Events

TR17 Training Teaser: Wireshark Scripting with Lua (2 days training)

This is a guest blog by Peter Kiesberg and Sebastian Schrittwieser for their training, Wireshark Scripting with Lua

Learn, how to script Wireshark to better suit your needs, as well as save on costs by letting Wireshark automatize many of your daily analytical tasks!

In this highly interactive training at TROOPERS you will learn how to write your own protocol dissectors to support new protocols unknown to the standard Wireshark, as well as create your own analysis mechanisms for gathering more details on known protocols. Use Wireshark as a tool for post-processing and data analytics, as well as for triggering alarms based on traffic patterns. With the integration of the highly versatile Lua scripting language into Wireshark, it is possible to tailor the capabilities of Wireshark right for you special requirements. In this two-days training you will learn how to customize Wireshark starting from scratch with an in-depth introduction to Lua over writing simple dissectors for unknown protocols to setting up customized network analysis scenarios. Continue reading “TR17 Training Teaser: Wireshark Scripting with Lua (2 days training)”

Continue reading
Events

TROOPERS17 GSM Network – How about your own SMPP Service?

Hello fellow Troopers!

The event of the events is getting closer and again, we are very optimistic to have a lot of awesome trainings, talks, evening events, and discussions. But we again will also have some “features” and gimmicks for those of you who would like to play with new, old, or just interesting technologies. As you might remember, since some years one of these features is and again will be our own GSM Network. As we are improving our setup from year to year, this time we’d like to give you the chance to actively participate with ideas and your own services.

Continue reading “TROOPERS17 GSM Network – How about your own SMPP Service?”

Continue reading
Events

TR17 Training Teaser: Suricata: World-class and Open Source

This is a guest blog by Andreas Herz and Peter Manev for their training,  Suricata: World-class and Open Source

Suricata is an advanced open source network threat detection engine. The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. Suricata is owned and supported by the Open Information Security Foundation (OISF), a US based non-profit organization dedicated to open source security technologies. Suricata’s use around the world and ongoing development is the result of the open source community with focus on security, performance and advanced features. Continue reading “TR17 Training Teaser: Suricata: World-class and Open Source”

Continue reading
Events

TR17 Training Teaser: Developing Burp Suite Extensions – From manual testing to security automation

This is a guest post from TR17 trainer Luca Carettoni: Developing Burp Suite Extensions

Ensuring the security of web applications in continuous delivery environments is an open challenge for many organizations. Traditional application security practices slow development and, in many cases, don’t address security at all. Instead, a new approach based on security automation and tactical security testing is needed to ensure important components are being tested before going live. Security professionals must master their tools to improve the efficiency of manual security testing as well as to deploy custom security automation solutions. Continue reading “TR17 Training Teaser: Developing Burp Suite Extensions – From manual testing to security automation”

Continue reading
Events

TelcoSecDay 2017 – Next Talks and Agenda

As Troopers17 and TSD are getting closer, I’d like to publish the next talk’s abstract and a preliminary agenda. Still, the agenda is not final yet but you already can see some more confirmed talks. I hope to be able to confirm and publish more information about these slots soon. Also, please note that the TelcoSecDinner will start at 7pm – see more below.

Continue reading “TelcoSecDay 2017 – Next Talks and Agenda”

Continue reading
Events

First dedicated Forensic Computing Training at TR17

I am looking forward to our newly introduced dedicated Forensic Computing Training at TR17!
We will start the first day with a detailed background briefing about Forensic Computing as a Forensic Science, Digital Evidence, and the Chain of Custody. The rest of the workshop we will follow the Order of Volatility starting with the analysis of persistent storage using file system internals and carving, as well as RAID reassembly with lots of hands-on case studies using open source tools. As a next step, we will smell the smoking gun in live forensics exercises. Depending on your preferences we will then dig a bit into memory forensics and network forensics. Continue reading “First dedicated Forensic Computing Training at TR17”

Continue reading
Events

TR17 Training: Crypto attacks and defenses

This is a guest blog written by Jean-Philippe AumassonPhilipp Jovanovic about their upcoming TROOPERS17 training: Crypto attacks and defenses. 

The 1-day training from last TROOPERS has become a 2-day training, featuring even more real-world attacks and defenses as well as new hands-on sessions! We’ll teach you, step by step, how to spot and exploit crypto vulnerabilities, how to use the strongest forms of state-of-the-art cryptography to secure modern systems (like IoT or mobile applications), and bring you up to speed on the latest and greatest developments in the world of cryptography, such as TLS 1.3, blockchains, and post-quantum crypto. Continue reading “TR17 Training: Crypto attacks and defenses”

Continue reading