Misc

Windows Insight: A New ERNW Repository

We are glad to announce the Windows Insight repository. The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Microsoft Windows operating system. This repository stores relevant documentation as well as executable files needed for conducting analysis studies.

Some of the content of this repository has been created in the course of a project named ‘Studie zu Systemaufbau, Protokollierung, Härtung und Sicherheitsfunktionen in Windows 10 (SiSyPHuS Win10)’ (ger.) – ‘Study of system design, logging, hardening, and security functions in Windows 10’ (eng.). This project has been contracted by the German Federal Office for Information Security (ger., Bundesamt für Sicherheit in der Informationstechnik – BSI). The work planned as part of the project is conducted by ERNW GmbH, starting in May 2017.

Continue reading “Windows Insight: A New ERNW Repository”

Continue reading
Misc

Heise Security Tour: Offensive PowerShell

Dominik Phillips and I are taking part in a tour organized by Heise Security – the Heise Security Tour. We give a talk titled “PowerShell: Attack under the radar”. In this talk, we provide an overview of the architecture of PowerShell and show how attackers may use PowerShell for malicious purposes. We demonstrate PowerShell post-exploitation activities implemented as part of publicly available frameworks, such as Empire. We also discuss a security concept for defending against such activities.

You can find the slides of our talk here (in German).

– Aleksandar Milenkoski

Continue reading
Misc

MDMs – The Mobile Device “Magic” Solutions – Expectations and Reality

When you are working in the area of mobile security, you sooner or later receive requests from clients asking you to test specific ‘Mobile Device Management’ (MDM) solutions which they (plan to) use, the corresponding mobile apps, as well as different environment setups and device policy sets.
The expectations are often high, not only for the MDM solutions ability to massively reduce the administrative workload of keeping track, updating and managing the often hundreds or thousands of devices within a company but also regarding the improvements towards the level of security that an MDM solution is regularly advertised to provide.

With this very blog post you are reading and a small series of future blog posts, I would like to provide some insight from my day-to-day practical experience with some of the most often used MDM solutions from a testers perspective.

Continue reading “MDMs – The Mobile Device “Magic” Solutions – Expectations and Reality”

Continue reading
Misc

Some Notes on the IPv6 Properties of the Wireless Network @ Cisco Live Europe

Some years ago Christopher wrote two posts (2016, 2015) about the  IPv6-related characteristics of the WiFi network at Cisco Live Europe. To somewhat continue this tradition and for mere technical interest I had a look at some properties of this year’s setting.

Continue reading “Some Notes on the IPv6 Properties of the Wireless Network @ Cisco Live Europe”

Continue reading
Misc

IPv6 Talks & Publications

At first a very happy new year to everybody!

While thinking about the agenda of the upcoming Troopers NGI IPv6 Track I realized that quite a lot of IPv6-related topics have been covered in the last years by various IPv6 practitioners (like my colleague Christopher Werny) or researchers (like my friend Antonios Atlasis). In a kind of shameless self plug I then decided to put together of list of IPv6 talks I myself gave at several occasions and of publications I (co-) authored. Please find this list below (sorted by years); you can click on the titles to access the respective documents/sources.
I hope some of this can be of help for one or the other among you in the course of your own IPv6 efforts.
Cheers,

Enno

Continue reading “IPv6 Talks & Publications”

Continue reading