|
|
Colapse all |
Post message
PacSec 2008 CFP (Deadline Sept. 1, Conference Nov. 12/13) and BA-Con 2008 Speakers (Sept. 30/ Oct. 1) 2008-08-26 Dragos Ruiu (dr kyx net) CIAT 1.0 release 2008-08-13 Omar Herrera (oherrera prodigy net mx) I would like to announce the first release of the Cryptographic Implementations Analysis Toolkit (CIAT). This Toolkit is a compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable). I [ more ] [ reply ] ekoparty 2008 - [First Round of Selection] - [Argentina] 2008-08-12 ekoparty (no-reply ekoparty com ar) ekoparty 4th edition - www.ekoparty.com.ar Information Security | Insecurity Conference. October 2 and 3, 2008 Ciudad Autonoma de Buenos Aires - Argentina [*] What is the ekoparty? It's a one of a kind event in South America; an annual security conference held in Buenos Aires where security specia [ more ] [ reply ] Binary Analysis tool survey 2008-07-30 Sanjay R (2sanjayr gmail com) (1 replies) Hi List: I am starting a state-of-the-art survey in the field of code analysis (methods and tools) with focus on binary analysis, from security standpoint. In this regard, I need some input, from your experience and knowledge. I am basically looking for: 1. any existing article in the similar lines [ more ] [ reply ] BA-Con 2008 CFP - Buenos Aires, Sept. 30 / Oct. 1 (closes July 11 2008) 2008-06-27 Dragos Ruiu (dr kyx net) BA-Con 2008 CALL FOR PAPERS BUENOS AIRES, Argentina -- The first annual BA-Con applied technical security conference - where the eminent figures in the international and South American security industry will get together and share best practices and technology - will be held in Buen [ more ] [ reply ] EUSecWest CFP Closes April 14th (conf May 21/22 2008) 2008-04-10 Dragos Ruiu (dr kyx net) (We've moved the conference this year to the a club in Leicester Square in the heart of London and SoHo. We'll be putting speakers up across the square at the Radisson Edwardian Hampshire, but there are lots of hotels in the region there in the center of London for those who want to attend (the ve [ more ] [ reply ] CanSecWest 2008 CFP (deadline Nov 30, conf Mar 26-28) and PacSec Dojo's 2007-11-09 Dragos Ruiu (dr kyx net) I'd like to congratulate Adam Laurie for winning the second Powerbook from the Pwn_to_Own contest as the prize for the best speaker rated by the audience for his presentation on RFID at CanSecWest 2007. We will have a similar prize for the best speaker at CanSecWest 2008, prize TBD (but we promise i [ more ] [ reply ] Hacker Challenge 2007 2007-08-16 Hacker Challenge (challenge2007 hackerchallenge org) Hi, I'm not certain if this list is still active, but I thought that the following announcement might be of interest. Between now and August 27th at 14:00 GMT, we are accepting registrations to participate in the 2007 Hacker Challenge. The challenge is a part of our research into software sec [ more ] [ reply ] RE: Debugger Detection Functions 2007-05-24 Aleksander P. Czarnowski (aleksander czarnowski avet com pl) This is great example of very short and simple question which rises long and complex answer. First of all you need to dived debugger detection into 2 areas: user mode and kernel (ring0) ones. Secondly some tricks will not work on certain lines of systems - for example detection procedures will look [ more ] [ reply ] Debugger Detection Functions 2007-05-24 Gleyson Melo (gleysonmelo gmail com) (4 replies) Hi Everyone! Does anyone of you know what are the documented/undocumented ways to find if there's a debugger running your Windows program? I know about the IsDebuggerPresent API function, but I don't know about others. _______________________ Thanks a lot, Gleyson Melo www.codebunker.org [ more ] [ reply ] Rich ASCII string in PE Header 2007-03-09 Don Parker (dparker bridonsecurity com) Hello all, My question is as follows; Why is there the "Rich" ASCII string in the PE Header. It is not in every PE Header either. At first I thought this was added