Events Related BSidesLV - youtube.com Recordings of Security BSides Las Vegas sessions, selected sessions of sister conferences and other Information Security related educational materials. BotConf 2016 This is already the fourth edition of the Botconf security conference, fully dedicated to fighting malware and botnets. Since the first edition, the event location changed every year and it allowed me [...]
Events Related Hack.lu I’m back to Luxembourg for a new edition of hack.lu. In fact, I arrived yesterday afternoon to attend the MISP summit. It was a good opportunity to meet MISP users and to get fresh news about the project. Hack.lu 2016 Wrap-Up Day #1 - blog.rootshell.be Hack.lu 2016 Wrap-Up Day #2 - blog.rootshell.be Hack.lu 2016 [...]
Resources USB HID/Fingerprint Reader that enters password if Fingerprint is correct - www.reddit.com CCDC Quals Notes (metasploit) - carnal0wnage.attackresearch.com Some quick notes for interesting stuff to keep for CCDC Quals/Notes Tools EZ-Wave - github.com Tools for Evaluating and Exploiting Z-Wave Networks using Software-Defined Radios. firmadyne - github.com FIRMADYNE is an automated and scalable system for [...]
Techniques Kaspersky Antivirus Certificate handling path traversal - code.google.com When Kaspersky https inspection is enabled, temporary certificates are created in %PROGRAMDATA% for validation. I observed that the naming pattern is {CN}.cer. Breaking into and Reverse Engineering iOS Photo Vaults - blog.ioactive.com For whatever reason, a lot of people store risqué pictures on their devices. Why [...]
Events Related HouSecCon v6 2015 Videos - www.irongeek.com Hack.lu 2015 Today started the 11th edition of hack.lu in Luxembourg. Being one of my preferred event, I drove to Luxembourg this morning direction to the Alvisse Parc hotel! Hack.lu 2015 Wrap-Up Day #1 - blog.rootshell.be Hack.lu 2015 Wrap-Up Day #2 - blog.rootshell.be Hack.lu 2015 Wrap-Up Day #3 [...]
Events Related hardwear.io Conference Jumping right in with the keynote of Day 1 by Jon Callas and my favorite quote “Make your devices fixable”. Enough said. Conference Day 1 - www.insinuator.net Conference Day 2 - www.insinuator.net Applied Physical Attacks on x86 Systems - www.insinuator.net GrrCON 2015 Videos - www.irongeek.com Videos of the presentations from GrrCON 2015 Resources [...]
Events Related The CIA Campaign to Steal Apple’s Secrets - theintercept.com The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. Resources Reversing Mobile Traffic Lights - www.bastibl.net I wanted to have a look at [...]
Events Related Chaos Communication Camp 2015 - media.ccc.de Resources microchips - zeptobars.ru Tools WPSploit - github.com This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool. armory-pass - github.com Password manager for USB Armory Sleepy Puppy - github.com Sleepy Puppy is a cross-site scripting (XSS) payload management [...]
Resources OWASP Proactive Controls – owasp.org This document was written by developers for developers, to assist those new to secure development. It aims to guide developers and other software development professionals down the path of secure web application software development. Anthem-From the Desk of CEO To Members – anthemfacts.com Anthem was the target of a very sophisticated [...]
Resources (IN)Secure Magazine issue 43 (September 2014) available – net-security.org (IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics. You can download it now. A Guide to Gary McGraw's AppsecUSA Keynote – cigital.com Here is a quick guide to the key ideas in the talk. Hope you find this [...]