Events Related 32C3 Recap – Part1 - www.insinuator.net Every year a group of us are happy to use the holidays to travel to Hamburg to meet other people and learn something new at the 32C3. Tools Kali NetHunter 3.0 Released - www.offensive-security.com NetHunter has been actively developed for over a year now, and has undergone nothing [...]
Here are information security events in North America this month: FloCon 2016 : January 11 to 14 in FL, US ICS Security Conference (S4x16) 2016 : January 12 to 14 in Miami Beach, FL, USA Microsoft BlueHat 2016 : January 12 to 13 in Redmond, WA, USA ShmooCon 2016 : January [...]
Events Related ICIT Brief: Who’s Behind the Wheel? Exposing the Vulnerabilities and Risks of High Tech Vehicles - icitech.org The brief provides a detailed breakdown of the July 2015 Jeep Cherokee hacking demonstration and an analysis of how hackers would behave during a ‘real-world’ attack Rapid Radio Reversing, ToorCon 2015 - greatscottgadgets.com In this video [...]
Resources pentestpackage - github.com A package of Pentest scripts Tools JexBoss - Jboss Verify And Exploitation Tool - github.com JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server. DVNA - github.com Damn Vulnerable Node Application (DVNA) is a Node.js web application that is damn vulnerable. Its intended purpose is to teach [...]
Resources Unofficial Guide to Mimikatz & Command Reference - adsecurity.org This page details as best as possible what each command is, how it works, the rights required to run it, the parameters (required & optional), as well as screenshots and additional context (where possible). Index of /docs/Slides/2015 - deepsec.net CVE-2015-8446 (Flash up to 19.0.0.245) And [...]
Events Related DEFCONConference - www.youtube.com DefCamp 2015 - def.camp Resources Zero Nights - 2015.zeronights.org CheatSheets - github.com Cheat sheets for various projects I contribute to (PowerView, PowerUp, and Empire). Techniques Introduction to Modbus TCP traffic - www.vanimpe.eu Modbus is a serial communication protocol. It is the most widespread used protocol within ICS. It works in a [...]
Events Related 2015 - Talks - bsidesvienna.at Botconf 2015 The first keynote slot was assigned to Margarita Louca from Europol: “Successful botnets takedowns: The good-cooperation part”. More precisely, it’s the EC3 (“European Cyber Crime Center“). This talk was flagged as “restricted” and not all information will be reported here. Botconf 2015 Wrap-Up Day #1 - blog.rootshell.be Botconf [...]
Here are information security events in North America this month: CISO Executive Summit Dallas : December 1 in Dallas, TX, USA CISO Executive Summit St. Louis 2015 : December 1 in St. Louis, MO, USA CISO Executive Summit New Jersey 2015 : December 1 in Whippany, NJ, USA CISO Executive Summit [...]
Events Related My SecTor Story: Root Shell on the Belkin WeMo Switch - www.tripwire.com Researchers from Tripwire were on hand to help attendees explore the world of IoT hacking. They brought with them a table full of devices ranging from routers to smart televisions. They also had a video demonstration of the exploitation of vulnerabilities in [...]
Techniques Kaspersky Antivirus Certificate handling path traversal - code.google.com When Kaspersky https inspection is enabled, temporary certificates are created in %PROGRAMDATA% for validation. I observed that the naming pattern is {CN}.cer. Breaking into and Reverse Engineering iOS Photo Vaults - blog.ioactive.com For whatever reason, a lot of people store risqué pictures on their devices. Why [...]