Bold Statements
Starting a post, in 2019, with a mention of sth being “IPv4-only” somewhat hurts ;-), but here we go. Recently Manel Rodero from Barcelona asked me the following question on Twitter:
Continue reading “IPv6 Security in an IPv4-only Environment”
Continue readingHi,
Last week I had the pleasure to attend Offensivecon 2019 in Berlin. The conference was organized very well, and I liked the familial atmosphere which allowed to meet lots of different people. Thanks to the organizers, speakers and everyone else involved for this conference! Andreas posted a one tweet tldr of the first day; fuzzing is still the way to go to find bugs, and mitigations make exploitation harder. Here are some short summaries of the talks I enjoyed.
Continue reading “Offensivecon 2019”
Continue readingSome years ago Christopher wrote two posts (2016, 2015) about the IPv6-related characteristics of the WiFi network at Cisco Live Europe. To somewhat continue this tradition and for mere technical interest I had a look at some properties of this year’s setting.
Continue reading “Some Notes on the IPv6 Properties of the Wireless Network @ Cisco Live Europe”
Continue readingThis year we had some excellent submissions for TelcoSecDay. Here are the first four confirmed speakers who are going to talk about the below mentioned topics:
Back from Holidays, you started the year well motivated to make the world a safer place.
However, sitting at your desk today you realize nothing really changed since last year, and you are surfing the web, feeling a bit blue, trying to avoid that pile of emails waiting for you and wondering how you could gain some visibility on your domain in order to better defend it.
No worries, emails can wait a bit longer. All you need is some fresh air and something cool to keep your defensive mind motivated for the year, and I might have just what you need; so put on your shoes and let me take you on a 15 minute Cypher walk with a cool blue dog…
Continue reading “2019 – Year Of The Blue Dog…”
Continue readingAs some of you might recall we’ve introduced a dedicated “Active Directory Security Track” at last year’s Troopers. For Troopers19 we’ve expanded it to two days (as the SAP Security Track was discontinued), and in the following I’ll provide a list of talks in the track.
Continue reading “#TR19 Active Directory Security Track”
Continue reading“If it’s a thing, then there’s an app for it!”…We trust mobile apps to process our bank transactions, handle our private data and set us up on romantic dates. However, few of us care to wonder,”How (in)secure can these apps be?” Well… at Troopers 19, you can learn how to answer this question yourself!
In our 2 day long “Hacking mobile applications” workshop, we teach how to find security vulnerabilities in mobile apps, exploit them and defend against them. We start from scratch, therefore no prior experience in hacking or developing mobile apps is required. Whether you want to learn how to pentest mobile apps, you are an app developer that fancies to secure his/her apps, or just curios, our workshop is a jumpstart to your goal.
Continue reading “TROOPERS19 Training Teaser: Hacking mobile applications”
Continue readingWindows 10 is one of the most commonly deployed operating systems at this time. Knowledge about its components and internal working principles is highly beneficial. Among other things, such a knowledge enables:
Continue reading “TROOPERS19 Training Teaser: Insight Into Windows Internals”
Continue readingHi there,
like in recent years the popular Hacking 101 workshop will take place on TROOPERS19, too! The workshop will give you an insight into the hacking techniques required for penetration testing. These techniques will cover various topics:
…and more!
Continue reading “TROOPERS19 Training Teaser: Hacking 101”
Continue readingOnce again Troopers will have its Windows & Linux Binary Exploitation workshop. Its main focus are the ever-present stack-based buffer overflows still found in software today (e.g. CVE-2018-5002, CVE-2018-1459, and CVE-2018-12897) and their differences with regard to exploitation on Windows and Linux systems. If you ever wanted to know the details of the exploit development process for these systems then this workshop is for you. Continue reading “TROOPERS19 Training Teaser: Windows & Linux Binary Exploitation”
Continue reading