|
167 |
Password Exploitation Class Videos Posted
This is a class we gave for the
Kentuckiana ISSA on the the subject of password exploitation. The Password
Exploitation Class was put on as a charity event for the Matthew Shoemaker
Memorial Fund ( http://www.shoecon.org/ ).
The speakers were Dakykilla, Purehate_ and myself. This is sort of the first
Question-Defense /
Irongeek joint video. Lots of password
finding and crack topics were covered: Hashcat, OCLHashcat, Cain, SAMDump2,
Nir's Password Recovery Tools, Password Renew, Backtrack 4 R1, UBCD4Win and much
more. About 4.5 hours of content. |
var | Archive.org/AVI |
|
08/30/2010 |
|
166 |
Setting up the Teensy/Teensyduino Arduino Environment
This video will show you the basics of setting up the Teensyduino environment in
Windows so you can start developing PHUKD devices. |
6:57 | YouTube |
|
07/14/2010 |
|
|
|
| |
|
|
|
165 |
Mutillidae/Samurai WTF/OWASP Top 10
This is a presentation I did at the
Kentuckiana ISSA and then again at the
Ohio Security Forum on Mutillidae/Samurai WTF/OWASP Top 10. I chose to post
the Ohio version of the video as I think it came out better, but the slides are
the same. Plenty of information on XSS (Cross Site Scripting), CSRF (Cross Site
Request Forgery) and SQL/Command Injection. |
1:01:50 | Vimeo/AVI |
|
07/12/2010 |
|
|
|
| |
|
|
|
164 |
Ligatt / Gregory D. Evans Videos
It should be noted, I did not create these videos, my buddy Rick from the
ISDPodcast did
(at least the first two). Still, they are worth sharing.
I have some links below if you want more info on the Ligatt / Gregory D. Evans controversy that has
been going around. If nothing else, it will help with people researching the
person/company:
Ligatt / Gregory D. Evans Fun Charlatan Entry at Attrition.org
Follow all the Ligatt fun on Twitter
The Register has a good writeup on Ligatt / Gregory D. Evans
This is probably the most concise writeup on Ligatt / Gregory D. Evans
If you want to read the book "How To Become The Worlds No. 1 Hacker" for yourself, but you don't want to pay Ligatt for plagiarizing, grab the PDF
at this link |
var | YouTube |
|
06/24/2010 |
|
|
|
| |
|
|
|
163 |
Metasploit Class
Videos
On May 8th 2010 the
Kentuckiana
ISSA held a 7 hour Metasploit class at the Brown hotel in Louisville Ky.
Proceeds from the class went to the Hackers For Charity Food for Work program.
The instructors were David "ReL1K" Kennedy, Martin "PureHate" Bos, Elliott "Nullthreat"
Cutright, Pwrcycle and Adrian "Irongeek" Crenshaw. Below are the videos of the
event. I hope you enjoy them, and if you do please consider donating to Johnny
Longs' organization. This should be more Metasploit than you can stand! |
var | Archive.org/XVID |
|
05/13/2010 |
|
|
|
| |
|
|
|
162 |
WHAS
11 Webcam Exploit
This is a segment I did an interview for. They took very little of what I said,
and played up the voyeur aspect (I told them webcams were not that big a worry,
but drive by bot installs were). |
3:53 | FLV |
|
05/06/2010 |
|
|
|
| |
|
|
|
161 |
Outerz0ne 2010 Videos
The following are videos of the presentations from the
Outerzone 2010 hacker conference. Thanks to Skydog, Robin, Scott,
SomeNinjaMaster and the Hacker Consortium crew for the con. Also thanks to Karlo, Keith, and Seeblind
for doing AV. I'm looking forward to
Skydogcon. |
var | Archive.org/MP4 |
var |
03/28/2010 |
|
|
|
| |
|
|
|
160 |
Attacking and Defending WPA Enterprise Networks - Matt Neely
Matt Neely of
SecureState came to the March
Kentuckiana ISSA meeting and gave
a great presentation on securing and hacking WPA Enterprise networks. If you are
confused by the acronym soup of "EAP-TLS, EAP-TTLS/MSCHAPv2,
PEAPv0/EAP-MSCHAPv2, PEAPv1/EAP-GTC, PEAP-TLS" and which are the better options,
this may be the video for you. |
46:55 | Vimeo/Blip/MP4 |
233MB |
03/06/2010 |
|
|
|
| |
|
|
|
159 |
Steganography: The art of hiding stuff in stuff so others don't find your stuff
This is a presentation I was working on for the malware class I'm enrolled in.
For some reason my voice was cracking while recording it, but I guess it was
good practice for the live version I'll do tomorrow. Besides just an
introduction to Steganography, I'll also talk a little about my SnarlBot project
that will attempt to use stego in a command and control channel. |
49:39 | Vimeo/Blip/WMV |
120MB |
03/01/2010 |
|
|
|
| |
|
|
|
158 |
When Web 2.0 Attacks - Rafal Los
Recorded at: Louisville OWASP Chapter - Fourth Meeting, Friday January 29th,
2010
Speaker: Rafal Los will be discussing Flash and Web 2.0 security
|
57.33 | Vimeo/Blip/Mp4 |
247MB |
01/30/2010 |
|
|
|
| |
|
|
|
157 |
Botnets Presentation For Malware Class
I have to present two papers for my malware class, so I figure
I'd share my practice video with my readers. Slides are available in
PDF and
PPTX
forms.
|
26.02 | Blip/MP5 |
25.1MB |
01/25/2010 |
|
|
|
| |
|
|
|
156 |
Setting up the HoneyBOT HoneyPot
HoneyPots are hosts meant to be attacked either to distract the attackers or to
research their techniques. This video will cover setting up a simple HoneyPot in
Windows using an application called HoneyBOT. I'll also talk a little about
capturing a pcap file with dumpcap for later analysis. |
9:45 | Youtube/MP4 |
16.8MB |
01/19/2010 |
|
|
|
| |
|
|
|
155 |
Setting up an Ethernet bridge in Ubuntu Linux
In a previous video, I showed how to set up an
Ethernet bridge in Windows XP. This is very useful for sniffing traffic
leaving your LAN for the purposes of IDS (Intrusion Detection System), network
monitoring, statistics or just plain snooping. In this video, I cover setting up
an Ethernet bridge in Linux. Other tools used in this video include Wireshark,
TCPDump, Etherape and Driftnet. |
9:59 | Youtube/MP4 |
72MB |
12/29/2009 |
|
|
|
| |
|
|
|
154 |
Xmas scan
with Nmap
According to RFC 793, if a closed port gets a TCP packet without the SYN, RST,
or ACK flag being set, it is suppose to respond with a RST packet. If the port
is open, the TCP stack is suppose to just drop the packet without giving a
response. Not all Operating Systems follow the RFC to the letter however, and
these discrepancies allow for OS fingerprinting. I've covered OS fingerprinting
in other videos (which I will link off to later), this video will just
illustrates the point by showing off Nmap's XMAS scan option which sets only the
FIN, PSH, and URG flags and nothing else. I'll also be using Zenmap, Ndiff and
Wireshark to help you get the idea. |
9:24 | Youtube/WMV |
102MB |
12/25/2009 |
|
|
|
| |
|
|
|
153 |
IndySec Metasploit Class Videos
When Steve invited me up to
Indianapolis to help with a Metasploit class I jumped at the opportunity.
We had a good time and IndySec puts
on a great event. They let me record the talks, unfortunately I was testing out
a new video rig and the audio failed on the first three parts (Intro/Welcome,
Network Setup, Getting started with Metasploit). The rig worked great for the
Social Engineering,
Meterpreter and
SQL Pwnage/Fast Track sections.
My presentation was just a rehash of the video I put up last week on
msfpayload/msfencoder/metasploit 3.3 so I decided not to post it on this
page.
|
var | Blip.tv/MP4 |
|
12/13/2009 |
|
|
|
| |
|
|
|
152 |
Using msfpayload and msfencode from Metasploit 3.3 to bypass anti-virus
This subject has been covered before, but why not once more?
Metasploit 3.3 adds some new options, and better Windows support. As stated in
the title, this video will cover using msfpayload and msfencode from Metasploit
3.3 to bypass anti-virus. I will also talk a little about using CWSandbox and
VirusTotal to examine malware. If you find this video useful, consider going to
the
Metasploit Unleashed page and donating to the Hackers For Charity Kenya food
for work program, or come to the
IndySec charity event. By the way, I've put out two versions of this video,
one andSWF and the other a streaming video. Please let me know which you prefer. |
24:53 | SWF/Vimeo |
34.7/MB/140MB |
12/4/2009 |
|
|
|
| |
|
|
|
151 |
Using FOCA to collect Metadata about an organization
Applications can add all sorts of data into the documents they create or edit.
