A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Irongeek.com

            Welcome to Irongeek.com, Adrian Crenshaw's Information Security site (along with a bit about weightlifting and other things that strike my fancy).  As I write articles and tutorials I will be posting them here. If you would like to republish one of the articles from this site on your webpage or print journal please e-mail me. Enjoy the site and write us if you have any good ideas for articles or links.

Adrian

News/Change Log

07/10/2021

OISF 2021 Videos

These are the videos from the OISF Anniversary Event

Opening Remarks
OISF President

Inside the Mind of a Threat Actor: Beyond Pentesting
Phillip Wylie

I Got 99 Problems but a WAF ain't one
Micah Brown

Code Hedgehogs - Changing the "S" in SDLC to Secure
Penelope Rozhkova

A Look at Cellular Services in IoT technology
Deral Heiland

Chats, Cheats, and Cracks: Abuse of Collaboration Platforms in Malware Campaigns
Edmund Brumaghin

Lend me your IR's!
Matt Scheurer


Download from:
https://archive.org/details/oisf2021

06/20/2021

BSides Cleveland 2021 Videos
These are the videos from the Bsides Cleveland conference. Thanks to Rich,  as the video team. Thanks to twuntymcslore & RockieBrockway for being con mom & dad.

These are the first con recordings I've done in 1 year and 3 months. It seems something may have changed after some updates. These OBS videos have variable audio sync problems that are not a set number of milliseconds I could easily set the same sync settings to. I fixed them the best I could, but I've included the raw files if someone can figure a better way to fix variable sync delays. Contact me if you find a better way. Ministraitor (my European counterpart that does more cons than me) gave me some tips to fix future problems.

Intro
Rockie Brockway

I Don t Know
Snow

Computer Forensics Case Files
Tyler Hudak

Improving Cyber Security
Alex Kot

Lend Me You IRs
Matt Scheurer

Tale From The Audit
Justin Leapline

Table Top
Jeremy Mio

Vulnerability Disclosure Policies Hack Responsibly
MzBat

Pentest Stories
Justin Bollinger

Advisor Person
Rick Yocum

04/04/2020 Who's Your Hacker Con Webinar Series
Who's Your Hacker Con is putting on webinars leading up to the in person event. They are using my channel for promotion. The first webinar is an AMA with Jayson Steet. Video archives and future schedule of events can be found at:
https://www.whosyourhacker.com/webinars-free-cpes/
03/01/2020 BSides Tampa 2020 Videos
These are the videos from the BSides Tampa conference. Thanks to all of the BSides Crew for having me out to help record and render the videos. Special thanks to my video crew: Joshua, Patrick, Scott and Brett.

Attacking the data before the decision
Rhett Greenhagen

Turn down for RaaS: Seperating hype from reality in the ransomware as a service market
Allan Liska

Practical Crypto Review for Developers
David Dillard

RF for Red Team
David Switzer

A DevSec ops approach to bringing security beyond the security team
Julien Vehent

The Ethics of Data Collection
Vanessa Ferguson

Loosing our Reality: Understanding and combating the deep fake threat
Alyssa Miller

Network gravity: Exploiring a enterprise network
Casey Martin

OWASP SAMM
Hardik Parekh

Stopping Cyberboom: Mitiaging User error
Ira Winkler

Post-Quantum Cryptography for Dummies
Jeremy Rasmussen

Broken Arrow
Will Baggett

Breaking NBAD and UEBA detection
Charles Herring

How to ARM yourself
Derek Banks
Ralph May
Beau Bullock

Is that a WiFi sniffer in your pocket
Jacob Baines

Offensive Python for Pentesters
Joff Thyer and Mike Felch

Extracting an ELF from an ESP32
Nicholas Miles & Chris Lyne

HTTP Covert channel using only HTML/CSS
Thomas Slota & William York

11/18/2019

Louisville Infosec 2019 Videos
Below are the videos from the Louisville Infosec 2019 conference. Thanks to all the video volunteers for helping me record. Caleb, Richard, Harold and Andre.

Opening

Preventing Mobile Cuberattacks
James Traxel

Real World Zero Trust Implementation
Mark Loveless

Surviving the Modern Compliance Minefield
Harlen R. Compton, CISSP, Attorney at Law

Digital Transformation Means Security Transformation
Allyn Crowe

Ransowmare Recovery
Edward McCabe

Understanding Why Breaches Occur
John Survant & Don Wolfe

Building Your IAM Program from Start to Finish
Jerod Brennen

Common Observations from a Security Assessor
Corey Shell

A Gentle Introduction to Hacking Mainframes
Dan Helton

Taking the Next Steps in Cyber Security
Connie Matthews Reynolds

Weaponizing Statistics
Jeremy Druin and Erich Jackson

Keeping Your Head in the Clouds, But Your Feet on the Ground
Carl Alexander

The Escape Map: Pivoting to a New Life of InfoSec
Erich Jackson

Data Loss Prevention Demystified
Micah K Brown

Improv Comedy for Social Engineering
Dave Mattingly

11/10/2019 BSidesCT 2019 Video

These are the videos of the presentations from BSidesCT 2019. Thanks to Will Genovese, Tom Barber and Bill Reyor for having me out. Thanks to Greg Jurman, Spencer Smalley, Steven Swabby and Daniel Robels.

Opening
Roman Simanovich

Keynote
Brian Kelly

Event Injections: Sending Evil to the Cloud
Tal Melamed

Blue-teaming & Incident Response for the "Win"!
Roy Wattanasin

Election hacking defined, and how to fight back
Andy Dennis

Rethinking Privileged Access Management for Agile Clouds & Data Center Environments
Brian Gladstein (Audio missing after 40:50)

Reversing and Bypassing DRM/HSM Dongles
Jeremy Mill

Extensible DevSecOps pipelines with Jenkins, Docker, Terraform, and a kitchen sink full of scanners
Richard Bullington-McGuire (No audio after 36 min)

Vigilante: Bringing a nail bat to a gun fight
nobletrout

Trust and Security: The Odd Couple Driving Your Business
Loren Dealy Mahler

Wrangle Your Defense Using Offensive Tactics
Matt Dunn

Most Vulnerable Product: Easy to implement security solutions and strategies for the modern web application stack
Jason Portnoy

The Unmanaged Device Tsunami: Surf or Suffer?
Ziv Dines

Building Castles in the Cloud: AWS Security and Self-Assessment
Rami McCarthy

Zoom 0-Day: How not to handle a vulnerability report
Jonathan Leitschuh

Securing Active Directory & PAM for ADDS
Rohit D'Souza

Prizes and closing remarks
Roman Simanovich

10/26/2019 GrrCON 2019 Videos
These are the videos of the presentations from GrrCON 2019. Big thanks to P1nkN1ghtmare and EggDropX for having me out, and my video crew  (paint27, LizardSlack, BrettAHansen, and ZTC1980) for recording.

Keynote
Amanda 'Infosystir' Berlin

Baselining Behavior Tradecraft through Simulations
Dave Kenendy

I PWN thee, I PWN thee not!
Jayson Street

Automating Phishing Analysis
Kyle Eaton

Black Hats & White Collars : Bitcoin, Dark Nets and Insider Trading
Ken Westin

Ssshhhh
Atlas of Doom

How Nathan Crashed and Burned
Nathan Dragun

Reverse Engineering Malware for N00bs
GregB33f/James

Host-Hunting on a Budget
cyberGoatPsyOps

Keynote
Rachel "Soul Crusher86" G

Cons & Careers
SciaticNerd

Hacking the Boardroom: How to communicate effectively to get your budget
Ryan Wisniewski

The Science of Breaking and Entering
Alissa dnsprincess

Hashes; Smothered and Scattered: Modern Password Cracking as a Methodology
Lee Wangenheim & Joshua Platz

Big Plane, Little Plane: How common aviation attacks affect airlines and general aviation
Phil Polstra

PSD2, SCA, WTF?!
Kelley Robinson

Nerding out with machine data
Nick Maier

The Past, Present & Future of Cyber Threats
Chris Russell

Symbolically executing a fuzzy tyrant
Lojikil

A Theme of Fear: Hacking the Paradigm
Catherine Ullman

Q&A on our industry and other things that are top of mind
Chris Roberts

How to Make a Honeypot Stickier (SSH*)
Jose Hernandez

Data Access Rights Exploits under New Privacy Laws
Amber Welch

Data Security: How to avoid an embarrassing breach
Matt "mattrix" Hoy

MSSPs are great...and other lies I tell myself
Scott Thomas

Devaluing Cloud Breaches while Gaining Safe Harbor
Eric Wolff

Good Cyber Hygiene and using analytics to drive the need for it on Print
David Rose

Varna: Custom, robust AWS monitoring for cents a day using EQL
Adam Ringwood

A Day in the Life of a Security Operations Center: What do you get when you partner with cybersecurity experts?
Milan Patel

Malicious Cryptomining is Exploding: Are you at risk?
John Fatten

Dance, Fancybear, Dance: a study in macOS
Cat Self

The Spider Economy: Emotet, Dridex, and TrickBot, Oh My
Adam Hogan

Cloudy with a chance of SecOps
Ricardo Lafosse & Matthew Speakman

Destroy Everything
Tom Somerville

Surfing and Security - Ride the wave
Chris Burrows

The Importance of IT Asset Visibility
Brian Berk

From Idea to Badge: Getting Started & Finished with badge making
Dave Schwartzberg

CyberCrime Trends of 2019: A Look Into Cybercrime, Nation State and Ransomware Monetization Activities
Jared Phipps

Using Next Generation Fuzzing Tools: Fixing Bugs and Writing Memory Corruption Exploits
Dr. Jared DeMott & John Stigerwalt

What Are We Doing Here? Rethinking Security
Jeff Man

How Hackers Evade Your AI-enabled Endpoint Detection Tools
Dan Allen

Hillbilly Storytime - Pentest Fails
Adam Compton

Want to Play a Game..
John DeRyke

The Hacker Hippocampus: Meet your brain on games
Chloe Messdaghi

Departing Employees = Departing Data
Todd Thorsen

Beginner's Guide to Mobile Applications Penetration Testing
Whitney Phillips

Understanding how public places introduce additional risks to business travelers & how the tools used by hackers continue to evolve
Len Noe

Million Dollar Malware: Using the Viper Framework to Investigate and Track Ryuk's Success
Colin Cowie

The Importance of Relevant, Timely, and Qualitative Intelligence Analysis
Aamil AK

Deepfakes: If anything can be real then nothing is real
April C Wright

Network exploitation of IoT ecosystems
Fotios (ithilgore) Chantzis

09/22/2019 BSidesSTL 2019 Videos
These are the videos of the presentations from BSidesSTL 2019. Big thanks to my video jockeys @Mayer302 and @l00tation and the video crew Mike and Bob.

BSidesSTL 2019 Opening

Hacking is Dead - Long Live Hacking
Michael Collins

pyews: A cross platform python package to interact with Exchange Web Services
Josh Rickard

Don't Hate - Remediate
Brandon Wunderle

The 2019 Data Breach Investigations Report. From a DBIR author
Gabriel Bassett

Opening the door to InfoSec
Alexis Womble

Everything I Need to Know About Infosec I Learned from Gambling
Cliff Smith

Judo Threat Intelligence
Frank Angiolelli

Do You Live or Die? Explaining Machine Learning with Azure and the Titanic dataset
Beth Young

My Trudge Through IT Burnout & Keeping it at Bay
Eric Lee

Securtle (The Security Turtle)
Sanchari Das

BSidesSTL 2019 Closing

09/08/2019 DerbyCon 9 Videos
These are the videos of the presentations from Derbycon 2019. Big thanks to my video jockeys AlexGatti, nightcarnage, securid, theglennbarrett, LenIsham, someninjamaster, SciaticNerd CoryJ1983, Skiboy941, livebeef, buccaneeris, mjnbrn, sfzombie13, kandi3kan3, ZTC1980, soc_analyst, m3l1e, primestick, dmmeurdebitcard, Mel  and TeaPartyTechie.

More.........

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast