This document discusses the automation of penetration testing and vulnerability assessments. It introduces BiDiBLAH, a tool created by SensePost to automate parts of their assessment methodology. The document outlines which steps of the methodology can be easily automated by BiDiBLAH, such as footprinting, fingerprinting, targeting, vulnerability discovery with Nessus, and exploitation with Metasploit. More challenging areas for automation include steps with exceptions or non-standard processes. The document demonstrates BiDiBLAH performing automated tasks and discusses considerations for releasing the tool to balance security and usability.
my talk from highload++ 2013 -- talking about scaling compiled applications but from the point of view of scaling up from supporting 1 platform to supporting MANY platforms.
in other words: given an application that supports ubuntu 10.04, what sort of systems, tips, and tricks are needed to help scale support to other ubuntus, redhats, centos, windows, etc.
Puppet Camp LA 2015 talk covering: packages, package managers, puppet, and tips, tricks, and puppet modules for setting up secure package repositories.
This is the talk given at NullCon 2017. This talk give s history of the Veil Framework, and showcases the differences between 2.0 and the newly released 3.0. Veil 3.0 is released in this talk
Scratching the itch, making Scratch for the Raspberry PieESUG
Title: Scratching the itch, making Scratch for the Raspberry Pie
Speaker: Tim Rowledge
Fri, August 22, 12:00pm – 12:30pm
Abstract: Scratch was originally written in a Squeak 2.8 era image. Much has changed since then and to make the Raspberry Pi run Scratch as well as possible we have ported the code forward to a 4.5 image so it can run on a StackVM; and soon a Cog VM. A substantial amount of Smalltalk code has had to be rewritten to do this and yet we have to maintain complete compatibility with the original system to avoid overloading the teachers that use it in their classes. A new branch of Cog for the ARM cpu is being written as well.
Bio: Tim Rowledge has almost 30 years of Smalltalk experience, and almost as much with ARM. Somehow the two have always gone together.
my talk from highload++ 2013 -- talking about scaling compiled applications but from the point of view of scaling up from supporting 1 platform to supporting MANY platforms.
in other words: given an application that supports ubuntu 10.04, what sort of systems, tips, and tricks are needed to help scale support to other ubuntus, redhats, centos, windows, etc.
Puppet Camp LA 2015 talk covering: packages, package managers, puppet, and tips, tricks, and puppet modules for setting up secure package repositories.
This is the talk given at NullCon 2017. This talk give s history of the Veil Framework, and showcases the differences between 2.0 and the newly released 3.0. Veil 3.0 is released in this talk
Scratching the itch, making Scratch for the Raspberry PieESUG
Title: Scratching the itch, making Scratch for the Raspberry Pie
Speaker: Tim Rowledge
Fri, August 22, 12:00pm – 12:30pm
Abstract: Scratch was originally written in a Squeak 2.8 era image. Much has changed since then and to make the Raspberry Pi run Scratch as well as possible we have ported the code forward to a 4.5 image so it can run on a StackVM; and soon a Cog VM. A substantial amount of Smalltalk code has had to be rewritten to do this and yet we have to maintain complete compatibility with the original system to avoid overloading the teachers that use it in their classes. A new branch of Cog for the ARM cpu is being written as well.
Bio: Tim Rowledge has almost 30 years of Smalltalk experience, and almost as much with ARM. Somehow the two have always gone together.
Rainbow Over the Windows: More Colors Than You Could ExpectPeter Hlavaty
As time goes on operating systems keep evolving, like Microsoft Windows do, it ships new designs, features and codes from time to time. However sometimes it also ships more than bit of codes for complex subsystems residing in its kernel ... and at some future point it starts implementing new designs to prevent unnecessary access to it. However is it safe enough?
As we can see from security bulletins, win32k subsystem attracts lots of attention. It looks that with efforts of many security researchers who has dug into this area, finding bugs here shall becomes pretty tough and almost fruitless. But unfortunately this is not true, as win32k is backed up by very complex logic and large amount of code by nature..
We will present our point of view to Windows graphic subsystem, as well as schema of our fuzzing strategies. We will introduce some unusual areas of win32k, its extensions and how it can breaks even locked environments.
Part of our talk will be dedicated to CVE-2016-0176, the bug we used for this year's Pwn2Own Edge sandbox bypass, from its discovery to its exploitation techniques, which could serves as an example for universal DirectX escape which is independent of graphics vendors.
JavaScript nicht nur für Programmierer: Einblicke in die weltweit am meisten ...Peter Hecker
Die meisten Programmierer haben von JavaScript schon mal gehört, meistens aber nichts Gutes. Dies basiert typischerweise auf Selbsterfahrung oder Hörensagen. Ist JavaScript überhaupt eine Programmiersprache? Können bzw. sollten richtige Programmierer damit arbeiten müssen? Gibt es Alternativen? In diesem Vortrag werden auf solche Frage Antworten gegeben. Lassen Sie sich, von der weltweit am meisten missverstandenen Programmiersprache überraschen: Ein Blick zurück - Wie alles begann, Der aktuelle Stand - JavaScript heute, Browser und JavaScript-Engines, JavaScript nicht nur im Browser: PhantomJS, Node.js, JavaScript-Bibliotheken, -Frameworks und -Tools, JavaScript-Alternativen: CoffeeScript, Dart, TypeScript, Ausblick und Fazit
When Good Code Goes Bad: Tools and Techniques for Troubleshooting PloneDavid Glick
Using real issues encountered in the wild, this session will help beginning integrators gain confidence in knowing what to do when Plone fails to behave as expected. Learn how to solve common problems like "My changes aren't taking effect" and "My Zope instance won't start," as well as how to use pdb to investigate more complex Python errors.
This talk is targeted at integrators who have some experience with Plone, but who are not confident in troubleshooting errors and other unexpected behavior. Knowledge of Python is not required, though at least a cursory familiarity with some programming language will make the talk more digestible.
Ice Age melting down: Intel features considered usefull!Peter Hlavaty
Decades history of kernel exploitation, however still most used techniques are such as ROP. Software based approaches comes finally challenge this technique, one more successful than the others. Those approaches usually trying to solve far more than ROP only problem, and need to handle not only security but almost more importantly performance issues. Another common attacker vector for redirecting control flow is stack what comes from design of today’s architectures, and once again some software approaches lately tackling this as well. Although this software based methods are piece of nice work and effective to big extent, new game changing approach seems coming to the light. Methodology closing this attack vector coming right from hardware - intel. We will compare this way to its software alternatives, how one interleaving another and how they can benefit from each other to challenge attacker by breaking his most fundamental technologies. However same time we go further, to challenge those approaches and show that even with those technologies in place attackers is not yet in the corner.
Presentation by Haroon Meer and Marco Slaviero at BlackHat USA in 2007.
This presentation is about timing attacks against web applications. Squeeza, a SQLi tool developed by Marco Slaviero that returns data through various channels (dns,timing,http error messages) is introduced. An attack called Cross site request timing is also discussed.
A new look into web application reconnaissance SensePost
Presentation by Jurgens van der Merwe at ZaCon 2 in 2010.
This presentation is about Selenium, a browser automation framework and its applications in web reconnaissance. Examples of using Selenium with facebook are discussed.
Putting the tea back into cyber terrorismSensePost
Presentation by Charl van der Walt, Roelof Temmingh and Haroon Meer at BlackHat USA 2003.
This presentation is about targeted, effective, automated attacks that could be used in countrywide cyberterrorism. A worm that targets internal networks is discussed as an example of such an attack.
Presentation by Charl van der Walt at INFO SEC Africa 2001.
The presentation begins with a case study of a DoS attack launched on a number of high profile sites by the canadian teen "Mafiaboy". An explanation of DoS and DDoS given. The impact of DDoS in South Africa is also discussed. The presentation ends with a series of discussions on DDoS countermeasures.
Presentation by Junaid Loonat at the 2010 internet show South Africa.
The presentation is about the insecurities of the Web 2.0 server. The presentation begins by looking at how the likely targets of an attack have changed from Web 1.0 to Web 2.0 servers. Other Changes from web 1.0 to web 2.0 such as authentication enforcement and CAPCHA validation are also discussed. The presentation ends with a brief discussion on how to limit your own risk when deploying a web application
Presentation by Marco Slaviero at the University of Pretoria to the Tuks Linux User Group in 2010.
The aim of this presentation is to promote information security. The presentation begins with a look at a few recent attacks. Cloud computing is briefly discussed. The presentation ends with a discussion on Amazon web services and its security.
Rainbow Over the Windows: More Colors Than You Could ExpectPeter Hlavaty
As time goes on operating systems keep evolving, like Microsoft Windows do, it ships new designs, features and codes from time to time. However sometimes it also ships more than bit of codes for complex subsystems residing in its kernel ... and at some future point it starts implementing new designs to prevent unnecessary access to it. However is it safe enough?
As we can see from security bulletins, win32k subsystem attracts lots of attention. It looks that with efforts of many security researchers who has dug into this area, finding bugs here shall becomes pretty tough and almost fruitless. But unfortunately this is not true, as win32k is backed up by very complex logic and large amount of code by nature..
We will present our point of view to Windows graphic subsystem, as well as schema of our fuzzing strategies. We will introduce some unusual areas of win32k, its extensions and how it can breaks even locked environments.
Part of our talk will be dedicated to CVE-2016-0176, the bug we used for this year's Pwn2Own Edge sandbox bypass, from its discovery to its exploitation techniques, which could serves as an example for universal DirectX escape which is independent of graphics vendors.
JavaScript nicht nur für Programmierer: Einblicke in die weltweit am meisten ...Peter Hecker
Die meisten Programmierer haben von JavaScript schon mal gehört, meistens aber nichts Gutes. Dies basiert typischerweise auf Selbsterfahrung oder Hörensagen. Ist JavaScript überhaupt eine Programmiersprache? Können bzw. sollten richtige Programmierer damit arbeiten müssen? Gibt es Alternativen? In diesem Vortrag werden auf solche Frage Antworten gegeben. Lassen Sie sich, von der weltweit am meisten missverstandenen Programmiersprache überraschen: Ein Blick zurück - Wie alles begann, Der aktuelle Stand - JavaScript heute, Browser und JavaScript-Engines, JavaScript nicht nur im Browser: PhantomJS, Node.js, JavaScript-Bibliotheken, -Frameworks und -Tools, JavaScript-Alternativen: CoffeeScript, Dart, TypeScript, Ausblick und Fazit
When Good Code Goes Bad: Tools and Techniques for Troubleshooting PloneDavid Glick
Using real issues encountered in the wild, this session will help beginning integrators gain confidence in knowing what to do when Plone fails to behave as expected. Learn how to solve common problems like "My changes aren't taking effect" and "My Zope instance won't start," as well as how to use pdb to investigate more complex Python errors.
This talk is targeted at integrators who have some experience with Plone, but who are not confident in troubleshooting errors and other unexpected behavior. Knowledge of Python is not required, though at least a cursory familiarity with some programming language will make the talk more digestible.
Ice Age melting down: Intel features considered usefull!Peter Hlavaty
Decades history of kernel exploitation, however still most used techniques are such as ROP. Software based approaches comes finally challenge this technique, one more successful than the others. Those approaches usually trying to solve far more than ROP only problem, and need to handle not only security but almost more importantly performance issues. Another common attacker vector for redirecting control flow is stack what comes from design of today’s architectures, and once again some software approaches lately tackling this as well. Although this software based methods are piece of nice work and effective to big extent, new game changing approach seems coming to the light. Methodology closing this attack vector coming right from hardware - intel. We will compare this way to its software alternatives, how one interleaving another and how they can benefit from each other to challenge attacker by breaking his most fundamental technologies. However same time we go further, to challenge those approaches and show that even with those technologies in place attackers is not yet in the corner.
Presentation by Haroon Meer and Marco Slaviero at BlackHat USA in 2007.
This presentation is about timing attacks against web applications. Squeeza, a SQLi tool developed by Marco Slaviero that returns data through various channels (dns,timing,http error messages) is introduced. An attack called Cross site request timing is also discussed.
A new look into web application reconnaissance SensePost
Presentation by Jurgens van der Merwe at ZaCon 2 in 2010.
This presentation is about Selenium, a browser automation framework and its applications in web reconnaissance. Examples of using Selenium with facebook are discussed.
Putting the tea back into cyber terrorismSensePost
Presentation by Charl van der Walt, Roelof Temmingh and Haroon Meer at BlackHat USA 2003.
This presentation is about targeted, effective, automated attacks that could be used in countrywide cyberterrorism. A worm that targets internal networks is discussed as an example of such an attack.
Presentation by Charl van der Walt at INFO SEC Africa 2001.
The presentation begins with a case study of a DoS attack launched on a number of high profile sites by the canadian teen "Mafiaboy". An explanation of DoS and DDoS given. The impact of DDoS in South Africa is also discussed. The presentation ends with a series of discussions on DDoS countermeasures.
Presentation by Junaid Loonat at the 2010 internet show South Africa.
The presentation is about the insecurities of the Web 2.0 server. The presentation begins by looking at how the likely targets of an attack have changed from Web 1.0 to Web 2.0 servers. Other Changes from web 1.0 to web 2.0 such as authentication enforcement and CAPCHA validation are also discussed. The presentation ends with a brief discussion on how to limit your own risk when deploying a web application
Presentation by Marco Slaviero at the University of Pretoria to the Tuks Linux User Group in 2010.
The aim of this presentation is to promote information security. The presentation begins with a look at a few recent attacks. Cloud computing is briefly discussed. The presentation ends with a discussion on Amazon web services and its security.
Presentation by Dominic White at the ITweb security summit 2010.
This presentation is about online privacy. The presentation begins with a discussion on behavioral tracking, Ways to prevent tracking such as DNT, TPL,googleSharing and opt out are discussed. The presentation ends with a series of disclussions on evercookie and nevercookie.
Presentation by Marco Slaviero at the University of Pretoria to their masters class of 2008.
This presentation is an introduction to information security. The presentation starts with a look at the past and current state of network security. Penetration testing is discussed. SQL injection and XSS demonstrations are given
Infrastructure as Code (IaC), how to choose the right tool, terraform vs. CDK vs. Pulumi, best practices, Principles, and a lot of the underlying principles are described in this crash course.
Steelcon 2014 - Process Injection with Pythoninfodox
This is the slides to accompany the talk given by Darren Martyn at the Steelcon security conference in July 2014 about process injection using python.
Covers using Python to manipulate processes by injecting code on x86, x86_64, and ARMv7l platforms, and writing a stager that automatically detects what platform it is running on and intelligently decides which shellcode to inject, and via which method.
The Proof of Concept code is available at https://github.com/infodox/steelcon-python-injection
Easier, Better, Faster, Safer Deployment with Docker and Immutable ContainersC4Media
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1W22OMy.
Jerome Petazzoni explains in detail the advantages of immutable servers, then how to implement them with containers in general, and Docker in particular. Filmed at qconnewyork.com.
Jerome Petazzoni is a senior engineer at Docker, where he helps others to containerize all the things. In another life he built and operated Xen clouds when EC2 was just the name of a plane, developed a GIS to deploy fiber interconnects through the French subway, managed commando deployments of large-scale video streaming systems in bandwidth-constrained environments such as conference centers.
Echidna, sistema de respuesta a incidentes open source [GuadalajaraCON 2013]Websec México, S.C.
http://www.guadalajaracon.org/conferencias/echidna-sistema-de-respuesta-incidentes-open-source/
El proyecto Echidna es un sistema de respuesta incidentes dirigido a analistas de seguridad siguiendo los principios de Network Security Monitoring. Se trata de un proyecto totalmente Open Source donde comparto crédito con autores de populares herramientas como Ian Firns (Barnyard2, SecurityOnion NSM Scripts) y Edward Bjarte (cxtracker, passivedns, prads, etc.).
Echidna consiste en agentes, servidor e interfaz de usuario. Los agentes y los servidores estan programados en perl, las aplicaciones especializadas (sesion, eventos…) estan hechos en C/C++. La interfaz de usuario funciona del lado del cliente usando AngularJS. El servidor provee una API REST para uso de la UI o cualquier otro tipo de interfaz alternativa.
El proposito de Echidna es integrar diferentes herramientas de análisis en red para las diferentes capas de NSM. Desde Suricata/Snort hasta HTTPRY. Lo interesante es que la mayoría del stack por default son nuestras propias herramientas ej. Cxtracker – sesiones, barnyard2 – spooler de eventos para snort/suricata, prads -deteccion de assets, passivedns – analisis de dns pasivo, etc.
Ian aka firnsy es core dev y Edward aka ebf0 dirije desde la perspectiva de analista. Cada uno ha creado uno o mas herramientas expertas que Echidna integra en el stack.
Exploring billion states of a program like a pro. How to cook your own fast a...Maksim Shudrak
The main purpose of this talk is to introduce DBI, delve deeper in this topic, demonstrate the power of this technique, and consider typical problems of its application for "industrial" tasks. Audience will get acquainted with DBI in general, will understand in which fields it is successfully applied, what are potential problems of this technique related to implementation of their own tool based on presented frameworks (Intel PIN and DynamoRIO), and see real examples of the technique used for heap-based bug detection in heavyweight programs along with dynamic malware analysis.
Изучаем миллиард состояний программы на уровне профи. Как разработать быстрый...Positive Hack Days
Основная цель доклада — познакомить аудиторию с динамической бинарной инструментацией (DBI), углубиться в эту тему, продемонстрировать основные преимущества этой методики, а также рассмотреть типичные проблемы, связанные с ее применением на практике. Слушатели узнают об основных аспектах технологии DBI, поймут, в каких сферах ее можно использовать, а также познакомятся с потенциальными проблемами при написании собственной утилиты на основе DBI-фреймворков Intel PIN и DynamoRIO. Докладчик на реальных примерах покажет, как DBI может применяться для поиска ошибок типа переполнения кучи в «тяжеловесных» программах и для динамического анализа вредоносного кода.
You’ve probably heard the statement that there is no cloud, there’s just somebody else’s computer. How can we monitor what we don’t own?
Developers and operations teams are increasingly relying on cloud providers to manage and operate their infrastructure. While this can offer many benefits, it also presents new challenges when it comes to observability. In this talk, we’ll explore the unique challenges of observability in a cloud-native environment, and discuss some best practices for ensuring that you can effectively monitor and troubleshoot your applications, even when you don’t have direct access to the underlying infrastructure.
We’ll begin by discussing the basic principles of observability in a cloud-native context, including the importance of monitoring not just the application itself, but also the underlying infrastructure and the interactions between different components. We’ll then explore some common challenges that can arise when it comes to observability in a cloud-native environment, including issues with data access and the need to deal with large volumes of data from multiple sources.
We’ll also discuss some practical strategies for addressing these challenges, including the use of cloud-native observability tools such as Kubernetes metrics and logging frameworks, as well as best practices for configuring and deploying these tools effectively. We’ll also explore the role of observability in incident response and how it can help teams quickly diagnose and resolve issues in a cloud-native environment.
Whether you’re just getting started with cloud-native observability or you’re looking to take your observability practices to the next level, this talk will provide valuable insights and practical tips for ensuring that you can effectively monitor and troubleshoot your applications, even when they’re running on somebody else’s computer.
Another day, another buzzword in the world of software development! ‘Microservices’ is a new approach to structuring server-side software. But is it really new? In this talk I’ll walk you through the birth and ‘raison d’etre’ of microservices and tell about pro’s and con’s of the approach.
Having laid the foundation, we will take a look at best-practices and patterns for building micro service architectures and combine this with a tour of current technologies and development tools.
Finally, I will take a quick look at the future and discuss some of the remaining challenges. All parts of the presentation will be accompanied by structural examples based on a real ecommerse system.
Let's face it: config management has grown up so far that the problems slowing us down are for most of them not technical anymore. From common DevOps misconception to the way we pay our technical debt, we can use config management and automation to actually improve and attract all the people that are not playing the game yet. This talk will enlight some great moves that happened in this world recently and show that anything can be automate properly now. Then I will take some examples on how you can improve and shave the last yaks.
When Node.js Goes Wrong: Debugging Node in Production
The event-oriented approach underlying Node.js enables significant concurrency using a deceptively simple programming model, which has been an important factor in Node's growing popularity for building large scale web services. But what happens when these programs go sideways? Even in the best cases, when such issues are fatal, developers have historically been left with just a stack trace. Subtler issues, including latency spikes (which are just as bad as correctness bugs in the real-time domain where Node is especially popular) and other buggy behavior often leave even fewer clues to aid understanding. In this talk, we will discuss the issues we encountered in debugging Node.js in production, focusing upon the seemingly intractable challenge of extracting runtime state from the black hole that is a modern JIT'd VM.
We will describe the tools we've developed for examining this state, which operate on running programs (via DTrace), as well as VM core dumps (via a postmortem debugger). Finally, we will describe several nasty bugs we encountered in our own production environment: we were unable to understand these using existing tools, but we successfully root-caused them using these new found abilities to introspect the JavaScript VM.
Vulnerabilities in TN3270 based ApplicationSensePost
A talk given at Hack in the Box Amsterdam and later DerbyCon in 2014 about a new class of vulnerabilities in TN3270 exposed applications by @singe (Dominic White). A video of the talk is available at https://www.youtube.com/watch?v=3HFiv7NvWrM and code can be found at https://github.com/sensepost
Improvement in Rogue Access Points - SensePost Defcon 22SensePost
A supporting slide deck for SensePost's Defcon 22 talk. It contains more useful written information, that the picture heavy version we presented at the conference. You can see the conference video at https://www.youtube.com/watch?v=i2-jReLBSVk and can get the code at https://github.com/sensepost/mana
Home automation systems provide a centralized control and monitoring function for heating, ventilation and air conditioning (HVAC), lighting and physical security systems. The central control panel and various household devices such as security sensors and alarm systems are connected with each other to form a mesh network over wireless or wired communication links and act as a “smart home”. As you arrive home, the system can automatically open the garage door, unlock the front door and disable the alarm, light the downstairs, and turn on the TV. According to a study by the consulting firm AMA Research, in 2011, the UK home automation market was worth around £65 million with 12% increase on the previous year. The total number of home automation system installations in the UK is estimated to be 189000 by now. The home automation market in the US was worth approximately $3.2 billion in 2010 and is expected to exceed $5.5 billion in 2016.
Zigbee and Z-wave wireless communication protocols are the most common used RF technology in home automation systems. Zigbee is based on an open specification (IEEE 802.15.4) and has been the subject of several academic and practical security researches. Z-wave is a proprietary wireless protocol that works in the Industrial, Scientific and Medical radio band (ISM). It transmits on the 868.42 MHz (Europe) and 908.42MHz (United States) frequencies designed for low-bandwidth data communications in embedded devices such as security sensors, alarms and home automation control panels. Unlike Zigbee, no public security research on Z-Wave protocol was available before our work. Z-wave protocol was only mentioned once during a DefCon 2011 talk when the presenter pointed the possibility of capturing the AES key exchange phase without a demonstration.
The Z-Wave protocol is gaining momentum against the Zigbee protocol with regards to home automation. This is partly due to a faster, and somewhat simpler, development process. Another benefit is that it is less subjected to signal interference compared to the Zigbee protocol, which operates on the widely populated 2.4 GHz band shared by both Bluetooth and Wi-Fi devices.
Z-wave chips have 128-bit AES crypto engines, which are used by access control systems, such as door locks, for authenticated packet encryption. An open source implementation of the Z-wave protocol stack, openzwave , is available but it does not support the encryption part as of yet. Our talk will show how the Z-Wave protocol can be subjected to attacks.
Presentation by Grorg Christian Pranschkle at ZaCon 2 in 2010.
This presentation is about SNMP security The presentation begins with an overview of SNMP. SNMP security weaknesses and SNMP security in cisco apps are discussed. Frisk-0 a tool for SNMP Hacking developed by the presenter is also discussed.
Presentation by Jaco van Gaan at IIA in 2001.
This presentation is about the use of ethical hackers in business. The presentation begins with a series of discussions about hackers, what they do, how they do it and the different types of hackers.
Presentation by Haroon Meer at ReCon in 2005.
This presentation is about web application security. Various web application attacks like XSS, SQLi and directory traversal are discussed. The wikto and crowbar tools developed by sensepost are also discussed.
Major global information security trends - a summarySensePost
Presentation by Luc de Graeve at internetix in 2004.
This presentation is a summery of global information security trends in the business environment .The presentation begins with an introduction to major global trends. Legal Issues, threats, technologies and solutions are discussed
Presentation by Charl der Walt and Francesco Geremla at The ITweb security summit in 2009.
This presentation is about the methodology behind version 2 of Sensepost's threat modeling tool, the corporate threat modeller.
Presentaion by Charl van der Walt at the ITweb security summit 2010.
This presentation is an introduction to the security summit 2010. It introduces all the speakers.
Presentation by Charl de Walt in 2001.
The presentation aims to educate people that IT security is relevant to SA business. The presentation begins with examples of defaced SA company websites. Various attacks such as DDoS and semantic attacks are discussed. The presentation ends with a discussion on IP manipulation
Presentation by Luc de Graeve at the Gordon institute of business science in 2001.
This presentation is about security in e-commerce and is aimed at making people aware of what hackers do, how they do it and the financial implications of their actions. The presentation begins with a few examples of defaced websites and ends with a discussion on risk and assessment.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
2. • Before we begin….you can find all of this at:
• http://www.sensepost.com/research/bidiblah
• As promised at Amsterdam…E-Or release!
• http://www.sensepost.com/research/eor
• (web application scanner)
• Time considerations…
• Shows in Vegas…
3. Introduction
SensePost has done hundreds of external assessment
Tried and trusted methodology
So…in search of an automated assessment tool
This talk is about:
• What is this methodology?
• Can it be automated?
• Where does automation really work well?
• Where does it simply suck?
• Why does it fail? (and can it be corrected?)
• Implications for penetration testers
4. Principles of automation
To have an automatic process we need to code it
To code it we need to have an algorithm or flow
In order to have an algorithm or flow it we need to
understand the process
To understand the process we need to have done it
many times
If you cannot write the process down on paper you
probably don’t understand it completely
Exceptions on the rule – the root of all evil
Tradeoffs – if it will work in 99.99% of cases and
will take me 2 months to code support for the 0.01%
of cases…is it worth it?
5. Weird perceptions
Unix good….Windows baaaad! (meeaaaaa)
‘Hard core’ hackers will tell you that Windows sucks.
GUI apps limit you to do complex things
Problem is not the OS – it’s the implementation of the GUI
People think that, because it’s a GUI app, it needs to be “dumbed down”
People think that, because it’s a GUI app, it needs to user friendly
People think that, because it’s a GUI app, stupid people will use it
Unix command line tools are mostly “fire and forget”
Unix command line tools are not interactive
Unix makes it hard to write X11 interfaces – so ppl stick to text based
interfaces
BiDiBLAH uses “hot” text boxes – you can copy and paste & grep and
awk and sed all you wish
6. The demos you are about to see…
BiDiBLAH is a tool for doing attacks/assessments
Its built for large networks
…we don’t have a large network
…but our clients do
…but we don’t want to show their network
…no...we don’t…really…
SO:
Passive: IBM,Playboy
Active: SensePost/VMWare
There’s just too much risk in doing this live
…but everything you see is real
(some time lapse in places – I’ll tell you where)
10. Methodology:Footprint:Find domains
Initial domain
TLD expansion Name expansion Related domains
Content
matching
Network
(MX/NS/IP)
matching
Meta data Final domain
matching list
21. Video 5 - BiDiBLAH – Vitality (SensePost network) 2min/port/classB
22.
23. Automation of footprint
Pheeww…glad that’s over!
Which steps are difficult to automate & why?
• Domain finding
• works semi OK, but never complete [not implemented]
• currently, you can learn a lot from reverse entries
• Sub domain finding – easy - [DONE]
• Forwards – easy - [DONE]
• Netblocks – difficult…
• AS expansion is not always good for smaller (hosted) blocks.
• Whois info on these blocks are pretty unless.
• No standard interface to registrars
• [Currently set to manual]
• Reverse scans – easy - [DONE]
• Vitality – easy [DONE (tcp only)]
24. Why should you care about footprinting??
Finding one vulnerability on one box
vs
Finding the one box with one vulnerability…
26. Methodology: Fingerprinting
OS detection from the Internet to a firewalled host is
difficult…Not just technically, but conceptually :
An Apache box protected by a FireWall-1 running on Win32 and 1:1NAT will report
itself as a Windows machines on a network level…but as a Unix machine on app
level..so what will it be??
BiDiBLAH does not try to do OS detection, but rather just do banner grabbing
Using Async banner grabbing for 21,22,25,80,110,143
Multithreaded 443 (SSL)
Any banner/version can be grabbed asynchronously but
it gets increasingly tricky..
30. Methodology: targeting
With a great deal of potential targets, we want to be able to select
only those that really interests us.
Targetting system should be able to target using
• Certain/All open ports (in all netblocks, or certain netblocks)
• – e.g. all open on TCP 53
• Keywords in service banners
• – e.g. wuftp*
• Keywords in DNS names
• – e.g. PRT*
• All hosts in a specific netblock
• – e.g. all in 172.16.43.0/24
• Particular OSes of version of OS [a problem - we don’t have it]
• - e.g. MS Windows XP SP1
• Certain keywords within vulnerability descriptions (later more)
• - e.g. RPC*
33. Methodology: Vulnerability discovery
Why reinvent the wheel? Use a solid, widely used scanner:
Nessus…
Thus…we write a Nessus client..
Give the user the ability to choose a set of plugins
..and let him save the list..
Thus – you can choose *all* plugins (if you are doing an
assessment), or you can choose one plugin (if you are looking
throughout your whole network for a particular problem)
Scans are executed against what was marked as targets
37. Methodology: Vulnerability exploitation
Why reinvent the wheel? Use a solid, widely used exploitation
framework: MetaSploit!
Thus…we write a MetaSploit client..
Problem with MetaSploit – its very operating system specific
….and we DON’T KNOW the OS…
Don’t specify target and hope for the best – hopefully it will brute
force.
Use Nessus to identify the weakness, MetaSploit to exploit it
Thus … we need a NessusID to MetaSploit sploit name list
We built it (thanks GP), and wrote plugins as needed
Hopefully it can be an attribute of the sploit (looks at HD..)
RHOST, SSL, LHOST – all known to us
RPORT known via Nessus scanner
Let the user choose the playload and additional parameters
38. Video 10 – BiDiBLAH exploitaion (VMware server)
39. SensePost external methodology
So…we are done?
In a perfect world…yes...
In the real world we have false positives, we have to
moderate Nessus results, and we have to write
!=*|||(ing reports!!!
41. The Bottom line
BiDiBLAH does 80% of the work within 20% of time it takes us
The last 20% of the work takes 80% of the project time
Some steps in the methodology are really hard to automate
This is usually where things are “non-standard”, or an exception
It would hopefully raise the bar on mediocre “pen testing” companies
Release considerations
Group1: “Surely you will not release this to the world – you arming
script kiddies with dangerous point and click hacking tools!!?
Group2: “Where do we download it?
Thus: crippled version (20min run time, no save) released at
http://www.sensepost.com/research/bidiblah
Full version available on request