You Can’t Program Your Friends (part 1)

I recently ramped up my spam filters for my email client. Since I work in IT security, it’s pretty important that I don’t become the point of origin for any malware snaking its way through the organizations for which I work. “Inadvertently infected clients with the malicious software I was supposed to protect them against” […]

BSidesDE/DC 2016

First, I want to thank everyone that works so hard to make the Bsides conferences so great. Oaktree and I had the luxury of training at BsidesDE and BsidesDC and hope that our students come away with at least a little more than they came in with. We hope you enjoy our Powershell class. Powershell […]

Detect < Prevent

As a long time security practitioner, it has become second nature for me to look for and find things that buck the norm – basically to find things that go against proper procedures. First before I begin my little story, I must share that everything I do to “buck the norm” is done professionally and […]

TEHC Is Moving

As many of you may know already The Ethical Hacker Club (TEHC) is moving.  The training/etc has been kind enough to lend us their space but alas they are closing… well more accurately merging. They are merging with UMBC Training facilities (off of Columbia Gateway). The new space shall offer us a more formal area […]

BSides Charm

For those of you attending my BSides Charm training on Social Engineering you can download the labs and PPTs and the ICE-Hole tool below. Enjoy.   Doc and PPT: BSides Charm Slides PDF  Social Engineering_boss Lab PDF: Labs The Ice-Hole Tool: Ice-Hole 1.7 BlackHat Edition (2)

Net hunter on the 1+1

One of the latest projects I have been working on is playing with mobile hacking tools (Pwnieexpress’ Pwnpad and most recently Kali Nethunter) so you can see how happy I was that the oneplus one (awesome spec’d & hardware relatively cheap) is now supported by Nethunter. So off to eBay I went. With the newly […]

Derbycon 4 and 3

DerbyCon 4: I just submitted a talk for DerbyCon 4 “Pwnie up” Tools and scripts for PwnieExpress’ Pwnpad. Regardless, if accepted or not I have decided that my next release of PwnPack will be in conduction with DerbyCon. We (my interns and I) are making some significant changes to the install script, and introducing a […]


I received an email from a friend of mine the other day asking if he should change his passwords in response to the all the news from Heartbleed he was hearing. Before I respond let’s take a closer look ate the vulnerability and the risk. For those of you that haven’t heard OpenSSL 1.0.1-1.0.1f has […]

University of Maryland falls victim to data breach

In news today it has come to light that University of Maryland has fallen victim to a database breach of over 300,000 records, dating back to 1998. UMB President Wallace Loh was informed by Brian Voss, the VP of IT at the university. “A specific database of records maintained by our IT Division was breached […]

Just how far is the NSA’s reach?

On Monday, December 30th of 2013 Jacob Applebaum gave a presentation in to a conference in Germany where he described, in his words, “wrist slitting depression” details of just how far the NSA has extended its reach over the past years. The video is a little over an hour and length but I would suggest […]