Resources Louisville Infosec 2013 Videos – www.irongeek.com Here are the videos from Louisville Infosec 2013 conference. BruCON talks – youtube.com BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Here are the videos from BruCON [...]
Events Related SyScan360 Beijing slides – reverse.put.as Eight days and 10 flights later author Papers back from SyScan360 in Beijing. It was his first visit to China and he had lots of fun observing many things that he only “knew” from reading. His presentation slides are available here. Resources What I Wish I Knew Before [...]
Events Related BruCON 0×05 Wrap Up -blog.rootshell.be Here is Xavier's quick wrap-up of BruCON 0×05. Actually it’s not a wrap-up about the talks. He gives some statistics about the visitors. Resources One Weird Trick for Finding More Crashes – www.cert.org CERT Vulnerability Analysis Team announced the release of updates to both of their fuzzing tools, the CERT [...]
Here are information security events in North America this month: BSides OC : October 4 in Orange County, CA USA SecTor : October 8 to 9 in Toronto, Ontario Canada ISSA International Conference : October 9 to 10 in Nashville, TN USA VizSec 2013 : October 14 in Atlanta, Georgia USA [...]
Resources Heuristic methods used in sqlmap – unconciousmind.blogspot.com You can find slides for Miroslav Štampar talk "Heuristic methods used in sqlmap" held at FSec 2013 conference (Croatia / Varazdin 19th September 2013) here. Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network – blog.spiderlabs.com It’s always surprising how insecure some internal networks turn out to [...]
Resources Video Tutorial: Introduction to XML External Entity Injection – community.rapid7.com This video introduces XML injection to achieve XML external entity injection (XXE) and XML based cross site scripting (XSS). Errata Security's blog We scanned the Internet for port 22 – blog.erratasec.com Errata Security scanned the entire Internet for port 22 -- the port reserved for "SSH", [...]
Tools SpiderFoot 2.0.4 released, new module, improvements and bug fixes – spiderfoot.net Kautilya 0.4.4 - dump lsa secrets, introduce vulns, improved backdoors and more –labofapenetrationtester.com Here comes Kautilya 0.4.4. This version adds three new payloads and improves couple of others. Owasp Broken Web Applications Project VM v1.1 Released – sourceforge.net Looking for the latest version? Download OWASP_Broken_Web_Apps_VM_1.1.7z. Techniques [...]
Here are information security events in North America this month: BSides Memphis : September 7 in Memphis, TN USA GrrCON 2013 : September 12 to 13 in Michigan USA BSides Augusta : September 14 in Augusta, GA USA eCrime Researchers Summit 2013 : September 16 to 18 in San Francisco, CA [...]
Resources Want to break some Android apps? – carnal0wnage.attackresearch.com @jhaddix, the newest blogger shared a bunch of Android apps hacking tools links. Tools Linux Exploit Suggester – penturalabs.wordpress.com This is a Linux Exploit Suggester, with no frills and no fancy features; just a simple script to keep track of vulnerabilities and suggest possible exploits to use to [...]
Here are information security events in North America this month: DEFCON : August 1 to 4 in Las Vegas USA DFRWS : August 4 to 7 in Monterey, CA USA SANS Boston : August 5 to 10 in Boston, MA USA International Conference on Cyber Security (ICCS) : [...]