First, I want to thank everyone that works so hard to make the Bsides conferences so great. Oaktree and I had the luxury of training at BsidesDE and BsidesDC and hope that our students come away with at least a little more than they came in with. We hope you enjoy our Powershell class. Powershell […]
Author Archives: raymond
Detect < Prevent
As a long time security practitioner, it has become second nature for me to look for and find things that buck the norm – basically to find things that go against proper procedures. First before I begin my little story, I must share that everything I do to “buck the norm” is done professionally and […]
New Service Offering – PHaaS
Phishing continues to be a burden for both the private and public sectors to deal with – attacks are ever evolving, becoming more complex and users continue to fall victim. Our clients have been looking for solutions to help them deal with phishing in a controlled manner that simulates real world attacks. To that end, […]
TEHC Is Moving
As many of you may know already The Ethical Hacker Club (TEHC) is moving. The training/etc has been kind enough to lend us their space but alas they are closing… well more accurately merging. They are merging with UMBC Training facilities (off of Columbia Gateway). The new space shall offer us a more formal area […]
BSides Charm
For those of you attending my BSides Charm training on Social Engineering you can download the labs and PPTs and the ICE-Hole tool below. Enjoy. Doc and PPT: BSides Charm Slides PDF Social Engineering_boss Lab PDF: Labs The Ice-Hole Tool: Ice-Hole 1.7 BlackHat Edition (2)
Net hunter on the 1+1
One of the latest projects I have been working on is playing with mobile hacking tools (Pwnieexpress’ Pwnpad and most recently Kali Nethunter) so you can see how happy I was that the oneplus one (awesome spec’d & hardware relatively cheap) is now supported by Nethunter. So off to eBay I went. With the newly […]
“Yes, all product lines are impacted.”
On Wednesday Anthem, formally Wellpoint, announced that they were the victims of a “very sophisticated external attack” affecting “all product lines”. The numbers aren’t clear yet but some estimates I have seen, on the Twitter buzz this has caused state the estimates could be as high as 80 million. Even half that is a huge […]
Derbycon 4 and 3
DerbyCon 4: I just submitted a talk for DerbyCon 4 “Pwnie up” Tools and scripts for PwnieExpress’ Pwnpad. Regardless, if accepted or not I have decided that my next release of PwnPack will be in conduction with DerbyCon. We (my interns and I) are making some significant changes to the install script, and introducing a […]
Heartbleed
I received an email from a friend of mine the other day asking if he should change his passwords in response to the all the news from Heartbleed he was hearing. Before I respond let’s take a closer look ate the vulnerability and the risk. For those of you that haven’t heard OpenSSL 1.0.1-1.0.1f has […]
Interns – Security R&D
I have the luxury of working at the local community college and while there I have met, and begun mentoring some great young minds. While they are still new to the information security environment they are full of ambition and drive to continuously learn. So, as a good mentor, I am opening up my site […]