TechSegments

From Paul's Security Weekly
Jump to: navigation, search
Palo Alto Networks
Tenable Network Security
The SANS Institute
Pwnie Express
Black Hills Information Security
BlackSquirrel
Onapsis

SANS Las Vegas from October 26-27th will debut a new course titled "Embedded Device Security Assessments for the Rest of Us" which will teach students how to assess embedded systems of all varieties on pen tests and in your duties as a security professional. Register Here


PaulDotCom iTunes PaulDotCom on YouTube PaulDotCom Blog PaulDotCom Facebook Fan Page Follow Us On Twitter LinkedIN Blip.TV Google+

Jump to: A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Z


Tech Segment Guidelines

A

Active Defense Harbinger Distribution

Analysis of Private Browsing Modes in Modern Browsers

Anti

AntiForensics and Bugs-- When Forensics Tools Lie to You

Apache Hardening

Apple Quicktime RTSP Vulnerability

Argus

Armitage

Armitage with Raphael Mudge

Arp Cache Poisoning

Attacking Networked Embedded Devices

This is AWESIEM

B

Building a Pentesting lab on the cheap

BackTrack on USB on Mac

BackTrack 4 on an SD Card

Banner Grabbing with Nmap

Base64 on a Network

Basic Auth and Base64 Encoding

Botnet Control for Smartphones over SMS

Bowcaster : exploitation framework by Zach Cutlip

Extracting Network Packets from Physical Memory Images

BRO IDS with Liam and SETH

C

CANBUS: Hack Your Car

Centos 5 Hardening

Claymore: Protecting your WiFi with some C4 and Balls of Steel

Cobalt Strike with Raphael Mudge

Commoditization of Malware Distribution

CSRF, the First

CSRF Intro

CSRF Made Easy with XSSF by John Strand

CSRF Scanning with Pinata

CSRF Testing with Burp by John Strand (YouTube video)

D

Data Mining Event Tracing for Windows

DECT

Defcon Badge Challenge

Dirbuster, Nikto and http-dir-enum

Disclosure Debate

DLL Injection

DLink DCC Bypass

DNS Enumeration

DNS Enumeration with Metasploit

DNSRecon

Dradis Framework with Daniel Martin

E

EEEPC, Backtrack and Ubuntu

Evite Hacking with Trent Lo

Executing from Memory with Carlos Perez

ExifTool: Removing JPG Metadata

EXIFtool: Not Just for JPEG

EXIF Gathering Info From the President's Photo

Extracting Network Packets from Physical Memory Images with Bulk Extractor with Alissa Torres

EMET with Johnathan Ness

F

Facebook Password Lists with Ron Bowes

Fiddler2 with John Strand

Firefox Add-ons for Your Users

Firefox Password Recovery

Firmware Analysis

Firmware Reverse Engineering Primer

Framing (Social Engineering) with Chris Hadnagy

FreeZeus Botnet in a VM Lab

Fuzzing HTTP Directories with wfuzz, Nikto, Nessus and DirBuster

Forensics Windows RT vs. Android vs. iOS

G

Gentoo Portage

GISkismet For More Than Hacking

Google Hacking

Google Queries to Run Against Your Own Domain

GPG/PGP Keytrusts

GXFR with Tim Tomes

H

Hack Lab Setup

Hardening Linux

Hardware Hacking: Getting Started

Hash Passing

Hashdump in Metasploit

Honeyports: Cross-Platform Automated IP Blocking

Honeyports (Linux)

Honeyd for SCADA Emulation

Honeyports (Windows)

Hydra, Without the Lockout

I

IDS/IPS with Darren Wigley

Immunity Debugger

iPhone Application Reversing and Rootkits with Eric Monti

iPhone Security

iPhone Security 2

iPhone Pwnage and Defense

iPhone Application Reversing and Rootkits

J

Josh Wright, messing with the neighbors

Java Signed Applet Exploit with Metasploit

Jaseger on the LaFonera and Part II

and Part III

Just Plane Fun - A Story About Bob

K

Karmetasploit for BackTrack 4

Kismac: Things That Surprise Me

Kismet Drone on OpenWrt Kamikaze Using Madwifi

Kismet Drone on OpenWrt Whiterussian 0.9

Kismet Information Gathering

Kismet Simultaneous Multiple Channel Sniffing

Kon-Boot

Kon-Boot Follow-Up

Kon-Boot over PXE and Admin Randomization

L

Lab on the Cheap

Larry's Hacker Keychain

Linux Hardening

Linux Honeyports

Log History Collection on Windows

Logstash with Phil Hagen

M

Mailman Installation

Mantech Memory DD

Memory Analysis

Metagoofil: Google, Document Metadata and You

Metasploit with HD Moore

Metasploit and the Auto Exploit Plugin

Metasploit Bypassing AV Software

Metasploit Cheat Sheet

Metasploit's db_autopwn

Metasploit Java Signed Applet Exploit

Metasploit Persistence

Metasploit and Easy RFI Shell

MiniPwner

MitM Attacks in a Virtual World

Mobile Device Hacking with Charlie Eriksen

mona.py with Rob Kornmeyer

Moth

N

Nessus and Metasploit: Probing and Exploiting for Free!

Paul's Nessus Scanning VM

Nessus Scanning Through a Metasploit Meterpreter Session

Nessus Upgrade 3.2.0

Nessus Vulnerabilities by IP Address

Netcat Relays with Ed Skoudis

Network Forensics

Nikto 2.0.1

Nmap Rogue Access Points

Nmap to Screenshot Web Services

Nmap Version 5

Nmap vs. SMB with Ron Bowes

Stealthy Nmap Host and Service Discovery Scanning

NTFS MFT Timelines and Malware Analysis with Tim Mugherini

NetNTLm Hashes and Cracking Them by Tim Medin

O

OS X - From Recon to Exploit

OS X Sandbox

OS X Security Tips

OWASP top 10 by Dave Wichers

P

Pager Traffic with Ben Jackson

P2P Information Disclosure

Packet Evasion with Judy Novak

Password Auditing with Larry Pesce

Password Brute Forcing (plus see Robin Wood's CEWL)

Password Strength

Pen Testing: The Unanswered Questions

Pen Testing: Quick Tips

Pen Testing War Stories

pfSense for Pentesters with Larry and Darren

pfSense on an Alix.6e1 Installation

pfSense on an Alix.6f2 Installation

PDF Metadata Removal

phpMyAdmin Detection

Physical Security

Post-Exploitation Enumeration on OS X

Powerbleed Powershell Module for Heartbleed

Prison Electronic Systems and PLCs

Pushpin Released

Pushpin Revisited

PRAEDA and Multi-Function Printers

Pre Hacking

ProxBrute with Brad Antoniewicz

Python for Pentesers by Mark Baggett

Q

Quick Tips for Penetration Testing

R

Reconnoiter for Harvesting Usernames from Social Media

Reconnoiter with Mark Baggett

RFI Shell Using Metasploit

Router Hacking - Kyocera-KR1

S

SamuraiWTF

Security Fail

Security Onion by Doug Burk

SHODAN - Like a Kid in a Candy Store

Single Packet Authorization with Sebastien Jeanquier

Skipfish Web App Scanner with Zach Lanier

Snorting your Network

Social Engineering: What's Next? with Sharon Conheady

Social Engineeer Your Management

Social Engineering Using Product Packaging

Social Engineering Toolkit (SET) with Dave Kennedy

Social Engineering War Stories with Mike Murray and Kati Rodzon

Software Defined Radio for Pentesting

Software Update Security with Derek Callaway

Speaking with Cryptographic Oracles

SpiderTrap

SQL Injection "The Art of Exploitation" with Sumit Siddharth

SQL Injection

SQL Injection: From '1' to Pwned

SQL Injection with Allison Nixon

SQLMap with John Strand

SSH Credential Capturing

SSH Distribution

SSLStrip

Stuxnet First Impressions

SWFScan

SCADA and Industrial Control Systems with Tim Conway

Software Restriction Policy with Greg Hetrick

T

Taking Over the World One Device at a Time

Threat Analytics with Ty Miller

Thug with Ben Jackson

Tips on Web App Testing

TAOF Fuzzing

Tor Scanning

Tor and Web Crawling

TP-Link TL-WR703n Pen Testing Drop Box with Kevin Bong

Traps of Gold

Transparent Botnet Control for Smartphones over SMS with Georgia Weidman

True Stories from Real Penetration Tests

U

UAV DIY

UniStimpy

UPnP Detection and Exploitability

UPnP Hacking for Penetration Testers

Upsploit

Malicious USB Devices

V

VBScript

VOIP Insecurity and Jumping VLANs

VOIPSA's VoIP Security Tool List with Dan York

Volatility Framework

VPN Penetration

W

w3af

w3af with Seth Misenar

War Dialing Over VoIP Systems and using Tor, with Dan King

Web App Testing

Web Crawling & Recon

Web Crawling with wget

WebLabyrinth

WebLabyrinth Revisited

What's that Web Server? (Using Nmap) and Tying it All Together

wfuzz - Fuzzing Your Web Apps

WiFi Attack Automation

Windows Memory Testing

Windows XP Favorite Security Tools

Windows File Pseudonyms with Dan Crowley

Windows Firewall & Logging with John Strand

Windows HoneyPorts

Windows Log History Collection

WIndows Prefetch

Windows Remote Management

Windows Volume Shadow Copy Service and Concealing its Storage

WinEnum with Carlos Perez

Wireless Hackery with Ben Jackson

WMIC: Windows Management Instrumentation CLI

WMIC in Shell

WMIC Scripts

WordPress Password Brute-Force with Hashcat on BT5

Wordpress Plugin Security with Charlie Eriksen

WPAD Attacks with Metasploit

WRT54GL as a Kismet Drone

X

XLock

Xplico Network Packet Analysis

XSRF Scanning with Pinata

XSS Street-Fight with Ryan Barnett

Z

Zeroconf and Device Exploitation

ZigBee for Beginners

Zone Transfers and Embedded Systems

ZoneTransfer.me with Robin Wood

Zed Attack Proxy