- Course Review: SANS SEC573 Python for Penetration Testers – ethicalhacker.net
“SANS SEC573 Python for Penetration Testers” is a five-day class that teaches the basics of the Python language then builds on that knowledge to show how to utilize its specialized libraries to perform network capture and analysis, SQL injection, Metasploit integration, password guessing and much more.
- HiTCON 2013 slides – reverse.put.as
The slides are slightly changed from previous presentations, fixing/reordering some things and minor additions (small details related to OS X Mavericks).
- Stronger Identity Protection via Mobile Devices Passwords13 – viaforensics.com
At this year’s PasswordsCon, viaForensics Mobile Researcher David Weinsten presented “Stronger Identity Protection via Mobile Devices”. The presentation was made on July 30, 2013.
- Black Hat USA 2013
- Black Hat USA 2013 – blackhat.com
Briefings and Keynotes for Black Hat USA 2013.
- NSA Director Heckled At Conference As He Asks For Security Community’s Understanding – forbes.com
When NSA Director Keith Alexander appeared at the Las Vegas security conference Black Hat Wednesday morning, he hoped to mend the NSA’s reputation in the eyes of thousands of the conference’s hackers and security professionals. It didn’t go exactly as planned.
- #BlackHat Briefings USA 2013: Day One Notes – toolbox.com
Updated throughout the day – check back for updates.
- This Fake Charger Will Hide A Trojan In Your iPhone’s Facebook App – forbes.com
At the Black Hat security conference in Las Vegas Wednesday, three Georgia Tech security researchers carried out a demonstration for reporters showing just how easily they could compromise an iPhone 5 using a malicious charger built with a three-inch square, $45 computer known as a BeagleBoard.
- Researchers reveal how to hack an iPhone in 60 seconds – zdnet.com
Three Georgia Tech hackers have revealed how to hack iPhones and iPads with malware imitating ordinary apps in under sixty seconds using a “malicious charger.”
- Introducing Binfuzz.js – blog.dinaburg.org
Tomorrow morning I will be giving a demonstration of Binfuzz.js at Blackhat Arsenal 2013. Please stop by the Arsenal area from 10:00 – 12:30. The slides are already available on the Blackhat website.
- Researchers exploit cellular tech flaws to intercept phone calls – computerworld.com
Researchers showed a Black Hat audience how femotcell technology, used by phone companies to boost cell phone coverage, can be hacked to intercept cell phone calls, text messages and other data.
- #BlackHat Briefings USA 2013: Day Two Notes – it.toolbox.com
Sorry for the delay on day #2. A lot going on! Opened the day with listening to a rocket scientist (yes, an actual rocket scientist), then ran for the DEFCON badge line… and now proceeding with some talks.
- Capturing Unencrypted HTTPS Requests and Responses (As Seen at BlackHat Arsenal) – blog.nektra.com
Today Manuel Fernandez is presenting HookME at Black Hat USA Arsenal 2013. HookME is software designed for intercepting communications which uses the Nektra Deviare Engine for binary instrumentation. HookME can intercept unencrypted HTTPS web traffic.
- Blackhat USA 2013 Day 2 – Double Fetch 0day, ICS/SCADA, and Remembering Barnaby Jack – securelist.com
Blackhat 2013 day 2 brought 0day, a sad remembrance of young researcher Barnaby Jack, and ICS/SCADA security vulnerabilities and review.
- Researchers demo exploits that bypass Windows 8 Secure Boot – computerworld.com
The Windows 8 Secure Boot mechanism can be bypassed on PCs from certain manufacturers because of oversights in how those vendors implemented the Unified Extensible Firmware Interface (UEFI) specification, according to a team of security researchers.
- Black Hat USA 2013 – blackhat.com
- BSides Las Vegas