Clik here to view.
Speaking 102 - The Audience Perspective
Today I was in a brief / talk / meeting and I just wanted to share with you some of the things that I saw in this event that might better help you know what NOT to do while getting up in front of any...
View ArticleClik here to view.
Random Thoughts - Web App Hacking
SQLi through meta refreshes using cookies or useragents. Making SQLi a client-side attack. How much do you want to bet that the person that visits the site the most is the administrator :) Javascript...
View ArticleClik here to view.
Maltego 2 and beyond - Part 3
Table of Contents: Part 1 - Introduction Part 2 - Entities and Transforms Part 3 - The Human Factor Part 4 - Server Time (CTAS, PTTAS, MALTAS, SQLTAS, SNTAS) Part 5 - Hacks, Tips, and Tricks Today we...
View ArticleClik here to view.
Podcaster's Meetup @ ShmooCon Update 1
Sponsors: We have had a lot of great response for everyone on this year’s event! I want to reiterate, this event is for podcasters, bloggers, twitter addicts, and everyone in between. I would also like...
View ArticleClik here to view.
Podcasters Meetup at ShmooCon
More information can be found at http://www.podcastersmeetup.com/ But here is the down and dirty: We are sponsored this year by: HP, SunbeltSoftware, DojoSec, and TheAcademyPro / TheAcademyHome solidly...
View ArticleClik here to view.
TiVo for the Economically Unstimulated
TiVo and DVRs in general have brought TV watching a long way. Some of the innovations that have come of it have made the TV experience better. Commercial skipping is my own personal favorite. But some...
View ArticleClik here to view.
Full Disclosure gets dusted off
The Full Disclosure mailing list has a long and illustrious past. It has played host to everything from zero days to politics. One thing that has rung true for a number of years, if not since it’s...
View ArticleClik here to view.
Retractions - Web App and SAMBA
First: Using SAMBA to crack Unix passwords Theory: You compromise a unix host during a pentest and grab /etc/shadow and /etc/password. You take the entries for root in both and drop them into a unix...
View ArticleClik here to view.
Offensive Security Certified Professional
I recently obtained the status Offensive Security Certified Professional. It is one of the best courses I have ever taken. It challenged me to think and learn new skills on the fly. You start the...
View ArticleClik here to view.
Bob Stories - Airport Boredom
I registered Bobstories.com after listening to PaulDotCom for a while. I have always told stories of this manor, but never quite put a name to “my friend”. Now that he has a name, it is only fitting...
View ArticleClik here to view.
Ear Trumpet
I have had the idea for this app for a long time, expressed it a few times, but never really pushed, and I sure that I am not the only one who has thought of or wanted an app like Ear Trumpet by Robin...
View ArticleClik here to view.
Metasploit Across the Net
Metasploit is awesome, but some don’t know that their are updates all the time via SVN, and even fewer know of places to get good non-svn modules / scripts. Here are a few of my favorites:...
View ArticleClik here to view.
The Middler gets released at ShmooCon!
The official link is up and here it is.. well, until they release the beta: http://inguardians.com/tools/middler-alpha.tgz Keep up with http://www.inguardians.com/ for all of their great tools.
View ArticleClik here to view.
ShmooCon Tools
It figures that someone who didn’t go actually made a list of tools. (Probably because they didn’t have to suffer the ShmooFlu) Check out:...
View ArticleClik here to view.
The History of the Internet - VIDEO
I got this off of a post by Jason Appelbaum and I thought it important to repost. We all need to remember where we came from once in a while. History of the Internet from Melih Bilgil on Vimeo.
View ArticleClik here to view.
Bribing the Security Community
So here is the deal. I have a ticket to the RSA Conference that is April 20-24 in San Francisco, at Moscone Center. I can’t use it. So I am offering it up as a bribe. Here is the bribe. I need a video...
View ArticleClik here to view.
Winning Hacker Competitions as Defenders
Let me start off this post by saying that the main focus of any of these competitions is not to win, but to learn. Learning is usually accompanied by tears on the defenders side, but the best way to...
View ArticleClik here to view.
My iPhone runs Windows
(This is the 3rd time I am writing this post, FF Fail, then Word crashed, so please excuse the lack of passion) The moment that PDANet published that they released an updated version that allows USB...
View ArticleClik here to view.
The Cowtown Computer Congress Opens Their Underground Lab
Official Press Release: February 24th, 2009. Kansas City, MO - The Cowtown Computer Congress (CCCKC) is happy to announce the opening of their Underground Lab to the public with a full week of events...
View ArticleClik here to view.
Metasploit heart's Microsoft
Hiding Meterpreter with IExpress from mubix on Vimeo. Using the IExpress, a built in tool (XP, not sure about other Windows versions), we package two executables together, so that the target is less...
View Article