workforce through Cybersecurity Competitions – www.whitehouse.gov
The National Science […]

Week 30 In Review – 2016

Tools

Umap2 – github.com
Umap2 is the second revision of NCC Group’s python based USB host security assessment tool.

Nmap 7.25BETA1 Released with our new Npcap driver, 6 new NSE scripts, and more! – nmap.org
Nmap and Zenmap (the graphical front end) are available in several versions and formats. Recent source releases and binary packages are described […]

July 24th, 2016|Security Tools, Week in Review|0 Comments

Week 29 In Review – 2016

Events Related

Converge 2016 Videos – www.irongeek.com
These are the videos from the Converge Information Security Conference.

BSides Detroit 2016 Videos – www.irongeek.com
These are the videos from the BSides Detroit 2016 Conference.

AppSecEU 16 – Abhay Bhargav – SecDevOps: A View from the Trenches – www.youtube.com

Resources

KeeThief – A Case Study in Attacking KeePass Part 2 – www.harmj0y.net
The […]

Week 28 In Review – 2016

Events Related

USENIX Annual Technical Conference (ATC) 2016: The Best and Brightest Security Talks – duo.com
I recently attended the USENIX Annual Technical Conference (ATC) 2016 in Denver, Colorado. I was invited to give an industry talk, discussing my Bring Your Own Dilemma paper from last March (touching briefly on the Out Of Box Exploitation paper from May). Instead of just flying in […]