Events Related Chaos Communication Camp 2015 - media.ccc.de Resources microchips - zeptobars.ru Tools WPSploit - github.com This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool. armory-pass - github.com Password manager for USB Armory Sleepy Puppy - github.com Sleepy Puppy is a cross-site scripting (XSS) payload management [...]
Resources Black Hat 2015 Wrap Up – Part I - nettitude.co.uk This year, Black Hat (BH) 2015 came, as it usually does, with major security flaws and some “dojos” aside from the major android vulnerabilities we were exposed to and other types of security issues that are much less talked about, but still expose serious [...]
Events Related DEFCON This year marked the 23rd DefCon, the hacker conference that began as an informal gathering for hackers to meet in person and party in the desert. Imploding Barrels and Other Highlights From Hackfest DefCon - www.wired.com I spent the week with over 20,000 hackers in Las Vegas — here's what I saw [...]
Events Related Kaminsky Creates Clickjacking-Killer - www.darkreading.com Renowned security expert Dan Kaminsky here this week unveiled his latest project: a solution to eradicate so-called clickjacking attacks that plague the Web. 9th USENIX Workshop on Offensive Technologies - www.usenix.org Black Hat USA 2015 Highlights - www.tripwire.com The 18th annual Black Hat USA conference gathered thousands of professionals, [...]
Events Related Black Hat USA 2015 From The Black Hat Keynote Stage: Jennifer Granick - www.darkreading.com Recap of Black Hat 2015, Day 1 - www.webroot.com DEF CON 23 (2015) DEFCON Talk Slides - colinoflynn.com DEF CON 23 presentations/Speaker & Workshop Materials - media.defcon.org Resources Certifi-gate: Hundreds of Millions of Android Devices Could Be Pwned - [...]
Events Related Infiltrate 2015 - vimeo.com BSides Cincinnati 2015 Videos - www.irongeek.com BSides Las Vegas 2015 Videos - www.irongeek.com Resources Workshop2015 - github.com radare2 framework Tools Releasing jsfunfuzz and DOMFuzz - www.squarefree.com Today I'm releasing two fuzzers: jsfunfuzz, which tests JavaScript engines, and DOMFuzz, which tests layout and DOM APIs. The popular hacker Samy Kamkar has presented [...]
Resources Jailbreak or Root Detection: A False Sense of Security, Part 1 - bluebox.com Mobile management vendors have ingrained in the industry that jailbroken and rooted devices are bad: automatically deny all access. There is a widespread fear in the industry that these “compromised” devices jeopardize enterprise networks and are prone to leaking corporate secrets. [...]
Events Related Black Hat attendee report highlights the mess we're in - zdnet.com Black Hat has released its first-ever attendee research report, highlighting infosec's ongoing hiring crisis and a sector that feels poorly prepared to face current threats. How We Fared in the Cyber Grand Challenge - blog.trailofbits.com The Cyber Grand Challenge qualifying event was held [...]
Events Related The MiTM Mobile Contest: GSM Network Down at PHDays V - blog.ptsecurity.com The MiTM Mobile contest was held at PHDays for the first time, and it let the participants realize how easily an attacker can conduct the above-mentioned attacks having only a 10$ cell phone with some hacker freeware. SHAKACON SHAKACON was a [...]
Events Related REcon Recap: Here’s What Caught My Eye - researchcenter.paloaltonetworks.com A few weeks ago I was fortunate enough to attend REcon in Montreal, Canada. This conference focuses on reverse engineering and exploitation techniques and has been going on for roughly a decade. PHDays V Highlights: Signs of GSM Interception, High Time to Hack Wi-Fi, Future of [...]