What I Wish I Would Have Known
Bre Schumacher// Many of you were probably asked as a young child what you wanted to be when you grew up. Maybe you had an idea of something that sounded […]
How to Configure SPFv1: Explained for the Masses
Kent Ickler and Derrick Rauch* // Sun Protection Factor Err… wait a second. Sender Policy Framework Ladies and Gentlemen of the class of 1997, Wear Sunscreen…I will dispense my advice, […]
Finding: Weak Password Policy
David Fletcher// The weak password policy finding is typically an indicator of one of two conditions during a test: A password could be easily guessed using standard authentication mechanisms. A […]
WEBCAST: SDR Quick Start Guide
Paul Clark* // What is Software Defined Radio and why should you, the noble InfoSec professional, care about it? What kind of hardware and software do you need to start […]
GNURadio Can Make You Hear Laurel & Yanny
Paul Clark* // Feeling uncomfortably productive today? I’ve got a remedy for that, involving internet memes and signal processing. Come and waste a few minutes of your day with Laurel, […]
C2, C3, Whatever It Takes
Darin Roberts// If you have been in the security field for any length of time at all you have heard the term C2. You might have heard it also called […]
Hardware Hacking with Shikra
Rick Wisser// Comparing Apples to Oranges (Bus Pirate vs Shikra) this a Hardware Hacking 101 webcast follow up blog post. I recently did a hardware hacking webcast on hacking a router […]
How to Crack Office Passwords with a Dictionary
Kent Ickler// TLDR: We use a custom dictionary to crack Microsoft Office document encryption. Then we use a custom dictionary for pwnage in LinkedIn hash database. Background: I recently got […]
WEBCAST: Web App Assessments for Non-Majors
BB King // BB King looks at testing modern web apps in that “enterprise environment” so many of us inhabit. Taking the perspective of the Lonely Application Security Person in […]