Blackhat
Sensepost Training in November
Our next scheduled training sessions have been planned for November. If you’re interested in attending, the dates and locations are: 1) HBN Bootcamp Edition 7-9th November, BlackHat Abu Dhabi ‘Hacking By Numbers – Bootcamp Edition‘ is our ‘introduction to hacking’ course. It is strongly method-based and emphasizes structure, approach and thinking over tools and tricks. The course is popular with beginners, who gain their first view into the world of…
Memcached talk update
Wow. At some point our talk hit HackerNews and then SlashDot after swirling around the Twitters for a few days. The attention is quite astounding given the relative lack of technical sexiness to this; explanations for the interest are welcome! We wanted to highlight a few points that didn’t make the slides but were mentioned in the talk: Bit.ly and GoWalla repaired the flaws extremely quickly, prior to the talk.…
BlackHat Write-up: go-derper and mining memcaches
[Update: Disclosure and other points discussed in a little more detail here.] At BlackHat USA last year we spoke about attacking cloud systems, while the thinking was broadly applicable, we focused on specific providers (overview). This year, we continued in the same vein except we focused on a particular piece of software used in numerous large-scale application including many cloud services. In the realm of “software that enables cloud services”,…
Go-derper: mining your memcacheds
Today at BlackHat USA 2010 we released a tool for manipulating memcached instances; we still need to write it up properly but here’s a link to the tool for the moment. tl;dr: if you find a memcached, you can dump the cache and manipulate entries in the cache.
SensePost’s Training @ Black Hat Vegas ’10 (win something)
After hearing our talk was accepted at BlackHat, we’re happy to announce that our training will be back for it’s 9th straight run. Speaking of a run, we’re going to be hosting the usual marathon of courses: cadet, bootcamp, combat, web 2.0. But, while the names remain, we’ve spent some time updating the material. In particular, bootcamp, combat & web 2.0 have been through the ringer. We’re hoping to get…
SensePost at BlackHat USA 2010
A brief update from South Africa on some recent talks as well as the upcoming BH USA: our talk proposal has been accepted for BH USA 2010 which makes it the ninth year running that SensePost is talking in Las Vegas. One more and we qualify for free milkshakes at the Peppermill. This year we’ll be discussing caching in large scale web apps and why exposing caches to the interwebs…
Prev
Page 5 of 5