Events Related CCC, 100-gbps, and your own private Shodan – blog.erratasec.com One of the oldest/biggest "hacker" conventions is the CCC congress every December in Germany. This year, they are promising 100-gbps connectivity to the Internet. Resources Quick Joomla Refresher – blog.spiderlabs.com In this blog post David Kirkpatrick mention some of the tools he used to check the [...]
Events Related Baythreat 4 – thesprawl.org Baythreat Day Two. Here are the writeups of another series of excellent presentations from the breaker track for the remainder of the day. The AppSec Program Maturity Curve 4 of 4 – veracode.com This is the final post in a series on the Application Program Maturity Curve. In this series, Veracode [...]
Events Related Course Review: SANS SEC 760 Advanced Exploit Development for Penetration Testers – ethicalhacker.net SANS SEC 760 Advanced Exploit Development for Penetration Testers is a six-day course that teaches the advanced techniques that are needed to compromise modern information systems. OWASP Benelux Day 2013 Wrap-Up – blog.rootshell.be Xavier just back from Amsterdam where was organized the [...]
Here are information security events in North America this month: Cybersecurity Conference : December 2 to 3 in Washington, D.C USA CISO Executive Summit New Jersey : December 3 in Whippany, New Jersey USA Cloud Security Alliance Congress : December 4 to 5 in Orlando, FL USA CISO Executive Summit [...]
Tools WCE v1.42beta released (32bit) – hexale.blogspot.com WCE v1.42beta released (32bit). This is a minor release. Download it from here. heapLib 2.0 – blog.ioactive.com Chris Valasek released the code for heapLib2. For those of you not familiar, he introduced methods to perform predictable and controllable allocations/deallocations of strings in IE9-IE11 using JavaScript and the DOM. Techniques Unpacking [...]
Resources Introducing Phishing Frenzy – pentestgeek.com A couple weeks ago Zecnox presented at this year's Derbycon on an email phishing platform that he has been working on. Those of you who missed the talk, he went over some of the features of Phishing Frenzy and launched a live phishing simulation. You can see the recording here. [...]
Resources Advanced iOS kernel debugging for exploit developers – www.youtube.com Advanced iOS kernel debugging for exploit developers: A presentation by Stefan Esser (@i0n1c) at the Breakpoint security conference in Melbourne, Australia. ekoparty Security Conference 9th Edition(2013) – ekoparty.org The ekoparty 2013 Videos & Papers are available here. Tools The Social-Engineer Toolkit (SET) v5.4 “Walkers” Released – trustedsec.com [...]
Here are information security events in North America this month: BSides Charleston : November 2 in Charleston, SC USA BSides DFW : November 2 in Richardson, TX USA CISO Executive Summit Pittsburgh : November 5 in Pittsburgh, PA USA COUNTERMEASURE 2013: November 7 to 8 in Ottawa, Canada CISO Executive [...]
Events Related Hack.lu 2013 Wrap-Up Xavier wrapped-up the event of Hack.Lu 2013-Luxembourg 9th edition. As usual, the event started with a bunch of interesting workshops, talks. These talks went really deep and finally, Shift closed the schedule with “Interactive Deobfuscation“; A very very technical session. Hack.lu 2013 Wrap-Up Day #1 – blog.rootshell.be Hack.lu 2013 Wrap-Up Day [...]
Events Related SANS FOR610: Reverse Engineering Malware – Course Review – blog.c22.cc What follows is a review of the SANS FOR610: reverse engineering malware class taken at the SANS Prague 2013 event. What follows are rough notes, feelings and impressions from the class as it was taking place. Take it as you will, and we hope [...]