Presentaciones de Defcon 22 ya disponibles

by tuxotron - on ago 25th 2014 - No Comments


defcon22.jpg

Ya se encuentran disponibles las presentaciones (diapositivas y algún documento extra) de Defcon 22:

  • Protecting SCADA From the Ground Up – PDF
  • Detecting Bluetooth Surveillance Systems – PDF
  • Dropping Docs on Darknets: How People Got Caught – PDF
  • Hacking 911: Adventures in Disruption, Destruction, and Death – PDF
  • How to Disclose an Exploit Without Getting in Trouble – PDF
  • Reverse Engineering Mac Malware – PDF
  • NSA Playset: PCIe – PDF
  • The Monkey in the Middle: A pentesters guide to playing in traffic. – PDF
  • Investigating PowerShell Attacks – PDF
  • Is This Your Pipe? Hijacking the Build Pipeline. – PDF
  • Screw Becoming A Pentester – When I Grow Up I Want To Be A Bug Bounty Hunter! – PDF
  • Home Alone with localhost: Automating Home Defense – PDF
  • Meddle: Framework for Piggy-back Fuzzing and Tool Development – PDF
  • Instrumenting Point-of-Sale Malware: A Case Study in Communicating Malware Analysis More Effectively – PDF White Paper
  • One Man Shop: Building an effective security program all by yourself – PDF
  • RF Penetration Testing, Your Air Stinks – PDF
  • Touring the Darkside of the Internet. An Introduction to Tor, Darknets, and Bitcoin – PDF
  • USB for all! – PDF
  • ShareEnum: We Wrapped Samba So You Don’t Have To – PDF
  • An Introduction to Back Dooring Operating Systems for Fun and Trolling – PDF
  • Android Hacker Protection Level 0 – PDF
  • Anatomy of a Pentest; Poppin’ Boxes like a Pro – PDF
  • Bug Bounty Programs Evolution – PDF Extras
  • Practical Foxhunting 101 – PDF
  • Client-Side HTTP Cookie Security: Attack and Defense – PDF
  • Bypass firewalls, application white lists, secure remote desktops under 20 seconds – PDF
  • PropLANE: Kind of keeping the NSA from watching you pee – PDF
  • Getting Windows to Play with Itself: A Hacker’s Guide to Windows API Abuse – PDF
  • Weaponizing Your Pets: The War Kitteh and the Denial of Service Dog – PDF
  • Through the Looking-Glass, and What Eve Found There – PDF White Paper
  • Summary of Attacks Against BIOS and Secure Boot – PDF
  • I am a legend: Hacking Hearthstone with machine learning – PDF
  • The Secret Life of Krbtgt – PDF
  • The $env:PATH less Traveled is Full of Easy Privilege Escalation Vulns – PDF
  • Hacking US (and UK, Australia, France, etc.) traffic control systems – PDF
  • The Cavalry Year[0] & a Path Forward for Public Safety – PDF
  • NSA Playset: DIY WAGONBED Hardware Implant over I2C – PDF
  • Abuse of Blind Automation in Security Tools – PDF
  • Why Don’t You Just Tell Me Where The ROP Isn’t Suppose To Go – PDF
  • Steganography in Commonly Used HF Radio Protocols – PDF Extras
  • Saving Cyberspace by Reinventing File Sharing – PDF
  • Empowering Hackers to Create a Positive Impact – PDF
  • Just What The Doctor Ordered? – PDF
  • Check Your Fingerprints: Cloning the Strong Set – PDF
  • Shellcodes for ARM: Your Pills Don’t Work on Me, x86 – PDF
