Blog
Defcon 16 Videos Available..
Ok.. So The Dark Tangent announced this [a few days ago], but i felt it deserved mention because i was genuinely wow’ed at the video quality.. I have only gone through a couple of the presentations, but its the first time ive found demos video’d well enough to follow ferpectly on screen..
Readers can pull the videos from [here]
SensePost’ers can pull from [here]
/mh
PS. When we did our talk (pictured above) i had almost no voice and a flu from hell
BiDiBLAH Case Study (Part 1)
With our recent release of BiDiBLAH 2.0, we’ve decided to revisit some real world scenarios, and ways BiDiBLAH can deal with it… All the scenarios can be downloaded from the BiDiBLAH home page.
Scenario:
If a hacker can mine/collect email addresses from our company he/she can send malware / phishing attacks to these people. But, who are these people? And what other sensitive information are we leaking from a particular domain?
Solution:
MacBook Pro – Battery RIP
About 2 weeks ago the battery performance on my machine took a sudden nose dive. Worse than the fact that it started giving me only about 1 hour, is the fact that its become perfectly unreliable in terms of watching the battery meter. (Once it reaches about 30% it switches off).
Then yesterday i started noticing a wobble on the machine as it sat on my desk.. A quick examination this morning shows that the Battery has warped completely..
VMWare enters the cloud computing foray
BusinessWeek reports that VMWare has launched a new product aimed at establishing it as a competitor in the cloud computing space.
-snip-
Dubbed the Virtual Data Center Operating System (VDC-OS), the software creates a bank of computers, storage devices, and networking equipment that a company can tap at will, as computing needs arise—say, during a December spike in Web traffic for an online retailer.
-snip-
VMWare is the leet, so this should be interesting to watch…it should also be interesting as it is being spearheaded by some ex-Microsoft execs…
Top Ten Web Hacking Techniques of 2008
(aka – Whoot! we are almost famous!!)
Jeremiah Grossman’s panel of judges (Rich Mogull, Chris Hoff, HD Moore and RFP) hath spoken (or spake) and the top 10 web-hacking techniques of 2008 have been published.
Of course we would be lying completely if we said it wasn’t cool to make it into the top 10 (and doubly cool to make it twice in the top 10!)..
Cebit Expo 2009
SensePost have once again been invited to join the South African Department of Trade and Industry at Cebit, as one of 15 SA companies, to exhibit on their pavilion. Visitors to this show range in the region of 500,000 and approximately 5700 exhibitors fill the 27 Halls. Cebit is the biggest information and technology show in Europe and attracts exhibitors and visitors from all over the world. Our stand number is E48 in Hall 5.
BiDiBLAH / SPUD.. Quick feedback
We’ve had some feedback from some BiDiBLAH / SPUD users regarding a few changes… Firstly, SPUD seems to be crashing under a few instances of Vista… We’ve taken note of the issue and will spend some time looking into the issue in the *not too distant* future…
Secondly, on BiDiBLAH, we’ve had a request from a user to have brute force and reverse queries done against the servers listed as NS records for the domains. (This will provide authoritative data). We’ll also look into this request in the next release.
HITB08 – Marcus Ranum Keynote on CyberWar..
I just managed to pull the HackintheBox torrents for their [2008 talks]. (SensePosters can grab a local copy [here]). I watched Marcus Ranums “Cyberwar is Bullshit” talk. A talk that was truly wince-worthy! While the talk will make you scream at the screen a few times, it is worth watching just to see the Q&A section after the talk.. It’s quite clear that Ranum gets owned more thoroughly than his online gallery did.
FW: HBN Extended Edition 9-13 March
Yes, it is time to offer some technical input by way of our HBN Extended Edition training. There will be no Christmas hat this time round but lots of valued input. We have scheduled our first training course for our new year, Hacking By Numbers – “Extended” Edition – for March 9-13th . The course runs for a full 5 days in Pretoria, South Africa.
The HBN ‘Extended Edition’ is simply an intensive extended version of the regular Bootcamp course. Whilst the content and structure are essentially the same as Bootcamp, the Extended Edition offers students a deeper understanding of the concepts being presented and affords them more time to practice the techniques being taught. Extended Edition is currently only offered in Switzerland and South Africa only, or can be arranged on request.
Joe Grand (Kingpin) gets famouser!
This is probably really old news (to some), but was in the company of sattelite TV this weekend and saw that Joe Grand now has a TV Slot all of his own. “Prototype This” looks like it will be awesome..
I spent the rest of the day trying hard to catch the adverts at just the right time to get a pic of Joe, while excitedly saying “i cant believe joe is on TV” to deels to try to convince her that it was a better alternative than going out..