Podcasts about sensepost

This isn't the normal weekly news episode of the show, if you're looking for the regular weekly Risky Business podcast, scroll one back in your podcast feed. This is a Soap Box edition, a wholly sponsored podcast brought to you in this instance by Thinkst Canary. For those who don't know, Thinkst makes hardware and virtual honeypots you can put on your network or into your cloud environments – they'll start chirping if an attacker interacts with them. They're a low cost and extremely effective detection tool. But you might not know that Thinkst also operates canarytokens.org where you can go set up a bunch of honeytokens for free. Hundreds of thousands of people are using canarytokens.org, but Thinkst doesn't charge anything for it, it's free to use. They'll even give you a docker container of the whole thing so you can run it yourself. Our guest today is Thinkst's founder and infosec legend Haroon Meer. He spent a chunk of his career at the South African security consultancy SensePost before founding Thinkst Applied Research and eventually launching Canary.Tools. In this interview we talk about what the industry is getting wrong, supply chain security, effective detections and more. But I started off by asking him why Thinkst hasn't tried to monetise canarytokens.org given how many people use it.

In this episode, we catch up with Charl van der Walt (@charlvdwalt), Head Of Security Research at Orange Cyberdefense and one of the original founders of SensePost. We talk through the origins of how SensePost got started, what it was like to build a business over 20 plus years and eventually sell and become part of a much larger company. Charl also spoke about a personal topic he is driving around gettings organisations to think differently in their approach to gender diversity.

This is a sponsored podcast. Today we’re chatting with a very special guest, Haroon Meer. Haroon is the founder of Thinkst Canary. Some call it a deception company, but he doesn’t, as you’ll hear. He says Canary is a detection company and the distinction is important. In this interview we talk about where Canary came from and recap the last 20 years of Haroon’s security career. We go all the way back to his Sensepost days in 2001, right through to him working for actual royalty in Doha, with a brief detour through him creating an anonymous whistleblower platform for a major broadcaster. You may have heard of Haroon and not known why. This podcast explains why.

Red team versus blue team. All should become a purple team!! Searching for a way around the rockstar mentality all too common within the infosec industry, as the proposal to build a team of teams is announced. Deception technology mixed with an actual true cost analysis of threat intelligence lending questionable returns. The roller coaster of topics reaches a pinnacle with a reflection on being allocentric within the security industry versus viewing security solely through the lens of industry growth. Topics include: * Charl shares his history, growth, and maturity within the industry. * Red team vs. blue team, and how everyone should be a purple team. * Deception technology, honeypots, forensics, and storytelling with data. * Getting around the rockstar mentality within infosec, and teamwork produces a higher ROI. * Demystifying the value of threat intelligence. Notable Quotes: "Think about what you do as something that matters and approach it in that way and the rest will follow." - Charl van der Walt Special shout outs to: * Haroon Meer (https://linkedin.com/in/haroonmeer) from Thinkst (https://www.thinkst.com) * Roelof Temmingh (https://linkedin.com/in/roeloftemmingh) from Vortimo (https://www.vortimo.com/). Special Guest: Charl van der Walt.

Jonathan Freedland compares cyber-attacks today with the Great Siege of Dover Castle in 1216 during which the French used new offensive techniques to try to seize the English throne. In 1216, Prince Louis of France's near-successful bid for the English throne climaxed in Dover, where his forces used a multitude of techniques in a major assault on the castle - including digging beneath the castle gate and use of the trebuchet to attempt to breach the walls. Jonathan draws on this medieval example to discuss cyber security in the 21st century context. Joining Jonathan at Dover Castle are medieval historian Marc Morris; General Sir Richard Barrons, former Commander Joint Forces Command, one of the six Chiefs of Staff leading the UK Armed Forces until April 2016; Kenneth Cukier of The Economist; and Sara Perez, ethical hacker at SensePost. Readings are by Hugh Simon who played MI5 Data Analyst Malcolm Wyn-Jones in the popular BBC TV series Spooks. Producer: Laurence Grissell.

Slides Here: https://defcon.org/images/defcon-22/dc-22-presentations/White-deVilliers/DEFCON-22-Dominic-White-Ian-de-Villiers-Manna-from-Heaven-Detailed-UPDATED.pdf Manna from Heaven: Improving the state of wireless rogue AP attacks Dominic White CTO, SENSEPOST Ian de Villiers SENIOR ANALYST, SENSEPOST The current state of theoretical attacks against wireless networks should allow this wireless world to be fully subverted for all but some edge cases. Devices can be fooled into connecting to spoofed networks, authentication to wireless networks can either be cracked or intercepted, and our ability to capture credentials at a network level has long been established. Often, the most significant protection users have are hitting the right button on an error message they rarely understand. Worse for the user, these attacks can be repeated per wireless network allowing an attacker to target the weakest link. This combination of vulnerable and heavily used communications should mean that an attacker needs just arrive at a location and setup for credentials and access to start dropping from the sky. However, the reality is far from this; karma attacks work poorly against modern devices, network authentication of the weakest sort defeats rogue APs and interception tools struggle to find useful details. This talk is the result of our efforts to bring rogue AP attacks into the modern age. The talk will provides details of our research into increasing the effectiveness of spoofing wireless networks, and the benefits of doing so (i.e. gaining access). It includes the release of a new rogue access point toolkit implementing this research. Dominic is the CTO of SensePost, an information security company based in South Africa and London. He has worked in the industry for 10 years. He is responsible for SensePost's wireless hacking course, Unplugged. He tweets as @singe. Ian de Villiers is a security analyst at SensePost. Coming from a development background, his areas of expertise are in application and web application assessments. Ian has spent considerable time researching application frameworks, and has published a number of advisories relating to portal platforms. He has also provided security training and spoken at security conferences internationally. Ian previously published numerous tools, such as reDuh http://research.sensepost.com/tools/web/reduh, but more recently, SapProxy http://research.sensepost.com/cms/resources/tools/servers/sapprox/44con_2011_release.pdf

Detta är det nionde intervjuavsnittet av Säkerhetspodcasten, i vilket Rikard ställer upp med en intervju från Hack In The Box Amsterdam 2014 med Dominic White (@singe) CTO på SensePost. De pratar om Dominics nya verktyg "Big Iron Recon and Pwnage" eller BIRP som kan användas för att granska stordatorapplikationer som använder TN3270 och vad man kan hitta på med det.

After leaving Sensepost, Haroon Meer set up Thinkst, an INFOSec research and consultancy organisation. To quote from the Thinkst site: Thinkst was founded to respond to the simple (but often repeated ) call in infosec today: We are not winning ...

Recorded on October 18, 2007 in the Paul's Security Weekly studios via Skype: This first part primarily covers some of the tools offered by Sensepost for free, what they do, and how to use them. Part II will cover the new tool they released called "Squeeza" and a very interesting discussion about penetration testing and web application security. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program and sign up for SEC535 - Embedded Device Hacking Today! Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want some cool Security Weekly Gear? Do you hack naked? Check out our Cafepress Store! Use the Backtrack Live CD for hacking? Want to learn more? Check out training from Offensive Security! Full Show Notes Hosts: Larry "Uncle Larry" Pesce, Paul Asadoorian Email: psw@securityweekly.com

Recorded on October 18, 2007 in the Paul's Security Weekly studios via Skype: This first part primarily covers some of the tools offered by Sensepost for free, what they do, and how to use them. Part II will cover the new tool they released called "Squeeza" and a very interesting discussion about penetration testing and web application security. Want to register for any SANS conference? Please visit http://www.securityweekly.com/sans/ for our referral program and sign up for SEC535 - Embedded Device Hacking Today! Sponsored by Core Security, listen for the new customer discount code at the end of the show Sponsored by Tenable Network Security, creators of Nessus and makers of the Tenable Security Center, software that extends the power of Nessus through sophisticated reporting, remediation workflow, IDS event correlation and much more. Want some cool Security Weekly Gear? Do you hack naked? Check out our Cafepress Store! Use the Backtrack Live CD for hacking? Want to learn more? Check out training from Offensive Security! Full Show Notes Hosts: Larry "Uncle Larry" Pesce, Paul Asadoorian Email: psw@securityweekly.com

"Until now network security defences have largely been about building walls and fences around the network. This talk revolves around spiking those walls & electrifying those fences! During this talk we will highlight techniques (and tools) that can be used to turn the tables on prospective attackers with passive-Strike-Back. We will explore the possibilities across the assesment spectrum responding to the standard assesment phases of Intelligence gathering, Reconnaissance & Attack with Disinformation, Misdirection, Camouflage, Obfuscation & Proportional Response. Charl van der Walt is a founder member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish."

"Until now network security defences have largely been about building walls and fences around the network. This talk revolves around spiking those walls & electrifying those fences! During this talk we will highlight techniques (and tools) that can be used to turn the tables on prospective attackers with passive-Strike-Back. We will explore the possibilities across the assesment spectrum responding to the standard assesment phases of Intelligence gathering, Reconnaissance & Attack with Disinformation, Misdirection, Camouflage, Obfuscation & Proportional Response. Charl van der Walt is a founder member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish."

During this presentation SensePost will discuss and demonstrate two pieces of new technology - the Suru WebProxy and the SP_LR Generic network proxy. The Suru web proxy is an inline web proxy (the likes of Paros, @stake webproxy and Webscarab) and offers the analyst unparalleled functionality. Are the days of the web proxy counted? Is there really room for another web proxy? Come to their presentation and see what happened when the guys at SensePost decided to develop a proxy with punch. SP_LR is a generic proxy framework that can be used for malware analysis, fuzzing or just the terminally curious. Its a tiny, generic proxy built on open-source tools with extensibility in mind at a low low price (GPL - Free as in beer). Both proxies serve distinct masters and will be valuable tools in any analysts arsenal.."

