Events Related SecureWV2015 Videos - www.irongeek.com These are the videos of the presentations from Secure West Virginia 2015. HouSecCon v6 2015 Videos - www.irongeek.com New 4G LTE Hacks Punch Holes In Privacy - www.darkreading.com Black Hat Europe researchers to demonstrate newly found flaws in 4G mobile that expose privacy and disrupt phone service. Black Hat Europe [...]
Resources Welcome to the SaintCON 2015 files section! - files.saintcon.org SaintCON materials. RWSPS: WPA/2 Cracking Using HashCat [ch5pt2] - www.rootsh3ll.com If you remember in the previous part, we learned Speeding up WPA/2 Cracking Using Pre-generated PMKs. Which certainly uses CPU as the primary part for the calculations of the PMKs. It surely gives us speed for cracking [...]
Resources Black Hat 2015 Wrap Up – Part I - nettitude.co.uk This year, Black Hat (BH) 2015 came, as it usually does, with major security flaws and some “dojos” aside from the major android vulnerabilities we were exposed to and other types of security issues that are much less talked about, but still expose serious [...]
Events Related DEFCON This year marked the 23rd DefCon, the hacker conference that began as an informal gathering for hackers to meet in person and party in the desert. Imploding Barrels and Other Highlights From Hackfest DefCon - www.wired.com I spent the week with over 20,000 hackers in Las Vegas — here's what I saw [...]
Events Related Kaminsky Creates Clickjacking-Killer - www.darkreading.com Renowned security expert Dan Kaminsky here this week unveiled his latest project: a solution to eradicate so-called clickjacking attacks that plague the Web. 9th USENIX Workshop on Offensive Technologies - www.usenix.org Black Hat USA 2015 Highlights - www.tripwire.com The 18th annual Black Hat USA conference gathered thousands of professionals, [...]
Events Related Infiltrate 2015 - vimeo.com BSides Cincinnati 2015 Videos - www.irongeek.com BSides Las Vegas 2015 Videos - www.irongeek.com Resources Workshop2015 - github.com radare2 framework Tools Releasing jsfunfuzz and DOMFuzz - www.squarefree.com Today I'm releasing two fuzzers: jsfunfuzz, which tests JavaScript engines, and DOMFuzz, which tests layout and DOM APIs. The popular hacker Samy Kamkar has presented [...]
Resources Jailbreak or Root Detection: A False Sense of Security, Part 1 - bluebox.com Mobile management vendors have ingrained in the industry that jailbroken and rooted devices are bad: automatically deny all access. There is a widespread fear in the industry that these “compromised” devices jeopardize enterprise networks and are prone to leaking corporate secrets. [...]
Events Related BruCON 0×05 Wrap Up -blog.rootshell.be Here is Xavier's quick wrap-up of BruCON 0×05. Actually it’s not a wrap-up about the talks. He gives some statistics about the visitors. Resources One Weird Trick for Finding More Crashes – www.cert.org CERT Vulnerability Analysis Team announced the release of updates to both of their fuzzing tools, the CERT [...]
Tools SpiderFoot 2.0.4 released, new module, improvements and bug fixes – spiderfoot.net Kautilya 0.4.4 - dump lsa secrets, introduce vulns, improved backdoors and more –labofapenetrationtester.com Here comes Kautilya 0.4.4. This version adds three new payloads and improves couple of others. Owasp Broken Web Applications Project VM v1.1 Released – sourceforge.net Looking for the latest version? Download OWASP_Broken_Web_Apps_VM_1.1.7z. Techniques [...]