Week 7 In Review – 2017

Events Related BSides Tampa 2017 Videos - These are the videos from the BSides Tampa conference. Resources New hccapx format explained - A few days ago a user came into the #hashcat IRC channel and reported to have problems cracking one of his WPA handshake captures. No worries, the user knew the password to the [...]

2017-03-12T17:39:08-07:00 February 12th, 2017|Security Conferences, Week in Review|0 Comments

Week 6 In Review – 2017

Events Related ShmooCon2017 - The videos in this collection are from ShmooCon 2017, which occurred on 13-15 January 2017, at the Washington Hilton Hotel. Hackfest 2016 - Resources From Mimikatz to Kekeo, Passing by New Microsoft Security Technologies - Techniques Pen Test Poster: "White Board" - Bash - Useful IPv6 Pivot - [...]

2017-03-12T17:39:08-07:00 February 5th, 2017|Security Conferences, Site News, Week in Review|0 Comments

Week 5 In Review – 2017

Resources Running guide for CTF's - Blackhat Hardware Training Roadmap - This diagram is intended to give an overview of many of the hardware-related trainings available at Black Hat USA 2017. Generally, lower level hardware is at the bottom and more software to the top. Tools Wordpress Exploit Framework - screen2root - [...]

Week 4 In Review – 2017

Events Related BSides Columbus 2017 Videos - These are the videos from the BSides Columbus Ohio conference. Resources DevOoops: Client Provisioning (Vagrant) - Notes from the 2015 Devoops Talk. Vagrant used to ship with a default keypair and was difficult to rotate. Intel debugger interface open to hacking via USB - New Intel processors [...]

Week 3 In Review – 2017

Tools Acunetix Free Manual Pen Testing Tools - Acunetix Manual Tools allow penetration testers to further automated testing. waveconverter - Factoria Labs 2016 WaveConverter is a Python application, built on GTK+ 3. The GUI has been implemented via Glade. A sqlite database has been implemented via sqlalchemy. Techniques Cracking The 12+ Character Password [...]

Week 2 In Review – 2017

Tools Invoke-TheHash - Invoke-TheHash contains PowerShell functions for performing NTLMv2 pass the hash WMI and SMB command execution. WMI and SMB services are accessed through .NET TCPClient connections. Local administrator privilege is not required client-side. FiercePhish - FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track [...]

2017-03-12T17:39:09-07:00 January 8th, 2017|Security Tools, Site News, Week in Review|0 Comments

Week 1 In Review – 2017

Resources 33C3: Chris Gerlinsky Cracks Pay TV - People who have incredible competence in a wide range of fields are rare, and it can appear deceptively simple when they present their work. [Chris Gerlinksy]’s talk on breaking the encryption used on satellite and cable pay TV set-top boxes was like that. Tools mitmproxy: release v1.0.0 - [...]

Week 52 In Review – 2016

Resources VMware Security Advisories - vSphere Data Protection (VDP) updates address SSH key-based authentication issue Techniques In Flight Hacking System - What helped a lot to reduce that fear was to understand how things work in planes, and getting used to noises, bumps, and turbulence. This blog post is  about understanding a bit more about how things work aboard an aircraft. More specifically, the In-Flight Entertainment Systems (IFE) developed by Panasonic Avionics.   Other News Learning From A Year of Security Breaches - This year (2016) I accepted as much incident response work as I could. I spent about 300 hours responding to security incidents and data breaches this year as a consultant or volunteer.    

2017-03-12T17:39:09-07:00 December 25th, 2016|Security Vulnerabilities, Site News, Week in Review|0 Comments