How far can automation be taken? How much intelligence can be embodied in code? How generic can automated IT security assessment tools really be? This presentation will attempt to show which areas of attacks lend themselves to automation and which aspects should best be left for manual human inspection and analyses. SensePost will provide the audience a glimpse of BiDiBLAH - an attempt to automate a focussed yet comprehensive assessment. The tool provides automation for: * Finding networks and targets * Fingerprinting targets * Discovering known vulnerabilities on the targets * Exploiting the vulnerabilities found * Reporting Roelof Temmingh is the Technical Director of SensePost where his primary function is that of external penetration specialist. Roelof is internationally recognized for his skills in the assessment of web servers. He has written various pieces of PERL code as proof of concept for known vulnerabilities, and coded the world-first anti-IDS web proxy "Pudding". He has spoken at many International Conferences and in the past year alone has been a keynote speaker at SummerCon (Holland) and a speaker at The Black Hat Briefings. Roelof drinks tea and smokes Camels. Haroon Meer is currently SensePost's Director of Development (and coffee drinking). He specializes in the research and development of new tools and techniques for network penetration and has released several tools, utilities and white-papers to the security community. He has been a guest speaker at many Security forums including the Black Hat Briefings. Haroon doesnt drink tea or smoke camels. Charl van der Walt is a founder member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish.

How far can automation be taken? How much intelligence can be embodied in code? How generic can automated IT security assessment tools really be? This presentation will attempt to show which areas of attacks lend themselves to automation and which aspects should best be left for manual human inspection and analyses. SensePost will provide the audience a glimpse of BiDiBLAH - an attempt to automate a focussed yet comprehensive assessment. The tool provides automation for: * Finding networks and targets * Fingerprinting targets * Discovering known vulnerabilities on the targets * Exploiting the vulnerabilities found * Reporting Roelof Temmingh is the Technical Director of SensePost where his primary function is that of external penetration specialist. Roelof is internationally recognized for his skills in the assessment of web servers. He has written various pieces of PERL code as proof of concept for known vulnerabilities, and coded the world-first anti-IDS web proxy "Pudding". He has spoken at many International Conferences and in the past year alone has been a keynote speaker at SummerCon (Holland) and a speaker at The Black Hat Briefings. Roelof drinks tea and smokes Camels. Haroon Meer is currently SensePost's Director of Development (and coffee drinking). He specializes in the research and development of new tools and techniques for network penetration and has released several tools, utilities and white-papers to the security community. He has been a guest speaker at many Security forums including the Black Hat Briefings. Haroon doesnt drink tea or smoke camels. Charl van der Walt is a founder member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish.

"During this presentation SensePost will discuss and demonstrate two pieces of new technology - the Suru WebProxy and the SP_LR Generic network proxy. The Suru web proxy is an inline web proxy (the likes of Paros, @stake webproxy and Webscarab) and offers the analyst unparalleled functionality. Are the days of the web proxy counted? Is there really room for another web proxy? Come to their presentation and see what happened when the guys at SensePost decided to develop a proxy with punch. SP_LR is a generic proxy framework that can be used for malware analysis, fuzzing or just the terminally curious. Its a tiny, generic proxy built on open-source tools with extensibility in mind at a low low price (GPL - Free as in beer). Both proxies serve distinct masters and will be valuable tools in any analysts arsenal.."

It's all about the timing... Timing attacks have been exploited in the wild for ages, with the famous TENEX memory paging timing attack dating back to January of 1972. In recent times timing attacks have largely been relegated to use only by cryptographers and cryptanalysts. In this presentation SensePost analysts will show that timing attacks are still very much alive and kicking on the Internet and fairly prevalent in web applications (if only we were looking for them). The talk will cover SensePost-aTime (our new SQL Injection tool that operates purely on timing differences to extract data from injectable sites behind draconian firewall rulesets), our new generic (timing aware) web brute-forcer and lots of new twists on old favorites. If you are doing testing today, and are not thinking a lot about timing, chances are you are missing attack vectors right beneath your stop-watch!

It's all about the timing... Timing attacks have been exploited in the wild for ages, with the famous TENEX memory paging timing attack dating back to January of 1972. In recent times timing attacks have largely been relegated to use only by cryptographers and cryptanalysts. In this presentation SensePost analysts will show that timing attacks are still very much alive and kicking on the Internet and fairly prevalent in web applications (if only we were looking for them). The talk will cover SensePost-aTime (our new SQL Injection tool that operates purely on timing differences to extract data from injectable sites behind draconian firewall rulesets), our new generic (timing aware) web brute-forcer and lots of new twists on old favorites. If you are doing testing today, and are not thinking a lot about timing, chances are you are missing attack vectors right beneath your stop-watch!