Resources Running guide for CTF's - gist.github.com Blackhat Hardware Training Roadmap - securinghardware.com This diagram is intended to give an overview of many of the hardware-related trainings available at Black Hat USA 2017. Generally, lower level hardware is at the bottom and more software to the top. Tools Wordpress Exploit Framework - github.com screen2root - [...]
Events Related BSides Augusta 2016 Videos - www.irongeek.com These are the videos from the BSides Augusta conference. Resources Long Secret Stingray Manuals Detail How Police Can Spy On Phones - theintercept.com The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet. Techniques Reprogramming the Defcon 24 badge [...]
Events Related BSidesNYC2016 - github.com Resources mediatek mt6261 rom dumping via the vibration motor - www.sodnpoo.com McAfee SiteList.xml password decryption - funoverip.net Recently, a very good friend of mine pointed me out the story of a pentester who recovered the encrypted passwords from a McAfee SiteList.xml file, using Responder. Brute-forcing Microsoft Lync via NTLM - www.hackwhackandsmack.com [...]
Events Related My SecTor Story: Root Shell on the Belkin WeMo Switch - www.tripwire.com Researchers from Tripwire were on hand to help attendees explore the world of IoT hacking. They brought with them a table full of devices ranging from routers to smart televisions. They also had a video demonstration of the exploitation of vulnerabilities in [...]
Resources Welcome to the SaintCON 2015 files section! - files.saintcon.org SaintCON materials. RWSPS: WPA/2 Cracking Using HashCat [ch5pt2] - www.rootsh3ll.com If you remember in the previous part, we learned Speeding up WPA/2 Cracking Using Pre-generated PMKs. Which certainly uses CPU as the primary part for the calculations of the PMKs. It surely gives us speed for cracking [...]
Events Related hardwear.io Conference Jumping right in with the keynote of Day 1 by Jon Callas and my favorite quote “Make your devices fixable”. Enough said. Conference Day 1 - www.insinuator.net Conference Day 2 - www.insinuator.net Applied Physical Attacks on x86 Systems - www.insinuator.net GrrCON 2015 Videos - www.irongeek.com Videos of the presentations from GrrCON 2015 Resources [...]
Events Related Derbycon 2015 Videos - www.irongeek.com Black Hat USA 2015 - www.youtube.com Louisville Infosec 2015 Videos - www.irongeek.com Thoughts on my very first DerbyCon (which won't be my last) - community.rapid7.com One you hang around in infosec for a little while, you learn that each of the major cons have their own reputation, their [...]
Events Related Black Hat USA 2015 Course Review - Adaptive Red Team Tactics from Veris Group - www.redblue.team Black Hat has something for everyone (across the defensive and offensive spectrum) and after considerable delibaration I decided to register for Adaptive Red Team Tactics from Veris Group. This is an interesting team in that a lot of the [...]
Events Related 44CON - www.slideshare.net BSides Augusta 2015 Videos - www.irongeek.com Videos from the BSides Augusta conference. Resources Satellite Turla: APT Command and Control in the Sky - securelist.com When you are an APT group, you need to deal with many different problems. One of them, and perhaps the biggest, is the constant seizure and takedown of [...]
Events Related DEFCON This year marked the 23rd DefCon, the hacker conference that began as an informal gathering for hackers to meet in person and party in the desert. Imploding Barrels and Other Highlights From Hackfest DefCon - www.wired.com I spent the week with over 20,000 hackers in Las Vegas — here's what I saw [...]