DOC, PDF, XLS and other file types can contain all sorts of extra data, like
usernames, network paths, printers and application version numbers. This sort of
information is great for doing initial research about an organization before
doing a pen-test. This video with cover using FOCA, pointing it at a domain
name, and grabbing metadata from doc, ppt, pps, xls, docx, pptx, ppsx, xlsx, sxw,
sxc, sxi, odt, ods, odg, odp, pdf and wpd files. |
var | SWF |
10.8MB |
12/1/2009 |
|
|
|
| |
|
|
|
150 |
Building a Hacklab, and a little about the Louisville CTF event
This is a presentation I gave for the local
Louisville ISSA. I took this
as an opportunity to learn a bit about AVISynth and do a split screen video.
Thanks to Gary for being my camera man. |
58:29:00 | Vimeo |
|
11/7/2009 |
|
|
|
| |
|
|
|
149 |
Darknets: anonymizing private networks talk from Phreaknic (Networks covered
include Tor, Freenet, AnoNet/DarkNET Conglomeration and I2P)
This is a quick and dirty version of my Darknets talk from Phreaknic 2009, I
hope to have a better version up soon. It covers the the basics of
semi-anonymous networks, their use (political dissidence, file sharing, gaming
and pr0n), how they were developed and what they mean to organizations. The main
focus will be on the Tor, I2P, Freenet and anoNet Darknets, their uses and
weaknesses. |
1:09:00 | Vimeo |
|
11/2/2009 |
|
|
|
| |
|
|
|
148 |
Louisville Infosec 2009 Videos |
var | Blip.tv |
|
10/29/2009 |
|
|
|
| |
|
|
|
147 |
Getting started with the I2P Darknet
I2P (originally standing for Invisible Internet Project) can be seen as a
networking layer sitting on top of IP that uses cryptography to keep messages
confidential, and multiple peer to peer network tunnels for anonymity and
plausible deniability. While Tor is focused more for hiding your identity while
surfing the public Internet, I2P is geared more toward networking multiple I2P
users together. While you can surf to the public Internet using one of the I2P
out proxies, it's meant more for hiding the identity of the providers of
services (for example eepSites), sort of like Tor's concept of Hidden Services,
but much faster. Another advantage I2P has is NetDB, a distributed way to let
peers know about each other once initial seeding has occurred. Tor on the other
hand uses it's own directory to identify servers, which in theory could be more
easily blocked. Both networks have their advantages and trade offs. This video
won't cover the details of I2P's peering or encryption systems, and may seem
kind of rambling, but it should be enough to get you up and running on the
darknet.
Please note, this video came out way larger than I
intended. |
var | SWF |
34.3MB |
10/26/2009 |
|
|
|
| |
|
|
|
146 |
Louisville InfoSec CTF 2009
This video summarizes one possible way contestants could have completed the
Capture The Flag event at the 2009
Louisville Infosec. Tools and concepts used in the video include: Backtrack
4, Kismet Newcore, Nmap, Metasploit, Meterpreter, Firefox, SQL Injection, Cain,
Truecrypt and 7zip. |
13:43 | Vimeo |
74.40MB |
10/11/2009 |
|
|
|
| |
|
|
|
145 |
File Carving and File Recovery with DiskDigger
DiskDigger is a tool that allows you to recover deleted files off of a FAT or
NTFS drive. It has two modes of operation: In the first it merely looks in the
FAT/MFT to find files marked as deleted, in much the same way that the tool
called Restoration does. In the 2nd mode it does a file carve down the drive
looking at the raw bits and finding the know headers and footers of various file
types, much like PhotoRec. While PhotoRec seems a little more powerful,
DiskDigger is easier to use and its preview functionality is quite nice. This
video will cover the basics of recovering deleted files with DiskDigger. |
var | SWF |
6.88MB |
09/29/2009 |
|
|
|
| |
|
|
|
144 |
Pin-hole Spy Video Camera Disguised as a Pen
I thought some of you might find this an interesting gadget, so I decide to
review it. It might be useful for reconnaissance before a pen-test, or as a
covert place to store files. |
2:34 | YouTube |
|
09/27/2009 |
|
|
|
| |
|
|
|
143 |
Rohyt Belani - Bad Cocktail: Application Hacks + Spear
Phishing
Mr. Rohyt Belani was kind enough to do
a presentation on combining web application attacks with spear phishing at the
Sept 2009 Louisville OWASP
meeting (our chapter's LinkedIn page can be found
here).
If you are interested in finding out more about some of the topics Rohyt
mentions in his presentation, check out these other videos on
Footprinting/Network Recon and
Exploiting Common Web App Vulnerabilities. |
1:15:58 | Vimeo |
|
09/19/2009 |
|
|
|
| |
|
|
|
142 |
Anti-Forensics: Occult Computing Class
This is a class I
gave for the Kentuckiana ISSA on
the the subject of Anti-forensics. It's about 3 hours long, and sort of
meandering, but I hope you find it handy. For the record, Podge was operating
the camera :) Apparently it was not on me during the opening joke, but so be it,
no one seemed to get it. I spend way to much time on the Internet it seems.
Also, I'm in need of finding video host to take these large files. This class
video is 3 hours, 7 min and 1.2GB as captured. |
3:07:00 | Blip.tv |
|
08/24/2009 |
|
141 |
Phreaknic 12 Videos |
| Blip.tv |
|
07/25/2009 |
|
140 |
Irongeek - Hardware Keyloggers: Use, Review, and Stealth (Phreaknic 12)
This talk will cover hardware keyloggers and their use. About six will be
presented in person for folks to try hands on, with a few others referenced in
the slide show (mini-pci ones for example) . I'll cover the advantages and
disadvantages of the current crop on the market and how they work. Also covered
will be possible ways to detect hardware keyloggers via physical inspection an
software. |
58:09 | Blip.tv |
|
07/24/2009 |
|
139 |
Ncat
Tutorial: A modern Netcat from the Nmap team
For those not in the know, Netcat is a utility who's goal is to be like the Unix
cat command, but for network connections. It has been referred to as
a "Swiss-army knife for TCP/IP" for good reason, since it can do so many things. |
var | SWF |
41.20MB |
07/22/2009 |
|
|
|
| |
|
|
|
138 |
Compiling
Nmap form source on Ubuntu
Along the way to making a video on Ncat I needed to compile Nmap 5 from source,
so I figured I might as well do a video on that as well. There are many reasons
why you might want to compile Nmap from source instead of just using the package
manager, so enjoy. |
var | SWF |
11.60MB |
07/18/2009 |
|
|
|
| |
|
|
|
137 |
NDiff:
Comparing two Nmap 5 scans to find changes in your network
Fyodor gave me a heads up that Nmap 5 was coming out, so I figured I'd do a
couple of videos on useful new features that come with Nmap 5 and later. For a
better understanding of Nmap in general, check out my older videos which I will
link to after the presentation. In this video I will cover the basics of using
NDiff to compare two seperate Nmap scans. This is really useful for change
management, where you want to know what new devices have appeared on your
network or about ones that have disappeared for some reason. You could easily
schedule Nmap to run on your network weekly, and then compare the differences
with NDiff to see what has changed. |
var | SWF |
5.94MB |
07/16/2009 |
|
|
|
| |
|
|
|
136 |
Incident Response U3 Switchblade From TCSTool
In Russell's own words: "The U3 incident response switchblade is a tool
designed to gather forensic data from a machine in an automated, self-contained
fashion without user intervention for use in an investigation. The switchblade
is designed to be very modular, allowing the investigator/IR team to add their
own tools and modify the evidence collection process quickly." This video shows
you how to setup u3ir, and modify it. |
var | SWF |
8.02MB |
07/09/2009 |
|
|
|
| |
|
|
|
135 |
OWASP
Top 5 and Mutillidae: Intro to common web vulnerabilities like Cross Site
Scripting (XSS), SQL/Command Injection Flaws, Malicious File Execution/RFI,
Insecure Direct Object Reference and Cross Site Request Forgery (CSRF/XSRF)
This is a recording of the presentation I gave to the Louisville Chapter of
OWASP about the Mutillidae project. A while back I wanted to start covering more
web application pen-testing tools and concepts in some of my videos and live
classes. Of course, I needed vulnerable web apps to illustrate common web
security problems. I like the WebGoat project, but sometimes it's a little hard
to figure out exactly what they want you to do to exploit a given web
application, and it's written in J2EE (not a layman friendly language). In an
attempt to have something simple to use as a demo in my videos and in class, I
started the Mutillidae project. This is a video covering the first 5 of the
OWASP Top 10. |
1:14:41 | Vimeo |
|
06/20/2009 |
|
|
|
| |
|
|
|
134 |
802.11 Wireless Security Class for the Louisville ISSA Part 1
Originally, this was going to be one 4hr class, but Jeff had something come up
so he could not cover WEP/WPA cracking, and my section took so long that Brian
never got a chance to present his material on DD-WRT. I'm hoping to get them
back to do a part 2 of this video. In this section I cover the basics of WiFi,
good chipsets, open file shares, monitor mode, war driving tools, testing
injection, deauth attacks and the evil twin attack. Some of this comes out as
kind of a stream of consciousness, but hopefully you can find some useful
nuggets from my brain dump of what I've learned about 802.11a/b/g/n hacking. As
far as classes goes this is the mostly complicated one I've set up, and for a
wireless class Brian and I had to run a lot of wires. :) |
3:28:37 | Blip.tv |
|
05/24/2009 |
|
|
|
| |
|
|
|
133 |
Outerz0ne and Notacon 2009 Hacker Cons Report
I did some recording of the goings on at the Notacon and
Outerz0ne 2009 hacker cons. If you want
to get a feel for these cons, check out the video.
|
49:13 | Blip.tv |
|
05/10/2009 |
|
|
|
| |
|
|
|
132 |
Hacker Con WiFi Hijinx
Video: Protecting Yourself On Potentially Hostile Networks
This is a presentation I gave for the
Kentuckiana ISSA on May 8th, 2009. It covers the basics of protecting
yourself when using open WiFi on a potentially hostile networks, most notable
Hacker cons, but also coffee shops, libraries, airports and so forth. Topics
include: open file shares, unneeded services, sniffing and evil twin attacks.
The talk is based on the
Hacker
Con HiJinx tri-fold I wrote awhile back. |
59:39 | Blip.tv |
|
05/09/2009 |
|
|
|
| |
|
|
|
131 |
Mutillidae 1: Setup
Mutillidae is a deliberately vulnerable set of PHP scripts I wrote to implement
the OWASP Top 10 web vulnerabilities. I plan to use these scripts to illustrate
common web app attacks in a series of future videos. The easiest way to get up
and running with Mutillidae is to use XAMPP, an easy to install Apache
distribution containing MySQL, PHP and Perl. This first video covers setting up
Mutillidae, which can be downloaded from:
http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 |
var | SWF |
6.23MB |
04/29/2009 |
|
|
|
| |
|
|
|
130 |
Making Hacking Videos: Irongeek's Presentation from Notacon 2009
Over the years I've done a lot of video tutorials using screencasting software to teach folks new to hacking how various security
tools work. I'd like to share the tips and tricks I've learned so that others
can start to teach people about technology in the same way. Covered topics will
include: Screencasting software, free tools, getting the best video for the
least bandwidth, audio work, free hosting, animations and more. This is a presentation I did for
Notacon 2009. Thanks to Ted and crew for recording it. |
51:04 | Blip.tv |
|
04/20/2009 |
|
|
|
| |
|
|
|
129 |
:Using SSLStrip to proxy an SSL connection and sniff it
John Strand of
Pauldotcom allowed me to post this
video that shows how to use SSLStrip to proxy an SSL connection and sniff it,
without those annoying warning messages about the cert that other tools give. From
John's description:
With SSLStrip we have the ability to strip SSL from a sessions. Using this tool
we have the capability to capture in clear text user IDs and passwords. |
8:39 | Blip.tv |
|
04/15/2009 |
|
|
|
| |
|
|
|
128 |
Presentation Recording Rig Setup
I've been wanting to record some of my live classes, as well as the talks at the upcoming Louisville Infosec. This is the rig I plan to use to capture both the Power Point/computer screen and live video of the presenter at the same time. Let me know if you have any ideas for improvement. |
| Blip.tv |
|
03/30/2009 |
|
|
|
| |
|
|
|
127 |
Footprinting, scoping and recon with DNS, Google Hacking and Metadata
This class covers recon work, showing the student how a pen-tester/attacker can
use public information to learn more about an organization before they
compromise it's security. Covered topics will include DNS tools (like Whois,
NSlookup/Dig, Nmap -sL), Google Hacking using advanced search terms and Metadata
in images and documents. Recorded for the
Kentuckiana ISSA on March 21,
2009. |
3hr, 7min
more or less | Blip.tv |
|
03/25/2009 |
|
|
|
| |
|
|
|
126 |
Joe McCray "Advanced SQL Injection"
Joe McCray of Learn
Security Online sent me a video of a presentation he gave on Advanced SQL
Injection. It's a great primer, and I love his presentation style. Someone buy
the man a VGA to composite converter, or a HD camcorder so he can keep making
these vids. |
| Vimeo |
|
03/20/2009 |
|
|
|
| |
|
|
|
125 |
Outerz0ne 5 Closing
Prepare your liver for the apocalypse. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
124 |
Acidus (Billy Hoffman) - Offline Apps: The Future of The Web is the Client?
Traditional web apps used the browser as a mere terminal to talk with the
application running on the web server. Ajax and Web 2.0 shifted the application
so that some was running on the client and some of the web server. Now,
so-called offline application are web application that work when they aren't
connected to the web! Confused? This talk will explore how to attack offline
apps with live demos of new attack techniques like client-side SQL Injection and
resource manifest hijacking.
BIO: Acidus is a Atlanta hacker who is not really sure why you keep listening to
him. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
123 |
Rob Ragan - Filter Evasion - Houdini on the Wire
Today security filters can be found on our network perimeter, on our servers, in
our frameworks and applications. As our network perimeter becomes more secure,
applications become more of a target. Security filters such as IDS and WAF are
relied upon to protect applications. Intrusion detection evasion techniques were
pioneered over a decade ago. How are today's filters withstanding ever evolving
evasion tactics? The presentation will examine how evasion techniques worked in
the past and provide insight into how these techniques can still work today;
with a focus on HTTP attacks. A practical new way to bypass Snort will be
demonstrated. A tool to test other IDS for the vulnerability in Snort will be
demonstrated.
Bio: Background: While performing a pentest on a fortune 50 company I got
caught. My IP address was subsequently blocked. It was apparent that I was
causing way too much noise and they had triggered a network security filter that
blocked me. I came up with this presentation idea after implementing the evasion
techniques found here in a proxy application. I quickly realized none of them
work anymore on modern IDS. After some experimentation I eventually found
something that would let me sneak nearly any type of web attack past Snort. More
details on the attack can be found in my outline. I'm currently working on a
tool that will allow anyone to test their IDS/IPS for this vulnerability. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
122 |
Scott Moulton - Reassembling RAID by SIGHT and SOUND!
RAID is a great technology and in many cases is suppose to keep our data safe.
What happens when it fails? RAID Arrays are one of the most painful things to
reassemble. RAID 0 and RAID 5 software reassemblies have problems with Slice
Sizes, and Drive Orders and in many cases, the user has no idea what the
settings are. What do you do when you don’t know the Slice Size and Drive Orders
and you need the data from damaged drives? Well here is a demonstration of a way
to determine this using Sight and Sound. I crammed as much on the subject as I
can into a 50 minute presentation with Demos. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
121 |
Makers Local 256 - A primer on hackerspaces
What they are, why they're important, where they are, and how you can start one
yourself. You may already have one close by. The talk will illustrate how
hackers are taking back the moniker and bringing the community back into the
light. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
120 |
Presmike & Sippy - RETRI:Rapid Enterprise Triaging
The first part of this presentation presents a new paradigm for the Incident
Response process called Rapid Enterprise Triaging (RETRI), where the primary
objective is to isolate the infected network segment for analysis without
disrupting its availability. Part two of this presentation will introduce a new
Enterprise Incident Response tool that complements the RETRI paradigm. The tool
is a free, possibly open source, agent-based tool that is deployed to the
compromised segment to perform the traditional incident response tasks (detect,
diagnose, collect evidence, mitigate, prevent and report back). The tool will be
released at Blackhat 2009 / Defcon 2009 if all goes well.For now you get screen
shots. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
119 |
Nick Chapman - Embedded Malicious Javascript
This talk will cover malicious JavaScript currently being used in the wild. It
will start with the big daddy of embedded malicious JavaScript, Asprox, which
last year gave rise to panicked headlines like "100,000s of websites
compromised" and continuing through more recent samples such as the fake Yahoo
Counter and the recent MS09-002 exploits. We will look at attack vectors,
obfuscation techniques, and multi-stage delivery systems, and exploits used.
This will feature the analysis of several samples harvest from the wilds of the
Internet.Bio: My name is Nick Chapman. I'm a security researcher with the
SecureWorks Counter-Threat Unit. Prior to focusing on security issues full time,
I worked as both a System Administrator and Network Engineer in the ISP world. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
118 |
SlimJim100 - Live Demo of Cain & Able and the Man-in-the-middle-attack
This talk will present a live demo of a man-in-the-middle-attack, using Cain &
Able.
SlimJim100, also known as Brian Wilson, has presented at ChicagoCon 3 times in
the past. His resume is filled with 3, 4, and 5 letter certifications, and his
reputation reflects his skills.SlimJim100 - Live Demo of Cain & Able and the
Man-in-the-middle-attack. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
117 |
SkyDog - Screen Printing Primer - Make your own Con Shirt!
A primer on silkscreening t-shirts and garments. This talk goes thru the process
of single color silkscreening, showing the steps necessary to produce the
artwork, burning a screen, and then screening a shirt. We'll be producing shirts
on stage, showing the techniques learned from much trial and error. Want to make
your own Outerz0ne 5 Con shirt? C'mon up and do it yourself. Want to see yours
made? We can do that too! Meant to be an interactive talk, to also raise
interest in graphic arts and a to try and bring back a bit of the old school
stuff.
Skydog currently works for a major university, while also holding down positions
as President for two non-profits. One is Nashville 2600, which is the group
responsible for Phreaknic, and the Hacker Consortium, a large non-profit
hackerspace in Nashville, TN. When he isn't doing all of that happiness, he's
trying to keep his son from cutting a finger off, and making sure he's not
surfing pron. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
116 |
Tyler Pitchford - They took my laptop! - U.S. Search and Seizure Explained
An overview of recent developments impacting the Fourth Amendment and privacy
conscious computer professionals: including discussions on the United States
Constitution, Federal Statutes, Administrative decisions, and, most importantly,
the case laws that interpret and define the Fourth Amendment. Special attention
is given to topics affecting computer professionals, including border crossings,
foreign nationals, forced disclosures, and the October 2008, Crist decision.
Tyler holds degrees in Software Architecture from New College of Florida and a
Juris Doctor from the Stetson University College of Law. He co-founded the
Azureus Bittorrent client in 2003 and currently works as CTO for Digome, LLC in
Nashville, TN. His work experience includes Florida State Attorney's, Federal
Magistrate Richardson, and Justice Anstead of the Florida Supreme Court. Tyler
presented at PhreakNic 12 and has taught several courses on computer programming
and security. |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
115 |
Morgellon - *Duino-Punk! Manifesting Open Source in Physical Space from Outerz0ne 5
The goal is to promote the idea of open source hardware, and
expand the community. We will begin with an intro into what an "arduino micro
controller" is, how they work, and what you can do with them. You will see that
you don't need to be an electronics wizard to create amazing projects that
enhance your life! Whether a code ninja, hardware guru, enthusiast, a pro or
total n00b, the arduino offers amazing potential, community, and empowerment to
any who wish to grasp it.
Website: http://dailyduino.com (blog for
arduino projects and related electronics news.) |
| Blip.tv |
|
03/09/2009 |
|
|
|
| |
|
|
|
114 |
WiFiFoFum: Wardriving convenience in your pocket and uploading to Wigle
As regular Irongeek readers know, I’ve covered
wardriving (the act of physically moving around in meatspace looking for WiFi access point) before. In this video, I want to cover another tool for wardriving: WiFiFoFum for the Windows Mobile platform. |
var | SWF |
7.98MB |
03/05/2009 |
|
|
|
| |
|
|
|
113 |
Bluetooth Wireless Hardware Keylogger Review
The folks over at Wirelesskeylogger.com
were kind enough to send me a review unit. For more info on hardware keyloggers
in general, check out some of my other articles and videos on the topic which I
will link to at the end of this presentation. The core idea of a wireless
hardwarekeylogger is that you only have to get physical access to the computer
once to install it. From then on you just have to get close enough to the box
with a bluetooth device to grab the logs, at least in theory.
|
var | SWF |
3.76MB |
02/13/2009 |
|
|
|
| |
|
|
|
112 |
Setting Up Tor Hidden Services
In a previous video I covered using the Tor anonymity network to browse the web anonymously. In this one I'll cover the basics of setting up a Tor hidden service. With a Tor hidden service, the true host IP of the service is hidden by the Tor network. Instead of having to hand out the true IP of the server, a service creator can hand out a *.onion hostname that's not linked directly to them. By setting up a Tor hidden service it becomes much harder for an adversary to figure out where the service is really being hosted from, and thus much harder to shutdown. This is a great thing for people like whistle blowers and political dissidents that want to share information anonymously, unfortunately it's also useful to pedos so be careful what links you choose to click on the onion network.
|
var | SWF |
4.78MB |
01/29/2009 |
|
|
|
| |
|
|
|
111 |
NetworkMiner for Network Forensics
NetworkMiner is a cool little sniffer app by Erik Hjelmvik. Described as a
Network Forensic Analysis Tool (NFAT), it allows you to parse libpcap files or
to do a live capture of the network and find out various things passively. The
main uses I like it for are file reconstruction of FTP, SMB, HTTP and TFTP
streams as well as passive OS fingerprinting, but it can do a lot more.
NetworkMinor uses the Satori, p0f and Ettercap OS fingerprints, and can be run
from a thumb drive without having to install it. It's designed to run under
Windows, but you can also use it under Linux with Wine. |
var | SWF |
17.60MB |
12/17/2008 |
|
|
|
| |
|
|
|
110 |
Intro to
Wireshark
Wireshark is an awesome open source general purpose network analyzer (AKA: a
Sniffer). Before you continue on with this video, I recommend that you check out
my article
A
Quick Intro to Sniffers
so you understand the background information. In this video I'll cover the following topics:
Running Wireshark, starting a capture with options, drilling down the OSI model, capture filter options, popping out a single packet, sorting by columns, following TCP streams, exporting HTTP objects, simple display filters, the filter builder, applying filters from different panes , saving filters, opening a Wiki page, Edit-> Find packet, sniffing an HTTP Basic Authentication password, Analyzers ->Expert Info, Analyzers ->Firewall ACLs, stats, editing color rules and saving the capture. |
var | SWF |
26.10MB |
12/05/2008 |
|
|
|
| |
|
|
|
109 |
Hacking Your SOX Off: Sarbanes-Oxley, Fraud, and Fraudulent Financial Reporting
I had to do a presentation for one of my MBA courses, and one of the topic
choices was the Sarbanes-Oxley act. I chose it because I thought I could relate
it to computer security, but as it turns out the connection is somewhat tenuous
as you will see if you watch the presentation. |
27:18 | Blip.tv |
|
11/30/2008 |
|
|
|
| |
|
|
|
108 |
Bypassing Anti-Virus with Metasploit
This video from John Strand shows how to bypass anti virus tools utilizing the
new tricks in Metasploit 3.2 |
6:06 | Vimeo |
|
11/22/2008 |
|
|
|
| |
|
|
|
107 |
Deploying Metasploit's Meterpreter with MITM and an Ettercap filter
In this video, Bigmac shows how to redirect web traffic and trick users into
downloading Meterpreter and running it on their box. |
8:29 | Vimeo |
|
11/22/2008 |
|
|
|
| |
|
|
|
106 |
Sniffers Class for the Louisville ISSA
The video quality of this lecture is not very good, but it should give you an
idea of what my ISSA classes are like. Covered topics include Wireshark,
Ettercap, Cain and the slightest bit of NetworkMiner before the camera cut out.
Pardon the blue tint, it was the projectors fault and not the Aiptek Action
HD's. I shrunk it down from the original 720p, so the screen is not all that
readable. I also experimented in cleaning up the audio in Audacity. I hope to
cover Wireshark and NetworkMiner again shortly in higher quality videos. |
2:45:00 | Vimeo |
n/a |
11/16/2008 |
|
|
|
| |
|
|
|
105 |
Extraordinary Journey from Fundamental Electronics to Fabulous Enchanted Systems
with Arduino's and Magical Potions
This is Morgellon and Droop's talks about hacking the
Arduino micro controller platform from
Phreaknic 12. Droops and Morgellon will
take you from basic electronics to building embedded systems. Learn how to build
a standalone RFID tag reader with a fancy LCD display or your own oscilloscope
or children's toys that speak to you or how to solar power a geothermal heat
pump. There may even be some giveaways and contests. Magical Potions will be
consumed but not provided.
Check out the following sites by Droops and Morgellon:
http://dailyduino.com/
http://www.hackermedia.org/
I've done a little work to pull some noise out of the audio, but I may have
made it worse in some spots. Thanks go out to the Phreaknic 12 A/V team
SomeNinjaMaster, Night Carnage, Greg, Brimstone, Poiu Poiu, Mudflap, and Drunken
Pirate for setting up the rigs and capturing the video. |
67:05 | Blip.tv |
n/a |
10/29/2008 |
|
|
|
| |
|
|
|
104 |
Phreaknic 12 (2008) Hacker Con
This is a quick and dirty video documentary of the things
that when on around the talks and event at
Phreaknic 12 (2008). Don't watch if you get sick at shaky cam movies like
Blair Witch or Cloverfield. A rough timeline of the content in the video is as
follows:
Intro and leaving Louisville with Brian. Morgellon talks
about hacking the Arduino micro controller
platform. Sorteal talks about the LiVes Open Source video editor. AT&T Batman
building by night. Mojo-JoJo soldering some stuff for the shooting range. The
patron gods of hackerdom. Registration. Con swag overview. Morgellon gets
his discreet logic on. AK-47 building with HandGrip and Buttstock. Froggy talks
up Notacon, which I plan to go to next year. Skydog explains the Jware chair
toss event, and then we compete. Rootwars hacker wargames. I ask
Int80 about using his nerdcore
music in some of my videos. NotLarry explains rootwars. Some iPhone hacking with
Lee Baird and John Skinner. I
do a little
Bluecaseing/Warnibbling with the Bluetooth on my Nokia n810. John, Lee,
Brian and I go to the German restaurant. I blind DOSman with the light from my
camera and check out what folks are doing with the
Arduinos Droops brought for folks to play
with. I check back in on R00tW4rz. I blind Droops. I talk Ettercap filters with
operat0r. USB door key fun with the
Arduino. More breadboard fun. Nokia n810 +
Ettercap Filter + Lemon-part = win.
Int80 gets down with his own bad self, and the rest of Phreaknic. I find an
energy drink with protein. Folks play with the hardware keyloggers I brought,
and we have some epic fail with the IBM Model M + USB adapter + Mac OS 10.5.
Winn Schwartau joins in on the
keylogger fun. DOSman and Zack use
a directional antenna from the 9th floor to search downtown Nashville for WiFi
access points. Zoom in on Al. John and Lee eat jerky.
Daren and Shannon from Hak5 blind me this
time. :) Then they do a quick interview. I interview
TRiP about the legalities of wardriving,
sniffing and leaving your access point open so you have plausible deniability of
copyright infringement (most likely it won't hold water in court if you are a
computer geek). I give Hak5 Daren beef jerky.
Ziplock had more con badges
than God. I meet up with Iridium. I talk with Nightcarnage about the audio/video
setup at Phreaknic. As I predicted, the
Potters won the WiFi
Race. I say why this was the best Phreaknic ever. Using green lasers on crack
dealers. Techno in the dark, the Aiptek action HD does not do well in low light.
Nicodemius shows off his Minority Report like multi-touch table. Hula hoop
contest. I check back in with Jeff Cotton and his USB keyed door. I strap on my
gear to leave the con. Brian and I do a wrap up of our thoughts on Phreaknic
2008.
|
About
1:25:00 | Blip.tv |
n/a |
10/29/2008 |
|
|
|
| |
|
|
|
103 |
Using Cain to sniff RDP/Remote Desktop/Terminal Server traffic via "Man in the Middle"
In this video I'll be showing how Cain can pull off a "Man in the Middle" attack against the Remote Desktop Protocol. While RDP
versions 6.0 and later are less susceptible to these attacks because of the
verification schemes added, there is still a risk since so many users just click
yes to all warning messages.
|
var | SWF |
8.09MB |
10/20/2008 |
|
|
|
| |
|
|
|
102 |
BeEF: Browser Exploitation Framework XSS Fun
John Strand of
Black Hills Security sent me
another awesome video on using BeEF, cross site scripting and other fun. |
6:58 | Vimeo |
n/a |
10/16/2008 |
|
|
|
| |
|
|
|
101 |
Using Metasploit to create a reverse Meterpreter payload EXE
by John Strand
John Strand of
Black Hills Security sent me an awesome video
on using Metasploit to create an EXE with the Meterpreter payload that creates a
reverse TCP connection outbound, blowing through many NAT boxes and firewalls.
This goes great with a previous video I did on
EXE Binders/Joiners.
|
6:26 | Vimeo |
n/a |
10/15/2008 |
|
|
|
| |
|
|
|
100 |
Using Cain to do a "Man in the Middle" attack by ARP poisoning
I'm creating this video for three reasons:
1. While I've done a lot of videos on Cain, most of them are more advanced and assume you know the basics.
2. The last video I did on ARP poisoning with Cain was more than four years ago, Cain looks quite a bit different now.
3. I wanted a reference for the classes I'll be teaching for the Kentuckiana ISSA.
Before you watch this video, read my article "The
Basics of Arp spoofing/Arp poisoning"
so you will have a better grasp of the concept.
|
var | SWF |
4.63MB |
10/14/2008 |
|
|
|
| |
|
|
|
99 |
John Strand - "Advanced Hacking Techniques and Defenses" (and demos
of evilgrade/passing the hash/msfpayload) from
Louisville Infosec 2008
John Strand gave this presentation for the
Kentuckiana ISSA at the Louisville Infosec 2008 conference. He gives a
fascinating talk about why "security in depth" is dead, and lives again. John
then goes on to demo Evilgrade, using msfpayload and obscuring it against
signature based malware detection, dumping SAM hashes with the Metasploit
Meterpreter and using a patched Samba client to pass the hash and compromise a
system. I'd like to thank John for letting me record his talk. |
80:16 | Vimeo |
n/a |
10/11/2008 |
|
|
|
| |
|
|
|
98 |
Rohyt Belani - "State of the Hack" from
Louisville Infosec 2008
Rohyt Belani gave this presentation for the
Kentuckiana ISSA at the Louisville Infosec 2008 conference. Rohyt shows new
ways to think about hacking, going into how and why simple things work on the
people element. Why hack a system when a quick Google search can reveal so much?
Rohyt's talk was humorous and informative, and I'd like to thank him for letting
me record his it. |
52:01 | Vimeo |
n/a |
10/11/2008 |
|
|
|
| |
|
|
|
97 |
Adrian Crenshaw - "Intro to Sniffers" from
Louisville Infosec 2008
I gave this presentation for the
Kentuckiana ISSA at the Louisville Infosec 2008 conference. I cover the
basics of how network sniffers work, and specifically talk about Wireshark,
Cain, Ettercap and NetworkMiner. I came up with the presentation on short order,
so please be forgiving of the stumbles. :) You can
download the slides
from here. |
61:25 | Vimeo |
n/a |
10/11/2008 |
|
|
|
| |
|
|
|
96 |
Kevin Beaver - "Staying Ahead of the Security Curve" from
Louisville Infosec 2008
Kevin Beaver gave this presentation for the
Kentuckiana ISSA at the Louisville Infosec 2008 conference. There's a lot of
great advice in this video on how to approach an infosec career in the right
way. Kevin endorses being a security "renaissance man", expanding your knowledge
outside of the tech side to understand the business, people and legal sides as
well. At the same time he also points out that sometimes specialization is good,
so focus on your strengths. I'd like to thank Kevin for letting me record his
talk. |
41:00 | Vimeo |
n/a |
10/11/2008 |
|
|
|
| |
|
|
|
95 |
Finding listening ports on your Windows box using Netstat, Fport, Tcpview, IceSword and Current Ports
Host based firewalls are fine and dandy, but I'd rather turn off services I
don't need than to just block them. Host based firewalls are sort of a bandage,
and while they can be useful for knowing what is connecting out (see egress
filtering), it's better just not to have unneeded network services running in
the first place. This video can be seen as a supplement to my article "What
can you find out from an IP?"
|
var | SWF |
11.5MB |
10/08/2008 |
|
|
|
| |
|
|
|
94 |
Weak Hashing Algorithms: Outlook PST file CRC32 password cracking example
In a previous video I explained the basics of cryptographic hashes. Go watch "A Brief Intro To Cryptographic Hashes/MD5"
before this video. In this tutorial, I'll be giving an example of why weak
hashes are bad. The example I'll be using is the CRC32 hash that Outlook uses to
store a PST archive's password with. The CRC32 algorithm as implemented by
Microsoft Outlook is easy to generate hash collisions for, so even if you can't
find the original password you can find an alternate one that works just as
well. |
var | SWF |
2.02MB |
10/01/2008 |
|
|
|
| |
|
|
|
93 |
Irongeek's Hacking Lab and a review of the Aiptek Action HD 1080p
An overview of how may lab is set up, as well as a review of the Aiptek Action
HD 1080p |
4:44 | Vimeo |
n/a |
09/24/2008 |
|
|
|
| |
|
|
|
92 |
Teaching Hacking at College by Sam Bowne
This was a DefCon 15 presentation (August 3-5, 2007) by Sam Bowne. Sam does a
great job explaining how to teach ethical hacking at a university, and since he
gave me a shout out in the video I figured I'd post it up here. Definitely a
must watch if you are trying to convince your college's administration that it's
a good idea to teach such a course. Check out Sam's site at
http://www.samsclass.info/ if you want
to use his teaching curriculum. |
28:16 | n/a |
Google |
09/23/2008 |
|
|
|
| |
|
|
|
91 |
How Sarah Palin's Email got "Hacked"
This is a quick video reconstruction I did of how Sarah Palin's Yahoo account
got "hacked". You will see it's more about insecure design and easy to find
information than anything really technical. I made a test account at Yahoo and
this video traces the steps the attacker took. I'm hoping it will be useful to
journalists who don't really seem to have a grasp on the story. Feel free to
link it anyplace you like. |
var | 5.23MB |
SWF |
09/18/2008 |
|
|
|
| |
|
|
|
90 |
Intro to DD-WRT: Mod your wireless router to do more
DD-WRT is a Linux firmware available for many Linksys, NetGear, Belkin, D-Link,
Fon, Dell, Asus and other vendor's wireless routers. DD-WRT is far more feature
rich than the stock firmware that comes with most routers. This video covers the
basics of installing and configuring DD-WRT. |
var | 12.2MB |
SWF |
09/13/2008 |
|
|
|
| |
|
|
|
89 |
Nmap
presentation for the ISSA in Louisville Kentucky
This is a presentation I gave for the
Kentuckiana ISSA on the security tool Nmap. I've also posted the
slides and other media
so you can follow along if you like. Topics covered include: port scanning
concepts, TCP three way handshake, stealth scans, idle scans, bounce scans,
version detection, OS detection, NSE/LUA scripting and firewall logs. Hope some
of you can make it to the free class we will be holding at Ivy Tech Sellersburg
on Sept 20th, 2008 at 1pm.
Contact me to RSVP. The video is about an hour long. Enjoy. |
59:41 | n/a |
Vimeo |
09/06/2008 |
|
|
|
| |
|
|
|
88 |
Ironkey
High Security Flash Drive: Use and Review
The Ironkey is a high security thumb drive designed to provide strong AES
encryption, tamper resistance and other security services. |
| 17.6MB |
SWF |
07/07/2008 |
|
|
|
| |
|
|
|
87 |
Setting up a Tarpit (Teergrube) to slow worms and network scanners using LaBrea
(The "Sticky" Honeypot and IDS)
A network Tarpit, sometimes know by the German word Teergrube, is a service or
set of hosts that deliberately try to slow malicious network connections down to
a crawl. The idea is to put up unused hosts or services on the network that
respond to an attacker, but do things to waste their time and greatly slow their
scanning (or spreading in the case of Worms). For this video I'll be using a
package called LaBrea by Tom Liston and tarpitting unused IP addresses on my
home LAN. |
var | 23.4MB |
SWF |
06/26/2008 |
|
|
|
| |
|
|
|
86 |
Compiling and Configuring DHCPD from Source
Devil2005 has created a video on compiling and configuring dhcpd from source.
He's using the Fedora 9 distro of Linux for the video, but the lessons learned
should be applicable to other distros. For that matter, even if you are not
interested in installing dhcp in this way it's still a good lesson on how to
download and compile various applications from source. |
var | 18.7MB |
SWF |
06/22/2008 |
|
|
|
| |
|
|
|
85 |
Using Data Execution Prevention (DEP) in Windows XP and Vista:
Fighting back against buffer overflows and memory corruption
I've recently become interested in measures that modern CPUs can take to prevent
various types of memory corruption attacks. One such feature is the NX bit (as
AMD calls it, XD is Intel's term), which allows for memory pages to me marked as
not executable. Microsoft Windows started using this ability with XP SP2 as part
of their Data Execution Prevention (DEP) feature. Unfortunately, to get most out
of DEP you have to configure it. This video will show how to configure DEP
protection in Windows XP and Vista.
|
var | 6.67MB |
SWF |
06/08/2008 |
|
|
|
| |
|
|
|
84 |
DNS Spoofing with Ettercap
In my previous two videos I showed how to use Ettercap plugins for various
pen-testing and security evaluation functions. In this video I'll show how to
use the Ettercap plugin dns_spoof to set up DNS spoofing on the local area
network. |
var | 6.70MB |
SWF |
06/07/2008 |
|
|
|
| |
|
|
|
83 |
More Useful Ettercap Plugins For Pen-testing
In my previous video I showed how to use Ettercap plugins to find sniffers on
the network. In this video I'll show three more useful Ettercap plugins: find_ip,
gw_discover and isolate. |
var | 6.49MB |
SWF |
05/29/2008 |
|
|
|
| |
|
|
|
82 |
Finding Promiscuous Sniffers and ARP Poisoners on your Network with Ettercap
Most of you are familiar with using Ettercap for attacking systems, but what
about using it to find attackers? This tutorial will cover using Ettercap to
find people sniffing on your network. The plug-ins we will be using are
search_promisc, arp_cop and scan_poisoner. |
var | 9.68MB |
SWF |
05/20/2008 |
|
|
|
| |
|
|
|
81 |
A Brief
Intro To Cryptographic Hashes/MD5
A cryptographic hash function takes an input and returns a fixed size string
that corresponds to it, called a hash. Cryptographic hashes have a lot of uses,
some of which are: detecting data changes, storing or generating passwords,
making unique keys in databases and ensuring message integrity. This video will
mostly cover detecting file changes, but I hope it gets your mind going in the
right direction for how hashes can be used. Specifically covered will be tools
for creating MD5 hashes in Windows and Linux. |
var | 5.40MB |
SWF |
05/10/2008 |
|
|
|
| |
|
|
|
80 |
Text to Speech to MP3 with the freeware program DSpeech
This video is on Dspeech, a freeware tool that uses Microsoft's SAPI (Speech
Application Programming Interface) to convert text to spoken word. What's
special about it is it lets you make an MP3 of the text, so you can listen to it
on your computer, in you car or on your MP3 player. It's great for listening to
notes. |
var | 3.74MB |
SWF |
03/24/2008 |
|
|
|
| |
|
|
|
79 |
Hardware
Keyloggers In Action 2: The KeyLlama 2GB USB Keylogger
This video will demonstrate one of the
USB
KeyLlama brand of hardware keyloggers
in action. |
var | 6.38MB |
SWF |
03/18/2008 |
|
|
|
| |
|
|
|
78 |
Encrypting The Windows System Partition With Truecrypt 5.0
Truecrypt 5.0 adds many new features, most importantly Windows system partition
encryption. To put it in slightly inaccurate layman's terms, this means
encrypting your entire C: drive. Even if you already write your sensitive data
to an encrypted space, files are sometimes squirreled away in unencrypted temp
space or in the page file where they may be recovered. Using Truecrypt to
encrypt your Windows XP system partition will help eliminate this problem. |
var | 6.85MB |
SWF |
02/11/2008 |
|
|
|
| |
|
|
|
77 |
Hardware Keyloggers In Action 1: The KeyLlama 2MB PS/2 Keylogger
This video will demonstrate one of the
KeyLlama brand of hardware keyloggers in action, specifically the 2MB PS/2 model. I hope this video will give the viewer a better grasp of how these hardware keyloggers work. |
var | 14.1MB |
SWF |
02/05/2008 |
|
|
|
| |
|
|
|
76 |
Encrypting VoIP Traffic With Zfone To Protect Against Wiretapping
Some people worry about the easy with which their voice communications may be
spied upon. Laws like CALEA have made this simpler in some ways, and with
roaming wiretaps even those not under direct investigation may lose their
privacy. Phil Zimmermann , creator of PGP, has come up with a project called
Zfone which aims to do for VoIP what PGP did for email. |
var | 5.02MB |
SWF |
01/28/2008 |
|
|
|
| |
|
|
|
75 |
Using GPG/PGP/FireGPG to Encrypt and Sign Email from Gmail
This tutorial will show how to use GPG and the FireGPG plug-in to encrypt and
decrypt messages in Gmail. GPG is an open source implementation of OpenPGP
(Pretty Good Privacy) , a public-key-encryption system. With public key
encryption you don't have to give away the secret key that decrypts data for
people to be able to send you messages. All senders need is the public key which
can only be used to encrypt, this way the secret key never has to be sent across
unsecured channels.
|
var | 10.6MB |
SWF |
01/14/2008 |
|
|
|
| |
|
|
|
74 |
WebGoat 1:
SQL Injection Demonstration
SQL injection is a common web application attack that focuses on the database
backend. WebGoat is a deliberately insecure J2EE web application maintained by
OWASP designed to teach web application security lessons. I plan to use WebGoat
for a few future videos. This first WebGoat video will show the basics of
installing WebGoat and doing two of its SQL injection lessons. |
var | 10.1MB |
SWF |
11/14/2007 |
|
|
|
| |
|
|
|
73 |
XAMPP: an easy to install Apache daemon containing MySQL, PHP and Perl By
devil2005 |
var | 9.87MB |
SWF |
10/25/2007 |
|
|
|
| |
|
|
|
72 |
RFID
Show and Tell with Kn1ghtl0rd and lowtek mystik
While at PhreakNIC I got a chance to interview Kn1ghtl0rd and lowtek mystik
about their research into RFID, its hackabilty and other information. If you
want to lean more information about RFID check out their video from last year at
http://phreaknic.wilpig.org/ . Video
for their new talk this year should be up in the coming months. |
9:38 | |
YouTube |
10/22/2007 |
|
|
|
| |
|
|
|
71 |
Using Metagoofil to extract metadata from public documents found via Google
As many of my viewers know, I have an interest in metadata and how it can be
used in a pen-test. Thanks to PaulDotCom I found out about a tool called
Metagoofil that makes it easy to search for metadata related to a domain name. |
var | 5.58MB |
SWF |
10/15/2007 |
|
|
|
| |
|
|
|
70 |
Creating An Auto Hack USB Drive Using Autorun and Batch Files. By Dosk3n
During 2005 Sony BMG was discovered to be including Extended Copy Protection (XPC)
and MediaMax CD-3 software on music CDs. The software was automatically
installed in the background onto users computers systems that used the autorun
function to start running the CD. The software could hide itself from the
computers process list in the same way a rootkit would. There was over 100
titles in total that included this "rootkit". Using similar techniques we are
going to use the autorun feature with a USB drive to run multiple hacking tools. |
var | 5.59MB |
SWF |
10/12/2007 |
|
|
|
| |
|
|
|
69 |
How To Burn An ISO Image To A Bootable CD
Fans of my site will think this is a silly video, but I've seen the question
asked so many times in forums that I feel I should make a video. Now I'll have
something on hand to point people to when they email me, feel free to link to
this video if you get the same question. I'll be burning BackTrack with the
freeware tool CDBurnerXP, but it would work the same way with Ubuntu, Knoppix or
Helix. |
var | 1.47MB |
SWF |
10/09/2007 |
|
|
|
| |
|
|
|
68 |
Wardrive Mapping With IGiGLE And WiGLE
Map out your WiFi finds with IGiGLE and WiGLE. It's great for users of
Netstumbler and Kismet. |
var | 7.10MB |
SWF |
10/01/2007 |
|
|
|
| |
|
|
|
67 |
Nokia 770/800 Pen-Testing Setup (Nmap, Kismet, Dsniff and other fun stuff)
This video introduces the viewer to using a Nokia Internet Tablet as a
pen-testing device. |
var | 7.58MB |
SWF |
09/26/2007 |
|
|
|
| |
|
|
|
66 |
Forensic Metadata in Word Docs and Jpegs supporting Exif
Metadata is data about data. Different file formats store extra data about
themselves in different ways. This video will cover metadata that can be used
during a forensic investigation, namely MS Word doc metadata and the metadata
stored in a Jpeg's Exif data. |
var | 4.81MB |
SWF |
09/20/2007 |
|
|
|
| |
|
|
|
65 |
Remote Password Auditing Using THC-Hydra
THC-Hydra is a remote dictionary attack tool from The Hacker's Choice group.
It's a well made tool that supports a lot of protocols and options. The
following protocols are supported: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB,
SMBNT, MS-SQL, MYSQL, REXEC, RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC,
POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco
auth, Cisco enable, LDAP2, Cisco AAA. |
var | 3.15MB |
SWF |
08/08/2007 |
|
|
|
| |
|
|
|
64 |
Using Darik's Boot and Nuke (DBAN) to totally wipe a drive
Another continuation of my file carving video and selective file shredding (DOD
5220.22-M) to thwart forensics tools video, this video shows how to use Darik's
Boot and Nuke (DBAN) to totally wipe a drive. DBAN is a great tool to add to
your anti-forensics tool box. |
var | 5.67MB |
SWF |
07/25/2007 |
|
|
|
| |
|
|
|
63 |
Selective file shredding (DOD 5220.22-M) with Eraser and CCleaner to thwart forensics tools
A continuation of my file carving video, this video shows how to use Eraser and
CCleaner to help thwart forensics tools. |
var | 3.36MB |
SWF |
07/12/2007 |
|
|
|
| |
|
|
|
62 |
Setting
up a simple web proxy with CGIProxy
A quick guide to setting up James Marshall's CGIProxy Perl script and how
proxies are used to get around web content restrictions and stay anonymous. This
video also shows how to quickly find an open CGI proxy with a search engine. |
var | 6.12MB |
SWF |
06/26/2007 |
|
|
|
| |
|
|
|
61 |
Data
Carving with PhotoRec to retrieve deleted files from formatted drives for
forensics and disaster recovery
This video introduces the concept of data carving/file carving for recovering
deleted files, even after a drive has been formatted. |
var | 4.24MB |
SWF |
06/13/2007 |
|
|
|
| |
|
|
|
60 |
Using Cain and the AirPcap USB adapter to crack WPA/WPA2
This video introduces the viewer to the AirPcap USB adapter, and auditing WiFi
networks with it. |
var | 1.93MB |
SWF |
06/11/2007 |
|
|
|
| |
|
|
|
59 |
Intro to the AirPcap USB adapter, Wireshark, and using Cain to crack WEP
This video introduces the viewer to the AirPcap USB adapter, and auditing WiFi
networks with it. |
var | 5.91MB |
SWF |
06/06/2007 |
|
|
|
| |
|
|
|
58 |
UPnP Port Forwarding and Security
This video introduces the viewer to port forwarding with Universal Plug In Play,
and some of the associated security problems. |
var | 2.69MB |
SWF |
05/30/2007 |
|
|
|
| |
|
|
|
57 |
Notacon 2007
Just some video Irongeek took while at Notacon 2007. Plenty of stuff for those
with an interest in Hacking and digital arts. Radar, full motion video on an
8088, a great Bluetooth discussion, shock sites, stun guns, Everclear, IPTV show
hosts, Demoparty/Demoscene, hacker condoms, Ethernet alternatives, fire staffs,
laser data links and more. |
32:55 | 79.5MB |
FLV & AVI |
05/03/2007 |
|
|
|
| |
|
|
|
56 |
Remote Access And Configuration: Setting Up SSH and VNC On Ubuntu Linux (SOHO
Server Series 3)
Just what the title says. In this first video I'll cover how to get SSH can VNC
up an running. |
var | 3.16MB |
SWF |
03/18/2007 |
|
|
|
| |
|
|
|
55 |
WEP Cracking with VMplayer, BackTrack, Aircrack and the DLink DWL-G122 USB
Adapter
Yes, yet another video on cracking WEP. :) |
var | 9.06MB |
SWF |
03/16/2007 |
|
|
|
| |
|
|
|
54 |
An Introduction to Tor
This video serves as a brief introduction to the use of the Tor anonymizing
network in Windows. |
var | 8.00MB |
SWF |
03/08/2007 |
|
|
|
| |
|
|
|
53 |
Cracking Windows Vista Passwords With Ophcrack And Cain
Due to the lack of LM hashes, Vista passwords stored in the SAM file are harder
to crack. However, the NTLM hash is the same as always and can be cracked if the
password is weak. |
var | 5.59MB |
SWF |
02/21/2007 |
|
|
|
| |
|
|
|
52 |
Installing
Updates And New Software In Ubuntu Linux (SOHO Server Series 2)
In this video I'll cover installing updates and new packages in Ubuntu Linux. |
var | 7.62MB |
SWF |
02/11/2007 |
|
|
|
| |
|
|
|
51 |
Installing Ubuntu
Linux (SOHO Server Series 1)
Just what the title says. In this first video I'll cover a bit about
partitioning, dual booting with Windows and the basic steps you need to do to
get Ubuntu Linux up and running. |
var | 4.58MB |
SWF |
02/05/2007 |
|
|
|
| |
|
|
|
50 |
Using SysInternals' Process Monitor to
Analyze Apps and Malware
Process Monitor is a useful tool to see what registry, file system and thread
changes processes are making on your Windows system. |
var | 6.08MB |
SWF |
01/14/2007 |
|
|
|
| |
|
|
|
49 |
Dual Booting BackTack Linux And BartPE From A Thumbdrive
Run all of your Windows and Linux security tools from one dual boot UFD. |
var | 8.36MB |
SWF |
11/30/2006 |
|
|
|
| |
|
|
|
48 |
Creating a Windows Live CD
for System Recovery and Pen-Testing with Bart's PE Builder
Pretty much what the title says, building a BartPE CD for Hacking and system
recovery. Some of the tools I will show off are Sala's Password Renew, Cain,
RunScanner and XPE. |
var | 22.3MB |
SWF |
10/17/2006 |
|
|
|
| |
|
|
|
47 |
Making Windows Trojans with
EXE Binders (AKA:Joiners), Splice and IExpress |
var | 6.12MB |
SWF |
09/12/2006 |
|
|
|
| |
|
|
|
46 |
A Collection Of Hacking Videos By
Others
Some of the sites that originally hosted them are gone. I'm just putting these
up so they are not lost forever. |
| |
|
09/05/2006 |
|
|
|
| |
|
|
|
45 |
Hosts File and Ad Blocking
How to use the hosts file to block ads, and a little on how the hosts file
works. |
var | 2.63MB |
SWF |
09/03/2006 |
|
|
|
| |
|
|
|
44 |
Passive OS Fingerprinting With P0f And Ettercap
If you've seen my videos on Nmap you've seen active OS fingerprinting in action.
In this tutorial I use P0f and Ettercap to show how to detect the Operating
System of a box passively. |
var | 4.52MB |
SWF |
08/16/2006 |
|
|
|
| |
|
|
|
43 |
Cracking MD5 Password Hashes
A little about cracking MD5 password hashes. In this tutorial we take the hashes
from a phpbb2 database and crack them using online tools and Cain. |
var | 4.47MB |
SWF |
08/02/2006 |
|
|
|
| |
|
|
|
42 |
Setting Firefox's User
Agent To Googlebot
Access sites that allow indexing by Google but require you to subscribe to view
the content. |
var | 3.69MB |
SWF |
07/31/2006 |
|
|
|
| |
|
|
|
41 |
Using TrueCrypt With NTFS Alternate
Data Streams
Using TrueCrypt with Alternate Data Streams to hide encrypted data. |
var | 3.68MB |
SWF |
07/19/2006 |
|
|
|
| |
|
|
|
40 |
Intro To TrueCrypt
Using TrueCrypt to create standard and hidden volumes for "plausible
deniability" encryption. |
var | 7.33MB |
SWF |
06/19/2006 |
|
|
|
| |
|
|
|
39 |
Intro To DD and Autopsy By Williamc and
Twinvega
This video gives the basics of using DD to make an image of a drive over the
network and Autopsy to look for data, both from the Auditor Boot CD. |
var | 4.24MB |
SWF |
06/05/2006 |
|
|
|
| |
|
|
|
38 |
Intro To Bluesnarfing By Williamc and
Twinvega
This video covers Bluesnarfing, serepticiously grabbing data off of Bluetooth
devices. |
var | 7.87MB |
SWF |
05/24/2006 |
|
|
|
| |
|
|
|
37 |
Network Printer
Hacking: Irongeek's Presentation at Notacon 2006 |
44:03 | 125MB |
AVI
(XVID) |
04/10/2006 |
|
|
|
| |
|
|
|
36 |
Irongeek's Guide to Buying a Used Laptop |
16:37 | 34MB |
AVI
(XVID) |
03/08/2006 |
|
|
|
| |
|
|
|
35 |
Cracking Windows Passwords with
BackTrack and the Online Rainbow Tables at Plain-Text.info
The title says it all pretty much. Audit that SAM file fast! |
var | 4.33MB |
SWF |
02/21/2006 |
|
|
|
| |
|
|
|
34 |
Adding Modules to a Slax or Backtrack Live CD
from Windows
In this video I show how to add patches and extra modules to the Back|track
Hacking Live CD using MySlax. |
var | 4.22MB |
SWF |
02/07/2006 |
|
|
|
| |
|
|
|
33 |
Anonym.OS: LiveCD with build in Tor Onion
routing and Privoxy
Just showing off this cool live CD recently released at ShmooCon 2006. Great for
surfing anonymously. |
var | 3.27MB |
SWF |
01/30/2006 |
|
|
|
| |
|
|
|
32 |
Make your own VMs with hard drive for
free: VMware Player + VMX Builder
In my last video I showed how to use the free VMware Player to boot a Live CD
ISOs. This time I'm going to show how to use Robert D. Petruska's VMX Builder to
make your own VMs with hard drives (vmdk file) and pretty much any virtual
hardware you want. |
var | 1.58MB |
SWF |
01/26/2006 |
|
|
|
| |
|
|
|
31 |
Using VMware Player to run Live
CDs (Bootable ISOs)
In this video I show how to use the free VMware Player to run Live CDs like
Knoppix, Auditor or Bart's PE Builder from an ISO. |
var | 4.50MB |
SWF |
01/20/2006 |
|
|
|
| |
|
|
|
30 |
SSH
Dynamic Port Forwarding
I set up a quick video tutorial to show how to set up an encrypted tunnel using
SSH's dynamic port forwarding (sort of a poor man's VPN) in both Linux and
Windows. The tools used are OpenSSH, PuTTY and Firefox, but it should be enough
info to allow you to figure out how to set up other clients. |
var | 2.95MB |
SWF |
01/11/2006 |
|
|
|
| |
|
|
|
29 |
WMF File Code Execution Vulnerability
With Metasploit
This video covers the use of the recent (Jan 2006) WMF file code execution
vulnerability with Metasploit. It shows how to shovel a shell back to the
attacker with the WMF vulnerability. See
Microsoft Security Advisory 912840. Thanks to kn1ghtl0rd, AcidTonic,
Electroman and livinded for their help. |
var | 3.71MB |
SWF |
01/02/2006 |
|
|
|
| |
|
|
|
28 |
Using VirtualDub and a cheap webcam
as a camcorder
I thought this might be of use to those that would like to submit something to
Infonomicon TV or
Hack TV but lack the cash for a
proper MiniDV camcorder. |
5:39 | 10.10MB |
AVI(XVID) |
12/15/2005 |
|
|
|
| |
|
|
|
27 |
Firewalls with Sarah: Campus
Computer Security Series Episode 2
Sarah will tell you a bit about Firewalls and walk you though enabling the
built-in firewalls that come with Windows XP and Mac OS X. |
2:58 | 9.70MB |
AVI(XVID) |
11/16/2005 |
|
|
|
| |
|
|
|
26 |
Updates and Patches with Anna: Campus
Computer Security Series Episode 1
Anna will walk you though updating your Windows XP or Mac OS X computer. |
3:06 | 6.40MB |
AVI(XVID) |
11/16/2005 |
|
|
|
| |
|
|
|
25 |
Infonomicon TV Ep 7: HP printer
hacking, building an old school phone handset for your cell phone, collecting
data in RF monitor mode and making cat5 cables |
24:41 | 127MB |
AVI |
10/18/2005 |
|
|
|
| |
|
|
|
24 |
Metasploit Flash Tutorial |
var | 3.23MB |
SWF |
10/12/2005 |
|
|
|
| |
|
|
|
23 |
Nmap Video Tutorial 2: Port Scan Boogaloo |
var | 13.3MB |
SWF |
10/06/2005 |
|
|
|
| |
|
|
|
22 |
Finding Rogue SMB File Shares On
Your Network |
var | 5.46MB |
SWF |
09/02/2005 |
|
|
|
| |
|
|
|
21 |
WiGLE, JiGLE and Google Earth: Mapping out
your wardrive |
var | 7.38MB |
SWF |
08/02/2005 |
|
|
|
| |
|
|
|
20 |
Droop's Box: Simple Pen-test Using Nmap,
Nikto, Bugtraq, Nslookup and Other Tools |
var | 6.55MB |
SWF |
07/17/2005 |
|
|
|
| |
|
|
|
19 |
Fun with Ettercap Filters: The
Movie |
var | 2.43MB |
SWF |
06/16/2005 |
|
|
|
| |
|
|
|
18 |
MAC Bridging with Windows XP and
Sniffing (very useful with my Cain/VoIP tutorial below) |
var | 1.44MB |
SWF |
06/15/2005 |
|
|
|
| |
|
|
|
17 |
Sniffing VoIP Using Cain |
var | 1.74MB |
SWF |
05/26/2005 |
|
|
|
| |
|
|
|
16 |
Installing Knoppix 3.8 to Your Hard Drive |
var | 3.75MB |
SWF |
05/25/2005 |
|
|
|
| |
|
|
|
15 |
A Quick and Dirty Intro to Nessus using
the Auditor Boot CD |
var | 2.81MB |
SWF |
05/24/2005 |
|
|
|
| |
|
|
|
14 |
Local Password Cracking
Presentation for the
Indiana Higher Education Cybersecurity Summit 2005
(It covers cracking the SAM/Syskey, Cached ADS/Domain Credentials, VNC stored
passwords and Windows Protected Storage) |
var | 5.71MB |
SWF |
04/25/2005 |
|
|
|
| |
|
|
|
13 |
Basic Nmap Usage |
var | 8.47MB |
SWF |
03/31/2005 |
|
|
|
| |
|
|
|
12 |
Cracking Syskey and the SAM on
Windows Using Samdump2 and John |
var | 2.48MB |
SWF |
03/22/2005 |
|
|
|
| |
|
|
|
11 |
Basic Tools for Wardriving |
var | 2.80MB |
SWF |
09/20/2004 |
|
|
|
| |
|
|
|
10 |
Making The Default XP Interface
Look More Like Windows 2000 |
1:11 | 1.56MB |
SWF |
09/17/2004 |
|
|
|
| |
|
|
|
9 |
Look for deleted data on the slack space of a
disk |
1:20 | 3.40MB |
SWF |
03/31/2004 |
|
|
|
| |
|
|
|
8 |
Recover deleted cookies or other
files using Restoration |
1:15 | 2.12MB |
SWF |
03/18/2004 |
|
|
|
| |
|
|
|
7 |
Some of my gear |
1:46 | 2.93MB |
AVI |
03/17/2004 |
|
|
|
| |
|
|
|
6 |
Using NetworkActiv to sniff webpages on
a Wi-Fi network |
2:00 | 1.34MB |
SWF |
03/16/2004 |
|
|
|
| |
|
|
|
5 |
Boot from Phlak and run Chkrootkit to
detect a compromise |
2:25 | 1.45MB |
SWF |
03/04/2004 |
|
|
|
| |
|
|
|
4 |
Use Brutus to crack a box running telnet |
1:23 | 1.7MB |
AVI |
03/03/2004 |
|
|
|
| |
|
|
|
3 |
Cain to ARP poison and sniff passwords |
0:53 | 1.7MB |
AVI |
03/02/2004 |
| |
|
| |
| |
| 2 |
Install VNC
Remotely |
4:14 | 2.90MB |
AVI | 09/26/2002 |
| |
|
| |
| |
| 1 |
Start a session and get interactive commandline
access to a remote Windows box |
4:20 | 5.00MB |
AVI | 09/18/2002 |
RSS
Printable version of this article