Presentaciones DerbyCon 8.0

DerbyCon 8.0 Desde la página de IronGeek podéis ver los vídeos de todas (casi) las presentaciones de DerbyCon 8.0. Aquí tenéis la lista de los mismos: Opening How to influence security technology in kiwi underpants Benjamin Delpy Panel Discussion - At a Glance: Information Security Ed Skoudis, John Strand, Lesley Carhart. Moderated by: Dave Kennedy Red Teaming gaps and musings Samuel Sayen A Process is No One: Hunting for Token Manipulation Jared Atkinson, Robby Winchester Fuzz your smartphone from 4G base station side Tso-Jen Liu Clippy for the Dark Web: Looks Like You’re Trying to Buy Some Dank Kush, Can I Help You With That?
Leer más

Las "Stable Talks" de Derbycon 2012 ya disponibles

En la gran web de irongeek han publicado las Stable Talks de la Derbycon de este año. Las Stable Talks son charlas, sobre seguridad también, pero cuya duración suelen ser más cortas que las charlas tradicionales. Sin más, aquí tenéis el listado: Valerie Thomas: Appearance Hacking 101 - The Art of Everyday Camouflage Tim Tomes “LanMaSteR53”: Next Generation Web Reconnaissance Thomas Hoffecker: Hack Your Way into a DoD Security Clearance John Seely CounterSploit MSF as a defense platform Chris Murrey “f8lerror” & Jake Garlie “jagar”: Easy Passwords = Easy Break-Ins Tyler Wrightson: The Art and Science of Hacking Any Target Thomas Richards: Android in the Healthcare Workplace Spencer McIntyre: How I Learned to Stop Worrying and Love the Smart Meter Shawn Merdinger: Medical Device Security Rockie Brockway: Business Ramifications of Internet’s Unclean Conflicts Nathan Magniez: Alice in Exploit Redirection Land Magen Hughes: Are you HIPAA to the Jive Justin Brown & Frank Hackett: Breaking into Security Josh Thomas: Off Grid Communications with Android Jennifer “savagejen” Savage & Daniel “unicorn Furnance”: The Patsy Proxy Jason Pubal: SQL Injection 101 James Siegel: Nice to Meet You Brett Cunningham: Beyond Strings - Memory Analysis During Incident Response Gus Fritschie & Nazia Khan: Hacked Hollywood Evan Anderson: Active Directory Reconnaissance - Attacks and Post-Exploitation David Young: ISO8583 or Pentesting with Abnormal Targets David Cowen: Running a Successful Red Team Damian Profancik: Managed Service Providers - Pwn One and Done Ben Toews & Scott Behrens: Rapid Blind SQL Injection Exploitation with BBQSQL Andy Cooper: Why Integgroll Sucks at Python.
Leer más

Vídeos de la DerbyCon 2012

Este era otra de las entradas que tenía pendiente de publicar. Como ya bien anunciaron en Security By Default, en IronGeek estaban subiendo los vídeos de la DerbyCon 2012. Hasta ahora sólo faltan 2 vídeos, el de Kevin Mitnick, pendiente de aprobar y otro titulado “You Can’t Buy Security. Building an Open Sourced Information Security Program”, del cual parece ser tuvieron alguna dificultad técnica. Para que quede registrado por aquí, esta es la lista: Opening Ceremony HD Moore – The Wild West Dan Kaminsky – Black Ops Mudge – Cyber Fast Track; from the trenches Jayson E.
Leer más

