Week 44 In Review – 2015

Resources Welcome to the SaintCON 2015 files section! - SaintCON materials. RWSPS: WPA/2 Cracking Using HashCat [ch5pt2] - If you remember in the previous part, we learned Speeding up WPA/2 Cracking Using Pre-generated PMKs. Which certainly uses CPU as the primary part for the calculations of the PMKs. It surely gives us speed for cracking [...]

Week 43 In Review – 2015

Events Related HouSecCon v6 2015 Videos - 2015 Today started the 11th edition of in Luxembourg. Being one of my preferred event, I drove to Luxembourg this morning direction to the Alvisse Parc hotel! 2015 Wrap-Up Day #1 - 2015 Wrap-Up Day #2 - 2015 Wrap-Up Day #3 [...]

Week 33 In Review – 2015

Events Related Kaminsky Creates Clickjacking-Killer - Renowned security expert Dan Kaminsky here this week unveiled his latest project: a solution to eradicate so-called clickjacking attacks that plague the Web. 9th USENIX Workshop on Offensive Technologies - Black Hat USA 2015 Highlights - The 18th annual Black Hat USA conference gathered thousands of professionals, [...]

Week 4 In Review – 2015

Events Related Our Favorite Presentations from ShmooCon 2015 – Jen and Phil were fortunate to attend this year’s ShmooCon, an annual hacker conference held in Washington, DC. Here are the wrap up of the conference. Resources BSides Columbus 2015 Videos – hese are the videos from the BSides Columbus Ohio conference. You can watch and [...]

Week 38 In Review – 2013

Resources Heuristic methods used in sqlmap – You can find slides for Miroslav Štampar talk "Heuristic methods used in sqlmap" held at FSec 2013 conference (Croatia / Varazdin 19th September 2013) here. Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network – It’s always surprising how insecure some internal networks turn out to [...]

Week 36 in Review – 2012

Resources Elderwood Project 'Elderwood' Crew, Tied to Google Aurora Attack, Targeting Defense, Energy, Finance Companies - The same team that attacked Google in the Aurora campaign in 2009 is still active and has been conducting a long-term campaign targeting defense contractors, financial services companies, energy companies, human rights organizations and government agencies using a [...]

Week 12 in Review – 2012

Event Related CanSecWest 2012 Hardware Involved Software Attack - Material for CanSecWest 2012 by Jeff ForristralVulnerability analysis, practical data flow analysis and visualization - Recently at CanSecWest 2012, we presented on the technology we use for analyzing malicious samples and PoC files. As malware often actively attempts to exploit software vulnerabilities these days, [...]

Week 8 in Review – 2012

Resources A look at ASLR in Android Ice Cream Sandwich 4.0 - For the uninitiated, ASLR randomizes where various areas of memory (eg. stack, heap, libs, etc) are mapped in the address space of a process. The Ultimate OS X Hardening Guide Collection - Many security professionals tend to use OS X systems. [...]

2017-03-12T17:39:50-07:00 February 27th, 2012|Security Tools, Security Vulnerabilities, Uncategorized|0 Comments

Week 3 in Review – 2012

Event Related Infiltrate  Conference “Voight-Kampff’ing The BlackBerry PlayBook” at INFILTRATE 2012 – We gave a talk at Immunity’s awesome INFILTRATE conference in Miami Beach, FL. Our presentation, “Voight-Kampff’ing The BlackBerry Playbook”, discussed some of the blackbox style, independent research we performed on the BlackBerry PlayBook. Infiltrate Wrap Up – Our industry is getting [...]

Week 18 in Review – 2009

Tools: Dranzer ActiveX Fuzzer Watcher – Passive web security analysis tool (fiddler plugin) Pangolin – Very nice SQL injection tool Network Monitor 3.3 – Microsoft’s wireshark equivalent CAIN 4.9.30 – Now with SSL MITM support Vulnerabilities: Oracle TNS listener and 11.1.0 Other News: F-Secure malware course - Hijacking US military satellites for communication [...]

2009-05-04T21:50:00-07:00 May 4th, 2009|Security Tools|0 Comments