Event Related Pentest & Reverse: iOS Application Hacking - esec-pentest.sogeti.com Last month, we gave some lectures about iOS application Hacking first at GreHack (Grenoble, France) and then at Hack.Lu (Luxembourg, Luxembourg). Here you will find the slides and the paper. Don't hesitate to send us your questions. Resources The Red team Mindset Course Part 1 [...]
Event Related University Courses on Reverse Engineering and Malware Analysis - f-secure.com Today marks the commencement of the first lecture for our spring 2013 semester Reverse Engineering Malware course for the Aalto University (Espoo campus) in Finland. Resources Security Assessment of Blackberry Applications - resources.infosecinstitute.com Development of mobile applications have picked up really fast in [...]
Event Related Index of Congress 29c3 - ftp.ccc.de High quality mp4 of 29c3. The 'Hack Back' Offense - bankinfosecurity.com To repel the onslaught of cyberattacks against organizations, security leaders are debating the merits of the "hack back" defense. THREADS - trailofbits.com THREADS is an annual conference that focuses on pragmatic security research and new discoveries [...]
Event Related 29C3 29C3: When USB memory sticks lie - h-online.com USB memory sticks are thought to be among the less exciting hardware components – simple storage media that have many uses and function the same way in almost any hardware environment. 29C3: Budget mobile turns into GSM base station - h-online.com Belgian hacker Sylvain [...]
Event Related Bootcamp - pentesterlab.com/bootcamp Bootcamp provides a learning path to get into security and especially web penetration testing. Resources Automated Open Source Intelligence (OSINT) Using APIs - raidersec.blogspot.com The first step to performing any successful security engagement is reconnaissance. How much information one is able to enumerate about given personnel (for social engineering engagements) [...]
Resources Nils Jnemann: News about Google's Vulnerability Reward Program - nilsjuenemann.de Recently Adam Mein spoke at AppSec USA 2012 and Kevin Stadmeyer at SysScan 360 in Beijing about Google's experience with the Web Vulnerability Reward Program. Both are Security Program Manager at Google. Techniques 5 Tips to Ensure Safe Penetration Tests with Metasploit - community.rapid7.com [...]
Event Related Legal Merits of 'Hack Back' Strategy - bankinfosecurity.com From point-of-sale hacks to malware and DDoS attacks, the top cyberthreats of 2012 have been aggressive and strong. Is it time for organizations to adopt a "hack back" strategy against perceived attackers? Resources Mitigating Targeted Attacks on Your Organization - blogs.technet.com The Trustworthy Computing blog [...]
Event Related SANS SANS SEC642: Advanced Web App Penetration Testing and Ethical Hacking (review) - blog.c22.cc After taking a year off from SANS London (a trip to Colombia was too much to resist last year), I flew back over to sunny London (ha) to attend the new SEC642: Advanced Web App Penetration Testing class with [...]
Resources VulnVoIP (Vulnerable VoIP) - The Fundamentals of VoIP Hacking - rebootuser.com VulnVoIP is based on a relatively old AsteriskNOW distribution and has a number of weaknesses. The aim is to locate VoIP users, crack their passwords and gain access to the Support account voicemail. Owning Computers Without Shell Access - accuvant.com What’s This All [...]
Event Related OWASP OWASP AppSec 2012 Presentation: SQL Server Exploitation, Escalation, and Pilfering - netspi.com During this presentation attendees will be introduced to lesser known, yet significant vulnerabilities in SQL Server implementations related to common trust relationships, misconfigurations, and weak default settings. XSS & CSRF with HTML5 - Attack, Exploit and Defense - shreeraj.blogspot.com HTML5 [...]