Week in Review

/Week in Review

Week 25 In Review – 2017

Events Related Circle City Con 2017 Videos - www.irongeek.com ANYCon 2017 Videos - www.irongeek.com Techniques Armory Sandbox – Building a USB analyzer with USB armory - sentinelone.com The USB armory is a small computer on a USB stick, providing an ARM A8 800 MHz CPU and 512MB RAM, and it’s versatile enough to implement all kinds of [...]

Week 24 In Review – 2017

Events Related Security Fest - www.youtube.com This summer, Göteborg became the most secure city in Sweden! We had a day filled with great talks by internationally renowned speakers on some of the most cutting edge and interesting topics in IT-Security. ShowMeCon 2017 Videos - www.irongeek.com Resources List of Printers Which Do or Do Not Display [...]

Week 23 In Review – 2017

Events Related CarolinaCon 13 - www.youtube.com Techniques impacket - github.com This script will exploit CVE-2017-7494, uploading and executing the shared library specified by the user through the –so parameter. Automating the Empire with the Death Star: getting Domain Admin with a push of a button - byt3bl33d3r.github.io Originally, I wanted something that could just take BloodHounds output, [...]

Week 22 In Review – 2017

Events Related AppSec EU 2017 - www.youtube.com Techniques ICS/SCADA Systems for Penetration Testers: A Typical Engagement - blog.gdssecurity.com It’s no secret that the devices that comprise process control systems are generally vulnerable to attack. This point has been made through endless research and has even been the subject of countless talks and trainings. Vulnerabilities Secure [...]

Week 21 In Review – 2017

Events Related NolaCon 2017 - www.irongeek.com Resources Ransomware using EternalBlue This week's release of Metasploit includes a scanner and exploit module for the EternalBlue vulnerability, which made headlines a couple of weeks ago when hacking group, the Shadow Brokers, disclosed a trove of alleged NSA exploits. Included among them, EternalBlue, exploits MS17-010, a Windows SMB vulnerability. EternalBlue: Metasploit Module for [...]

Week 20 In Review – 2017

  Events Related Converge 2017 Videos - www.irongeek.com These are the videos from the Converge Information Security Conference. BSides Detroit 2017 Videos - www.irongeek.com These are the videos from the BSides Detroit 2017 Conference.  Resources  Intel Active Management Technology On May 1, Intel published a security advisory regarding a firmware vulnerability in certain systems that utilize Intel® Active Management [...]

Week 19 In Review – 2017

Events Related BSidesCharm 2017 Videos - www.irongeek.com These are the videos BSidesCharm (Baltimore) 2017. Resources Car Hacking - illmatics.com Instead of buying books or paying exorbitant amount of money to learn about car hacking, we (Charlie Miller and Chris Valasek) decided to publish all our tools, data, research notes, and papers to everyone for FREE! Password [...]

Week 17 In Review – 2017

Resources  Probable-Wordlists - github.com Wordlists sorted by probability originally created for password generation and testing VM escape - QEMU Case Study - www.phrack.org Virtual machines are nowadays heavily deployed for personal use or within the enterprise segment. Network security vendors use for instance different VMs to analyze malwares in a controlled and confined environment. Vulnerabilities [...]

Week 16 In Review – 2017

Events Related BSides Nashville 2017 Videos - www.irongeek.com Tools CAN-Bus-Arduino-Tool - github.com A tool for performing replay and sniffing CAN bus traffic. OWTF 2.1a "Chicken Korma" released - owtf.github.io Yes folks, it is that time again, a new release of the Offensive Web Testing Framework, OWASP OWTF, one of several OWASP Flagship projects Vulnerabilities InterContinental Hotels [...]