A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Steal All of the Databases. - Alejandro Caceres Derbycon 2013 (Hacking Illustrated Series InfoSec Tutorial Videos)

Steal All of the Databases. - Alejandro Caceres
Derbycon 2013

Description: “Ever wondered what it would take to conduct a fully automated attack on an entire country’s web infrastructure? Read on! We’ve always been interested in the ideas of conducting massive attacks and detecting mass vulnerabilities. We’ve presented this topic a couple of times before, at DEF CON 21 and ShmooCon 2013, and we’re releasing several ‘Big Data’-based open source tools. But for DerbyCon, we want to put it all together for you, and show — on a practical level — how our massively scalable pieces of (all open source and free) software *could* be chained together to pull off one of the biggest hacks ever. Target: An entire country’s web infrastructure. Goal: Steal all of the databases. It’s going to be awesome. (This will of course be a proof of concept, we wouldn’t actually do this, it would be really illegal)”

Bio: Alejandro Caceres (@DotSlashPunk) is a software developer, web application penetration tester, and security researcher. His main interest is in the nexus between distributed computing and network/application attacks. He is the founder of the PunkSPIDER project, presented at ShmooCon 2013, which is an open source project to fuzz the entire Internet’s web applications using a Hadoop cluster. He’s also the owner of Hyperion Gray, a software development company focused on open source projects in the area of distributed computing as it relates to security. He didn’t know how to work in shamelessly mentioning the DARPA Cyber Fast Track research project he is also working on, which he presented at DEF CON 21, or his *other* DEF CON 21 talk about distributing common attacks, so he just wrote it in at the end of the bio. He is very classy.

Back to Derbycon 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast