Our Blog
Break the Web at BlackHat Singapore
Web application security training in 2015?
It’s a valid question we get asked sometimes. With the amount of books available on the subject, the tools that seemingly automate the process coupled with the fact that findings bugs in web apps should be harder now that frameworks and developers are more likely to produce secure code, is there a need to still train people up in the art of application exploitation?
SensePost Training
Over those years, we’ve trained thousands of students in the art of offensive and defensive security through our Hacking by Numbers courses.
Our courses are taken directly from the work we do. When we compromise networks, or applications with new techniques, they’re turned into modules in the appropriate course. We also don’t use trainers; every course is given by one of our analysts to keep it authentic.
For our fifteenth year, we’ve decided it was time to retire the ‘Hacking by Numbers’ name and just call it was it really always has been: SensePost Training.
Improvements in Rogue AP attacks – MANA 1/2
At Defcon 22 we presented several improvements in wifi rogue access point attacks. We entitled the talk “Manna from heaven” and released the MANA toolkit. I’ll be doing two blog entries. The first will describe the improvements made at a wifi layer, and the second will cover the network credential interception stuff. If you just want the goodies, you can get them at the end of this entry for the price of scrolling down.
Commercial Snoopy Launch! [ ShadowLightly ]
Hello world!
We’ve been busy squireling away on a much requested project – a commercial Snoopy offering. We’ve called it ShadowLightly, and we’d like to invite you to join the beta explorer program. We’re going to offer ten 3-month trials to the site (you’d need to buy sensors / build your own), and in return we’d ask that you help us debug any issues. To apply, please email explorer@shadowlightly.com – introduce yourself, and tell us a little about why you’d like to join the program.
Demonstrating ClickJacking with Jack
Jack is a tool I created to help build Clickjacking PoC’s. It uses basic HTML and Javascript and can be found on github, https://github.com/sensepost/Jack
To use Jack, load Jack’s HTML,CSS and JS files using the method of your choice and navigate to Jack’s index.html.
Jack comes with three additional pages; sandbox.html, targetLogin.html and targetRead.html. targetRead.html can be used to demonstrate Clickjacking that reads values from a page and sandbox.html is used to display the Clickjacking demonstration. Jack by default loads the “Read” html page with default CSS and Styles.
DefCon 22 – Practical Aerial Hacking & Surveillance
Hello from Las Vegas! Yesterday (ed: uh, last week, my bad) I gave a talk at DefCon 22 entitled ‘Practical Aerial Hacking & Surveillance‘. If you missed the talk the slides are available here. Also, I’m releasing a paper I wrote as part of the talk entitled ‘Digital Terrestrial Tracking: The Future of Surveillance‘, click here to download it.
Whiskey shot!
The Snoopy code is available on our GitHub account, and you can join the mailing list here. Also, congratulations to @AmandersLPD for winning our #SnoopySensor competition! You can see the output of our *amazing* PRNG in action below: I’ll update this post to point to the DefCon video once they’re released. In the meantime, the specifications of my custom quadcopter I had on stage are below:
SensePost partners with Paterva to offer improved security intelligence
We’ve been big fans of Maltego and the team at Paterva for a very long time now, and we frequently use this powerful tool for all kinds of fun and interesting stuff, like
Using Maltego to explore threat & vulnerability data; Snoopy: A distributed tracking and profiling framework, ‘Scraping’ time servers; Using Maltego to Data Mine Twitter; and even an analyse on the Use of Social Media by ISIS. We go way back with Andrew and Roelof, who was in fact a founder of SensePost, so today we’re super excited to be able to announce a new, strengthened partnership with them under which we have been accredited as an Approved Maltego Solutions Provider. Basically this means the that with Paterva’s help we plan to use the powerful Maltego toolset to become better at our job – that is to provide information and information systems to our customer with which they can make sound security decisions. Here’s the official news:
The SensePost Academy: Wrecking Balls
There is a serious skills shortage in our industry. There are just not enough skilled hackers out there to fill all the open positions. In November of last year, I proposed a new approach for us at SensePost to address these concerns. I looked at what we could do as a company to ensure the next generation of hackers were being educated correctly (no, it’s not about how you use a tool) and moulded into what we, at SensePost, perceive to be good penetration testers.
SensePost Challenge – Winners and Walkthrough
We recently ran our Black Hat challenge where the ultimate prize was a seat on one of our training courses at Black Hat this year. This would allow the winner to attend any one of the following:
BlackOps – Our intermediate pentesting course Infrastructure Bootcamp – Introduction to pwning over the Internet Mobile Bootcamp – Introduction to mobile hacking Web Application Bootcamp – Introduction to web app hacking The challenge was extremely well received and we received 6 successful entries and numerous other attempts. All the solutions were really awesome and we saw unique attacks, with the first three entrants all solving the challenge in a different way.
Hacking Challenge: Drive a tank through it
At SensePost we get to enjoy some challenging assessments and do pretty epic things. Some days it feels like the only thing that could make it better would be driving tanks while doing it. The best hacks normally make their way into our training courses as practical exercises where students get to replicate (and improve on) these hacks. However, we know that there isn’t always room for all the epicness and unfortunately not everyone can attend the training. So we put some into a challenge for you. We’ve taken a few recent hacks and rolled them into one challenge, can you crack it?