|
OWASP_RoganDawes_AdvancedFeaturesofWebScarab.mp4 |
| OWASP Rogan Dawes Advanced Features of Web Scarab |
| Date: 2007-08-31 21:38:37 - Added by: Schneider |
| Views: 390 - Votes: 0 - Rating: 0 |
| |
|
OWASP Input Validation Error Hack Hacking |
| OWASP Input Validation Error Hack Hacking |
| Date: 2007-08-31 21:36:41 - Added by: Schneider |
| Views: 712 - Votes: 0 - Rating: 0 |
| |
|
OWASP_DanielCutbert_Evolution_WebAppPenTest.mp4 |
| OWASP Daniel Cutbert Evolution Web App Pen Test |
| Date: 2007-08-31 21:35:19 - Added by: Schneider |
| Views: 350 - Votes: 0 - Rating: 0 |
| |
|
VNC Security |
| How to deploy UltraVNC with encryption and Windows authentication. I also ramble a bit on why it's a good idea to do this if you are in an untrusted environment |
| Date: 2007-08-31 21:31:42 - Added by: Schneider |
| Views: 1397 - Votes: 0 - Rating: 0 |
| |
|
Team Xbox-Linux at 22C3 |
| Video of the presentation by the Xbox-Linux Team at the 22nd Chaos Communication Congress in December 2005. There's a full presentation of the Xbox security (both software and hardware: the '17 mistakes' by Microsoft) and some early look into the Xbox 360 secutiry. |
| Date: 2007-08-31 21:30:51 - Added by: Schneider |
| Views: 295 - Votes: 0 - Rating: 0 |
| |
|
Shmoo1850 - Hank Leininger & Klayton Monroe - Homegrown Crypto Taking A Shiv |
| Recorded at the www.ShmooCon.org HACKING AND COMPUTER SECURITY CONFERENCE, March 23, 2007 in Washington, D.C. Content produced by www.MediaArchives.com --- HOME-GROWN CRYPTO (AKA TAKING SHIV TO A GUN FIGHT), with Hank Leininger and Klayton Monroe. From the perspective of application and infrastructure security assurance testing, this technical presentation takes attendees through a range of case studies that illustrate the all too common problem of using home grown crypto. Each of the case studies examines the logic that led the developers to use flawed crypto; how the flaw was detected, screenshots of the flaws, and the impact to the system it served. The case studies range from traditional financial services applications to the unique challenges posed by mobile applications as follows: Obfuscation Gone Bad, Keys? We Don't Need No Stinking Keys, We Dont Need Logic, Weve Got Crypto!, No Worries, We are using 3DES, We Have Both Kinds: AES and XOR, The House Always Loses? Can't Crack SSL? Just Talk Plaintext!, Take My Data. Please and Mobile Application Security-A Target Rich Environment. The presentation also introduces the concept of Session ID pre-hash analysis based on research done by Klayton Monroe. Klayton has over 12 years of experience in network security, computer forensics, incident response, reverse engineering, software development, and training. He is the developer of numerous security tools including FTimes, HashDig, and WebJob. In 2006, he helped win the Digital Forensic Research Workshop (DFRWS) 2006 File Carving Challenge. Prior to founding KoreLogic, he worked as a security engineer at META Security Group, Cable & Wireless, Exodus Communications, Arca Systems, and the National Security Agency. Hank is a KoreLogic founder and has over 10 years of experience in network security, Linux security, incident response, security assessments, and penetration testing. He is a author of numerous Dragon IDS signatures and manages http://marc.theaimsgroup.com - a respected security mailing archive. Prior to founding KoreLogic, he worked as a security engineer at META Security Group, and the Securities and Exchange Commission (SEC). 18509 0 |
| Date: 2007-08-31 21:30:26 - Added by: Schneider |
| Views: 190 - Votes: 0 - Rating: 0 |
| |
|
Deconstructing The Xbox Security System |
| Google Tech Talks |
| Date: 2007-08-31 21:27:59 - Added by: Schneider |
| Views: 296 - Votes: 0 - Rating: 0 |
| |
|
DSD: A Hybrid Analysis Tool for Bug Finding |
| Google TechTalks |
| Date: 2007-08-31 21:25:02 - Added by: Schneider |
| Views: 191 - Votes: 0 - Rating: 0 |
| |
|
Using Static Analysis For Software Defect Detection |
| Google TechTalks |
| Date: 2007-08-31 21:24:33 - Added by: Schneider |
| Views: 228 - Votes: 0 - Rating: 0 |
| |
|
Elkhound, Elsa and Cqual++: Open-Source Static Analysis for C++ |
| Google TechTalks |
| Date: 2007-08-31 21:24:17 - Added by: Schneider |
| Views: 180 - Votes: 1 - Rating: 3 |
| |
