«
Expand/Collapse
19 items tagged "open source tool"
Related tags:
tar gz [+],
tar [+],
source [+],
tool [+],
scanner [+],
scada protocols [+],
read [+],
password hashes [+],
offline [+],
hacks [+],
forensic community [+],
directory [+],
code [+],
author [+],
wong onn [+],
web [+],
user [+],
usa [+],
u.s. [+],
travis goodspeed [+],
tom brennan [+],
text password [+],
south korea [+],
showcase examples [+],
service [+],
security [+],
scada systems [+],
scada [+],
ryan c. barnett [+],
router [+],
programming microcontrollers [+],
plasma cutter [+],
packet [+],
open workbench [+],
neat tool [+],
mike calvino [+],
logic analyzers [+],
logic [+],
keimpx [+],
hard [+],
hacking [+],
goodfet [+],
dos [+],
debugger [+],
ddos attacks [+],
ddos [+],
darknet [+],
combination [+],
cnc [+],
christian weichel [+],
chaos communication congress [+],
axis cnc router [+],
analyzer [+],
abu dhabi [+],
Tools [+],
Countermeasures [+],
ruby [+],
iscanner [+],
free open source [+]
-
-
![Permalink for '[Slides] SCADA Security - Why Is It So Hard?'](/themes/lilina/web//media/mark_off.gif)
12:54
»
SecDocs
Authors:
Amol Sarwate Tags:
SCADA Event:
Black Hat Abu Dhabi 2011 Abstract: This talk will present technical security challenges faced by organizations that have SCADA or control systems installations. The presentation will take a packet level dive into SCADA protocols and provide examples of attacks . It will also showcase examples of security controls for attack mitigation and introduce a new open-source tool to help identify and inventory SCADA systems.
-
12:53
»
SecDocs
Authors:
Amol Sarwate Tags:
SCADA Event:
Black Hat Abu Dhabi 2011 Abstract: This talk will present technical security challenges faced by organizations that have SCADA or control systems installations. The presentation will take a packet level dive into SCADA protocols and provide examples of attacks . It will also showcase examples of security controls for attack mitigation and introduce a new open-source tool to help identify and inventory SCADA systems.
-
-
17:04
»
Packet Storm Security Recent Files
Whitepaper called Active Directory Offline Hash Dump and Forensic Analysis. The author participated in a project where it was required to extract the password hashes from an offline NTDS.DIT file. After searching the Internet for an available tool, the author found that there was no open source tool. Because of that the author decided to research the internals of password encryption and storage of Active Directory and create a tool for the forensic community.
-
17:04
»
Packet Storm Security Misc. Files
Whitepaper called Active Directory Offline Hash Dump and Forensic Analysis. The author participated in a project where it was required to extract the password hashes from an offline NTDS.DIT file. After searching the Internet for an available tool, the author found that there was no open source tool. Because of that the author decided to research the internals of password encryption and storage of Active Directory and create a tool for the forensic community.
-
-
15:16
»
SecDocs
Authors:
Ryan C. Barnett Tom Brennan Tags:
DDoS DoS Event:
Black Hat DC 2011 Abstract: Denial-Of-Service is an attempt to make a computer resource unavailable to its intended users and is not new. In recent history April 2009, government and financial sites in the U.S. and South Korea were attacked by DDOS and were brought offline for days. This incident followed the Georgian DDOS attacks in 2008 and Estonian DDOS attacks in 2007. Common attack methods include systems infected with malware that are controlled and all connect to the target host at the same time using Layer 4 (Transport) which are already addressed by anti-DDOS solutions when employed. In 2009 a lethal form of Layer 7 (Application) attack techniques were being examined by Wong Onn Chee of OWASP Foundation Singapore and in 2010 together with Tom Brennan of OWASP Foundation presented the findings publicly for the first time with code samples. Tom Brennan will walk through the history and details of how this lethal HTTP POST DOS technique works, interesting findings in the protocol and the challenges in defending critical infrastructure against targeted attacks and demonstrate and release his open-source tool that can be used to test your own production systems -- or render others useless with the touch of a button from a single laptop.
-
-
14:08
»
Hack a Day
This 5-axis CNC router could soon be an open source tool. [Mike Calvino] built it for the School of Architecture at the University of Arkansas. It can be used as a router or as a plasma cutter/welder. Now he’s trying to raise some money that will underwrite his time and effort to develop and release instructions, design [...]
-
-
19:01
»
Packet Storm Security Tools
iScanner is a free open source tool written in Ruby that lets you detect and remove malicious code from webpages. iScanner will not only show you the infected files in your server but it is also able to clean these files by removing the malware code ONLY from the infected files.
-
19:01
»
Packet Storm Security Recent Files
iScanner is a free open source tool written in Ruby that lets you detect and remove malicious code from webpages. iScanner will not only show you the infected files in your server but it is also able to clean these files by removing the malware code ONLY from the infected files.
-
-
11:10
»
Hack a Day
[Christian Weichel] has been hard at work developing LogicAnalyzer, an open source tool that may interest you. It is designed with SUMP Logic Analyzers in mind but a main goal is expandability. What this means is that it plays nicely with things like the Open Workbench Logic Sniffer or you can do a bit of [...]
-
-
21:08
»
SecDocs
Authors:
Travis Goodspeed Tags:
debugger debugging embedded Event:
Chaos Communication Congress 26th (26C3) 2009 Abstract: The GoodFET is an open source tool for programming microcontrollers and memories by SPI, I2C, JTAG, and a slew of vendor-proprietary protocols. In this lecture, the design of the GoodFET will be explained in detail, and various semi-proprietary protocols will be discussed in depth. Leading toward the future, methods of packet sniffing proprietary protocols will be discussed. Finally, the BadFET – a voltage glitching variant of the GoodFET – will be introduced. This lecture begins with a brief introduction to microcontroller debugging devices, along with packet captures of each. These include asynchronous serial (UART bootloaders), synchronous serial protocols (AVR ISP, Chipcon), and JTAG (MSP430, ARM). After these have been introduced, the talk continues by showing packet captures of each as implemented on the GoodFET. Attention is also paid to the security vulnerabilities of each debugging protocol, its access controls, and methods of circumventing those access controls. The GoodFET is the device that I used to break Chipcon's line of Zigbee SoC devices for BlackHat USA.
OSVDB Vulnerabilities
Bugtraq
Penetration Testing
Carnal0wnage
The Exploitant