Week 16 In Review – 2017

Events Related BSides Nashville 2017 Videos - www.irongeek.com Tools CAN-Bus-Arduino-Tool - github.com A tool for performing replay and sniffing CAN bus traffic. OWTF 2.1a "Chicken Korma" released - owtf.github.io Yes folks, it is that time again, a new release of the Offensive Web Testing Framework, OWASP OWTF, one of several OWASP Flagship projects Vulnerabilities InterContinental Hotels [...]

Week 15 In Review – 2016

Events Related Tailoring the NIST Cybersecurity Framework for a Precise Fit - www.tenable.com One thing caught my attention right away: there were two digital clocks prominently displayed on either side of the auditorium. Both clocks were synchronized, and according to my phone, they were accurate to the second. It makes sense because NIST is the [...]

Week 27 In Review – 2014

Black Hat USA Briefings Giveaway Enter to win an Black Hat USA 2014 Briefings ticket worth $2,2000 from Infosec Events Events Related School on Applications of Open Spectrum and White Spaces Technologies - Schedule – wireless.ictp.it ICTP School on Applications of Open Spectrum and White Spaces Technologies - 2014 workshop schedule is available here. You can [...]

Week 25 In Review – 2014

Resources Circle City Con 2014 Videos – www.irongeek.com These are the Circle City Con 2014 videos. You can watch and download all of the recordings from here. OWASP Security Shepherd – owasp.org Security Shepherd has been implemented with the aim of fostering and improving security awareness among a varied skill-set demographic. This project enables users to learn [...]

Week 22 In Review – 2014

Events Related HITB Amsterdam 2014 Wrap-up HITB Amsterdam 2014 Wrap-up Day #1 – blog.rootshell.be Xavier is in Amsterdam for attending at the new edition of Hack In The Box. This is a special edition with many improvements. HITB2014AMS – Day 1 – State of the ART: Exploring the New Android KitKat Runtime – www.corelan.be This is a [...]

Week 14 In Review – 2014

Resources Everything You Always Wanted to Know About iTunes and iCloud Backups But Were Afraid to Ask – blog.crackpassword.com Do you think you know everything about creating and using backups of Apple iOS devices? Probably not. Here Vladimir Bezmaly (MVP Consumer security, Microsoft Security Trusted Advisor) shares some thoughts, tips and tricks on iTunes and iCloud [...]

2017-03-12T17:39:32-07:00 April 7th, 2014|Security Tools, Security Training, Week in Review|0 Comments

Week 6 In Review – 2014

Resources Why PLCpwn Is Important for ICS Cyber Weapons – www.digitalbond.com The interesting question is what happens when organizations and governments stumble across one of these deployed attack systems and covert channels? S4x14 Video: Stephen Hilt on PLCpwn -digitalbond.com Cheat Sheets – packetlife.net Here are Cheet sheets by packetlife. You can download all from here. OWASP Cheat Sheet [...]

Week 42 In Review – 2013

Events Related SANS FOR610: Reverse Engineering Malware – Course Review – blog.c22.cc What follows is a review of the SANS FOR610: reverse engineering malware class taken at the SANS Prague 2013 event. What follows are rough notes, feelings and impressions from the class as it was taking place. Take it as you will, and we hope [...]

Week 38 In Review – 2013

Resources Heuristic methods used in sqlmap – unconciousmind.blogspot.com You can find slides for Miroslav Štampar talk "Heuristic methods used in sqlmap" held at FSec 2013 conference (Croatia / Varazdin 19th September 2013) here. Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network – blog.spiderlabs.com It’s always surprising how insecure some internal networks turn out to [...]

Week 37 In Review – 2013

Resources Video Tutorial: Introduction to XML External Entity Injection – community.rapid7.com This video introduces XML injection to achieve XML external entity injection (XXE) and XML based cross site scripting (XSS). Errata Security's blog We scanned the Internet for port 22 – blog.erratasec.com Errata Security scanned the entire Internet for port 22 -- the port reserved for "SSH", [...]