David Fletcher// Join David as he takes a look at one of the many labs that we’ll be offering during Wild West Hackin’ Fest. This lab explores signal analysis and replay attacks executed by Samy Kamkar. The objective is to interpret signals and perform attacks against simple RF wireless systems that we see in everyday […]
John Strand// Hello all in Arizona! Just wanted to let you know that I am coming down for SANS Mesa: https://www.sans.org/event/phoenix-mesa-2017/course/hacker-techniques-exploits-incident-handling And, I will be doing an evening talk at the brand spankin new Cyber Warfare Range Tuesday the 10th of October from 6-7. I will be presenting some new/cool cyber deception and attacker/insider attribution […]
John Strand // New to InfoSec? Mentoring someone new to the industry? Here’s John’s advice if he had to do it all over again. Sierra is on replying to your questions and comments. We tried something new in the video, and added some of these comments in pop-up video form, let us know if you […]
John Strand // In this webcast John covers how to set up Active Directory Active Defense (ADAD) using tools in Active Defense Harbinger Distribution (ADHD) and talks about potential active defense laws like Active Cyber Defense Certainty (ACDC). He shows how to create honey accounts, create callback word documents, and create fake SMB shares! All […]
Jordan Drysdale & Kent Ickler // In this webcast, we demonstrate some standard methodologies utilized during an internal network review. We also discuss various tools used to test network defenses and their capabilities. Solutions to common vulnerabilities are proposed in most situations. Slides for this webcast are here: https://www.dropbox.com/s/2cl7axn0zi9lbm7/WEBCAST_071117_slides_WranglingInternalNetworkVulnerabilities.pdf?dl=0
Joff Thyer & Derek Banks Editor’s Note: This is a more in-depth write-up based on the webcast which can be watched here. As penetration testers, we often find ourselves in the position of making recommendations for “increasing visibility for endpoints” with respect to event logging. We usually feel great about this, because it is without […]
Derek Banks & Joff Thyer // If you’re not currently logging and monitoring the Windows endpoints on the edge of your network you are missing valuable information that is not visible from upstream network devices. Derek and Joff show you how you can gain visibility into these systems by centrally consolidating Windows event logs using free […]
Brian Fehrman // Running into environments where the use of PowerShell is being monitored or is just flat-out disabled? Have you tried out the fantastic PowerOps framework but are wishing you could use something similar via Meterpreter, Empire, or other C2 channels? Look no further! In this talk, Brian Fehrman talks about his new PowerLine […]
Joff Thyer // Information Security professionals often have reason to analyze logs. Whether Red Team or Blue Team, there are countless times that you find yourself using “grep”, “tail”, “cut”, “sort”, “uniq”, and even “awk”! While these powerful UNIX methods take us far, there is always that time when you want more power! In this […]
