mauvehed came down from Austin to give us an AHA! lesson and show us some physical security stuff. Sciatic demoed some TPM items in Windows I showed some ways to roll your own OTP system without Azure Rights Management (see: https://github.com/angelovescio/arms and http://theytookmyinterwebs.blogspot.com/2015/08/you-down-with-otp-you-know-me-how-to.html) Also, we moved the SAHA! schedule so pay attention to the dates […]

Thank you to the CSA group at UTSA for asking me to come and present. Here is a PDF of the slide deck SMT.

I know I’m slow…but that can be good in certain quests.  I would recommend the following to accomplish this challenge. Windows VM via Virtual Box or VM Player/Workstation Ollydbg or ImmunityDBG (IDA Free is an overkill) Favorite programming/scripting language (Python, Ruby, PHP, C#, whatever++) The challenge is to download this file > tini.dat < and make […]

Compilation/Debug Cheatsheet for Cygwin (put the NDK and SDK in your Cygwin home dir) Note for all: Additional include dirs, and libs may be required for compilation depending on the functionality you want to add for x86: client> g++.exe -fno-stack-protector -ggdb -static file.c -o file.exe client> gcc.exe -fno-stack-protector -ggdb -static file.c -o file.exe for x64: […]

David’s presentation on SCADA systems Scada Systems

Here’s Porter’s slides on Everrat, Malware cloud C2. EverRAT nullbnx – twitter nullbnx@bnxnet.com http://www.bnxnet.com/2013/04/15/malware-in-the-clouds-everrat/

Nick’s presentation on flashing chips with RaPi over SPI RaPi Flashing

From Scriptjunkie – summary of the red team activity and observations from SWCCDC: SWCCDC Red Team 2013 Twitter: @scriptjunkie1 Website: Scriptjunkie’s site