by the MS VS compiler but that is not the case. Also read that this was added by the linker, but wouldn't it then appear in all PE Hea [ more ] [ reply ] Driver circumventing checksum based tamper-resistance in user-space exes.. 2006-11-17 Vinay A. Mahadik (vamahadik fastmail fm) This is based on Shadow Walker(idea and code both)/"inverse-Pax" applied to user-space executables instead. Idea can be used to reverse ring3 executables that have self-checksums in place for tamper resistance. Basically, user-space exes can be code-patched arbitrarily - the exe's self-checksums do [ more ] [ reply ] RE: [Malware-track] Re: [General-discussion] Secure Science Corporation Malware Case Study 2006-11-16 Alex Eckelberry (AlexE sunbelt-software com) (1 replies) Really good piece btw. -----Original Message----- From: malware-track-bounces (at) mal-aware (dot) org [email concealed] [mailto:malware-track-bounces (at) mal-aware (dot) org [email concealed]] On Behalf Of Lance James Sent: Thursday, November 16, 2006 2:48 PM To: Jose Nazario Cc: Phish-Net; Malicious Activity Awareness &, Response Discussions; bina [ more ] [ reply ] Re: [Malware-track] Re: [General-discussion] Secure Science Corporation Malware Case Study 2006-11-18 Paul Laudanski (paul castlecops com) (1 replies) Re: [Malware-track] Re: [General-discussion] Secure ScienceCorporation Malware Case Study 2006-11-18 Paul Laudanski (paul castlecops com) Re: [General-discussion] Secure Science Corporation Malware Case Study 2006-11-16 Lance James (lancej securescience net) Jose Nazario wrote: > On Thu, 16 Nov 2006, Lance James wrote: > >> http://www.securescience.net/securescienceblog/malwarecasestudy.html > > PDF link yields a Tomcat 404 page: > > URL: > http://www.securescience.net/securescienceblog/Secure%20Science%20Corpor ation%20%28www.securescience.net%29%20a [ more ] [ reply ] Secure Science Corporation Malware Case Study 2006-11-16 Lance James (phishing securescience net) Hello all, Secure Science Corporation (www.securescience.net) and Michael Ligh of http://mnin.org put together a paper on an interesting piece of malware. We include a removal kit, snort signatures, and source code and decryptor are available by request. More info and the paper can be found at: h [ more ] [ reply ] Call for papers: ARES 2007 submission deadline approaches in 2 weeks: 19-11-2006 2006-11-07 Manh Tho (manhthovn gmail com) ELF parsing without a Section Header 2006-11-06 Chris (em386x gmail com) Hello, Im new to this list. I maintain a blog at http://em386.blogspot.com It mostly focuses on malware analysis on unix. The most recent post is a short introduction to analyzing ELF objects with a (s)stripped section header. The post contains some code ( http://em386x.googlepages.com/phdr_syms.c. [ more ] [ reply ] UPacked malware samples request 2006-10-20 Don Parker (dparker bridonsecurity com) (1 replies) Dynamic decryption procedures in malware 2006-09-24 Omar Herrera (oherrera prodigy net mx) I wrote a paper on dynamic decryption procedures in malicious software which can be found here: http://www.seguritos.org/phpnuke/DESCARGAS/DDP%20in%20Malware-OAHR.pdf Although the use of these techniques might prevent traditional computer viruses and worms from spreading, they seem particularly u [ more ] [ reply ] Echo Mirage: A Generic Win32 Network Communications Proxy 2006-09-23 Dave (dave bindshell net) http://www.bindshell.net/echomirage Echo Mirage is a generic network proxy. It uses DLL injection and function hooking to redirect network related function calls so that data transmitted and received by local applications can be observed and modified. Think of it as Odysseus (or Burp, if you prefe [ more ] [ reply ] |
|
Privacy Statement |
Speaker list and Dojos for BA-Con, September 30, October 1st.
(all presentations in both Spanish and English)
Presentations:
WPA/WPA2: how long is it gonna make it - Cédric Blancher & Simon Maréchal,
EADS & SGDN
Security Concerns
[ more ] [ reply ]