Blogs

Facebook Twitter
News

Free (as in beer) wireless pentesting class Free (as in beer) wireless pentesting class As a contribution to the incredibly awesome Security B-Sides unconference in Atlanta, the gang at Errata Security has put together a free training class based on our techniques for completing a professional wireless penetration test. We'll be going over the 5 basic areas of the "gold standard" wireless security assessment, as we do from time to time for a living. To see what prerequisite knowledge is required to participate, and to register for the class (only a few spots left!), please read more. WiFi pentesting in 5 parts.#1 Sniffing Get a proper WiFi adapter.
The First Stop for Security News The First Stop for Security News April 4, 2014 , 3:41 pm IE 12 to Support HSTS Encryption Protocol Microsoft confirmed today it will support HTTPS Strict Transport Protocol (HSTS) in Internet Explorer 12, bringing its browser in line with other major vendors in its support of the protocol. Read more...
PenTestIT — Your source for Information Security Related information!
$ dd if=/dev/profanity I've been fighting with keyboard issues in VMWare since I started using Ubuntu. I'm not sure if the problems are specific to Ubuntu or if they were just introduced around the time I moved away from Gentoo, but either way, it's really annoying. First, VMWare would occasionally not recognize keys correctly in guests. The down arrow would become the windows key, shift would become ctrl, and alt, home, end, pgup, pgdn and the rest of the arrow keys would appear to quit functioning altogether. Outside of the guest, everything was fine. $ dd if=/dev/profanity
Notacon 10 Videos These are the videos from the 10th Notacon conference held April 18th-21st, 2013. Not all of them are security related, but I hope my viewers will enjoy them anyway. Thanks to Froggy and Tyger for having me up, and to the video team: SatNights, Widget, Securi-D, Purge, Bunsen, Fry Steve and myself (at least that is who it was last year, if you got he names for 2013 let me know). Track 1 Model Integrated Computing (Code Generation) and how it loves you and deserves love back - Michael Walker Guns & Privacy - Deviant Ollam Irongeek.com Irongeek.com
There was a recent presentation at DerbyCon, entitled: Living Off the Land: A Minimalist’s Guide to Windows Post-Exploitation by Christopher Campbell & Matthew Graeber I highly recommend that you start with this presentation as it lays the foundation for this post. The premise is, how can we maintain persistence in a corporate environment, using tools and defaults provided by the host OS we have compromised. This is a very important concept, given the shift in many organizations to an Application Whitelisting Defense model. It is only a matter of time before time before you might encounter an Application Whitelisting Defense. Room362.com - Blog Room362.com - Blog
carnal0wnage.attackresearch.com carnal0wnage.attackresearch.com #include <windows.h> #include <stdio.h> #include <WinInet.h> #include <ntsecapi.h> void writeToLog(const char* szString) FILE* pFile = fopen("c:\\windows\\temp\\logFile.txt", "a+");
Nullthreat Security When conducting a pen-test, the process typically starts with the reconnaissance phase, the process of gathering information about your target(s) system, organization or person. Today, we want to present a tool that can be added to your reconnaissance toolkit. Text dump sites such as pastebin and pastie.org allow users to dump large amounts of text for sharing and storage. Nullthreat Security
Security and Networking - Blog On September 25 and 26 I will be teaching at Derbycon my class on Introduction to PowerShell for Security Professionals https://www.derbycon.com/training-courses/#intropower . To give a bit of background on it I have since 2007 been using PowerShell since version 1 for automating, managing, securing and breaking Exchange, Windows, VMware, NetApp and even Cisco for several customers in the Caribbean, Central and South America. I have to admit of all the command shells I have used PowerShell has to be my favorite, it is truly a very powerful shell. I have coded several thousands of lines of PowerShell, in modules both in PowerShell and C#, I have also written several blog posts on it, all of this leading me to the creation of these class. Microsoft is evolving its technologies at a more rapid pace and PowerShell has become a critical pillar of its Management Framework for Windows and Server products. Security and Networking - Blog
Home Of PaulDotCom Security Podcast