Ведущий: Асука Накадзима (Asuka Nakajima)
Практика повторного использования исходного кода позволяет сократить расходы на разработку программного обеспечения. Тем не менее, если в оригинальном исходном коде кроется уязвимость, она будет перенесена и в новое приложение. Докладчик расскажет о необычном способе обнаружения «наследуемых» уязвимостей в бинарных файлах без необходимости обращаться к исходному коду или символьным файлам.
This document discusses techniques for brute forcing passwords online in a short amount of time. It recommends generating targeted wordlists by analyzing common password patterns and rules, such as capitalization variations, number/special character suffixes, and prefixes drawn from personal information. Wordlists should balance completeness with brevity to avoid detection. The author cracked over 20 passwords within a minute by heuristically guessing variations on an initial default password.
Ведущие: Дмитрий Частухин и Дмитрий Юдин
Бла-бла-бла SAP. Бла-бла-бла крупные компании. Бла-бла-бла взлом на миллионы долларов. Вот так обычно начинается любой доклад о SAP. Но в этот раз все будет по-другому. Давненько не было рассказов о жестокой эксплуатации и необычных уязвимостях. Пришло время пуститься во все тяжкие! Докладчики расскажут (и покажут), как получить полный контроль над системой, используя ряд незначительных уязвимостей в службах SAP.
This document summarizes password security concepts and provides code examples for implementing password hashing and salting. It discusses how storing passwords in plaintext is insecure and how hashing passwords with a salt adds security against dictionary attacks. The code example shows a MiniPasswordManager class that initially stored passwords in plaintext but is modified to hash passwords and add salts for increased security.
Abusing Microsoft Kerberos - Sorry you guys don't get itBenjamin Delpy
This document discusses abusing Microsoft Kerberos authentication. It provides an overview of how Kerberos authentication works, obtaining users' Kerberos keys from Active Directory or client memory, and using those keys to authenticate as the user without their password through techniques like Pass-the-Hash and Overpass-the-Hash. It also demonstrates these techniques live using mimikatz to dump keys and authenticate with captured keys.
The 7th June 2012 Linkedin was hacked. More than 6 million LinkedIn passwords was compromised. The real shocking news was not the theft but the fact that the attackers were able to decrypt many of these passwords. Why it happened? The answer is simple: a bad design of the password security. In this talk I presented how to choose "secure" user's passwords and how to safely store it from a programmer's perspective.
This talk has been presented during the MOCA 2012, http://moca.olografix.org/moca2012
This study investigates users’ behavior in password utilization. Good password practices are critical to the security of any information system. End users often use weak passwords that are short, simple, and based on personal and meaningful information that can be easily guessed. A survey was conducted among executive MBA students who hold managerial positions. The results of the survey indicate that users practice insecure behaviors in the utilization of passwords. The results support the literature and can be used to guide password management policy.
Ведущий: Иван Ёлкин
Ведущий фаст-трека расскажет об опыте внедрения Static Analysis Security Tool в QIWI, о сложностях, с которыми сталкивались разработчики. Писать «костыли» или рефакторить код? Что делать, когда мнения клиента и разработчика расходятся? Поведает, сколько строк кода пришлось прочитать и написать до и после запуска сканера, и предложит краткий обзор найденных и упущенных уязвимостей.
The document discusses mimikatz 2.0, a tool focused on credential theft and pass-the-hash attacks on Windows systems. It provides an overview of mimikatz's capabilities for retrieving credentials from memory and demonstrates how it can extract credentials for various authentication packages like Kerberos, msv1_0, and LiveSSP. It also covers new protections in Windows 8.1 and 2012r2 against credential theft techniques and how mimikatz can still bypass these protections.
This document discusses techniques for brute forcing passwords online in a short amount of time. It recommends generating targeted wordlists by analyzing common password patterns and rules, such as capitalization variations, number/special character suffixes, and prefixes drawn from personal information. Wordlists should balance completeness with brevity to avoid detection. The author cracked over 20 passwords within a minute by heuristically guessing variations on an initial default password.
Ведущие: Дмитрий Частухин и Дмитрий Юдин
Бла-бла-бла SAP. Бла-бла-бла крупные компании. Бла-бла-бла взлом на миллионы долларов. Вот так обычно начинается любой доклад о SAP. Но в этот раз все будет по-другому. Давненько не было рассказов о жестокой эксплуатации и необычных уязвимостях. Пришло время пуститься во все тяжкие! Докладчики расскажут (и покажут), как получить полный контроль над системой, используя ряд незначительных уязвимостей в службах SAP.
This document summarizes password security concepts and provides code examples for implementing password hashing and salting. It discusses how storing passwords in plaintext is insecure and how hashing passwords with a salt adds security against dictionary attacks. The code example shows a MiniPasswordManager class that initially stored passwords in plaintext but is modified to hash passwords and add salts for increased security.
Abusing Microsoft Kerberos - Sorry you guys don't get itBenjamin Delpy
This document discusses abusing Microsoft Kerberos authentication. It provides an overview of how Kerberos authentication works, obtaining users' Kerberos keys from Active Directory or client memory, and using those keys to authenticate as the user without their password through techniques like Pass-the-Hash and Overpass-the-Hash. It also demonstrates these techniques live using mimikatz to dump keys and authenticate with captured keys.
The 7th June 2012 Linkedin was hacked. More than 6 million LinkedIn passwords was compromised. The real shocking news was not the theft but the fact that the attackers were able to decrypt many of these passwords. Why it happened? The answer is simple: a bad design of the password security. In this talk I presented how to choose "secure" user's passwords and how to safely store it from a programmer's perspective.
This talk has been presented during the MOCA 2012, http://moca.olografix.org/moca2012
This study investigates users’ behavior in password utilization. Good password practices are critical to the security of any information system. End users often use weak passwords that are short, simple, and based on personal and meaningful information that can be easily guessed. A survey was conducted among executive MBA students who hold managerial positions. The results of the survey indicate that users practice insecure behaviors in the utilization of passwords. The results support the literature and can be used to guide password management policy.
Ведущий: Иван Ёлкин
Ведущий фаст-трека расскажет об опыте внедрения Static Analysis Security Tool в QIWI, о сложностях, с которыми сталкивались разработчики. Писать «костыли» или рефакторить код? Что делать, когда мнения клиента и разработчика расходятся? Поведает, сколько строк кода пришлось прочитать и написать до и после запуска сканера, и предложит краткий обзор найденных и упущенных уязвимостей.
The document discusses mimikatz 2.0, a tool focused on credential theft and pass-the-hash attacks on Windows systems. It provides an overview of mimikatz's capabilities for retrieving credentials from memory and demonstrates how it can extract credentials for various authentication packages like Kerberos, msv1_0, and LiveSSP. It also covers new protections in Windows 8.1 and 2012r2 against credential theft techniques and how mimikatz can still bypass these protections.
NSC #2 - D2 02 - Benjamin Delpy - MimikatzNoSuchCon
Benjamin Delpy is a security researcher known for creating the tool mimikatz. Mimikatz can extract plaintext credentials and keys from memory. Kerberos authentication relies on encrypting tickets with various keys, including NTLM hashes and AES keys derived from the password. Mimikatz can perform pass-the-hash and over-pass-the-hash attacks by extracting these keys from memory and using them to authenticate.
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...44CON
A stack-based buffer overflow vulnerability was discovered in FreeType's CFF rasterizer during fuzz testing. The vulnerability occurs when building the hintmap data structure in the cf2_hintmap_build function. By analyzing the source code, it appears the vulnerability is caused by insufficient bounds checking when accessing the hint mask array via the maskPtr pointer, allowing writes beyond the end of the allocated buffer. This highlights the ongoing need to fuzz test font parsing libraries given the complexity of font formats and opportunity for security issues.
Wtf is happening_inside_my_android_phone_publicJaime Blasco
The document discusses the architecture and analysis of Android malware called Red Bunny or ADRD. It was discovered in 2011 sending device information like IMEI and IMSI to command and control servers. The malware uses encryption, sets an HTTP proxy, and sends specially crafted headers. It decrypts responses and executes commands depending on the decrypted value.
This document discusses password security and different password strategies. It explains that longer, more complex passwords are harder to guess due to higher entropy. Traditional passwords can have high per-character entropy but are hard to remember and reuse. Proper phrase passwords have overall higher entropy than traditional passwords due to using multiple words, while still being memorable. The document recommends at least 75 bits of entropy, which can be achieved with over 12 random characters or six random words from a large dictionary.
The document discusses reverse engineering the firmware of Swisscom's Centro Grande modems. It identifies several vulnerabilities found, including a command overflow issue that allows complete control of the device by exceeding the input buffer, and multiple buffer overflow issues that can be exploited to execute code remotely by crafting specially formatted XML files. Details are provided on the exploitation techniques and timeline of coordination with Swisscom to address the vulnerabilities.
This document discusses techniques for bypassing security products on Windows systems by manipulating process and registry notification callbacks. It shows how the Mimikatz tool can be used to find and modify these callbacks to prevent security products from receiving important notifications. Specifically, it demonstrates patching a callback routine to do nothing, and notes unlinking callbacks from the notification list is also possible but requires more work. The conclusion is this approach allows killing any security tool while making it appear still active from a monitoring perspective.
This document discusses password security and provides guidance on creating strong passwords. It notes that passwords should be long, using the full character set across uppercase, lowercase, numbers and symbols. Short passwords can be cracked very quickly using modern computing power even with hashing and encryption. The document demonstrates how different password lengths and compositions affect cracking times, showing that longer passwords above 14 characters that take full advantage of the available character set are most secure. It encourages creativity in password composition and testing passwords on online strength meters.
Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...RootedCON
Cloud Malware Distribution (CMD) is an alternative method for malware distribution using legitimate DNS caches. It works by encoding malware payloads into DNS resource records and forcing the injection of these records into public DNS caches without compromising servers. The records are then resolved through intranet DNS servers, reassembling the malware payload on infected machines. The presentation describes the DNS protocol, caching, and how the technique was implemented and tested on various public DNS servers around the world.
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...PROIDEA
Banking Trojans have been part of the financial cybercrime landscape for over a decade, causing losses measured in billions of dollars. On the flip side, the constant evolution of defenses against this type of malware has forced Trojan operators to adjust to security controls designed to keep them out. As a result, many Trojan operators have either disappeared or considerably narrowed their activity scope, but more interestingly, are using novel techniques to achieve their goals. In this talk, we will present three top malware operators active in the wild and their use of automated scripts to tackle their challenges: The notorious Gozi (ISFB) malware used to run its own executable files. Nowadays, it avoids storing malicious payloads on disk and instead, writes a Powershell script to the Windows registry and executes it using a special regex-based run-key. Ramnit, a dated foe that focuses on UK banks, encrypts its payload using a Windows API function with a device-unique key. In every system reboot, it decrypts the payload in-memory and runs it with a Visual Basic script that runs Powershell. This allows Ramnit to avoid running a detectable, executable file as it used to do in the past. BackSwap is a new banking Trojan that attacks financial institutions in Spain. Its dropper is a JavaScript Encoded (JSE) file. When decoded, the dropper results in a 30k lines-of-code script which downloads a binary sample from a remote Command-and-Control server. Together with our audience, we will walk through the research process and share our findings along with our (sometimes) quick-and-dirty solutions. We aim to enhance our participants’ knowledge of today’s bankers and help them get deeper into current-day scripting-related techniques cybercriminals use.
Possibility of arbitrary code execution by Step-Oriented Programmingkozossakai
Step-Oriented Programming (SOP) allows executing arbitrary code on embedded systems by repeating step execution and changing the program counter value. A debugger communicates with a target system's stub using the Remote Serial Protocol to read/write memory and registers, enabling full control via simple commands if the connection is compromised. SOP constructs code by combining pieces of existing machine code and executes it without needing to directly inject new code. Therefore attacks are possible even if execution from data areas is prevented. The presentation will demonstrate this attack principle and results from actual experimentation.
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages! ...CODE BLUE
We propose a new exploit technique that brings a whole-new attack surface to bypass SSRF (Server Side Request Forgery) protections. This is a very general attack approach, in which we used in combination with our own fuzzing tool to discover many 0days in built-in libraries of very widely-used programming languages, including Python, PHP, Perl, Ruby, Java, JavaScript, Wget and cURL. The root cause of the problem lies in the inconsistency of URL parsers and URL requesters.
Being a very fundamental problem that exists in built-in libraries, sophisticated web applications such as WordPress (27% of the Web), vBulletin, MyBB and GitHub can also suffer, and 0days have been discovered in them via this technique. This general technique can also adapt to various code contexts and lead to protocol smuggling and SSRF bypassing. Several scenarios will be demonstrated to illustrate how URL parsers can be exploited to bypass SSRF protection and achieve RCE (Remote Code Execution), which is the case in our GitHub Enterprise demo.
Understanding the basics of this technique, the audience won’t be surprised to know that more than 20 vulnerabilities have been found in famous programming languages and web applications aforementioned via this technique.
Codetainer: a Docker-based browser code 'sandbox'Jen Andre
Codetainer is a browser-based sandbox for running Docker containers. It allows users to "try 'X' in your browser" for any X by running Docker containers in an isolated and programmable manner directly in the browser. Codetainer uses Docker APIs to launch and manage lightweight containers via a Go-based API server. Users can create and register Docker images, launch "codetainers" from those images, and interact with the codetainers through the browser via websockets, viewing terminals and sending keystrokes. Codetainer aims to provide a secure and flexible environment for use cases like tutorials, training, and remote management while addressing challenges around container introspection and security.
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...idsecconf
The document discusses exploiting vulnerabilities in wireless routers that have USB ports for sharing storage and printers. It describes conducting attacks against a D-Link wireless router to steal data, delete data, and implant backdoors by accessing the shared USB flash drive and printer through the router's vulnerable SharePort technology. The attacker scans the wireless network, identifies the router and connected USB devices, and then explores ways to hack into the shared resources and conduct unauthorized activities.
This document discusses software obfuscation techniques using C++ metaprogramming. It presents several implementations of string obfuscation using templates to encrypt strings at compile-time. It also discusses obfuscating function calls using finite state machines generated with metaprogramming. Debugger detection is added to fight dynamic analysis. The techniques aim to make reverse engineering and static/dynamic analysis more difficult without changing program semantics.
"A rootkits writer’s guide to defense" - Michal PurzynskiPROIDEA
Michal will take you on a journey all the way to 90’s and back, sharing the Mozilla detection framework - a systematic way to detect and hunt down threat actors. Why did we spend hours digging through some old Phrack issues? How does a blue team's member approach writing rootkits? What is better - a fail negative or a false positive? I will share answers to these questions plus a lot of alerting and evil-doing code.
Introduzione ai network penetration test secondo osstmmSimone Onofri
"Competent Analysts will require adequate networking knowledge,
diligent security testing skills, and critical thinking skills to
assure factual data collection creates factual results through
correlation and analysis." - OSSTMM v3
Il Network Penetration Test (NPT) ha lo scopo verificare la sicurezza
dei sistemi esposti sulla rete. Viene valutata la presenza di
controlli - e la loro corretta implementazione - che annullano o
limitano le minacce esistenti verso i beni dell'organizzazione.
L'attività valuta uno scenario specifico che varia secondo il
bersaglio, la posizione degli attaccanti e le informazioni in possesso
al personale coinvolto.
Un Penetration Test si esegue tramite varie attivtà spesso molto
delicate e importanti e, come ben specificato nell'Open Source
Security Testing Methodology Manual (OSSTMM), gli analisti non solo
devono avere delle competenze adeguate della rete e dei suoi
protocolli ma anche applicare un ragionamento critico per raccogliere
e correlare le informazioni in maniera corretta così da ottenere
risultati oggettivi.
Durante il seminario verrà introdotta la metodologia OSSTMM, con
particolare attenzione alle reti TCP/IP (Data Networks) e alle
operazioni tipiche per la ricerca degli host sulla rete e
l'identificazione dei servizi interattivi.
This document summarizes a three-part challenge involving cracking a MIPS binary, exploiting a Python/XXE vulnerability in a web application, and decrypting messages from a SecureDrop-like system. The MIPS binary is cracked by inverting its password checking algorithm. The web app is exploited via XXE to retrieve files containing an admin URL and view state details. Python code is modified at runtime to decrypt an AES key and access a "secret.key" file. This key reveals a tarball containing a SecureDrop implementation. A buffer overflow in SecDrop's service is used to run shellcode. Timing attacks via the CPU cache are then used to retrieve the private RSA key and decrypt messages stored by the SecureDrop-
You can create and test your OFC with Trema.
You can create tests effectively with test frameworks.
You can run common tests for both environment of a testing network and a real network.
Ведущий: Терренс Гаро
В докладе рассказывается о том, как создать ханипот (ловушку) и организовать сервис с обновляемыми данными о попавшихся DDoS-ботах с помощью Kibana, Elasticsearch, Logstash и AMQP. Докладчик откроет исходный код системы мониторинга и сбора внешней статистики DDoS-атак, над которой он работал со своей командой последние два года.
This document summarizes three security vulnerabilities that can exist in Flash applications:
1. Same-origin policy bypass through loader contexts and cross-domain policies
2. Phishing through manipulation of SWF URLs in metadata
3. Cross-site scripting through user-supplied parameters if the SWF is loaded from a public CDN domain that is shared by other sites.
NSC #2 - D2 02 - Benjamin Delpy - MimikatzNoSuchCon
Benjamin Delpy is a security researcher known for creating the tool mimikatz. Mimikatz can extract plaintext credentials and keys from memory. Kerberos authentication relies on encrypting tickets with various keys, including NTLM hashes and AES keys derived from the password. Mimikatz can perform pass-the-hash and over-pass-the-hash attacks by extracting these keys from memory and using them to authenticate.
44CON London 2015 - Reverse engineering and exploiting font rasterizers: the ...44CON
A stack-based buffer overflow vulnerability was discovered in FreeType's CFF rasterizer during fuzz testing. The vulnerability occurs when building the hintmap data structure in the cf2_hintmap_build function. By analyzing the source code, it appears the vulnerability is caused by insufficient bounds checking when accessing the hint mask array via the maskPtr pointer, allowing writes beyond the end of the allocated buffer. This highlights the ongoing need to fuzz test font parsing libraries given the complexity of font formats and opportunity for security issues.
Wtf is happening_inside_my_android_phone_publicJaime Blasco
The document discusses the architecture and analysis of Android malware called Red Bunny or ADRD. It was discovered in 2011 sending device information like IMEI and IMSI to command and control servers. The malware uses encryption, sets an HTTP proxy, and sends specially crafted headers. It decrypts responses and executes commands depending on the decrypted value.
This document discusses password security and different password strategies. It explains that longer, more complex passwords are harder to guess due to higher entropy. Traditional passwords can have high per-character entropy but are hard to remember and reuse. Proper phrase passwords have overall higher entropy than traditional passwords due to using multiple words, while still being memorable. The document recommends at least 75 bits of entropy, which can be achieved with over 12 random characters or six random words from a large dictionary.
The document discusses reverse engineering the firmware of Swisscom's Centro Grande modems. It identifies several vulnerabilities found, including a command overflow issue that allows complete control of the device by exceeding the input buffer, and multiple buffer overflow issues that can be exploited to execute code remotely by crafting specially formatted XML files. Details are provided on the exploitation techniques and timeline of coordination with Swisscom to address the vulnerabilities.
This document discusses techniques for bypassing security products on Windows systems by manipulating process and registry notification callbacks. It shows how the Mimikatz tool can be used to find and modify these callbacks to prevent security products from receiving important notifications. Specifically, it demonstrates patching a callback routine to do nothing, and notes unlinking callbacks from the notification list is also possible but requires more work. The conclusion is this approach allows killing any security tool while making it appear still active from a monitoring perspective.
This document discusses password security and provides guidance on creating strong passwords. It notes that passwords should be long, using the full character set across uppercase, lowercase, numbers and symbols. Short passwords can be cracked very quickly using modern computing power even with hashing and encryption. The document demonstrates how different password lengths and compositions affect cracking times, showing that longer passwords above 14 characters that take full advantage of the available character set are most secure. It encourages creativity in password composition and testing passwords on online strength meters.
Francisco Jesús Gómez + Carlos Juan Diaz - Cloud Malware Distribution: DNS wi...RootedCON
Cloud Malware Distribution (CMD) is an alternative method for malware distribution using legitimate DNS caches. It works by encoding malware payloads into DNS resource records and forcing the injection of these records into public DNS caches without compromising servers. The records are then resolved through intranet DNS servers, reassembling the malware payload on infected machines. The presentation describes the DNS protocol, caching, and how the technique was implemented and tested on various public DNS servers around the world.
"Revenge of The Script Kiddies: Current Day Uses of Automated Scripts by Top ...PROIDEA
Banking Trojans have been part of the financial cybercrime landscape for over a decade, causing losses measured in billions of dollars. On the flip side, the constant evolution of defenses against this type of malware has forced Trojan operators to adjust to security controls designed to keep them out. As a result, many Trojan operators have either disappeared or considerably narrowed their activity scope, but more interestingly, are using novel techniques to achieve their goals. In this talk, we will present three top malware operators active in the wild and their use of automated scripts to tackle their challenges: The notorious Gozi (ISFB) malware used to run its own executable files. Nowadays, it avoids storing malicious payloads on disk and instead, writes a Powershell script to the Windows registry and executes it using a special regex-based run-key. Ramnit, a dated foe that focuses on UK banks, encrypts its payload using a Windows API function with a device-unique key. In every system reboot, it decrypts the payload in-memory and runs it with a Visual Basic script that runs Powershell. This allows Ramnit to avoid running a detectable, executable file as it used to do in the past. BackSwap is a new banking Trojan that attacks financial institutions in Spain. Its dropper is a JavaScript Encoded (JSE) file. When decoded, the dropper results in a 30k lines-of-code script which downloads a binary sample from a remote Command-and-Control server. Together with our audience, we will walk through the research process and share our findings along with our (sometimes) quick-and-dirty solutions. We aim to enhance our participants’ knowledge of today’s bankers and help them get deeper into current-day scripting-related techniques cybercriminals use.
Possibility of arbitrary code execution by Step-Oriented Programmingkozossakai
Step-Oriented Programming (SOP) allows executing arbitrary code on embedded systems by repeating step execution and changing the program counter value. A debugger communicates with a target system's stub using the Remote Serial Protocol to read/write memory and registers, enabling full control via simple commands if the connection is compromised. SOP constructs code by combining pieces of existing machine code and executes it without needing to directly inject new code. Therefore attacks are possible even if execution from data areas is prevented. The presentation will demonstrate this attack principle and results from actual experimentation.
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages! ...CODE BLUE
We propose a new exploit technique that brings a whole-new attack surface to bypass SSRF (Server Side Request Forgery) protections. This is a very general attack approach, in which we used in combination with our own fuzzing tool to discover many 0days in built-in libraries of very widely-used programming languages, including Python, PHP, Perl, Ruby, Java, JavaScript, Wget and cURL. The root cause of the problem lies in the inconsistency of URL parsers and URL requesters.
Being a very fundamental problem that exists in built-in libraries, sophisticated web applications such as WordPress (27% of the Web), vBulletin, MyBB and GitHub can also suffer, and 0days have been discovered in them via this technique. This general technique can also adapt to various code contexts and lead to protocol smuggling and SSRF bypassing. Several scenarios will be demonstrated to illustrate how URL parsers can be exploited to bypass SSRF protection and achieve RCE (Remote Code Execution), which is the case in our GitHub Enterprise demo.
Understanding the basics of this technique, the audience won’t be surprised to know that more than 20 vulnerabilities have been found in famous programming languages and web applications aforementioned via this technique.
Codetainer: a Docker-based browser code 'sandbox'Jen Andre
Codetainer is a browser-based sandbox for running Docker containers. It allows users to "try 'X' in your browser" for any X by running Docker containers in an isolated and programmable manner directly in the browser. Codetainer uses Docker APIs to launch and manage lightweight containers via a Go-based API server. Users can create and register Docker images, launch "codetainers" from those images, and interact with the codetainers through the browser via websockets, viewing terminals and sending keystrokes. Codetainer aims to provide a secure and flexible environment for use cases like tutorials, training, and remote management while addressing challenges around container introspection and security.
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...idsecconf
The document discusses exploiting vulnerabilities in wireless routers that have USB ports for sharing storage and printers. It describes conducting attacks against a D-Link wireless router to steal data, delete data, and implant backdoors by accessing the shared USB flash drive and printer through the router's vulnerable SharePort technology. The attacker scans the wireless network, identifies the router and connected USB devices, and then explores ways to hack into the shared resources and conduct unauthorized activities.
This document discusses software obfuscation techniques using C++ metaprogramming. It presents several implementations of string obfuscation using templates to encrypt strings at compile-time. It also discusses obfuscating function calls using finite state machines generated with metaprogramming. Debugger detection is added to fight dynamic analysis. The techniques aim to make reverse engineering and static/dynamic analysis more difficult without changing program semantics.
"A rootkits writer’s guide to defense" - Michal PurzynskiPROIDEA
Michal will take you on a journey all the way to 90’s and back, sharing the Mozilla detection framework - a systematic way to detect and hunt down threat actors. Why did we spend hours digging through some old Phrack issues? How does a blue team's member approach writing rootkits? What is better - a fail negative or a false positive? I will share answers to these questions plus a lot of alerting and evil-doing code.
Introduzione ai network penetration test secondo osstmmSimone Onofri
"Competent Analysts will require adequate networking knowledge,
diligent security testing skills, and critical thinking skills to
assure factual data collection creates factual results through
correlation and analysis." - OSSTMM v3
Il Network Penetration Test (NPT) ha lo scopo verificare la sicurezza
dei sistemi esposti sulla rete. Viene valutata la presenza di
controlli - e la loro corretta implementazione - che annullano o
limitano le minacce esistenti verso i beni dell'organizzazione.
L'attività valuta uno scenario specifico che varia secondo il
bersaglio, la posizione degli attaccanti e le informazioni in possesso
al personale coinvolto.
Un Penetration Test si esegue tramite varie attivtà spesso molto
delicate e importanti e, come ben specificato nell'Open Source
Security Testing Methodology Manual (OSSTMM), gli analisti non solo
devono avere delle competenze adeguate della rete e dei suoi
protocolli ma anche applicare un ragionamento critico per raccogliere
e correlare le informazioni in maniera corretta così da ottenere
risultati oggettivi.
Durante il seminario verrà introdotta la metodologia OSSTMM, con
particolare attenzione alle reti TCP/IP (Data Networks) e alle
operazioni tipiche per la ricerca degli host sulla rete e
l'identificazione dei servizi interattivi.
This document summarizes a three-part challenge involving cracking a MIPS binary, exploiting a Python/XXE vulnerability in a web application, and decrypting messages from a SecureDrop-like system. The MIPS binary is cracked by inverting its password checking algorithm. The web app is exploited via XXE to retrieve files containing an admin URL and view state details. Python code is modified at runtime to decrypt an AES key and access a "secret.key" file. This key reveals a tarball containing a SecureDrop implementation. A buffer overflow in SecDrop's service is used to run shellcode. Timing attacks via the CPU cache are then used to retrieve the private RSA key and decrypt messages stored by the SecureDrop-
You can create and test your OFC with Trema.
You can create tests effectively with test frameworks.
You can run common tests for both environment of a testing network and a real network.
Ведущий: Терренс Гаро
В докладе рассказывается о том, как создать ханипот (ловушку) и организовать сервис с обновляемыми данными о попавшихся DDoS-ботах с помощью Kibana, Elasticsearch, Logstash и AMQP. Докладчик откроет исходный код системы мониторинга и сбора внешней статистики DDoS-атак, над которой он работал со своей командой последние два года.
This document summarizes three security vulnerabilities that can exist in Flash applications:
1. Same-origin policy bypass through loader contexts and cross-domain policies
2. Phishing through manipulation of SWF URLs in metadata
3. Cross-site scripting through user-supplied parameters if the SWF is loaded from a public CDN domain that is shared by other sites.
Ведущий: Артем Шишкин
Доклад описывает разработку средства отладки при помощи виртуализации: как применить существующие средства виртуализации для отладки, как обеспечить целостность отлаживаемой среды, как сделать отладку интерактивной и как обуздать низкоуровневую специфику аппаратной виртуализации. Докладчик расскажет об интеграции железа с операционной системой и о том, как встроить отладчик прямо в прошивку. Будут рассмотрены несколько жизненных примеров динамического анализа.
Ведущий: Владимир Иванов и Сергей Гордейчик
Эксперт ИТ и исследователь кибербезопасности поделятся своим взглядом на проблему современных целевых атак, спонсируемых государствами и криминальными группировками. Докладчики расскажут об эффективности существующих подходов к защите, о способах обхода песочницы, и о том, пора ли IDS и AV отправляться на свалку.
Ведущий: Макс Мороз
Обзор системы ClusterFuzz, позволяющей осуществить проверку браузера Chrome на наличие уязвимостей в режиме реального времени и получить воспроизводимые результаты исследования каждого конкретного сбоя. Будут продемонстрированы преимущества использования различных санитайзеров и LibFuzzer, библиотеки для направленного фаззинга. Будет приведена подробная статистика видов уязвимостей, найденных в Chrome. Слушатели узнают о подводных камнях распределенного фаззинга; о том, как можно запустить свои собственные фаззеры в инфраструктуре Google и получить вознаграждение за найденные уязвимости.
Ведущий: Александр Попов
В настоящем докладе будет рассмотрен успешный опыт использования отладочного механизма KASan (Kernel address sanitizer) для автономного гипервизора. Докладчик расскажет, как удалось усилить KASan по сравнению с его реализацией в ядре Linux.
Ведущий: Ольга Зиненко
Уральский центр систем безопасности проводит независимое тестирование мобильных антивирусов, разработанных для платформы Android (в том числе Dr.Web, Kaspersky, Norton, ESET). Доклад посвящен результатам исследования. Показатели, которые оцениваются в первую очередь: выполнение заявленных функций, уровень защиты, возможности обхода, наличие уязвимостей, полезность и значимость дополнительных функций.
john-devkit: 100 типов хешей спустя / john-devkit: 100 Hash Types LaterPositive Hack Days
Ведущий: Алексей Черепанов
Скорость взлома хешей растет. Растет и количество алгоритмов хеширования. Объем задач для поддержки универсального инструмента для взлома тоже увеличивается. В ответ на это был разработан john-devkit — улучшенный генератор кода к известному приложению для взлома паролей John the Ripper. john-devkit содержит более 100 типов хешей. Ведущий рассмотрит ключевые аспекты его использования: разделение алгоритмов, оптимизация и вывод данных для различных устройств, простое промежуточное представление алгоритмов хеширования, трудности оптимизации для человека и машины, bitslicing, сравнение скорости обработки.
Ведущий: Лев Денисов
Система общественного транспорта Москвы — одна из крупнейших в мире. Выпущено больше 5 млн карт «Тройка», с помощью которых пассажиры оплачивают проезд в метро и наземном транспорте. Развиваются сервисы, позволяющие пополнить баланс карты с помощью мобильного телефона с NFC. Ведущий расскажет об уязвимостях, эксплуатируя которые можно получить доступ к секретным данным карты и с минимальными затратами клонировать ее, чтобы бесплатно пользоваться общественным транспортом.
Метод машинного обучения для распознавания сгенерированных доменных именPositive Hack Days
Ведущий: Александр Колокольцев
Доклад посвящен использованию машинного обучения для выявления доменных имен, сгенерированных при помощи Domain Generation Algorithm. Для решения задачи предлагается N-грамм-анализ. Будет подробно описан анализатор доменных имен, при использовании которого была достигнута точность в 98,5%.
Ведущие: Денис Макрушин и Юрий Наместников
Среди прочих мер, направленных на защиту корпоративной инфраструктуры от злоумышленников, специалисты по безопасности полагаются на строгую политику ограничения доступа приложений к интернету. Защита информационных систем предприятия основана главным образом на принципе «запретить все, что не разрешено». Тем временем угрозы безопасности притаились в недрах корпоративных сетей и ждут, когда у сотрудников закончится рабочий день. Мы расскажем вам, как с наступлением темноты киберпреступники используют Notepad, AutoCAD, Tomcat и SQL Server в своих целях.
Ведущие: Роман Казанцев, Максим Вафин и Андрей Сомсиков
Разработка чит-кодов к различным сетевым играм со временем превратилась в прибыльный бизнес. С помощью внедренных чит-кодов можно анализировать данные памяти и собирать статистику об игроках. На примерах из игры Unreal Tournament 4 докладчики расскажут о методах борьбы с подобным читерством, основанных на запутывании кода.
Ведущий: Пол Викси
Система доменных имен (DNS) предлагает отличный вид на локальную и глобальную сети, что дает возможность исследовать действия киберпреступников и методы атак. В докладе будет показано, как обезопасить DNS и использовать ее для защиты других подключенных объектов. Докладчик подробно расскажет о подмене кэша DNS, расширениях защиты для протокола DNS (DNSSEC), DDoS-атаках, ограничении скорости передачи, межсетевом экране DNS и пассивном DNS-мониторинге.
Обратная разработка бинарных форматов с помощью Kaitai StructPositive Hack Days
Ведущий: Михаил Якшин
В докладе будут рассмотрены современные подходы к обратной разработке бинарных файлов: с чего начинают, что хотят получить на выходе, какими инструментами традиционно пользуются. Будет продемонстрирован новый проект— Kaitai Struct, представляющий собой инструментарий для декларативного описания бинарных структур данных с выводом результата в виде готовых библиотек на языках C++, Java, JavaScript, Python и Ruby. Несколько практических примеров использования обратной разработки помогут участникам лучше ознакомиться с проблематикой.
Waf.js: как защищать веб-приложения с использованием JavaScriptPositive Hack Days
Ведущие: Денис Колегов и Арсений Реутов
Авторы доклада продемонстрируют, как внедрение клиентских сценариев JavaScript может быть использовано для обнаружения и предотвращения различных атак, поиска уязвимых клиентских компонент, определения утечек данных об инфраструктуре веб-приложений, выявления веб-ботов и инструментальных средств нападения. Поделятся собственными методами обнаружения инъекций при помощи синтаксических анализаторов без сигнатур и фильтрующих регулярных выражений, а также рассмотрят реализацию концепции JavaScript-ловушек на стороне клиента для атак SSRF, IDOR, Command Injection и CSRF.
Ведущий: Дан Корецкий
Миллионы устройств на Android содержат уязвимости, которые дают права суперпользователя. Докладчик расскажет о технических причинах проблем безопасности (коллизии хеш-функций, злоупотребление межпроцессорным взаимодействием, ошибки работы с сертификатами приложений). Продемонстрирует атаку на «живое» устройство и предоставит рекомендации для снижения риска. Слушатели узнают, почему нельзя полностью устранить уязвимости. Докладчик также поведает историю о том, как были обнаружены атаки в Google Play.
Tips And Tricks For Bioinformatics Software Engineeringjtdudley
This document provides tips and tricks for software engineering in bioinformatics. It discusses using object-oriented software design principles like encapsulation and inheritance. It also covers best practices like automating documentation, performance optimization, working with data using databases and file formats, parallel and distributed computing, hardware acceleration, and web services.
Return-oriented programming (ROP) allows executing code on systems with non-executable pages by chaining together small "gadgets" from existing code. The document describes algorithms for automatically finding gadgets in binaries and chaining them to form payloads. It also introduces a ROP compiler called "The Wolf" that uses a simple language and the STP theorem prover to generate payloads by satisfying constraints from gadgets. Future work includes supporting more platforms and improving flexibility in the presence of ASLR.
Penetrating Windows 8 with syringe utilityIOSR Journals
This document discusses penetrating Windows 8 remotely using Metasploit framework and syringe utility. It begins with an introduction to penetration testing and Windows 8 security. It then describes using Metasploit to generate a payload, encoding it to evade detection, and injecting it into a Windows 8 system using syringe. This allows establishing a meterpreter session and compromising the system by migrating processes and accessing the C drive. It concludes that Windows 8 has strong security but syringe injections allow compromising it, and more exploits could be found to enhance efficacy.
Georgy Nosenko - An introduction to the use SMT solvers for software securityDefconRussia
The document discusses how SMT solvers can be used for software security applications such as bug hunting, exploit generation, protection analysis, and malware analysis by modeling portions of code or algorithms as logical formulas that can then be analyzed using an SMT solver to prove properties or generate inputs. It provides examples of how SMT solvers have been used to find integer overflows, help with program verification, and aid in defeating simple hashing algorithms.
The document discusses the Post Memory Corruption (PMCMA) tool, which allows analyzing memory corruption bugs by testing different memory overwrite scenarios in a process. PMCMA uses a technique called "mk_fork()" to efficiently fork a process multiple times and overwrite different memory locations in each offspring to test for exploitation possibilities. It discusses challenges like dealing with zombie processes and invalid system calls caused by forking, and how PMCMA addresses these through techniques like process grouping and ignoring SIGCHILD signals.
[Ruxcon 2011] Post Memory Corruption Memory AnalysisMoabi.com
The document introduces PMCMA, a debugger tool that analyzes memory corruption bugs by forcing processes to fork, overwriting memory locations in the offspring processes, and monitoring execution to map exploitable scenarios. PMCMA aims to provide a roadmap for exploitation by identifying vulnerabilities and possible exploitation techniques like truncating function pointers or exploiting 4-byte aligned memory writes. The tool is available online and has received over 10,000 downloads in its first two months.
Post Exploitation Bliss: Loading Meterpreter on a Factory iPhone, Black Hat U...Vincenzo Iozzo
Charlie Miller and Vincenzo Iozzo presented techniques for post-exploitation on the iPhone 2 including:
1. Running arbitrary shellcode by overwriting memory protections and calling vm_protect to mark pages as read/write/executable.
2. Loading an unsigned dynamic library called Meterpreter by mapping it over an existing signed library, patching dyld to ignore code signing, and forcing unloaded of linked libraries.
3. Adding new functionality to Meterpreter, such as a module to vibrate and play a sound on the iPhone, demonstrating how payloads can be extended once loaded into memory.
[CCC-28c3] Post Memory Corruption Memory AnalysisMoabi.com
The document summarizes the Post Memory Corruption Memory Analysis (PMCMA) tool. PMCMA allows finding and testing exploitation scenarios resulting from invalid memory accesses. It provides a roadmap to exploitation without generating exploit code. The tool analyzes programs after crashes to overwrite memory locations in forked processes and test impact on execution flow.
This document discusses secure coding practices related to timing attacks, random number generation, and string security. It provides examples of vulnerabilities in Java timing attacks, OpenSSL and .NET random number generation, and recommendations for using cryptographically secure random number generators and constant time comparisons to mitigate timing attacks.
Pragmatic Optimization in Modern Programming - Demystifying the CompilerMarina Kolpakova
This document discusses compiler optimizations. It begins with an outline of topics including compilation trajectory, intermediate languages, optimization levels, and optimization techniques. It then provides more details on each phase of compilation, how compilers use intermediate representations to perform optimizations, and specific optimizations like common subexpression elimination, constant propagation, and instruction scheduling.
String Comparison Surprises: Did Postgres lose my data?Jeremy Schneider
Comparisons are fundamental to computing - and comparing strings is not nearly as straightforward as you might think. Come learn about the history, nuance and surprises of “putting words in order” that you never knew existed in computer science, and how that nuance impacts both general programming and SQL programming. Next, walk through a few actual scenarios and demonstrations using PostgreSQL as a user and administrator, which you can re-run yourself later for further study, including one way you could easily corrupt your self-managed PostgreSQL database if you aren't prepared. Finally we’ll dive into an explanation of the surprising behaviors we saw in PostgreSQL, and learn more about user and administrative features PostgreSQL provides related to localized string comparison.
This document presents two new approaches for reliable message processing in distributed streaming systems like Apache Storm:
1. A fingerprint-based approach that embeds a digest representing message context that is recursively passed down and updated.
2. A share-split approach that embeds a "share" with each message and splits the share at each component until the leaf where shares are reported.
It also discusses prototyping one approach by integrating it into Apache Storm and notes on the implementation.
Skiron - Experiments in CPU Design in DMithun Hunsur
This document discusses Skiron, an experimental CPU design project implemented in the D programming language. It provides an overview of Skiron, which simulates a RISC-inspired instruction set architecture. It describes the idioms and patterns used in D to define the instruction set and encoding in a way that is self-documenting and allows different parts of the software to stay in sync. It also discusses lessons learned, such as issues with delegates, as well as potential improvements to D's metaprogramming capabilities and standard library support for @nogc code. Realizing Skiron in hardware with an FPGA and making it self-hosting are presented as future goals.
This document provides an overview of programming for GPUs. It discusses how GPUs have many more cores than CPUs and are better suited for data-parallel work. The main challenges of GPU programming are different memory architectures, branch divergence, and complexity. It presents CUDA and OpenCL as common approaches for GPU programming and provides an example of a reduction kernel written in CUDA/OpenCL using shared memory and synchronization barriers between threads. Recent advances that help with GPU programming include kernel calls from the GPU, multi-GPU support, unified memory, task parallelism, better profilers, and C++ language support.
This document summarizes integrating the OpenNMS network monitoring platform with modern configuration management tools like Puppet. It discusses using Puppet to provision and automatically configure nodes in OpenNMS from Puppet's configuration data. The authors provide code for pulling node data from Puppet's REST API and generating an XML file for OpenNMS to import the nodes and their configuration. They also discuss opportunities to further improve the integration by developing a Java object model for Puppet's YAML output and filtering imports based on node attributes.
Hardware hacking hit the news quite often in 2017, and a lot of pentesters tried to jump into the band wagon and discover the joy of hacking things rather than servers or applications. But most of them are only looking for rootz shellz and p0wning embedded Linux operating systems rather than doing what we really call "hardware hacking". In this talk, we are going to hack a Bluetooth Low Energy smartlock, from its printed circuit board to a fully working exploit, as well as its (wait for it) associated mobile application you need to install to operate this thing.
This talk is not only an introduction into the field of hardware hacking, but also a good way to dive into electronics and its specific protocols, and of course into microcontrollers and System-on-chip reverse engineering. We will cover some electronics basic knowledge as well as tools and classic methodologies when it comes at analyzing an IoT device and will provide tips and tricks based on our experience but our failures too.
This document provides an overview of Asterisk, an open source IP PBX system, comparing it to Opensips and describing some of its key features and functions. Asterisk can be used as a SIP B2BUA, gateway to connect various protocols, and media server for tasks like IVR, music on hold, call parking, and transcoding. It has an easy to learn configuration but only supports IPv4 and UDP transport. The document also covers Asterisk configuration files, dialplan syntax, use of macros and variables, and the AstDB database.
The document discusses open source hardware and the open source nature of projects from SparkFun and .:oomlout:. Open source means designs, guides, code, and 3D models are freely available to download, reproduce, modify, and distribute under a Creative Commons license as long as credit is given and developments are shared in a similar open manner. The goal is to make physical things as accessible and fun to learn with as open source software has been.
Similar to Если нашлась одна ошибка — есть и другие. Один способ выявить «наследуемые» уязвимости (20)
Инструмент ChangelogBuilder для автоматической подготовки Release NotesPositive Hack Days
1. Основные понятия и определения: продукт, пакет, связи между ними.
2. Как узнать, какие изменения произошли в продукте?
3. Проблемы changelog и release note.
4. Решение: инструмент ChangelogBuilder для автоматической подготовки Release Notes
Как мы собираем проекты в выделенном окружении в Windows DockerPositive Hack Days
1. Обзор Windows Docker (кратко)
2. Как мы построили систему билда приложений в Docker (Visual Studio\Mongo\Posgresql\etc)
3. Примеры Dockerfile (выложенные на github)
4. Отличия процессов DockerWindows от DockerLinux (Долгий билд, баги, remote-регистр.)
Типовая сборка и деплой продуктов в Positive TechnologiesPositive Hack Days
1. Проблемы в построении CI процессов в компании
2. Структура типовой сборки
3. Пример реализации типовой сборки
4. Плюсы и минусы от использования типовой сборки
1. Что такое BI. Зачем он нужен.
2. Что такое Qlik View / Sense
3. Способ интеграции. Как это работает.
4. Метрики, KPI, планирование ресурсов команд, ретроспектива релиза продукта, тренды.
5. Подключение внешних источников данных (Excel, БД СКУД, переговорные комнаты).
Approof — статический анализатор кода для проверки веб-приложений на наличие уязвимых компонентов. В своей работе анализатор основывается на правилах, хранящих сигнатуры искомых компонентов. В докладе рассматривается базовая структура правила для Approof и процесс автоматизации его создания.
Задумывались ли вы когда-нибудь о том, как устроены современные механизмы защиты приложений? Какая теория стоит за реализацией WAF и SAST? Каковы пределы их возможностей? Насколько их можно подвинуть за счет более широкого взгляда на проблематику безопасности приложений?
На мастер-классе будут рассмотрены основные методы и алгоритмы двух основополагающих технологий защиты приложений — межсетевого экранирования уровня приложения и статического анализа кода. На примерах конкретных инструментов с открытым исходным кодом, разработанных специально для этого мастер-класса, будут рассмотрены проблемы, возникающие на пути у разработчиков средств защиты приложений, и возможные пути их решения, а также даны ответы на все упомянутые вопросы.
От экспериментального программирования к промышленному: путь длиной в 10 летPositive Hack Days
Разработка наукоемкого программного обеспечения отличается тем, что нет ни четкой постановки задачи, ни понимания, что получится в результате. Однако даже этом надо программировать то, что надо, и как надо. Докладчик расскажет о том, как ее команда успешно разработала и вывела в промышленную эксплуатацию несколько наукоемких продуктов, пройдя непростой путь от эксперимента, результатом которого был прототип, до промышленных версий, которые успешно продаются как на российском, так и на зарубежном рынках. Этот путь был насыщен сложностями и качественными управленческими решениями, которыми поделится докладчик
Уязвимое Android-приложение: N проверенных способов наступить на граблиPositive Hack Days
Немногие разработчики закладывают безопасность в архитектуру приложения на этапе проектирования. Часто для этого нет ни денег, ни времени. Еще меньше — понимания моделей нарушителя и моделей угроз. Защита приложения выходит на передний план, когда уязвимости начинают стоить денег. К этому времени приложение уже работает и внесение существенных изменений в код становится нелегкой задачей.
К счастью, разработчики тоже люди, и в коде разных приложений можно встретить однотипные недостатки. В докладе речь пойдет об опасных ошибках, которые чаще всего допускают разработчики Android-приложений. Затрагиваются особенности ОС Android, приводятся примеры реальных приложений и уязвимостей в них, описываются способы устранения.
Разработка любого софта так или иначе базируется на требованиях. Полный перечень составляют бизнес-цели приложения, различные ограничения и ожидания по качеству (их еще называют NFR). Требования к безопасности ПО относятся к последнему пункту. В ходе доклада будут рассматриваться появление этих требований, управление ими и выбор наиболее важных.
Отдельно будут освещены принципы построения архитектуры приложения, при наличии таких требований и без, и продемонстрировано, как современные (и хорошо известные) подходы к проектированию приложения помогают лучше строить архитектуру приложения для минимизации ландшафта угроз.
Доклад посвящен разработке корректного программного обеспечения с применением одного из видов статического анализа кода. Будут освещены вопросы применения подобных методов, их слабые стороны и ограничения, а также рассмотрены результаты, которые они могут дать. На конкретных примерах будет продемонстрировано, как выглядят разработка спецификаций для кода на языке Си и доказательство соответствия кода спецификациям.
The document discusses preventing attacks in ASP.NET Core. It provides an overview of topics like preventing open redirect attacks, cross-site request forgery (CSRF), cross-site scripting (XSS) attacks, using and architecture of cookies, data protection, session management, and content security policy (CSP). The speaker is an independent developer and consultant who will discuss built-in mechanisms in ASP.NET Core for addressing these security issues.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Project Management Semester Long Project - Acuityjpupo2018
Acuity is an innovative learning app designed to transform the way you engage with knowledge. Powered by AI technology, Acuity takes complex topics and distills them into concise, interactive summaries that are easy to read & understand. Whether you're exploring the depths of quantum mechanics or seeking insight into historical events, Acuity provides the key information you need without the burden of lengthy texts.
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology