Techniques Kaspersky Antivirus Certificate handling path traversal - code.google.com When Kaspersky https inspection is enabled, temporary certificates are created in %PROGRAMDATA% for validation. I observed that the naming pattern is {CN}.cer. Breaking into and Reverse Engineering iOS Photo Vaults - blog.ioactive.com For whatever reason, a lot of people store risqué pictures on their devices. Why [...]
Events Related SecureWV2015 Videos - www.irongeek.com These are the videos of the presentations from Secure West Virginia 2015. HouSecCon v6 2015 Videos - www.irongeek.com New 4G LTE Hacks Punch Holes In Privacy - www.darkreading.com Black Hat Europe researchers to demonstrate newly found flaws in 4G mobile that expose privacy and disrupt phone service. Black Hat Europe [...]
Resources SecTor 2015 - sector.ca Presentations and videos for SecTor 2015 RuxCon - ruxcon.org.au Tools NMAP - github.com NMAP scripts for TN3270 interaction as well as NJE. Most notably TSO User Enumeration and Brute Force. CICS transaction ID enumeration and NJE node name brute forcing. Techniques Hidden In Plain Sight: Brute Forcing Slack Private Files - [...]
Resources Welcome to the SaintCON 2015 files section! - files.saintcon.org SaintCON materials. RWSPS: WPA/2 Cracking Using HashCat [ch5pt2] - www.rootsh3ll.com If you remember in the previous part, we learned Speeding up WPA/2 Cracking Using Pre-generated PMKs. Which certainly uses CPU as the primary part for the calculations of the PMKs. It surely gives us speed for cracking [...]
Events Related HouSecCon v6 2015 Videos - www.irongeek.com Hack.lu 2015 Today started the 11th edition of hack.lu in Luxembourg. Being one of my preferred event, I drove to Luxembourg this morning direction to the Alvisse Parc hotel! Hack.lu 2015 Wrap-Up Day #1 - blog.rootshell.be Hack.lu 2015 Wrap-Up Day #2 - blog.rootshell.be Hack.lu 2015 Wrap-Up Day #3 [...]
Events Related Videos and Slide Decks from the re:Invent 2015 Security and Compliance Track - blogs.aws.amazon.com Whether you want to review a Security and Compliance track session you attended at re:Invent 2015, or you want to experience a session for the first time, videos and slide decks from the Security and Compliance track are now [...]
Events Related hardwear.io Conference Jumping right in with the keynote of Day 1 by Jon Callas and my favorite quote “Make your devices fixable”. Enough said. Conference Day 1 - www.insinuator.net Conference Day 2 - www.insinuator.net Applied Physical Attacks on x86 Systems - www.insinuator.net GrrCON 2015 Videos - www.irongeek.com Videos of the presentations from GrrCON 2015 Resources [...]
Events Related Derbycon 2015 Videos - www.irongeek.com Black Hat USA 2015 - www.youtube.com Louisville Infosec 2015 Videos - www.irongeek.com Thoughts on my very first DerbyCon (which won't be my last) - community.rapid7.com One you hang around in infosec for a little while, you learn that each of the major cons have their own reputation, their [...]
Events Related The CIA Campaign to Steal Apple’s Secrets - theintercept.com The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. Resources Reversing Mobile Traffic Lights - www.bastibl.net I wanted to have a look at [...]
Events Related Black Hat USA 2015 Course Review - Adaptive Red Team Tactics from Veris Group - www.redblue.team Black Hat has something for everyone (across the defensive and offensive spectrum) and after considerable delibaration I decided to register for Adaptive Red Team Tactics from Veris Group. This is an interesting team in that a lot of the [...]