Derbycon 2011 Vídeos

De forma casual me he topado con los vídeos de la Derbycon del año pasado 2011 y después de buscar por el blog he visto que no teníamos una entrada con los vídeos de esta magnífica conferencia, que por cierto fue la primera edición. Así que aquí van: jimmy shah mobile app moolah profit taking with mobile malware mccorkle and rios 100 bugs in 100 days an analysis of ics scada software brent huston realize your hacker heritage do the needful mick douglas blue team is sexy refocusing on defense part ii all you baseline are belong to us thomas dotreppe mister x openwips ng joshua drake jduck exploiting java memory corruption vulnerabilities matthew becker 73o7ki survival hacking your way out of armageddon bart hopper avoiding the landmines in your own backyard georgia weidman throw it in the river towards real live actual smartphone security brian baskin walking the green mile how to get fired after a security incident infojanitor virtual trust virtual permission and the illusion of security boris sverdlik your perimeter sucks larry pesce you are the smart meter making and hacking of the 2011 ma ccdc electronic badges  rob simon pentesting over powerlines bill sempf is locksport a sport raphael mudge dirty red team tricks keynote hd moore acoustic intrusions ben feinstein and jeff jarmoc get off of my cloud cloud credential compromise and exposure josh kelley winfang98 infectious media bypassing autorun once and for all chris nickerson compliance an assault on reason chris roberts a tribute to dr strangelove deviant ollam distinguishing lockpicks raking vs lifting vs jiggling and more joe schorr rule 1 cardio and 9 other rules to keep intruders out ryan linn collecting underpants to win your network jayson e street steal everything kill everyone cause total financial ruin or how i walked in and misbehaved bruce potter the details dont matter kevin mitnick dave kennedy adaptive penetration testing rick farina free floating hostility chris gates and rob fuller the dirty little secrets they didnt teach you in pentesting class johnny long hackers for charity update jamison scheeres social engineering is a fraud jack daniel surviving a teleporter accident it could happen to you kevin johnson and tom eston desktop betrayal exploiting clients through the features they demand closing rick hayes karthik rangarajan osint beyond the basics int0x80 of dual core anti forensics for the louise evan booth hide yo kids hide yo wife residential security and monitoring the bottom line atlas sploit me if you can charlie miller battery firmware hacking michael arpaia beat to 1337 creating a successful university cyber defense organization tony huffman myne us when fuzzers miss the no hanging fruit adrian dave martin welcome to derbycon 2011 intro to the con and events tottenkoph data mining for neuro hackers kyle osborne kos the hidden xss attacking the desktop thomas hoffecker exploiting pki for fun and profit or the next yellow padlock icon rafal los youre going to need a bigger shovel a critical look at software security assurance carlos perez darkoperator tactical post exploitation jason scott jason scotts shareware calvacade paul asadoorian john strand offensive countermeasures still trying to bring sexy back rick redman tomorrow you can patch that 0day but your users will still get you p0wn3d pat mccoy and chris silvers hook line and syncer the liar for hires ultimate tacklebox adrian crenshaw building a svartkast cheap hardware to leave behind on someone elses network peter van eeckhoutte and elliot cutright win32 exploit development with mona and the metasploit framework dennis kuntz mining sensitive information from images using command line ocr the penetration testing execution standard ptes panel adrian dave martin welcome to derbycon 2011 intro to the con and events keynote hd moore acoustic intrusions johnny long hackers for charity update kevin mitnick dave kennedy adaptive penetration testing the penetration testing execution standard ptes panel bruce potter the details dont matter chris nickerson compliance an assault on reason pat mccoy and chris silvers hook line and syncer the liar for hires ultimate tacklebox jason scott jason scotts shareware calvacade atlas sploit me if you can dennis kuntz mining sensitive information from images using command line ocr tottenkoph data mining for neuro hackers michael arpaia beat to 1337 creating a successful university cyber defense organization carlos perez darkoperator tactical post exploitation paul asadoorian john strand offensive countermeasures still trying to bring sexy back tony huffman myne us when fuzzers miss the no hanging fruit rafal los youre going to need a bigger shovel a critical look at software security assurance rick hayes karthik rangarajan osint beyond the basics int0x80 of dual core anti forensics for the louise rick redman tomorrow you can patch that 0day but your users will still get you p0wn3d brian baskin walking the green mile how to get fired after a security incident jack daniel surviving a teleporter accident it could happen to you adrian crenshaw building a svartkast cheap hardware to leave behind on someone elses network joe schorr rule 1 cardio and 9 other rules to keep intruders out thomas hoffecker exploiting pki for fun and profit or the next yellow padlock icon matthew becker 73o7ki survival hacking your way out of armageddon bart hopper avoiding the landmines in your own backyard chris gates and rob fuller the dirty little secrets they didnt teach you in pentesting class boris sverdlik your perimeter sucks evan booth hide yo kids hide yo wife residential security and monitoring the bottom line rick farina free floating hostility georgia weidman throw it in the river towards real live actual smartphone security brent huston realize your hacker heritage do the needful rob simon pentesting over powerlines larry pesce you are the smart meter making and hacking of the 2011 ma ccdc electronic badges  bill sempf is locksport a sport infojanitor virtual trust virtual permission and the illusion of security ben feinstein and jeff jarmoc get off of my cloud cloud credential compromise and exposure jimmy shah mobile app moolah profit taking with mobile malware mccorkle and rios 100 bugs in 100 days an analysis of ics scada software charlie miller battery firmware hacking peter van eeckhoutte and elliot cutright win32 exploit development with mona and the metasploit framework ryan linn collecting underpants to win your network jamison scheeres social engineering is a fraud josh kelley winfang98 infectious media bypassing autorun once and for all kevin johnson and tom eston desktop betrayal exploiting clients through the features they demand jayson e street steal everything kill everyone cause total financial ruin or how i walked in and misbehaved deviant ollam distinguishing lockpicks raking vs lifting vs jiggling and more raphael mudge dirty red team tricks chris roberts a tribute to dr strangelove kyle osborne kos the hidden xss attacking the desktop mick douglas blue team is sexy refocusing on defense part ii all you baseline are belong to us thomas dotreppe mister x openwips ng joshua drake jduck exploiting java memory corruption vulnerabilities closing Podéis encontrar otros formatos de vídeo aquí
Leer más