Events Related BruCON 5by5 – WPScan Online Vulnerability Database – ethicalhack3r.co.uk For those of you who have been living under a rock, BruCON is a security conference held every year in Belgium (originally Brussels, now Ghent). Last year was the 5th time the conference had been held and so the year before (2012) they setup what [...]
Resources BLE Fun With Ubertooth: Sniffing Bluetooth Smart and Cracking Its Crypto – blog.lacklustre.net Ubertooth is an open source platform for Bluetooth research. It has a powerful ARM microcontroller connected to a reconfigurable radio chip, the TI CC2400. Although it was originally built to monitor classic Basic Rate (BR) Bluetooth, it serves as an excellent platform [...]
Resources Advanced iOS kernel debugging for exploit developers – www.youtube.com Advanced iOS kernel debugging for exploit developers: A presentation by Stefan Esser (@i0n1c) at the Breakpoint security conference in Melbourne, Australia. ekoparty Security Conference 9th Edition(2013) – ekoparty.org The ekoparty 2013 Videos & Papers are available here. Tools The Social-Engineer Toolkit (SET) v5.4 “Walkers” Released – trustedsec.com [...]
Resources Heuristic methods used in sqlmap – unconciousmind.blogspot.com You can find slides for Miroslav Štampar talk "Heuristic methods used in sqlmap" held at FSec 2013 conference (Croatia / Varazdin 19th September 2013) here. Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network – blog.spiderlabs.com It’s always surprising how insecure some internal networks turn out to [...]
Resources Want to break some Android apps? – carnal0wnage.attackresearch.com @jhaddix, the newest blogger shared a bunch of Android apps hacking tools links. Tools Linux Exploit Suggester – penturalabs.wordpress.com This is a Linux Exploit Suggester, with no frills and no fancy features; just a simple script to keep track of vulnerabilities and suggest possible exploits to use to [...]
Event Related Femtocell Presentation Slides, Videos and App - isecpartners.com We're back from Las Vegas, rested, and finally ready to release the slides, videos, and our app from our presentation at Black Hat and Defcon: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell. BlackHat Conference: Z-Wave Security - sensepost.com We are [...]
Event Related DefCon #DEFCON Defense by numbers: Making Problems for Script Kiddies and Scanner Monkeys - blog.c22.cc Despite my fears of freezing on stage and beginning to drool like a moron, I think the presentation went well. Excluding of course the point where Powerpoint decided it would die in a fire rather than show my [...]
Event Related Great Scott Gadgets Infiltrate 2013 - greatscottgadgets.com Michael Ossmann and Kyle Osborn presented Two-Timing Data Connectors at Infiltrate 2013. Resources Nessus Using Posh-SecMod PowerShell Module to Automate Nessus(Part1) - darkoperator.com One showed me some of the scripts they use and then it came to me why not automate Nessus from with in PowerShell. [...]
Event Related IPv6 Focus Month IPv6 Focus Month: What is changing with DHCP - isc.sans.edu Among the different methods to configure IPv6 addresses, most managed networks will likely stick with DHCP. DHCPv6 however is a bit different then DHCPv4. We will summarize here some of the basic differences between DHCPv4 and DHCPv6. IPv6 Focus Month: [...]
Event Related ShmooCon Firetalks 2013 - irongeek.com These are the videos I have for the ShmooCon Firetalks 2013. Resources APT 1 APT 1: Exposing One of China's Cyber Espionage Units - intelreport.mandiant.com APT1: Exposing One of China's Cyber Espionage Units Threat Actors Using Mandiant APT1 Report as a Spear Phishing Lure: The Nitty Gritty - [...]