Resources VulnVoIP (Vulnerable VoIP) - The Fundamentals of VoIP Hacking - rebootuser.com VulnVoIP is based on a relatively old AsteriskNOW distribution and has a number of weaknesses. The aim is to locate VoIP users, crack their passwords and gain access to the Support account voicemail. Owning Computers Without Shell Access - accuvant.com What’s This All [...]
Event Related OWASP OWASP AppSec 2012 Presentation: SQL Server Exploitation, Escalation, and Pilfering - netspi.com During this presentation attendees will be introduced to lesser known, yet significant vulnerabilities in SQL Server implementations related to common trust relationships, misconfigurations, and weak default settings. XSS & CSRF with HTML5 - Attack, Exploit and Defense - shreeraj.blogspot.com HTML5 [...]
Event Related Hashdays Hashdays Wrap-up Day #1 - blog.rootshell.be I’m in Luzern for a few days but the Hashdays security conference started today! w00t! This is the first edition for me. A very nice opening session performed by the defcon-switzerland group which organises this event. Hashdays Wrap-Up Day #2 - blog.rootshell.be Yesterday evening, I went [...]
Event Related ToorCon ToorChat - github.com A Chat Program for use with the ToorCon 2013 badge. ToorCon Presentation - brightmoonsecurity.com Thanks for attending my Toorcon Presentation. Below are links to my presentation and the references I mentioned in the talk. Please let me know if you have any recommendations on course materials. ToorCon Presentation - [...]
Event Related Ruxcon Breakpoint Ruxcon Breakpoint kicks off with a bang - risky.biz The inaugural Ruxcon Breakpoint security conference has kicked off with a bang in Melbourne. Pacemakers, defibrillators open to attack (The Register) - risky.biz The researcher in question, Barnaby Jack, today told the Ruxcon Breakpoint security conference in Melbourne, Australia that “the most [...]
Event Related Hack In The Box Hack In The Box 2012 - conference.hackinthebox.org Index for Hack In the Box 2012 materials. Hack In The Box: researcher reveals ease of Huawei router access - zdnet.com At Hack In The Box researcher Felix "FX" Lindner has shown how Huawei routers are easy to access with their static [...]
Event Related Derbycon 2012 Videos - irongeek.com Hope you enjoyed the con! Here are the videos from Derbycon 2012. We had a few recording SNAFUs, but all in all it went very well. For the descriptions of the talks click a talk link below or go to the Derbycon page. Feel free to link or [...]
Event Related Snoopy: A distributed tracking and profiling framework - sensepost.com At this year's 44Con conference (held in London) Daniel and I introduced a project we had been working on for the past few months. Snoopy, a distributed tracking and profiling framework, allowed us to perform some pretty interesting tracking and profiling of mobile users [...]
Event Related Columbus OWASP Meeting Presentation - stateofsecurity.com Last week, I presented at the Columbus OWASP meeting on defensive fuzzing, tampering with production web applications as a defensive tactic and some of the other odd stuff we have done in that arena. Charlie Miller & Dino Dai Zovi at CodenomiCON 2012: iOS Hacker's Update - [...]
Event Related Man on the SecurityStreet Man on the SecurityStreet - Day 2 Continued. - community.rapid7.com Dave Kennedy, the founder of TrustedSec, gave an entertaining presentation called Going on the Offensive - Proactive Measures in Security your Company. Just like HD's earlier presentation, we had our staff artist plot out the entire speech, which you [...]