Topics of Interest
- Application Protocol Fuzzing
- Cloud Computing and Virtualization
- Custom Applications and Attacks
- Cyber Warfare
- Data Center Planning and Consolidation
- DDoS and Botnet Simulation
- Deep Packet Inspection
- IPTV
- IPv4/IPv6
- Layer 2-7
- Network Traffic Generation
- Performance Testing
- Security Updates
- Server Load Testing
- VoIP
- 10/40/100 GigE
Devices
StrikePack 16508 Released
StrikePack 16508 is now available to BreakingPoint customers. This StrikePack adds nineteen new strikes covering nine new vulnerabilities.
StrikePack 16220 Released
StrikePack 16220 is now available to BreakingPoint customers. This release contains ten new strikes covering six new vulnerabilities.
ToorCon 9 and Context-keys
Late last night I returned from ToorCon 9 in San Diego. I was able to make it out on time without any objections from the raging fires, but others I know were not quite as lucky. Even though the conference was awesome and San Diego, as always, had beautiful weather, it's nice to be back in Austin. This year I spoke at ToorCon on the subject of context-keyed payload encoders. You can view both the slides and video at my personal website if you're so inclined. For an extensive review of ToorCon 9 and all of the talks I attended, please click-through to my personal blog.
Toorcon Wrap-Up
Now that all is said and done, Toorcon 9 was a smashing success! It was well stocked on great talks and good people and, of course, the after parties were wild fun.
There was a strong theme of automated exploitation this year. Three of the talks that I saw focused on the subject. First up is Jerome Athias, who impressed everyone with his presentation's 3D graphical cinema introduction and then impressed again with his toolkit (written in an IDE called WinDev) for writing exploit modules for the Metasploit Framework in only a minute or two.
Another great talk was given by Jason Medeiros. He started off describing his methodology for detecting different types of crashes and followed up with a cool demo. He had written "from scratch" a complete debugger and heap analyzer. His program took a custom fuzzer definition and a binary as input. A few moments later, his demo generated a C exploit for the stack overflow that his fuzzer had just found.
Then there's the talk given by Nathan Rittenhouse and Johnny Cache. Their talk was focused on Byakugan, a WinDbg plugin. Byakugan is filled with goodies, but the real show stopper was the 3d-accelerated heap visualization. Nathan also gave a demo of his new Ruby replacement for pydbg, which seems to be exactly what I have been looking for. This should be posted to http://noxusfiles.com/ soon. Thanks, Nathan!
StrikePack 15863 Released
StrikePack 15863 is now available to BreakingPoint customers. This release contains nine new strikes covering seven new vulnerabilities.
Tags: