Our Blog
SensePost, now a company of SecureData…
For those of you haven’t yet seen, the J.S.E listed SecureData bought 100% of the shares in SensePost late last week.. We have had many offers over the past few years and while the money was generally good, the fit was not.. We believe we found this fit with SecureData (formerly ERP.com) as an independent company within the SecureData stable. The deal changes very little operationally for SensePost, with all…
Thunks from hacking games
In Vegas I bought Herman “Exploiting Online Games” by Greg Hoglund and Gary McGraw. Being the saint that I am, I looked at the book thoroughly on the plane on the way home. Fortunately I was able to verify that most of the pages were there and intact and that were no blatant spelling or grammatical errors – it wouldn’t do to give Herman a broken book. Whilst I was…
It begs the question…
I cant recall who said it in yesterdays meeting, but my response is simple: http://begthequestion.info/
MTBF and Light Bulbs..
Some of you will know that i finally moved out of the shoe box i lived in for 6 years and moved into a house (about 3 months ago) Since then i have replaced 3 different light bulbs at different places in the house.. Now this made me start thinking.. Surely when the house was new, they fitted in all the bulbs as brand new.. Now some sections of the…
BMC Video on DTrace..
BMC did his 90 minute engedu talk on DTrace at google to show some of its coolness (and from the looks of things to help get a Linux port going). DTrace looks awesome for system instrumentation (like strace on steroids)(although limiting it like that does it no justice at all). From the DTrace Page: “DTrace is a comprehensive dynamic tracing framework for the Solaris Operating Environment. DTrace provides a powerful…
Ok.. Now this is pretty cool…
For all those guys who usually scoff at CSI / Police Movies where the detective shouts “enhance image” or remove that person, you have to admit that life dos indeed imitate art.. (Click image or here) Pretty neat…
2 Un-related thoughts.. on Echelon and the recent Skype Outage..
I suspect somewhere there exist cardinal rules of blogging which would state that using a single post to make 2 completely un-related posts is a no-no.. I will now promptly ignore it 2 push out 2 random thoughts that came up.. Echelon and Echelon spam.. While watching the Bourne Ultimatum the other night the usual “echelon“esque scene played out.. Guy on phone says keyword.. pan to NSA/CIA type building.. computer…
Core Release Pass the Hash Toolkit..
Hernan Ochoa from Core has released the Pass the Hash Toolkit which is very cool.. It basically means that you dont have to bother cracking a password on a taken machine anymore, you can simply use his iam.exe to associate the captured hash with your current session.. Its accompanying whoisthere.exe means you can grab hashes easily and the fact that its all released with source means you should be able…
We’re hiring
SensePost is an exciting & dynamic young company with strong values & a world vision. We specialize in high-end technical security services & we’re looking for exceptional people to help grow our world-class team. If you’d like to be part of a relaxed, inspired team where your work is valued & appreciation for your work is visibly demonstrated, where opportunities to learn abound & innovation is encouraged, then why not…
On hamsters, Escaping, Escaping of Hamsters and the Lack of escaping in Hamster…
OK.. So as i mentioned before, I saw Robert Graham from Erratasec demo hamster live on stage and wondered if hamster was doing useful input/output sanitization.. If it wasn’t, he was setting himself up for a pop-up that read “owned on stage” or worse a re-direct to tubgirl.. He didnt get owned on stage, which suggested that either the crowd was really well behaved or the tool was doing some…