  • Blowing up the Celly – Building Your Own SMS/MMS Fuzzer – PDF
  • Mass Scanning the Internet: Tips, Tricks, Results – PDF
  • Deconstructing the Circuit Board Sandwich: Effective Techniques for PCB Reverse Engineering – PDF
  • Saving the Internet (for the Future) – PDF
  • Burner Phone DDOS 2 dollars a day : 70 Calls a Minute – PDF
  • Hack All The Things: 20 Devices in 45 Minutes – PDF
  • Stolen Data Markets: An Economic and Organizational Assessment – PDF
  • Raspberry MoCA – A recipe for compromise – PDF White Paper 1 White Paper 2
  • Girl… Fault-Interrupted. – PDF
  • Extreme Privilege Escalation On Windows 8/UEFI Systems – PDF White Paper
  • NinjaTV – Increasing Your Smart TV’s IQ Without Bricking It – PDF
  • Oracle Data Redaction is Broken – PDF
  • Weird-Machine Motivated Practical Page Table Shellcode & Finding Out What’s Running on Your System – PDF
  • Catching Malware En Masse: DNS and IP Style – PDF White Paper
  • Attacking the Internet of Things using Time – PDF
  • Open Source Fairy Dust – PDF
  • Learn how to control every room at a luxury hotel remotely: the dangers of insecure home automation deployment – PDF White Paper
  • Generating ROP payloads from numbers – PDF
  • DEF CON Comedy Jam Part VII, Is This The One With The Whales? – PDF
  • The NSA Playset: RF Retroreflectors – PDF 1 PDF 2
  • VoIP Wars: Attack of the Cisco Phones – PDF
  • Playing with Car Firmware or How to Brick your Car – PDF
  • Measuring the IQ of your Threat Intelligence feeds – PDF
  • Secure Because Math: A Deep Dive On Machine Learning-Based Monitoring – PDF
  • Abusing Software Defined Networks – PDF
  • NSA Playset : GSM Sniffing – PDF
  • Cyberhijacking Airplanes: Truth or Fiction? – PDF
  • Am I Being Spied On? Low-tech Ways Of Detecting High-tech Surveillance – PDF
  • Detecting and Defending Against a Surveillance State – PDF
  • Acquire current user hashes without admin privileges – PDF
  • You’re Leaking Trade Secrets – PDF
  • Veil-Pillage: Post-exploitation 2.0 – PDF
  • From Raxacoricofallapatorius With Love: Case Studies In Insider Threat – PDF
  • Don’t DDoS Me Bro: Practical DDoS Defense – PDF
  • Advanced Red Teaming: All Your Badges Are Belong To Us – PDF
  • I Hunt TR-069 Admins: Pwning ISPs Like a Boss – PDF
  • The Only Way to Tell the Truth is in Fiction: The Dynamics of Life in the National Security State – PDF
  • A Journey to Protect Points-of-sale – PDF
  • Impostor — Polluting Tor Metadata – PDF
  • Domain Name Problems and Solutions – PDF White Paper
  • Optical Surgery; Implanting a DropCam – PDF
  • Manna from Heaven: Improving the state of wireless rogue AP attacks – PDF
  • The Open Crypto Audit Project – PDF
  • Practical Aerial Hacking & Surveillance – PDF White Paper
  • From root to SPECIAL: Pwning IBM Mainframes – PDF
  • PoS Attacking the Traveling Salesman – PDF
  • Don’t Fuck It Up! – PDF
Comparte el post:
  • Meneame
  • Bitacoras.com
  • BarraPunto
  • RSS
  • email
  • PDF
  • Facebook
  • Twitter
  • Digg
  • Google Bookmarks
  • Wikio
  • Reddit
  • Technorati

Entradas relacionadas:

Clase gratuita sobre análisis dinámico de malware

by tuxotron - on ago 24th 2014 - 2 Comments


malware.jpg

En una de mis webs favoritas acaban de publicar los vídeos de la clase sobre análisis dinámico de malware.

La clase está planificada para 3 días, pero desafortunadamente, debido a un problema técnico, los vídeos del tercer día no están disponibles. De todas formas hay bastante material publicado.

Te puedes descargar todo el material en formato PDF u ODP. Dentro del archivo ZIP, hay otro archivo ZIP con malware, éste ZIP está protegido por la contraseña “infected” (sin las comillas).

Los vídeos publicados son los siguientes:

  • Day 1 Part 1 : Introduction (8:10)
  • Day 1 Part 2 : Background: VirtualBox (5:56)
  • Day 1 Part 3 : Background: PE files & Packers (17:00)
  • Day 1 Part 4 : Background: File Identification (15:44)
  • Day 1 Part 5 : Background: Windows Libraries (4:27)
  • Day 1 Part 6 : Background: Windows Processes (35:16)
  • Day 1 Part 7 : Background: Windows Registry (18:07)
  • Day 1 Part 8 : Background: Windows Services (25:52)
  • Day 1 Part 9 : Background: Networking Refresher (27:38)
  • Day 1 Part 10 : Isolated Malware Lab Setup (26:47)
  • Day 1 Part 11 : Malware Terminology (6:50)
  • Day 1 Part 12 : Playing with Malware: Poison Ivy RAT (30:54)
  • Day 1 Part 13 : Behavioral Analysis Overview (5:30)
  • Day 1 Part 14 : Persistence Overview (9:06)
  • Day 1 Part 15 : Persistence Lab: Using Autoruns.exe to View Persistence (6:54)
  • Day 1 Part 16 : Persistence Lab: Viewing “Image File Execution Options” registry (6:40)
  • Day 1 Part 17 : Persistence Lab: Viewing Filesystem Persistence (3:06)
  • Day 1 Part 18 : Persistence Lab: Using Autoruns to Analyze IMworm’s Persistence (9:07)
  • Day 2 Part 1 : Day 1 Review (3:16)
  • Day 2 Part 2 : Persistence Lab: Using Regshot to Analyze IMworm’s Persistence (8:00)
  • Day 2 Part 3 : Persistence Lab: Using Autoruns to Analyze Hydraq’s Persistence (10:19)
  • Day 2 Part 4 : Persistence Lab: Using Regshot to Analyze Hydraq’s Persistence (10:49)
  • Day 2 Part 5 : Maneuvering Overview (2:30)
  • Day 2 Part 6 : Maneuvering: Code Injection Overview (11:46)
  • Day 2 Part 7 : Maneuvering: Lab: Using Regshot to analyze Parite (10:06)
  • Day 2 Part 8 : Background: Windows APIs (21:42)
  • Day 2 Part 9 : Maneuvering: Lab: Using WinAPIOverride to analyze Onlinegames 1 (30:51)
  • Day 2 Part 10 : Maneuvering: Lab: Using WinAPIOverride to analyze Onlinegames 2 (21:05)
  • Day 2 Part 11 : Maneuvering: DLL Search Path Hijacking & Asynchronous Procedure Call (APC) Overview (8:19)
  • Day 2 Part 12 : Maneuvering: Lab: Checking “Known_Dlls” (3:17)
  • Day 2 Part 13 : Maneuvering: Lab: Using ProcessMonitor to Analyze Nitol (18:23)
  • Day 2 Part 14 : Maneuvering: IAT/EAT/Inline Hooking Overview (13:33)
  • Day 2 Part 15 : Malware Functionality Overview (1:55)
  • Day 2 Part 16 : Malware Functionality: Keylogging Overview (3:05)
  • Day 2 Part 17 : Malware Functionality: Analyzing Magania’s Use of SetWindowsHookEx with Rohitab API Monitor (17:33)
  • Day 2 Part 18 : Malware Functionality: Backdoors Overview (2:56)
  • Day 2 Part 19 : Malware Functionality: Backdoors Lab: StickyKeys (1:08)
  • Day 2 Part 20 : Malware Functionality: Phone Home / Beaconing: Lab: Using INetSim to Capture DarkShell’s Beaconing (15:16)

También puedes acceder a estos desde youtube.

Comparte el post:
  • Meneame
  • Bitacoras.com
  • BarraPunto
  • RSS
  • email
  • PDF
  • Facebook
  • Twitter
  • Digg
  • Google Bookmarks
  • Wikio
  • Reddit
  • Technorati

Entradas relacionadas:

Material del WOOT’14 y sesiones técnicas de 23 USENIX Security Symposium

by tuxotron - on ago 24th 2014 - No Comments


sec14_banner.png

El 19 de agosto se dio lugar en San Diego una nueva edición de la USENIX, empezando con los workshops (WOOT ’14), seguido por la 23 edición del USENIX Security Symposium, durante los tres días siguientes, del 20 al 22.

Aquí tenéis la lista de los workshops celebrados en la USENIX Workshop On Offensive Technology (WOOT) 2014. Podéis hacer click en cada enlace para saber más sobre el workshop y bajaros material del mismo, o si os queréis bajar todo el material de golpe, lo podéis hacer desde este enlace.

Aquí tenéis las charlas de la 23 edición de USENIX Security Symposium. Podéis hacer click en la presentación que os interese y desde allí bajaros la documentación de la misma, o si lo prefieres, puedes acceder a todo el material en un documento:

PDFs
USENIX Security ’14 Full Proceedings (PDF)
USENIX Security ’14 Proceedings Interior (PDF, best for mobile devices)

ePub (para iPad y otros eReaders)
USENIX Security ’14 Full Proceedings (ePub)

Mobi (Kindle)
USENIX Security ’14 Full Proceedings (Mobi)

Comparte el post:
  • Meneame
  • Bitacoras.com
  • BarraPunto
  • RSS
  • email
  • PDF
  • Facebook
  • Twitter
  • Digg
  • Google Bookmarks
  • Wikio
  • Reddit
  • Technorati

Entradas relacionadas:

Er docu der finde: Los verdaderos revolucionarios

by tuxotron - on ago 22nd 2014 - No Comments

Comparte el post:
  • Meneame
  • Bitacoras.com
  • BarraPunto
  • RSS
  • email
  • PDF
  • Facebook
  • Twitter
  • Digg
  • Google Bookmarks
  • Wikio
  • Reddit
  • Technorati

Entradas relacionadas: