HackDig : Dig high-quality web security articles for hacker

Grace Hopper Celebration (GHC) 2019 Recap

by Rachel Cipkins, Stevens Institute of Technology, Hoboken, NJ A few weeks ago I had the inspiring experience of attending the annual Grace Hopper Celebration (GHC), the world’s largest gathering of women in technology. Over four days in Orlando, Florida, GHC hosted a slew of workshops and presentations, plus a massive career fair with over 450 vendors (by
Publish At:2019-11-12 03:25 | Read:115 | Comments:0 | Tags:Conferences Internship Projects

QueryCon 2019: A Turning Point for osquery

Has it really been 3 months since Trail of Bits hosted QueryCon? We’ve had such a busy and productive summer that we nearly forgot to go back and reflect on the success of this event! On June 20-21, Trail of Bits partnered with Kolide and Carbon Back to host the 2nd annual QueryCon, at the Convene Old Slip Convention Center in downtown New York. We beat last
Publish At:2019-09-20 09:30 | Read:353 | Comments:0 | Tags:Conferences Engineering Practice osquery

BSidesSF CTF author writeup: genius

Hey all, This is going to be an author's writeup of the BSidesSF 2019 CTF challenge: genius! genius is probably my favourite challenge from the year, and I'm thrilled that it was solved by 6 teams! It was inspired by a few other challenges I wrote in the past, including Nibbler. You can grab the sourcecode, solution, and everything needed to run it yourself
Publish At:2019-09-19 17:55 | Read:388 | Comments:0 | Tags:Conferences CTFs Hacking Reverse Engineering

Some crypto challenges: Author writeup from BSidesSF CTF

Hey everybody, This is yet another author's writeup for BSidesSF CTF challenges! This one will focus on three crypto challenges I wrote: mainframe, mixer, and decrypto! mainframe - bad password reset .block1 { color: red; background-color: #3b3d37; border: 2px solid #17242b; margin: 2px; } .block2 { color: orange; background-color:
Publish At:2019-09-19 17:55 | Read:168 | Comments:0 | Tags:Conferences Crypto Passwords Tools

In BSidesSF CTF, calc.exe exploits you! (Author writeup of launchcode)

Hey everybody, In addition to genius, whose writeup I already posted, my other favourite challenge I wrote for BSidesSF CTF was called launchcode. This will be my third and final writeup for BSidesSF CTF for 2019, but you can see all the challenges and solutions on our Github releases page. This post will be more about how I developed this, since the solutio
Publish At:2019-09-19 17:55 | Read:381 | Comments:0 | Tags:Conferences Crypto Forensics Reverse Engineering exploit

Black Hat US 2019 / Some Talks

I’ve been at Black Hat Vegas last week and in the following I’ll shortly discuss some talks I’ve attended and which I found interesting. Gabriele Fisher & Luke Valenta: Monsters in the Middleboxes. Building Tools for Detecting HTTPS Interception This talk was about identifying if inbound HTTPS traffic reaching a server had been interce
Publish At:2019-09-19 17:15 | Read:331 | Comments:0 | Tags:Events Black Hat Conferences

Crypto 2019 Takeaways

This year’s IACR Crypto conference was an excellent blend of far-out theory and down-to-earth pragmatism. A major theme throughout the conference was the huge importance of getting basic cryptographic primitives right. Systems ranging from TLS servers and bitcoin wallets to state-of-the-art secure multiparty computation protocols were broken when one small s
Publish At:2019-09-19 16:00 | Read:172 | Comments:0 | Tags:Conferences Cryptography Paper Review

BSidesSF CTF wrap-up

Welcome! While this is technically a CTF writeup, like I frequently do, this one is going to be a bit backwards: this is for a CTF I ran, instead of one I played! I've gotta say, it's been a little while since I played in a CTF, but I had a really good time running the BSidesSF CTF! I just wanted to thank the other organizers - in alphabetical order - @bmenr
Publish At:2017-02-23 00:15 | Read:4222 | Comments:0 | Tags:Conferences CTFs

The Top 13 Information Security Conferences of 2017

2017 is finally here. You know what that means: another information security conference season is upon us. We couldn’t be more excited!Just like we did last year, we at The State of Security have assembled a list of the top 13 conferences in information security for 2017. We hope you’ll have the chance to attend at least one of these events this
Publish At:2017-01-11 12:55 | Read:4668 | Comments:0 | Tags:Off Topic Conferences CTF hacking Information Security pente

How to hunt for rare malware

At SAS 2017, on April 1st and 2nd on St. Maarten, Global Director of GReAT Costin Raiu and Principal Security Researchers Vitaly Kamluk and Sergey Mineev will provide YARA training for incident response specialists and malware researchers, who need an effective arsenal for finding malware. During the training, the experts will give participants access to som
Publish At:2017-01-09 21:30 | Read:6701 | Comments:0 | Tags:Blog Events APT Conferences TheSAS2017

Update from the chaos – 33c3 in Hamburg

Every year, the Chaos Communication Congress summons hackers from around the globe, this time again in Hamburg. The four days between Christmas and New year are packed with talks, workshops and events all over the location at the CCH. Large hackerspaces hosts groups and projects from all areas such as lock-picking, art, music, software projects of all kind a
Publish At:2016-12-29 10:37 | Read:3861 | Comments:0 | Tags:Blog Events Conferences Hackers

Black Hat 2016 Summary Part 2.1

A few months ago I had the oportunity to visit this year’s Black Hat in Las Vegas. Due to a few weeks of vacation following the conference here are my delayed 2 cents (part 1) Abusing Bleeding Edge Web Standards For AppSec Glory – Bryant Zadegan & Ryan Lester Slides Bryant and Ryan talked about new web standards which are already implemented in par
Publish At:2016-10-06 15:45 | Read:2635 | Comments:0 | Tags:Conferences Black Hat conferences

Attacking BaseStations @Defcon24

Hello Guys, back from my vacation I’d like to give you some impressions about Defcon 24 and our talk “Attacking BaseStations”. Defcon itself had a couple of great talks but was a very crowded location. Anyhow, we had a couple of great discussions with the people before and after our talk. The talk “Attacking BaseStations” focus
Publish At:2016-09-21 10:20 | Read:2453 | Comments:0 | Tags:Conferences Insecurity Uncategorized 4G Defcon eNB eNodeB LT

BSides LV 2016: Recap

Hey everyone, Just a short recap from my side regarding this year’s BSide in Las Vegas, NV. It was my first time there and I pretty much enjoyed it. After entering the venue on the first con day (Tuesday) I was a little bit shocked, as the staff sent me to the “end of the line just around the corner” – the end being many corners and m
Publish At:2016-09-19 21:45 | Read:1894 | Comments:0 | Tags:Conferences

SIGS DC Day

Today I had to give the pleasure to give a keynote at the SIGS DC Day on the need to evaluate Cloud Service Providers in a way that looks behind (or at least tries to) security whitepapers and certification reports. The slides can be found here. I also particularly enjoyed the following two talks: Sean O’Tool from Swisscom AG covered challenges of an i
Publish At:2016-09-16 20:35 | Read:3423 | Comments:0 | Tags:Conferences cloud

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud