A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Hacking Illustrated: Computer security videos
Hacking Illustrated

        In this section I'll be posting AVIs and Flash files that show step by step how to execute various pen-testing tools. If you have any requests or comments please let me know. If you want to know how I make these video see the page titled: How I Make The Hacking Illustrated Videos

370 OISF 2022  YouTube/Archive.org   07/10/2022
369 OISF 2021 Videos  YouTube/Archive.org   07/10/2021
368 BSides Cleveland 2021 Videos  YouTube/Archive.org   06/20/2021
367 BSides Tampa 2020 Videos  YouTube/Archive.org   03/01/2020
366 Louisville Infosec 2019 Videos  YouTube/Archive.org   11/18/2019
365 BSidesCT 2019 Video  YouTube/Archive.org   11/10/2019
364 GrrCON 2019 Videos  YouTube/Archive.org   10/26/2019
363 BSidesSTL 2019 Videos  YouTube/Archive.org   09/22/2019
362 DerbyCon 9 Videos  YouTube/Archive.org   09/08/2019
361 OISF 2019 Videos  YouTube/Archive.org   07/13/2019
360 BSides Cleveland 2019 Videos  YouTube/Archive.org   06/22/2019
359 ShowMeCon 2019 Videos  YouTube/Archive.org   06/15/2019
358  Circle City Con 2019 Videos  YouTube/Archive.org   06/02/2019
357 NolaCon 2019  YouTube/Archive.org   05/19/2019
356 BSidesCharm 2019 Videos  YouTube/Archive.org   04/28/2019
355 BSides Columbus 2019 Video  YouTube/Archive.org   03/01/2019
354 BSides Tampa 2019 Videos  YouTube/Archive.org   02/03/2019
353 SecureWV/Hack3rcon 2018 Videos  YouTube/Archive.org   12/02/2018
352 BSidesRDU 2018 Videos  YouTube/Archive.org   10/19/2018
351 Derbycon 2018 Videos  YouTube/Archive.org   10/08/2018
350 GrrCON 2018 Videos  YouTube/Archive.org   09/08/2018
349 OISF 2018 Videos  YouTube/Archive.org   07/14/2018
348 BSides Cleveland 2018 Videos  YouTube/Archive.org   06/23/2018
347 ShowMeCon 2018 Videos  YouTube/Archive.org   06/08/2018
346 Circle City Con 2018 Videos  YouTube/Archive.org   06/03/2018
345 NolaCon 2018 Videos  YouTube/Archive.org   05/20/2018
344 BSides Detroit 2018 Videos  YouTube/Archive.org   05/12/2018
343 Converge 2018  YouTube/Archive.org   05/11/2018
342 BSidesCharm 2018 Videos  YouTube/Archive.org   04/29/2018
341 BSides Nashville 2018 Videos  YouTube/Archive.org   04/14/2018
340 AIDE 2018 Videos  YouTube/Archive.org   04/06/2018
339 BSides Chattanooga 2018 Videos  YouTube/Archive.org   03/24/2018
338 BSides Indy 2018 Videos  YouTube/Archive.org   03/10/2018
337 BSides Columbus 2018 Videos  YouTube/Archive.org   03/02/2018
336 BSides NOVA 2018 Videos  YouTube/Archive.org   02/24/2018
335 BSides Tampa 2018  YouTube/Archive.org   02/17/2018
334 BSides Philly 2017  YouTube/Archive.org   12/08/2017
333 SecureWV/Hack3rcon2017  YouTube/Archive.org   11/19/2017
332 GrrCON 2017 Videos  YouTube/Archive.org   10/28/2017
331 Derbycon 7 Videos  YouTube/Archive.org   09/25/2017
330 Louisville Infosec 2017  YouTube/Archive.org   09/19/2017
329 BSides Cleveland 2017 Videos  YouTube/Archive.org   06/24/2017
328 ANYCon 2017 Videos  YouTube/Archive.org   06/17/2017
327 Circle City Con 2017 Videos  YouTube/Archive.org   06/11/2017
326 ShowMeCon 2017 Videos  YouTube/Archive.org   06/09/2017
325 Nolacon 2017 Videos  YouTube/Archive.org   05/21/2017
324 BSides Detroit 2017 Videos  YouTube/Archive.org   05/13/2017
323 Converge 2017 Videos  YouTube/Archive.org   05/12/2017
322 BSidesCharm 2017 Videos  YouTube/Archive.org   04/30/2017
321 BSides Nashville 2017 Videos  YouTube/Archive.org   04/22/2017
320 AIDE 2017 Videos  YouTube/Archive.org   04/07/2017
319 Cyphercon 2.0  YouTube/Archive.org   04/01/2017
318 Bloomcon 2017 Videos  YouTube/Archive.org   03/25/2017
317 BSides Indy 2017 Videos  YouTube/Archive.org   03/11/2017
316 BSides NOVA 2017 Videos  YouTube/Archive.org   02/25/2017
315 BSides Tampa 2017 Videos  YouTube/Archive.org   02/12/2017
314 BSides Columbus 2017 Videos  YouTube/Archive.org   01/16/2017
313 BSides Philadelphia 2016  YouTube/Archive.org   11/20/2016
312 SecureWV/Hack3rcon 2016 Videos  YouTube/Archive.org   11/20/2016
311 GrrCON 2016 Videos  YouTube/Archive.org   10/08/2016
310  Derbycon 2016 Video  YouTube/Archive.org   09/26/2016
309 Louisville Infosec 2016 Videos  YouTube/Archive.org   09/20/2016
308 BSides Augusta 2016 Videos  YouTube/Archive.org   09/11/2016
307 BSides Detroit 2016 Videos  YouTube/Archive.org   07/17/2016
306 Converge 2016  YouTube/Archive.org   07/16/2016
305 OISF 2016 Videos  YouTube/Archive.org   07/09/2016
304 BSides Cleveland 2016 Videos  YouTube/Archive.org   06/25/2016
303 ShowMeCon 2016 Videos  YouTube/Archive.org   06/14/2016
302 Circle City Con 2016 Videos  YouTube/Archive.org   06/12/2016
301 NolaCon 2016  YouTube/Archive.org   05/22/2016
300 AIDE 2016 Videos  YouTube/Archive.org   04/22/2016
299 BSides Nashville 2016 Videos  YouTube/Archive.org   04/17/2016
298 Central Ohio Infosec Summit 2016 Videos  YouTube/Archive.org   03/31/2016
297 CypherCon 2016 Videos  YouTube/Archive.org   03/12/2016
296 BSides Indy 2016 Videos  YouTube/Archive.org   03/05/2016
295 BSides San Francisco 2016 Videos  YouTube/Archive.org   03/01/2016
294 BSides Huntsville 2016 Videos  YouTube/Archive.org   02/07/2016
293 BSides Columbus 2016 Videos  YouTube/Archive.org   01/16/2019
292 Shmoocon Firetalks 2016  YouTube/Archive.org   01/16/2016
291 SecureWV 2015 Videos  YouTube/Archive.org   11/08/2015
290 HouSecCon v6 2015 Videos  YouTube/Archive.org   10/16/2015
289 GrrCON 2015 Videos  YouTube/Archive.org   10/11/2015
288 Louisville Infosec 2015 Videos  YouTube/Archive.org   09/30/2015
287 DerbyCon 5 Videos  YouTube/Archive.org   09/28/2015
286 BSides Augusta 2015 Videos  YouTube/Archive.org   09/13/2015
285 BSidesLV 2015 Videos  YouTube/Archive.org   08/06/2015
284 BSides Cincinnati 2015 Videos  YouTube/Archive.org   07/27/2015
283 BSides Detroit 2015 Videos  YouTube/Archive.org   07/18/2015
282 Converge 2015 Videos  YouTube/Archive.org   07/17/2015
281 OISF 2015 Videos  YouTube/Archive.org   07/11/2015
280 BSides Cleveland 2015 Videos  YouTube/Archive.org   06/20/2015
279 Circle City Con 2015 Videos  YouTube/Archive.org   06/14/2015
278 ShowMeCon 2015 Videos  YouTube/Archive.org   06/10/2015
277 Password Cracking Class for Hackers For Charity  YouTube/Archive.org   05/17/2015
276 BSides Knoxville 2015 Videos  YouTube/Archive.org   05/16/2015
275 BSides Boston 2015 Videos  YouTube/Archive.org   05/10/2015
274 AIDE 2015 Videos  YouTube/Archive.org   04/24/2015
273 BSides San Francisco 2015 Videos  YouTube/Archive.org   04/21/2015
272 BSides Nashville 2015 Videos  YouTube/Archive.org   04/12/2015
271 Central Ohio Infosec Summit 2015 Videos  YouTube/Archive.org   03/26/2015
270 Louisville Lock Picking And Bypass Class Hosted At LVL1  YouTube/Archive.org   02/28/2015
269 BSides Tampa 2015 Videos  YouTube/Archive.org   02/22/2015
268 BSides Huntsville 2015 Videos Posted  YouTube/Archive.org   02/08/2015
267 BSides Columbus Ohio 2015 Videos  YouTube/Archive.org   01/18/2015
266 Shmoocon Firetalks 2015 Videos  YouTube/Archive.org   01/18/2015
265 Hack3rcon 5 Videos  YouTube/Archive.org   11/17/2014
264 GrrCON 2014 Videos  YouTube/Archive.org   10/19/2014
263 Louisville Infosec 2014 Videos  YouTube/Archive.org   10/03/2014
262 Derbycon 4  YouTube/Archive.org   10/01/2014
261 BSides Augusta 2014 Videos  YouTube/Archive.org   09/13/2014
260 Passwordscon 2014 Videos  YouTube/Archive.org   08/21/2014
259 TakeDownCon Rocket City 2014 Videos  YouTube/Archive.org   08/20/2014
258 Defcon Wireless Village 2014 (Defcon 22) Videos  YouTube/Archive.org   08/12/2014
257 BSides Las Vegas 2014 Videos  YouTube/Archive.org   08/11/2014
256 BSides Cleveland 2014 Videos  YouTube/Archive.org   07/13/2014
255 OISF 2014 Videos  YouTube/Archive.org   07/13/2014
254 Circle City Con 2014 Videos  YouTube/Archive.org   06/15/2014
253 BSides Nashville 2014 Videos  YouTube/Archive.org   05/19/2014
252 Nmap Class for Hackers For Charity  YouTube/Archive.org   05/11/2014
251 ShowMeCon 2014 Videos  YouTube/Archive.org   05/07/2014
250 BSides Chicago 2014 Videos  YouTube/Archive.org   04/28/2014
249 Notacon 11 (2014) Videos  YouTube/Archive.org   04/13/2014
248 BSides Huntsville 2014 Videos  YouTube/Archive.org   02/10/2014
247 Intro to Darknets: Tor and I2P Workshop
This class introduces students to the I2P and Tor Darknets.
2:69:23YouTube/Archive.org   02/01/2014
246 ShmooCon Firetalks 2014  YouTube/Archive.org   01/21/2014
245 Installing Nessus on Kali Linux and Doing a Credentialed Scan
I recorded this video twice. First time, the sound was hideous when the fan came on. I decided to re-record it and post both versions. I cover installing Nessus on Kali Linux and doing Nessus credentialed scans using Windows passwords and Linux SSH keys.
36.31YouTube   01/17/2014
244 SkyDogCon 2013 Videos  YouTube   12/26/2013 
243 Intro to Metasploit Class at IU Southeast
This is a class we did to introduce students to Metasploit at IU Southeast. Special guest lecturer Jeremy Druin (@webpwnize). To follow along, I recommend downloading Kali Linux.
2:26:56YouTube/Archive.org    12/14/2013 
242 BSides Delaware 2013 Videos  YouTube/Archive.org   11/10/2013
241 ISSA Kentuckiana - RESTful Web Services - Jeremy Druin - @webpwnized  YouTube/Archive.org   11/01/2013
240 Hack3rcon^4 Videos  YouTube/Archive.org   10/20/2013
239 Derbycon 3.0 Videos  YouTube/Archive.org   09/29/2013
238 BSidesLV 2013 Videos  YouTube/Archive.org   08/06/2013
237 OISF 2013 Videos  YouTube/Archive.org   07/14/2013
236 NQSFW Free CISSP Study Guide  YouTube/Archive.org   07/04/2013
235 BSides Rhode Island Videos  YouTube/Archive.org   06/15/2013
234 Kali Linux Live Boot USB Flash Drive - Jeremy Druin 1:00:11YouTube/Archive.org   06/07/2013
233 ISSA Kentuckiana Web Pen-Testing Workshop  YouTube/Archive.org   05/20/2013
232 Notacon 10 Videos  YouTube/Archive.org   04/21/2013
231 AIDE 2013  YouTube/Archive.org   04/18/2013
230 Outerz0ne 9 (2013) Videos  YouTube/Archive.org   04/08/2013
229 Outerz0ne 8 (2012) Videos
Somehow I forgot to post these to this page last year.
 YouTube/Archive.org   03/13/2013
(should have been 2012)
228 Introduction to HTML Injection (HTMLi) and Cross Site Scripting (XSS) Using Mutillidae  YouTube   03/03/2013
227 Introduction to Pen Testing Simple Network Management Protocol (SNMP)  YouTube   03/03/2013
226 Bro IDS/Network Programming Language Video Page  YouTube   02/24/2013
225 Shmoocon Firetalks 2013  YouTube/Archive.org   02/18/2013
224 Basics of using sqlmap - ISSA Kentuckiana workshop 8 - Jeremy Druin
This is the 8th in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae (or other tools) for the Kentuckiana ISSA. This one covers SQLMap.
1:20:57YouTube   02/11/2013
223 SQL Server Hacking from ISSA Kentuckiana workshop 7 - Jeremy Druin
This is the 7th in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae (or other tools) for the Kentuckiana ISSA. This one covers SQL Server Hacking.


619.8MB 01/05/2013
223 Introduction to buffer overflows from ISSA KY workshop 6  YouTube/Archive.org    11/24/2012
222 PhreakNIC 16 Videos  YouTube/Archive.org    11/10/2012
221 The potential impact of Software Defined Networking on security - Brent Salisbury
This is Brent Salisbury talk on SDN and security for the Kentuckiana ISSA November meeting. Sorry about the sound, I need to get a mic next time.


344.3MB 11/04/2012
220 SkyDogCon 2 Videos  YouTube/Archive.org    10/27/2012
219 Hack3rcon 3  YouTube/Archive.org    10/25/2012
218 Louisville Infosec 2012 Videos  YouTube/Archive.org    10/06/2012
217 Derbycon 2.0: The Reunion  YouTube/Archive.org    09/30/2012
216 Into to Metasploit - Jeremy Druin
This is the 5th in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae for the Kentuckiana ISSA. This one covers Metasploit.

1:06:12YouTube/Archive.org    09/09/2012
215 Host Vulnerability Assessment with Nessus, NeXpose and Metasploitable 2
This is the 4th in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae for the Kentuckiana ISSA. This one covers Nessus, NeXpose and Metasploitable 2.
1:01:10YouTube/Archive.org    08/05/2012


214 BSides Las Vegas 2012 Videos  YouTube/Archive.org    07/31/2012
213 OISF 2012 Videos  YouTube/Archive.org    07/16/2012
212 Bsides Cleveland 2012 Videos   YouTube/Archive.org    07/16/2012
211 Pilfering Local Data: Things an Attacker Would Want to Grab with Short Term Local Access
Here's my talk from the 2011 Nashville Infosec. This is more or less the description I sent them: "This talk will cover core items an attacker would want to locate and copy off of a Windows system, as well as what tools they would use to bypass weak security precautions like file system permissions and OS/BIOs passwords. Core date in this case would be things like stored passwords and wireless keys, but could also include network paths and the like. It will underscore the importance of physical security and hard drive encryption."


This one is out of order. Somehow I put it on the front page, but forgot about adding it to this index. 09/16/2011
210 Traceroute and Scapy Jeremy Druin @webpwnized
This is the 3rd in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae for the Kentuckiana ISSA. This one covers Traceroute and Scapy.
1:07:09YouTube/Archive.org    06/02/2012
209 AIDE 2012 Videos  YouTube/Archive.org    05/26/2012
208 Intro to Scanning: Nmap, Hping, Amap, TCPDump, Metasploit, etc. Jeremy Druin
This is the 2nd in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae for the Kentuckiana ISSA. This one covers scanning Nmap, Hping, Amap, TCPDump, Metasploit, etc.
1:03:33YouTube/Archive.org    05/12/2012
207 Notacon 9 (2012) Videos  YouTube/Archive.org   04/16/2012
206 Pen-testing practice in a box: How to assemble a virtual network
This is the first in a line of classes Jeremy Druin will be giving on pen-testing and web app security featuring Mutillidae for the Kentuckiana ISSA. Topics: Virtual Box Installation, Installing virtual machines, Configuring virtual networks - bridged, nat, hostonly, USB devices in virtual machines, Wireless networks in virtual machines, Installing Guest Additions, How to install Mutillidae in Windows on XAMPP, How to install Mutillidae in Linux Samurai
1:07:18YouTube/Archive.org   04/07/2012
205 Web Application Pen-testing Tutorials With Mutillidae
When I started the Mutillidae project it was with the intention of using it as a teaching tool and making easy to understand video demos. Truth be told, I never did as much with it as I intended. However, after Jeremy Druin (@webpwnized) took over the development it really took off. I have since come to find out he has been doing A LOT of YouTube video tutorials with Mutillidae, which he said I could share here. I will be copying his descriptions with slight editing and embedding his videos in this page.
 YouTube   03/15/2012


204 Crypto & Block Cipher Modes (OpenSSL, AES 128, ECB, CBC)
Hopefully this will give a nice visual illustration of how Electronic codebook (ECB) and Cipher-block chaining (CBC) work using AES-128 and OpenSSL. You can learn a lot from a known plain text, and repeating patterns. Inspired by labs from Kevin Benton & "Crypto Lab 1" SEED.
 YouTube/Archive.org   03/13/2012
203 ShmooCon Firetalks 2012 Videos

Night 1
“How Do You Know Your Colo Isn’t “Inside” Your Cabinet, A Simple Alarm Using Teensy” by David Zendzian
“Bending SAP Over & Extracting What You Need!” by Chris John Riley
“ROUTERPWN: A Mobile Router Exploitation Framework” by Pedro Joaquin
“Security Is Like An Onion, That’s Why it Makes You Cry” by Michele Chubirka
“Five Ways We’re Killing Our Own Privacy” by Michael Schearer

Night 2

“Cracking WiFi Protected Setup For Fun and Profit” by Craig Heffner
“Passive Aggressive Pwnage: Sniffing the Net for Fun & Profit” by John Sawyer
“Ressurecting Ettercap” by Eric Milam
“Security Onion: Network Security Monitoring in Minutes” by Doug Burks
“Remotely Exploiting the PHY Layer” by Travis Goodspeed




202 ShmooCon Epilogue 2012 Talks
Resurrection of Ettercap: easy-creds, Lazarus & Assimilation
Eric Milam - (Brav0Hax) &
Emilio Escobar

Media Hype and Hacks that Never Happened
Space Rouge
More than one way to skin a cat: identifying multiple paths to compromise a target through the use of Attach Graph Analysis
Joe Klein
Proper Depth / Breadth testing for Vulnerability Analysis and fun with tailored risk reporting metrics.
Jason M Oliver
Extending Information Security Methodologies for Personal User in Protecting PII.
John Willis
Stratfor Password Analysis
Chris Truncer
Intro To Bro
Richard Bejtlich
Javascript Deobfuscation
Glen Pendley


201 Unix File Permissions and Ownership (CHOWN, CHMOD, ETC)
I'm taking a security class were we had a lab on Unix/Linux file system permissions. I decided I might as well record it, and the steps taken, along with explanations as to what I was doing to set the permissions such as read, write, execute, SetUID, SetGID and the Stickybit. Kevin Benton created the lab, so I'd like to give him credit for inspiring me to do this video.
24:56YouTube/Archive.org   01/21/2012
200 Basic Setup of Security-Onion: Snort, Snorby, Barnyard, PulledPork, Daemonlogger
Thanks to Doug Burks for making building a Network Security Monitoring Server much easier. I mentioned Snort, Snorby, Barnyard, PulledPork and Daemonlogger in the title, but there is a lot more on the distro than that. This is a nice way to get an IDS up and running featuring pretty frontends without going into dependency hell.


199 Pen-Testing Web 2.0: Stealing HTML5 Storage & Injecting JSON Jeremy Druin
This is Jeremy's talk from a recent ISSA meeting. In it he covers what the title says, showing off stealing of HTML 5 storage, injecting JSON, using Burp Suite, Muttillidae and some XSS attack fun. Sorry about the noise in the first bit, I had to set the camera up a ways off and it picked up my bag of chips better than it did Jeremy's talk. @webpwnized


198 PHUKD/Keylogger Hybrid 50:22YouTube/Archive.org   01/01/2012
197 NetworkMiner Professional for Network Forensics
This video was made to show some of the extra features of NetworkMiner Professional, like Pcap-over-IP, running on OS X under Mono, Export results to CSV / Excel, Geo IP localization, Host coloring support, and Command line scripting support.
11:47YouTube   12/03/2011


196 SkyDogCon 2011 Videos  YouTube/Archive.org   11/06/2011
195 Hack3rcon II Videos  YouTube/Archive.org   10/24/2011
194 Derbycon 2011 Videos  YouTube/Archive.org   10/08/2011
193 Security Tips For The Small Business From 70,000 Feet - Joseph Hollingsworth and Adrian Crenshaw
A little while back Joe Hollingsworth and I were interviewed for an article in the Southern Indiana Business Source. The local Kiwanis club asked for a 25 min talk on the subject of the article, so we came up with this mandate:
Given only 25 minutes, tell us what a small business could do to help their security posture.
Well, it ended up being almost 40min and we did not get through all of the slides. The live video camera failed, so the audio in this video is what the laptop recorded. It may not be something most of my readers will be interested in, but it may help you present on a similar topic.
39:29Youtube   8/20/2011
192 Cipherspaces/Darknets An Overview Of Attack Strategies
This is essentially the talk I gave at Defcon 19, but I had a little more time to cover the topic in this canned video:

Darknets/Cipherspaces such as Tor and I2P have been covered before in great detail. Sometimes it can be hard to follow attack strategies that have been used against them as the papers written on the topic have been academic and abstract. What this talk will attempt to do is step back and give an overview of the topic in a manner hopefully more conducive to the understanding of security practitioners, giving more concrete examples. While little to nothing in this talk will be "new and groundbreaking" it should lead to a better understanding of how encrypted anonymizing networks can be subverted to reveal identities.

1:00:43YouTube/Archive.org   8/09/2011



Ohio Information Security Forum (OISF) Anniversary Event Videos
These are the presentations from the Ohio Information Security (OISF) Anniversary Event. The descriptions are largely Ligatted from the OISF website.

Endpoint Security Decisions - Kurt Roemer
Defending against XSS - Jason Montgomery
Project Ubertooth: Building a Better Bluetooth Adapter - Michael Ossmann
Making Windows 7 SP1 32/64bit Boot CD/DVD/USBs with Winbuilder - Adrian Crenshaw
Cloud Computing Security - Dr. James Walden




AIDE 2011 Conference Videos
These are the presentations from the AIDE 2011 conference at Marshall University. We had some issues early on with the schedule not matching the talks, so descriptions are incomplete. The descriptions I do have are largely Ligatted from the AIDE website.

Social Networks - Evan Patterson
Who are you going to call? - Evan Patterson
WV Crimes requiring Electronic & Digital Evidence - Philip Morrison
Professionalism on the Witness Stand - Phillip Morrison
Common Darknet Weaknesses - Adrian "Irongeek" Crenshaw
Recent HIPAA/HITECH Changes - Caleb Knight
Hacking A Mature Security Program - David "ReL1K" Kennedy

 YouTube/Archive.org   7/18/2011


189 Dual booting Winbuilder/Win7PE SE and Backtrack 5 on a USB flash drive with XBOOT
This is a quick and dirty video to show how to make a multiboot thumbdrive with XBOOT. You can also create a multiboot CD/DVD by combining other ISOs. Operating Systems loaded on mine include: Backtrack 5, Winbuilder/Win7PE SE, DBAN, UBCD4Win, TAILS, Gparted, Ubuntu 11.04, etc.
4:41YouTube   7/08/2011
188 Portable Boot Devices (USB/CD/DVD): Or in Canadian, what is this all aboot?      
This is a talk I did on making bootable USB drives/CDs/DVDs for my local ISSA. Think of it as a braindump and starting point for making your own.
1:22:49Vimeo/AVI 225.6MB 6/04/2011

OSInt, Cyberstalking, Footprinting and Recon: Getting to know you
The following are videos from the Footprinting/OSInt/Recon/Cyberstalking class I did up in Fort Wayne Indiana for the Northeast Indiana Chapter of ISSA. I've split the class into three videos by subtopic, and included the text from the presentation for quick linking.

DNS, Whois and Domain Tools
Finding general Information about an organization via the web
Anti-social networks
Google Hacking
Other odds and ends

Vimeo/AVI   5/23/2011
186 Attacking and Defending Apple iOS Devices - Tom Eston
50:44Vimeo/AVI  97.2MB 5/15/2011


185 Leveraging Social-Engineering in your INFOSEC Program - David Kennedy
45:15Vimeo/AVI  125.6MB 5/15/2011


184 Crude, Inconsistent Threat: Understanding Anonymous - Adrian Crenshaw 43:53Vimeo/AVI  88.8MB 5/15/2011
183 Funnypots and Skiddy Baiting: Screwing with those that screw with you - Notacon 2011
This is the presentation I did for Notacon 2011. Honeypots might be ok for research, but they don’t allow you to have fun at an attacker’s expense the same way funnypot and skiddy baiting does. In this talk I’ll be covering techniques you can use to scar the psyche or to have fun at the expense of attackers or people invading your privacy. Sorry about the subpar sound, I had a bit of echo from where my camera was positioned.
45:36Vimeo/AVI    4/18/2011
182 Identifying the true IP/Network identity of I2P service hosts talk - Adrian Crenshaw, Blackhat DC 2011
This is the talk I did at Blackhat DC 2011 about de-anonymizing I2P darknet services.
1:03:28Vimeo/AVI    4/8/2011
181 Computer Forensics & Electronic Discovery - Andy Cobb, PhD
Recorded at the April 2011 Louisville ISSA meeting.
1:10:06Vimeo/AVI    4/2/2011
180 Outerz0ne 2011 Hacker Con
The following are videos of the presentations from the Outerzone 2011 hacker conference. Thanks to Skydog, Robin, Scott, SomeNinjaMaster and the Hacker Consortium crew for the con. Also thanks to Seeblind and others for doing AV. I'm looking forward to Skydogcon and working with the guys again at Derbycon.


SkyDog - Opening Ceremonies/etc.
SkyDog - The Modern Day Hacker
IronGeek - Rendering Hacker Con Videos with AviSynth
MadMex - Windows Command Line Incident Response
HalfJack -Building your Own Green Home
Beau Woods - What Companies and Vendors must know about securing mobile devices, mobile applications, access and data.
Rick Hayes - Assessing and Pen-Testing IPv6 Networks
Pure Hate - Why your password policy sucks
Billy Hoffman - Advice on starting a start-up
Contest Prize Giveaway, Awards, Closing Ceremonies

 Vimeo/AVI    03/21/2011 
179 Network Sniffers Class for the Kentuckiana ISSA 2011
Wireshark, TCPDump, Metasploit sniffing with Meterpreter, ARP Poisoning, Ettercap, Cain, NetworkMinor, Firesheep and Xplico.
 Vimeo/AVI   02/14/2011
178 Talks from the AIDE Winter Meeting 2011
 Opening Remarks & Security Enabler, Bill Gardner & Rob Dixon
 Where we at? A look at Information Security, David Kennedy (ReL1K)
 Radio Reconnaissance in Penetration Testing, Matt Neely
 Social Engineering In-Depth, Chris Criswell & Wayne Porter
 Penetration Testing - The Continuing Failures of an Industry, Keith Pachulski
 Blue team is sexy - refocusing on defense, Mick Douglas
 DDoS: Defending Against an Internet Mob, Kenneth Scott
 Cipherspace/Darknets: anonymizing private networks, Adrian Crenshaw
Hackers Trail Mix, Elliott Cutright
 Vimeo/AVI   02/22/2011


177 FireTalks from Shmoocon 2011
Grecs and the folks at Shmoo were kind enough to let me record the FireTalks from Shmoocon 2011.
 Vimeo/AVI   02/01/2011

Hosting Hidden Services in I2P: eepSites and SSH
Here is another foray into Cipherspace. In this video I'll show how to get your eepSite up and running, along with pointing an HTTP tunnel to another web server besides the build in Jetty, and also how to host SSH inside of the I2P network.



175 Installing the I2P darknet software in Linux  Vimeo/MP4/WMV   01/08/2011
174 DOJOCON 2010 Videos  Vimeo/AVI   12/16/2010
173 Hack3rcon 2010 Videos  Vimeo/MP4   10/27/2010
172 Shoecon 2010

Round 1:

Shoecon Intro with Rick and Scott, then some SSL Cert Wildcards fun with Karthik

Hacking Green or Eco Conscious Stalking with Rick Hayes

Physical Penetration Testing with Keith Pachulski and Brian Martin

Building a barcode LED flasher, and why with Adrian Crenshaw

High Speed Data services over RF with Brian Wilson

Round 2:

Wi-Fi Basics for Geeks – How Wireless Really Works

Advice on Starting a Startup with the ever caffeinated Billy Hoffman

Economics of Security and Cybercrime with Beau Woods

Recent Threat Landscape with Ben Feinstein

Unfortunately, I've not been able to recover the live MP4 of Skydog's talk. I may post the file later to see if anyone else can figure a way to recover it. 

 Vimeo   10/19/2010


171 Malicious USB Devices: Is that an attack vector in your pocket or are you just happy to see me?
In this presentation I talk about the categories of malicious USB devices:

USB Mass Storage containing malware
U3 Thumb drives with "evil" autorun payloads
Hardware key loggers
Programmable HID USB Keyboard Dongle Devices

along with detection and mitigation techniques involving GPO (Windows) and UDEV (Linux) settings. It was presented at Phreaknic 14.

1:02:49Vimeo   10/18/2010
170 Locating I2P services via Leaks on the Application Layer Project Proposal
While at Phreaknic 14 I did a quick lightning talk on my project to test the anonymity provided by I2P. Mostly I'll be aiming at web server misconfigurations in eepSites. It starts getting fast at the end because I was running out of time (10 min is kind of short for the subject). Still, I hope it is a good intro to I2P, and my plans.
13:18Vimeo   10/18/2010
169 Beyond Nmap: Other network scanners
This is a presentation I did for the Blugrass ISSA chapter. Tools covered, at least lightly, are: Nmap, Hping, UnicornScan,
AutoScan, Netscan, Metasploit, NetworkMiner and of course BackTrack 4 R1. A few minor flubs, and one spot where I deleted a demo fail. :)
1:14:12Vimeo/Archive.org 240.70MB 9/25/2010
168  Programmable HID USB Keystroke Dongle: Using the Teensy as a pen testing device (Defcon 18)
The Programmable HID USB Keystroke Dongle (PHUKD) is a small device based around the Teensy microcontroller development board. It allows users to program in keystrokes and mouse macros that can execute when the device is plugged in, after a set time, or when certain environmental conditions are met (light, noise, temperature, etc.) This device can be used as a replacement for a U3 hacksaw, as a device left behind to execute commands when someone with elevated privileges is likely to be logged in, or give as a Trojan device to unsuspecting targets. Much pwnage should ensue.

I've added my Defcon video to the bottom of the Videos and Pictures section of the PHUKD article.

Also checkout the "PowerShell OMFG Video" Dave Kennedy and Josh Kelley (winfang) did at Defcon 18


it used PHUKD devices for part of it.

54:42Vimeo   9/16/2010  
167 Password Exploitation Class Videos Posted
This is a class we gave for the Kentuckiana ISSA on the the subject of password exploitation. The Password Exploitation Class was put on as a charity event for the Matthew Shoemaker Memorial Fund ( http://www.shoecon.org/ ). The speakers were Dakykilla, Purehate_ and myself. This is sort of the first Question-Defense / Irongeek joint video. Lots of password finding and crack topics were covered: Hashcat, OCLHashcat, Cain, SAMDump2, Nir's Password Recovery Tools, Password Renew, Backtrack 4 R1, UBCD4Win and much more. About 4.5 hours of content.
varArchive.org/AVI   08/30/2010 
166 Setting up the Teensy/Teensyduino Arduino Environment    
This video will show you the basics of setting up the Teensyduino environment in Windows so you can start developing PHUKD devices.
6:57YouTube   07/14/2010
165 Mutillidae/Samurai WTF/OWASP Top 10
This is a presentation I did at the Kentuckiana ISSA and then again at the Ohio Security Forum on Mutillidae/Samurai WTF/OWASP Top 10. I chose to post the Ohio version of the video as I think it came out better, but the slides are the same. Plenty of information on XSS (Cross Site Scripting), CSRF (Cross Site Request Forgery) and SQL/Command Injection.
1:01:50Vimeo/AVI   07/12/2010
164 Ligatt / Gregory D. Evans Videos
It should be noted, I did not create these videos, my buddy Rick from the ISDPodcast did (at least the first two). Still, they are worth sharing.
I have some links below if you want more info on the Ligatt / Gregory D. Evans controversy that has been going around. If nothing else, it will help with people researching the person/company:

Ligatt / Gregory D. Evans Fun Charlatan Entry at Attrition.org
Follow all the Ligatt fun on Twitter
The Register has a good writeup on Ligatt / Gregory D. Evans
This is probably the most concise writeup on Ligatt / Gregory D. Evans
If you want to read the book "How To Become The Worlds No. 1 Hacker" for yourself, but you don't want to pay Ligatt for plagiarizing, grab the PDF at this link
varYouTube   06/24/2010

Metasploit Class Videos
On May 8th 2010 the Kentuckiana ISSA held a 7 hour Metasploit class at the Brown hotel in Louisville Ky.  Proceeds from the class went to the Hackers For Charity Food for Work program. The instructors were David "ReL1K" Kennedy, Martin "PureHate" Bos, Elliott "Nullthreat" Cutright, Pwrcycle and Adrian "Irongeek" Crenshaw. Below are the videos of the event. I hope you enjoy them, and if you do please consider donating to Johnny Longs' organization. This should be more Metasploit than you can stand!

varArchive.org/XVID   05/13/2010
162 WHAS 11 Webcam Exploit
This is a segment I did an interview for. They took very little of what I said, and played up the voyeur aspect (I told them webcams were not that big a worry, but drive by bot installs were).
3:53FLV   05/06/2010
161 Outerz0ne 2010 Videos
The following are videos of the presentations from the Outerzone 2010 hacker conference. Thanks to Skydog, Robin, Scott, SomeNinjaMaster and the Hacker Consortium crew for the con. Also thanks to Karlo, Keith, and Seeblind for doing AV. I'm looking forward to Skydogcon.
varArchive.org/MP4 var 03/28/2010

Attacking and Defending WPA Enterprise Networks - Matt Neely
Matt Neely of SecureState came to the March Kentuckiana ISSA meeting and gave a great presentation on securing and hacking WPA Enterprise networks. If you are confused by the acronym soup of "EAP-TLS, EAP-TTLS/MSCHAPv2, PEAPv0/EAP-MSCHAPv2, PEAPv1/EAP-GTC, PEAP-TLS" and which are the better options, this may be the video for you.

46:55Vimeo/Blip/MP4 233MB 03/06/2010
159 Steganography: The art of hiding stuff in stuff so others don't find your stuff
This is a presentation I was working on for the malware class I'm enrolled in. For some reason my voice was cracking while recording it, but I guess it was good practice for the live version I'll do tomorrow. Besides just an introduction to Steganography, I'll also talk a little about my SnarlBot project that will attempt to use stego in a command and control channel.
49:39Vimeo/Blip/WMV 120MB 03/01/2010
158 When Web 2.0 Attacks - Rafal Los
Recorded at: Louisville OWASP Chapter - Fourth Meeting, Friday January 29th, 2010
Speaker: Rafal Los will be discussing Flash and Web 2.0 security
57.33Vimeo/Blip/Mp4 247MB 01/30/2010
157 Botnets Presentation For Malware Class
I have to present two papers for my malware class, so I figure I'd share my practice video with my readers. Slides are available in PDF and PPTX forms.
26.02Blip/MP5 25.1MB 01/25/2010
156 Setting up the HoneyBOT HoneyPot
HoneyPots are hosts meant to be attacked either to distract the attackers or to research their techniques. This video will cover setting up a simple HoneyPot in Windows using an application called HoneyBOT. I'll also talk a little about capturing a pcap file with dumpcap for later analysis.
9:45Youtube/MP4 16.8MB 01/19/2010
155 Setting up an Ethernet bridge in Ubuntu Linux
In a previous video, I showed how to set up an Ethernet bridge in Windows XP. This is very useful for sniffing traffic leaving your LAN for the purposes of IDS (Intrusion Detection System), network monitoring, statistics or just plain snooping. In this video, I cover setting up an Ethernet bridge in Linux. Other tools used in this video include Wireshark, TCPDump, Etherape and Driftnet.
9:59Youtube/MP4 72MB 12/29/2009  
154 Xmas scan with Nmap
According to RFC 793, if a closed port gets a TCP packet without the SYN, RST, or ACK flag being set, it is suppose to respond with a RST packet. If the port is open, the TCP stack is suppose to just drop the packet without giving a response. Not all Operating Systems follow the RFC to the letter however, and these discrepancies allow for OS fingerprinting. I've covered OS fingerprinting in other videos (which I will link off to later), this video will just illustrates the point by showing off Nmap's XMAS scan option which sets only the FIN, PSH, and URG flags and nothing else. I'll also be using Zenmap, Ndiff and Wireshark to help you get the idea.
9:24Youtube/WMV 102MB 12/25/2009  


153 IndySec Metasploit Class Videos
When Steve invited me up to Indianapolis to help with a Metasploit class I jumped at the opportunity.   We had a good time and IndySec puts on a great event. They let me record the talks, unfortunately I was testing out a new video rig and the audio failed on the first three parts (Intro/Welcome, Network Setup, Getting started with Metasploit). The rig worked great for the Social Engineering, Meterpreter and SQL Pwnage/Fast Track sections. My presentation was just a rehash of the video I put up last week on msfpayload/msfencoder/metasploit 3.3 so I decided not to post it on this page.
varBlip.tv/MP4   12/13/2009  

Using msfpayload and msfencode from Metasploit 3.3 to bypass anti-virus
This subject has been covered before, but why not once more? Metasploit 3.3 adds some new options, and better Windows support. As stated in the title, this video will cover using msfpayload and msfencode from Metasploit 3.3 to bypass anti-virus. I will also talk a little about using CWSandbox and VirusTotal to examine malware. If you find this video useful, consider going to the Metasploit Unleashed page and donating to the Hackers For Charity Kenya food for work program, or come to the IndySec charity event. By the way, I've put out two versions of this video, one andSWF and the other a streaming video. Please let me know which you prefer.

24:53SWF/Vimeo 34.7/MB/140MB 12/4/2009 
151 Using FOCA to collect Metadata about an organization
Applications can add all sorts of data into the documents they create or edit. DOC, PDF, XLS and other file types can contain all sorts of extra data, like usernames, network paths, printers and application version numbers. This sort of information is great for doing initial research about an organization before doing a pen-test. This video with cover using FOCA, pointing it at a domain name, and grabbing metadata from doc, ppt, pps, xls, docx, pptx, ppsx, xlsx, sxw, sxc, sxi, odt, ods, odg, odp, pdf and wpd files.
varSWF 10.8MB 12/1/2009
150 Building a Hacklab, and a little about the Louisville CTF event
This is a presentation I gave for the local Louisville ISSA. I took this as an opportunity to learn a bit about AVISynth and do a split screen video. Thanks to Gary for being my camera man.
58:29:00Vimeo   11/7/2009
149 Darknets: anonymizing private networks talk from Phreaknic (Networks covered include Tor, Freenet, AnoNet/DarkNET Conglomeration and I2P)
This is a quick and dirty version of my Darknets talk from Phreaknic 2009, I hope to have a better version up soon. It covers the the basics of semi-anonymous networks, their use (political dissidence, file sharing, gaming and pr0n), how they were developed and what they mean to organizations. The main focus will be on the Tor, I2P, Freenet and anoNet Darknets, their uses and weaknesses.
1:09:00Vimeo   11/2/2009
148 Louisville Infosec 2009 Videos varBlip.tv   10/29/2009
147 Getting started with the I2P Darknet
I2P (originally standing for Invisible Internet Project) can be seen as a networking layer sitting on top of IP that uses cryptography to keep messages confidential, and multiple peer to peer network tunnels for anonymity and plausible deniability. While Tor is focused more for hiding your identity while surfing the public Internet, I2P is geared more toward networking multiple I2P users together. While you can surf to the public Internet using one of the I2P out proxies, it's meant more for hiding the identity of the providers of services (for example eepSites), sort of like Tor's concept of Hidden Services, but much faster. Another advantage I2P has is NetDB, a distributed way to let peers know about each other once initial seeding has occurred. Tor on the other hand uses it's own directory to identify servers, which in theory could be more easily blocked. Both networks have their advantages and trade offs. This video won't cover the details of I2P's peering or encryption systems, and may seem kind of rambling, but it should be enough to get you up and running on the darknet.
Please note, this video came out way larger than I intended.
varSWF 34.3MB 10/26/2009

Louisville InfoSec CTF 2009
This video summarizes one possible way contestants could have completed the Capture The Flag event at the 2009 Louisville Infosec. Tools and concepts used in the video include: Backtrack 4, Kismet Newcore, Nmap, Metasploit, Meterpreter, Firefox, SQL Injection, Cain, Truecrypt and 7zip.

13:43Vimeo 74.40MB 10/11/2009
145 File Carving and File Recovery with DiskDigger
DiskDigger is a tool that allows you to recover deleted files off of a FAT or NTFS drive. It has two modes of operation: In the first it merely looks in the FAT/MFT to find files marked as deleted, in much the same way that the tool called Restoration does. In the 2nd mode it does a file carve down the drive looking at the raw bits and finding the know headers and footers of various file types, much like PhotoRec. While PhotoRec seems a little more powerful, DiskDigger is easier to use and its preview functionality is quite nice.  This video will cover the basics of recovering deleted files with DiskDigger.
varSWF 6.88MB 09/29/2009


144 Pin-hole Spy Video Camera Disguised as a Pen
I thought some of you might find this an interesting gadget, so I decide to review it. It might be useful for reconnaissance before a pen-test, or as a covert place to store files.
2:34YouTube   09/27/2009
143 Rohyt Belani - Bad Cocktail: Application Hacks + Spear Phishing    
Mr. Rohyt Belani was kind enough to do a presentation on combining web application attacks with spear phishing at the Sept 2009 Louisville OWASP meeting (our chapter's LinkedIn page can be found here). If you are interested in finding out more about some of the topics Rohyt mentions in his presentation, check out these other videos on Footprinting/Network Recon and Exploiting Common Web App Vulnerabilities.
1:15:58Vimeo   09/19/2009
142 Anti-Forensics: Occult Computing Class
This is a class I gave for the Kentuckiana ISSA on the the subject of Anti-forensics. It's about 3 hours long, and sort of meandering, but I hope you find it handy. For the record, Podge was operating the camera :) Apparently it was not on me during the opening joke, but so be it, no one seemed to get it. I spend way to much time on the Internet it seems. Also, I'm in need of finding video host to take these large files. This class video is 3 hours, 7 min and 1.2GB as captured.
3:07:00Blip.tv    08/24/2009 
141 Phreaknic 12 Videos  Blip.tv   07/25/2009 
140 Irongeek - Hardware Keyloggers: Use, Review, and Stealth (Phreaknic 12)
This talk will cover hardware keyloggers and their use. About six will be presented in person for folks to try hands on, with a few others referenced in the slide show (mini-pci ones for example) . I'll cover the advantages and disadvantages of the current crop on the market and how they work. Also covered will be possible ways to detect hardware keyloggers via physical inspection an software.
58:09Blip.tv   07/24/2009 
139 Ncat Tutorial: A modern Netcat from the Nmap team
For those not in the know, Netcat is a utility who's goal is to be like the Unix cat command, but for network connections. It has been referred to as a "Swiss-army knife for TCP/IP" for good reason, since it can do so many things.
varSWF 41.20MB 07/22/2009
138 Compiling Nmap form source on Ubuntu
Along the way to making a video on Ncat I needed to compile Nmap 5 from source, so I figured I might as well do a video on that as well. There are many reasons why you might want to compile Nmap from source instead of just using the package manager, so enjoy.
varSWF 11.60MB 07/18/2009
137 NDiff: Comparing two Nmap 5 scans to find changes in your network
Fyodor gave me a heads up that Nmap 5 was coming out, so I figured I'd do a couple of videos on useful new features that come with Nmap 5 and later. For a better understanding of Nmap in general, check out my older videos which I will link to after the presentation. In this video I will cover the basics of using NDiff to compare two seperate Nmap scans. This is really useful for change management, where you want to know what new devices have appeared on your network or about ones that have disappeared for some reason. You could easily schedule Nmap to run on your network weekly, and then compare the differences with NDiff to see what has changed.
varSWF 5.94MB 07/16/2009
136 Incident Response U3 Switchblade From TCSTool
In Russell's own words: "The U3 incident response switchblade is a tool designed to gather forensic data from a machine in an automated, self-contained fashion without user intervention for use in an investigation. The switchblade is designed to be very modular, allowing the investigator/IR team to add their own tools and modify the evidence collection process quickly." This video shows you how to setup u3ir, and modify it.
varSWF 8.02MB 07/09/2009
135 OWASP Top 5 and Mutillidae: Intro to common web vulnerabilities like Cross Site Scripting (XSS), SQL/Command Injection Flaws, Malicious File Execution/RFI, Insecure Direct Object Reference and Cross Site Request Forgery (CSRF/XSRF)
This is a recording of the presentation I gave to the Louisville Chapter of OWASP about the Mutillidae project. A while back I wanted to start covering more web application pen-testing tools and concepts in some of my videos and live classes. Of course, I needed vulnerable web apps to illustrate common web security problems. I like the WebGoat project, but sometimes it's a little hard to figure out exactly what they want you to do to exploit a given web application, and it's written in J2EE (not a layman friendly language). In an attempt to have something simple to use as a demo in my videos and in class, I started the Mutillidae project. This is a video covering the first 5 of the OWASP Top 10.
1:14:41Vimeo   06/20/2009
134 802.11 Wireless Security Class for the Louisville ISSA Part 1
Originally, this was going to be one 4hr class, but Jeff had something come up so he could not cover WEP/WPA cracking, and my section took so long that Brian never got a chance to present his material on DD-WRT. I'm hoping to get them back to do a part 2 of this video. In this section I cover the basics of WiFi, good chipsets, open file shares, monitor mode, war driving tools, testing injection, deauth attacks and the evil twin attack. Some of this comes out as kind of a stream of consciousness, but hopefully you can find some useful nuggets from my brain dump of what I've learned about 802.11a/b/g/n hacking. As far as classes goes this is the mostly complicated one I've set up, and for a wireless class Brian and I had to run a lot of wires. :)




133 Outerz0ne and Notacon 2009 Hacker Cons Report
I did some recording of the goings on at the Notacon and Outerz0ne 2009 hacker cons. If you want to get a feel for these cons, check out the video.
49:13Blip.tv   05/10/2009   
132 Hacker Con WiFi Hijinx Video: Protecting Yourself On Potentially Hostile Networks
This is a presentation I gave for the Kentuckiana ISSA on May 8th, 2009. It covers the basics of protecting yourself when using open WiFi on a potentially hostile networks, most notable Hacker cons, but also coffee shops, libraries, airports and so forth. Topics include: open file shares, unneeded services, sniffing and evil twin attacks. The talk is based on the Hacker Con HiJinx tri-fold I wrote awhile back.
59:39Blip.tv   05/09/2009  
131 Mutillidae 1: Setup
Mutillidae is a deliberately vulnerable set of PHP scripts I wrote to implement the OWASP Top 10 web vulnerabilities. I plan to use these scripts to illustrate common web app attacks in a series of future videos. The easiest way to get up and running with Mutillidae is to use XAMPP, an easy to install Apache distribution containing MySQL, PHP and Perl. This first video covers setting up Mutillidae, which can be downloaded from:
varSWF 6.23MB 04/29/2009 
130 Making Hacking Videos: Irongeek's Presentation from Notacon 2009
Over the years I've done a lot of video tutorials using screencasting software to teach folks new to hacking how various security tools work. I'd like to share the tips and tricks I've learned so that others can start to teach people about technology in the same way. Covered topics will include: Screencasting software, free tools, getting the best video for the least bandwidth, audio work, free hosting, animations and more. This is a presentation I did for Notacon 2009. Thanks to Ted and crew for recording it.
51:04 Blip.tv   04/20/2009 
129 :Using SSLStrip to proxy an SSL connection and sniff it
John Strand of Pauldotcom allowed me to post this video that shows how to use SSLStrip to proxy an SSL connection and sniff it, without those annoying warning messages about the cert that other tools give. From John's description:
With SSLStrip we have the ability to strip SSL from a sessions. Using this tool we have the capability to capture in clear text user IDs and passwords.
8:39 Blip.tv   04/15/2009
128 Presentation Recording Rig Setup
I've been wanting to record some of my live classes, as well as the talks at the upcoming Louisville Infosec. This is the rig I plan to use to capture both the Power Point/computer screen and live video of the presenter at the same time. Let me know if you have any ideas for improvement.
 Blip.tv   03/30/2009
127 Footprinting, scoping and recon with DNS, Google Hacking and Metadata
This class covers recon work, showing the student how a pen-tester/attacker can use public information to learn more about an organization before they compromise it's security. Covered topics will include DNS tools (like Whois, NSlookup/Dig, Nmap -sL), Google Hacking using advanced search terms and Metadata in images and documents. Recorded for the Kentuckiana ISSA on March 21, 2009.
3hr, 7min
more or less
Blip.tv   03/25/2009


126 Joe McCray "Advanced SQL Injection"
Joe McCray of Learn Security Online sent me a video of a presentation he gave on Advanced SQL Injection. It's a great primer, and I love his presentation style. Someone buy the man a VGA to composite converter, or a HD camcorder so he can keep making these vids.
 Vimeo   03/20/2009


125 Outerz0ne 5 Closing
Prepare your liver for the apocalypse.
 Blip.tv   03/09/2009
124 Acidus (Billy Hoffman) - Offline Apps: The Future of The Web is the Client?
Traditional web apps used the browser as a mere terminal to talk with the application running on the web server. Ajax and Web 2.0 shifted the application so that some was running on the client and some of the web server. Now, so-called offline application are web application that work when they aren't connected to the web! Confused? This talk will explore how to attack offline apps with live demos of new attack techniques like client-side SQL Injection and resource manifest hijacking.

BIO: Acidus is a Atlanta hacker who is not really sure why you keep listening to him.
 Blip.tv   03/09/2009
123 Rob Ragan - Filter Evasion - Houdini on the Wire
Today security filters can be found on our network perimeter, on our servers, in our frameworks and applications. As our network perimeter becomes more secure, applications become more of a target. Security filters such as IDS and WAF are relied upon to protect applications. Intrusion detection evasion techniques were pioneered over a decade ago. How are today's filters withstanding ever evolving evasion tactics? The presentation will examine how evasion techniques worked in the past and provide insight into how these techniques can still work today; with a focus on HTTP attacks. A practical new way to bypass Snort will be demonstrated. A tool to test other IDS for the vulnerability in Snort will be demonstrated.

Bio: Background: While performing a pentest on a fortune 50 company I got caught. My IP address was subsequently blocked. It was apparent that I was causing way too much noise and they had triggered a network security filter that blocked me. I came up with this presentation idea after implementing the evasion techniques found here in a proxy application. I quickly realized none of them work anymore on modern IDS. After some experimentation I eventually found something that would let me sneak nearly any type of web attack past Snort. More details on the attack can be found in my outline. I'm currently working on a tool that will allow anyone to test their IDS/IPS for this vulnerability.
 Blip.tv   03/09/2009
122 Scott Moulton - Reassembling RAID by SIGHT and SOUND!
RAID is a great technology and in many cases is suppose to keep our data safe. What happens when it fails? RAID Arrays are one of the most painful things to reassemble. RAID 0 and RAID 5 software reassemblies have problems with Slice Sizes, and Drive Orders and in many cases, the user has no idea what the settings are. What do you do when you don’t know the Slice Size and Drive Orders and you need the data from damaged drives? Well here is a demonstration of a way to determine this using Sight and Sound. I crammed as much on the subject as I can into a 50 minute presentation with Demos.
 Blip.tv   03/09/2009
121  Makers Local 256 - A primer on hackerspaces
What they are, why they're important, where they are, and how you can start one yourself. You may already have one close by. The talk will illustrate how hackers are taking back the moniker and bringing the community back into the light.
 Blip.tv   03/09/2009
120 Presmike & Sippy - RETRI:Rapid Enterprise Triaging
The first part of this presentation presents a new paradigm for the Incident Response process called Rapid Enterprise Triaging (RETRI), where the primary objective is to isolate the infected network segment for analysis without disrupting its availability. Part two of this presentation will introduce a new Enterprise Incident Response tool that complements the RETRI paradigm. The tool is a free, possibly open source, agent-based tool that is deployed to the compromised segment to perform the traditional incident response tasks (detect, diagnose, collect evidence, mitigate, prevent and report back). The tool will be released at Blackhat 2009 / Defcon 2009 if all goes well.For now you get screen shots.
 Blip.tv   03/09/2009
119 Nick Chapman - Embedded Malicious Javascript
This talk will cover malicious JavaScript currently being used in the wild. It will start with the big daddy of embedded malicious JavaScript, Asprox, which last year gave rise to panicked headlines like "100,000s of websites compromised" and continuing through more recent samples such as the fake Yahoo Counter and the recent MS09-002 exploits. We will look at attack vectors, obfuscation techniques, and multi-stage delivery systems, and exploits used. This will feature the analysis of several samples harvest from the wilds of the Internet.

Bio: My name is Nick Chapman. I'm a security researcher with the SecureWorks Counter-Threat Unit. Prior to focusing on security issues full time, I worked as both a System Administrator and Network Engineer in the ISP world.

 Blip.tv   03/09/2009
118 SlimJim100 - Live Demo of Cain & Able and the Man-in-the-middle-attack
This talk will present a live demo of a man-in-the-middle-attack, using Cain & Able.

SlimJim100, also known as Brian Wilson, has presented at ChicagoCon 3 times in the past. His resume is filled with 3, 4, and 5 letter certifications, and his reputation reflects his skills.SlimJim100 - Live Demo of Cain & Able and the Man-in-the-middle-attack.
 Blip.tv   03/09/2009
117 SkyDog - Screen Printing Primer - Make your own Con Shirt!
A primer on silkscreening t-shirts and garments. This talk goes thru the process of single color silkscreening, showing the steps necessary to produce the artwork, burning a screen, and then screening a shirt. We'll be producing shirts on stage, showing the techniques learned from much trial and error. Want to make your own Outerz0ne 5 Con shirt? C'mon up and do it yourself. Want to see yours made? We can do that too! Meant to be an interactive talk, to also raise interest in graphic arts and a to try and bring back a bit of the old school stuff.

Skydog currently works for a major university, while also holding down positions as President for two non-profits. One is Nashville 2600, which is the group responsible for Phreaknic, and the Hacker Consortium, a large non-profit hackerspace in Nashville, TN. When he isn't doing all of that happiness, he's trying to keep his son from cutting a finger off, and making sure he's not surfing pron.
 Blip.tv   03/09/2009
116 Tyler Pitchford - They took my laptop! - U.S. Search and Seizure Explained
An overview of recent developments impacting the Fourth Amendment and privacy conscious computer professionals: including discussions on the United States Constitution, Federal Statutes, Administrative decisions, and, most importantly, the case laws that interpret and define the Fourth Amendment. Special attention is given to topics affecting computer professionals, including border crossings, foreign nationals, forced disclosures, and the October 2008, Crist decision.

Tyler holds degrees in Software Architecture from New College of Florida and a Juris Doctor from the Stetson University College of Law. He co-founded the Azureus Bittorrent client in 2003 and currently works as CTO for Digome, LLC in Nashville, TN. His work experience includes Florida State Attorney's, Federal Magistrate Richardson, and Justice Anstead of the Florida Supreme Court. Tyler presented at PhreakNic 12 and has taught several courses on computer programming and security.
 Blip.tv   03/09/2009
115 Morgellon - *Duino-Punk! Manifesting Open Source in Physical Space from Outerz0ne 5
The goal is to promote the idea of open source hardware, and expand the community. We will begin with an intro into what an "arduino micro controller" is, how they work, and what you can do with them. You will see that you don't need to be an electronics wizard to create amazing projects that enhance your life! Whether a code ninja, hardware guru, enthusiast, a pro or total n00b, the arduino offers amazing potential, community, and empowerment to any who wish to grasp it.

Website: http://dailyduino.com (blog for arduino projects and related electronics news.)
 Blip.tv   03/09/2009
114 WiFiFoFum: Wardriving convenience in your pocket and uploading to Wigle
As regular Irongeek readers know, I’ve covered wardriving (the act of physically moving around in meatspace looking for WiFi access point) before. In this video, I want to cover another tool for wardriving: WiFiFoFum for the Windows Mobile platform.
varSWF 7.98MB


113 Bluetooth Wireless Hardware Keylogger Review
The folks over at Wirelesskeylogger.com were kind enough to send me a review unit.  For more info on hardware keyloggers in general, check out some of my other articles and videos on the topic which I will link to at the end of this presentation. The core idea of a wireless hardwarekeylogger is that you only have to get physical access to the computer once to install it. From then on you just have to get close enough to the box with a bluetooth device to grab the logs, at least in theory.
varSWF 3.76MB 02/13/2009
112 Setting Up Tor Hidden Services
In a previous video I covered using the Tor anonymity network to browse the web anonymously. In this one I'll cover the basics of setting up a Tor hidden service. With a Tor hidden service, the true host IP of the service is hidden by the Tor network. Instead of having to hand out the true IP of the server, a service creator can hand out a *.onion hostname that's not linked directly to them. By setting up a Tor hidden service it becomes much harder for an adversary to figure out where the service is really being hosted from, and thus much harder to shutdown. This is a great thing for people like whistle blowers and political dissidents that want to share information anonymously, unfortunately it's also useful to pedos so be careful what links you choose to click on the onion network.
varSWF 4.78MB 01/29/2009
111 NetworkMiner for Network Forensics
NetworkMiner is a cool little sniffer app by Erik Hjelmvik. Described as a Network Forensic Analysis Tool (NFAT), it allows you to parse libpcap files or to do a live capture of the network and find out various things passively. The main uses I like it for are file reconstruction of FTP, SMB, HTTP and TFTP streams as well as passive OS fingerprinting, but it can do a lot more. NetworkMinor uses the Satori, p0f and Ettercap OS fingerprints, and can be run from a thumb drive without having to install it. It's designed to run under Windows, but you can also use it under Linux with Wine.
varSWF 17.60MB 12/17/2008


110 Intro to Wireshark
Wireshark is an awesome open source general purpose network analyzer (AKA: a Sniffer). Before you continue on with this video, I recommend that you check out my article A Quick Intro to Sniffers so you understand the background information. In this video I'll cover the following topics: Running Wireshark, starting a capture with options, drilling down the OSI model, capture filter options, popping out a single packet, sorting by columns, following TCP streams, exporting HTTP objects, simple display filters, the filter builder, applying filters from different panes , saving filters, opening a Wiki page, Edit-> Find packet, sniffing an HTTP Basic Authentication password, Analyzers ->Expert Info, Analyzers ->Firewall ACLs, stats, editing color rules and saving the capture.
varSWF 26.10MB 12/05/2008
109 Hacking Your SOX Off: Sarbanes-Oxley, Fraud, and Fraudulent Financial Reporting
I had to do a presentation for one of my MBA courses, and one of the topic choices was the Sarbanes-Oxley act. I chose it because I thought I could relate it to computer security, but as it turns out the connection is somewhat tenuous as you will see if you watch the presentation.
27:18Blip.tv   11/30/2008


108 Bypassing Anti-Virus with Metasploit
This video from John Strand shows how to bypass anti virus tools utilizing the new tricks in Metasploit 3.2
6:06Vimeo   11/22/2008
107 Deploying Metasploit's Meterpreter with MITM and an Ettercap filter
In this video, Bigmac shows how to redirect web traffic and trick users into downloading Meterpreter and running it on their box.
8:29Vimeo   11/22/2008


106 Sniffers Class for the Louisville ISSA
The video quality of this lecture is not very good, but it should give you an idea of what my ISSA classes are like. Covered topics include Wireshark, Ettercap, Cain and the slightest bit of NetworkMiner before the camera cut out. Pardon the blue tint, it was the projectors fault and not the Aiptek Action HD's. I shrunk it down from the original 720p, so the screen is not all that readable. I also experimented in cleaning up the audio in Audacity. I hope to cover Wireshark and NetworkMiner again shortly in higher quality videos.
2:45:00Vimeo n/a 11/16/2008

Extraordinary Journey from Fundamental Electronics to Fabulous Enchanted Systems with Arduino's and Magical Potions

This is Morgellon and Droop's talks about hacking the Arduino micro controller platform from Phreaknic 12. Droops and Morgellon will take you from basic electronics to building embedded systems. Learn how to build a standalone RFID tag reader with a fancy LCD display or your own oscilloscope or children's toys that speak to you or how to solar power a geothermal heat pump. There may even be some giveaways and contests. Magical Potions will be consumed but not provided.

Check out the following sites by Droops and Morgellon:

I've done a little work to pull some noise out of the audio, but I may have made it worse in some spots. Thanks go out to the Phreaknic 12 A/V team SomeNinjaMaster, Night Carnage, Greg, Brimstone, Poiu Poiu, Mudflap, and Drunken Pirate for setting up the rigs and capturing the video.



n/a 10/29/2008  



Phreaknic 12 (2008) Hacker Con

This is a quick and dirty video documentary of the things that when on around the talks and event at Phreaknic 12 (2008). Don't watch if you get sick at shaky cam movies like Blair Witch or Cloverfield. A rough timeline of the content in the video is as follows:

        Intro and leaving Louisville with Brian. Morgellon talks about hacking the Arduino micro controller platform. Sorteal talks about the LiVes Open Source video editor. AT&T Batman building by night. Mojo-JoJo soldering some stuff for the shooting range. The patron gods of hackerdom. Registration. Con swag overview. Morgellon  gets his discreet logic on. AK-47 building with HandGrip and Buttstock. Froggy talks up Notacon, which I plan to go to next year. Skydog explains the Jware chair toss event, and then we compete. Rootwars hacker wargames. I ask Int80 about using his nerdcore music in some of my videos. NotLarry explains rootwars. Some iPhone hacking with Lee Baird and John Skinner. I do a little Bluecaseing/Warnibbling with the Bluetooth on my Nokia n810. John, Lee, Brian and I go to the German restaurant. I blind DOSman with the light from my camera and check out what folks are doing with the Arduinos Droops brought for folks to play with. I check back in on R00tW4rz. I blind Droops. I talk Ettercap filters with operat0r. USB door key fun with the Arduino. More breadboard fun. Nokia n810 + Ettercap Filter + Lemon-part = win. Int80 gets down with his own bad self, and the rest of Phreaknic. I find an energy drink with protein. Folks play with the hardware keyloggers I brought, and we have some epic fail with the IBM Model M + USB adapter + Mac OS 10.5. Winn Schwartau joins in on the keylogger fun. DOSman and Zack use a directional antenna from the 9th floor to search downtown Nashville for WiFi access points. Zoom in on Al. John and Lee eat jerky. Daren and Shannon from Hak5 blind me this time. :) Then they do a quick interview. I interview TRiP about the legalities of wardriving, sniffing and leaving your access point open so you have plausible deniability of copyright infringement (most likely it won't hold water in court if you are a computer geek). I give Hak5 Daren beef jerky. Ziplock had more con badges than God. I meet up with Iridium. I talk with Nightcarnage about the audio/video setup at Phreaknic. As I predicted, the Potters won the WiFi Race. I say why this was the best Phreaknic ever. Using green lasers on crack dealers. Techno in the dark, the Aiptek action HD does not do well in low light. Nicodemius shows off his Minority Report like multi-touch table. Hula hoop contest. I check back in with Jeff Cotton and his USB keyed door. I strap on my gear to leave the con. Brian and I do a wrap up of our thoughts on Phreaknic 2008.

Blip.tv n/a 10/29/2008  
103 Using Cain to sniff RDP/Remote Desktop/Terminal Server traffic via "Man in the Middle"
In this video I'll be showing how Cain can pull off a "Man in the Middle" attack against the Remote Desktop Protocol. While RDP versions 6.0 and later are less susceptible to these attacks because of the verification schemes added, there is still a risk since so many users just click yes to all warning messages.
varSWF 8.09MB 10/20/2008 
102 BeEF: Browser Exploitation Framework XSS Fun
John Strand of Black Hills Security sent me another awesome video on using BeEF, cross site scripting and other fun.
6:58Vimeo n/a


101 Using Metasploit to create a reverse Meterpreter payload EXE by John Strand
John Strand of Black Hills Security sent me an awesome video on using Metasploit to create an EXE with the Meterpreter payload that creates a reverse TCP connection outbound, blowing through many NAT boxes and firewalls. This goes great with a previous video I did on EXE Binders/Joiners.
6:26Vimeo n/a 10/15/2008
100 Using Cain to do a "Man in the Middle" attack by ARP poisoning
I'm creating this video for three reasons: 1. While I've done a lot of videos on Cain, most of them are more advanced and assume you know the basics. 2. The last video I did on ARP poisoning with Cain was more than four years ago, Cain looks quite a bit different now. 3. I wanted a reference for the classes I'll be teaching for the Kentuckiana ISSA. Before you watch this video, read my article "The Basics of Arp spoofing/Arp poisoning" so you will have a better grasp of the concept.
varSWF 4.63MB 10/14/2008
99 John Strand - "Advanced Hacking Techniques and Defenses" (and demos of evilgrade/passing the hash/msfpayload) from Louisville Infosec 2008
John Strand gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. He gives a fascinating talk about why "security in depth" is dead, and lives again. John then goes on to demo Evilgrade, using msfpayload and obscuring it against signature based malware detection, dumping SAM hashes with the Metasploit Meterpreter and using a patched Samba client to pass the hash and compromise a system. I'd like to thank John for letting me record his talk.
80:16Vimeo n/a 10/11/2008
98 Rohyt Belani - "State of the Hack" from Louisville Infosec 2008
Rohyt Belani gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. Rohyt shows new ways to think about hacking, going into how and why simple things work on the people element. Why hack a system when a quick Google search can reveal so much? Rohyt's talk was humorous and informative, and I'd like to thank him for letting me record his it.
52:01Vimeo n/a 10/11/2008
97 Adrian Crenshaw - "Intro to Sniffers" from Louisville Infosec 2008
I gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. I cover the basics of how network sniffers work, and specifically talk about Wireshark, Cain, Ettercap and NetworkMiner. I came up with the presentation on short order, so please be forgiving of the stumbles. :) You can download the slides from here
61:25Vimeo n/a 10/11/2008
96 Kevin Beaver - "Staying Ahead of the Security Curve" from Louisville Infosec 2008
Kevin Beaver gave this presentation for the Kentuckiana ISSA at the Louisville Infosec 2008 conference. There's a lot of great advice in this video on how to approach an infosec career in the right way. Kevin endorses being a security "renaissance man", expanding your knowledge outside of the tech side to understand the business, people and legal sides as well. At the same time he also points out that sometimes specialization is good, so focus on your strengths. I'd like to thank Kevin for letting me record his talk.
41:00 Vimeo n/a 10/11/2008
95 Finding listening ports on your Windows box using Netstat, Fport, Tcpview, IceSword and Current Ports
Host based firewalls are fine and dandy, but I'd rather turn off services I don't need than to just block them. Host based firewalls are sort of a bandage, and while they can be useful for knowing what is connecting out (see egress filtering), it's better just not to have unneeded network services running in the first place. This video can be seen as a supplement to my article "What can you find out from an IP?"
varSWF 11.5MB 10/08/2008
94 Weak Hashing Algorithms: Outlook PST file CRC32 password cracking example
In a previous video I explained the basics of cryptographic hashes. Go watch "A Brief Intro To Cryptographic Hashes/MD5" before this video. In this tutorial, I'll be giving an example of why weak hashes are bad. The example I'll be using is the CRC32 hash that Outlook uses to store a PST archive's password with. The CRC32 algorithm as implemented by Microsoft Outlook is easy to generate hash collisions for, so even if you can't find the original password you can find an alternate one that works just as well.
varSWF 2.02MB 10/01/2008
93 Irongeek's Hacking Lab and a review of the Aiptek Action HD 1080p
An overview of how may lab is set up, as well as a review of the Aiptek Action HD 1080p
4:44Vimeo n/a 09/24/2008
92 Teaching Hacking at College by Sam Bowne
This was a DefCon 15 presentation (August 3-5, 2007) by Sam Bowne. Sam does a great job explaining how to teach ethical hacking at a university, and since he gave me a shout out in the video I figured I'd post it up here. Definitely a must watch if you are trying to convince your college's administration that it's a good idea to teach such a course. Check out Sam's site at http://www.samsclass.info/ if you want to use his teaching curriculum.
28:16n/a Google 09/23/2008
91 How Sarah Palin's Email got "Hacked"
This is a quick video reconstruction I did of how Sarah Palin's Yahoo account got "hacked". You will see it's more about insecure design and easy to find information than anything really technical. I made a test account at Yahoo and this video traces the steps the attacker took. I'm hoping it will be useful to journalists who don't really seem to have a grasp on the story. Feel free to link it anyplace you like.
var5.23MB SWF 09/18/2008
90 Intro to DD-WRT: Mod your wireless router to do more
DD-WRT is a Linux firmware available for many Linksys, NetGear, Belkin, D-Link, Fon, Dell, Asus and other vendor's wireless routers. DD-WRT is far more feature rich than the stock firmware that comes with most routers. This video covers the basics of installing and configuring DD-WRT.
var12.2MB SWF 09/13/2008


89 Nmap presentation for the ISSA in Louisville Kentucky
This is a presentation I gave for the Kentuckiana ISSA on the security tool Nmap. I've also posted the slides and other media so you can follow along if you like. Topics covered include: port scanning concepts, TCP three way handshake, stealth scans, idle scans, bounce scans, version detection, OS detection, NSE/LUA scripting and firewall logs. Hope some of you can make it to the free class we will be holding at Ivy Tech Sellersburg on Sept 20th, 2008 at 1pm. Contact me to RSVP. The video is about an hour long. Enjoy.
59:41n/a Vimeo 09/06/2008


88 Ironkey High Security Flash Drive: Use and Review
The Ironkey is a high security thumb drive designed to provide strong AES encryption, tamper resistance and other security services.
 17.6MB SWF 07/07/2008
87 Setting up a Tarpit (Teergrube) to slow worms and network scanners using LaBrea (The "Sticky" Honeypot and IDS)
A network Tarpit, sometimes know by the German word Teergrube, is a service or set of hosts that deliberately try to slow malicious network connections down to a crawl. The idea is to put up unused hosts or services on the network that respond to an attacker, but do things to waste their time and greatly slow their scanning (or spreading in the case of Worms). For this video I'll be using a package called LaBrea by Tom Liston and tarpitting unused IP addresses on my home LAN.
var23.4MB SWF 06/26/2008
86 Compiling and Configuring DHCPD from Source
Devil2005 has created a video on compiling and configuring dhcpd from source. He's using the Fedora 9 distro of Linux for the video, but the lessons learned should be applicable to other distros. For that matter, even if you are not interested in installing dhcp in this way it's still a good lesson on how to download and compile various applications from source.
var18.7MB SWF 06/22/2008
85 Using Data Execution Prevention (DEP) in Windows XP and Vista:
Fighting back against buffer overflows and memory corruption

I've recently become interested in measures that modern CPUs can take to prevent various types of memory corruption attacks. One such feature is the NX bit (as AMD calls it, XD is Intel's term), which allows for memory pages to me marked as not executable. Microsoft Windows started using this ability with XP SP2 as part of their Data Execution Prevention (DEP) feature. Unfortunately, to get most out of DEP you have to configure it. This video will show how to configure DEP protection in Windows XP and Vista.
var6.67MB SWF 06/08/2008
84 DNS Spoofing with Ettercap
In my previous two videos I showed how to use Ettercap plugins for various pen-testing and security evaluation functions. In this video I'll show how to use the Ettercap plugin dns_spoof to set up DNS spoofing on the local area network.
var6.70MB SWF 06/07/2008


83 More Useful Ettercap Plugins For Pen-testing
In my previous video I showed how to use Ettercap plugins to find sniffers on the network. In this video I'll show three more useful Ettercap plugins: find_ip, gw_discover and isolate.
var6.49MB SWF 05/29/2008
82 Finding Promiscuous Sniffers and ARP Poisoners on your Network with Ettercap
Most of you are familiar with using Ettercap for attacking systems, but what about using it to find attackers? This tutorial will cover using Ettercap to find people sniffing on your network. The plug-ins we will be using are search_promisc, arp_cop and scan_poisoner.


SWF 05/20/2008
81 A Brief Intro To Cryptographic Hashes/MD5
A cryptographic hash function takes an input and returns a fixed size string that corresponds to it, called a hash. Cryptographic hashes have a lot of uses, some of which are: detecting data changes, storing or generating passwords, making unique keys in databases and ensuring message integrity. This video will mostly cover detecting file changes, but I hope it gets your mind going in the right direction for how hashes can be used. Specifically covered will be tools for creating MD5 hashes in Windows and Linux.
var5.40MB SWF 05/10/2008


80 Text to Speech to MP3 with the freeware program DSpeech
This video is on Dspeech, a freeware tool that uses Microsoft's SAPI (Speech Application Programming Interface) to convert text to spoken word. What's special about it is it lets you make an MP3 of the text, so you can listen to it on your computer, in you car or on your MP3 player. It's great for listening to notes.
var3.74MB SWF 03/24/2008


79 Hardware Keyloggers In Action 2: The KeyLlama 2GB USB Keylogger
This video will demonstrate one of the USB KeyLlama brand of hardware keyloggers in action.
var6.38MB SWF 03/18/2008
78 Encrypting The Windows System Partition With Truecrypt 5.0
Truecrypt 5.0 adds many new features, most importantly Windows system partition encryption. To put it in slightly inaccurate layman's terms, this means encrypting your entire C: drive. Even if you already write your sensitive data to an encrypted space, files are sometimes squirreled away in unencrypted temp space or in the page file where they may be recovered. Using Truecrypt to encrypt your Windows XP system partition will help eliminate this problem.
var6.85MB SWF 02/11/2008
77 Hardware Keyloggers In Action 1: The KeyLlama 2MB PS/2 Keylogger
This video will demonstrate one of the KeyLlama brand of hardware keyloggers in action, specifically the 2MB PS/2 model. I hope this video will give the viewer a better grasp of how these hardware keyloggers work.
var14.1MB SWF 02/05/2008
76 Encrypting VoIP Traffic With Zfone To Protect Against Wiretapping
Some people worry about the easy with which their voice communications may be spied upon. Laws like CALEA have made this simpler in some ways, and with roaming wiretaps even those not under direct investigation may lose their privacy. Phil Zimmermann , creator of PGP, has come up with a project called Zfone which aims to do for VoIP what PGP did for email.
var5.02MB SWF 01/28/2008
75 Using GPG/PGP/FireGPG to Encrypt and Sign Email from Gmail
This tutorial will show how to use GPG and the FireGPG plug-in to encrypt and decrypt messages in Gmail. GPG is an open source implementation of OpenPGP (Pretty Good Privacy) , a public-key-encryption system. With public key encryption you don't have to give away the secret key that decrypts data for people to be able to send you messages. All senders need is the public key which can only be used to encrypt, this way the secret key never has to be sent across unsecured channels.
var10.6MB SWF 01/14/2008
74 WebGoat 1: SQL Injection Demonstration
SQL injection is a common web application attack that focuses on the database backend. WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. I plan to use WebGoat for a few future videos. This first WebGoat video will show the basics of installing WebGoat and doing two of its SQL injection lessons.
var10.1MB SWF 11/14/2007
73 XAMPP: an easy to install Apache daemon containing MySQL, PHP and Perl By devil2005 var9.87MB SWF 10/25/2007
72 RFID Show and Tell with Kn1ghtl0rd and lowtek mystik
While at PhreakNIC I got a chance to interview Kn1ghtl0rd and lowtek mystik about their research into RFID, its hackabilty and other information. If you want to lean more information about RFID check out their video from last year at http://phreaknic.wilpig.org/ . Video for their new talk this year should be up in the coming months.
9:38  YouTube 10/22/2007
71 Using Metagoofil to extract metadata from public documents found via Google
As many of my viewers know, I have an interest in metadata and how it can be used in a pen-test. Thanks to PaulDotCom I found out about a tool called Metagoofil that makes it easy to search for metadata related to a domain name.
var5.58MB SWF 10/15/2007
70 Creating An Auto Hack USB Drive Using Autorun and Batch Files. By Dosk3n
During 2005 Sony BMG was discovered to be including Extended Copy Protection (XPC) and MediaMax CD-3 software on music CDs. The software was automatically installed in the background onto users computers systems that used the autorun function to start running the CD. The software could hide itself from the computers process list in the same way a rootkit would. There was over 100 titles in total that included this "rootkit". Using similar techniques we are going to use the autorun feature with a USB drive to run multiple hacking tools.
var5.59MB SWF 10/12/2007
69 How To Burn An ISO Image To A Bootable CD
Fans of my site will think this is a silly video, but I've seen the question asked so many times in forums that I feel I should make a video. Now I'll have something on hand to point people to when they email me, feel free to link to this video if you get the same question. I'll be burning BackTrack with the freeware tool CDBurnerXP, but it would work the same way with Ubuntu, Knoppix or Helix.
var1.47MB SWF 10/09/2007
68 Wardrive Mapping With IGiGLE And WiGLE
Map out your WiFi finds with IGiGLE and WiGLE. It's great for users of Netstumbler and Kismet.
var7.10MB SWF 10/01/2007
67 Nokia 770/800 Pen-Testing Setup (Nmap, Kismet, Dsniff and other fun stuff)
This video introduces the viewer to using a Nokia Internet Tablet as a pen-testing device.
var7.58MB SWF 09/26/2007
66 Forensic Metadata in Word Docs and Jpegs supporting Exif
Metadata is data about data. Different file formats store extra data about themselves in different ways.  This video will cover metadata that can be used during a forensic investigation, namely MS Word doc metadata and the metadata stored in a Jpeg's Exif data.
var4.81MB SWF 09/20/2007
65 Remote Password Auditing Using THC-Hydra
THC-Hydra is a remote dictionary attack tool from The Hacker's Choice group. It's a well made tool that supports a lot of protocols and options. The following protocols are supported: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, LDAP2, Cisco AAA.
var3.15MB SWF 08/08/2007
64 Using Darik's Boot and Nuke (DBAN) to totally wipe a drive
Another continuation of my file carving video and selective file shredding (DOD 5220.22-M) to thwart forensics tools video, this video shows how to use Darik's Boot and Nuke (DBAN) to totally wipe a drive. DBAN is a great tool to add to your anti-forensics tool box.
var5.67MB SWF 07/25/2007
63 Selective file shredding (DOD 5220.22-M) with Eraser and CCleaner to thwart forensics tools
A continuation of my file carving video, this video shows how to use Eraser and CCleaner to help thwart forensics tools.
var3.36MB SWF 07/12/2007
62 Setting up a simple web proxy with CGIProxy
A quick guide to setting up James Marshall's CGIProxy Perl script and how proxies are used to get around web content restrictions and stay anonymous. This video also shows how to quickly find an open CGI proxy with a search engine. 
var6.12MB SWF 06/26/2007
61 Data Carving with PhotoRec to retrieve deleted files from formatted drives for forensics and disaster recovery
This video introduces the concept of data carving/file carving for recovering deleted files, even after a drive has been formatted.
var4.24MB SWF 06/13/2007
60 Using Cain and the AirPcap USB adapter to crack WPA/WPA2
This video introduces the viewer to the AirPcap USB adapter, and auditing WiFi networks with it.
var1.93MB SWF 06/11/2007
59 Intro to the AirPcap USB adapter, Wireshark, and using Cain to crack WEP
This video introduces the viewer to the AirPcap USB adapter, and auditing WiFi networks with it.
var5.91MB SWF 06/06/2007
58 UPnP Port Forwarding and Security
This video introduces the viewer to port forwarding with Universal Plug In Play, and some of the associated security problems.
var2.69MB SWF 05/30/2007
57 Notacon 2007
Just some video Irongeek took while at Notacon 2007. Plenty of stuff for those with an interest in Hacking and digital arts. Radar, full motion video on an 8088, a great Bluetooth discussion, shock sites, stun guns, Everclear, IPTV show hosts, Demoparty/Demoscene, hacker condoms, Ethernet alternatives, fire staffs, laser data links and more.
32:5579.5MB FLV & AVI 05/03/2007
56 Remote Access And Configuration: Setting Up SSH and VNC On Ubuntu Linux (SOHO Server Series 3)
Just what the title says. In this first video I'll cover how to get SSH can VNC up an running.
var3.16MB SWF 03/18/2007
55 WEP Cracking with VMplayer, BackTrack, Aircrack and the DLink DWL-G122 USB Adapter
Yes, yet another video on cracking WEP. :)
var9.06MB SWF 03/16/2007
54 An Introduction to Tor
This video serves as a brief introduction to the use of the Tor anonymizing network in Windows.
var8.00MB SWF 03/08/2007
53 Cracking Windows Vista Passwords With Ophcrack And Cain
Due to the lack of LM hashes, Vista passwords stored in the SAM file are harder to crack. However, the NTLM hash is the same as always and can be cracked if the password is weak.
var5.59MB SWF 02/21/2007
52 Installing Updates And New Software In Ubuntu Linux (SOHO Server Series 2)
In this video I'll cover installing updates and new packages in Ubuntu Linux.
var7.62MB SWF 02/11/2007
51 Installing Ubuntu Linux (SOHO Server Series 1)
Just what the title says. In this first video I'll cover a bit about partitioning, dual booting with Windows and the basic steps you need to do to get Ubuntu Linux up and running.
var4.58MB SWF 02/05/2007
50 Using SysInternals' Process Monitor to Analyze Apps and Malware
Process Monitor is a useful tool to see what registry, file system and thread changes processes are making on your Windows system.
var6.08MB SWF 01/14/2007
49 Dual Booting BackTack Linux And BartPE From A Thumbdrive
Run all of your Windows and Linux security tools from one dual boot UFD.
var8.36MB SWF 11/30/2006
48 Creating a Windows Live CD for System Recovery and Pen-Testing with Bart's PE Builder
Pretty much what the title says, building a BartPE CD for Hacking and system recovery. Some of the tools I will show off are Sala's Password Renew, Cain, RunScanner and XPE.
var22.3MB SWF 10/17/2006
47 Making Windows Trojans with EXE Binders (AKA:Joiners), Splice and IExpress var6.12MB SWF 09/12/2006
46 A Collection Of Hacking Videos By Others
Some of the sites that originally hosted them are gone. I'm just putting these up so they are not lost forever.
45 Hosts File and Ad Blocking
How to use the hosts file to block ads, and a little on how the hosts file works.
var2.63MB SWF 09/03/2006

Passive OS Fingerprinting With P0f And Ettercap
If you've seen my videos on Nmap you've seen active OS fingerprinting in action. In this tutorial I use P0f and Ettercap to show how to detect the Operating System of a box passively.

var4.52MB SWF 08/16/2006
43 Cracking MD5 Password Hashes
A little about cracking MD5 password hashes. In this tutorial we take the hashes from a phpbb2 database and crack them using online tools and Cain.
var4.47MB SWF 08/02/2006
42 Setting Firefox's User Agent To Googlebot
Access sites that allow indexing by Google but require you to subscribe to view the content.
var3.69MB SWF 07/31/2006
41 Using TrueCrypt With NTFS Alternate Data Streams
Using TrueCrypt with Alternate Data Streams to hide encrypted data.
var3.68MB SWF 07/19/2006
40 Intro To TrueCrypt
Using TrueCrypt to create standard and hidden volumes for "plausible deniability" encryption.
var7.33MB SWF 06/19/2006
39 Intro To DD and Autopsy By Williamc and Twinvega
This video gives the basics of using DD to make an image of a drive over the network and Autopsy to look for data, both from the Auditor Boot CD.
var4.24MB SWF 06/05/2006
38 Intro To Bluesnarfing By Williamc and Twinvega
This video covers Bluesnarfing, serepticiously grabbing data off of Bluetooth devices.
var7.87MB SWF 05/24/2006
37 Network Printer Hacking: Irongeek's Presentation at Notacon 2006 44:03125MB AVI
36 Irongeek's Guide to Buying a Used Laptop 16:3734MB AVI
35 Cracking Windows Passwords with BackTrack and the Online Rainbow Tables at Plain-Text.info
The title says it all pretty much. Audit that SAM file fast!
var4.33MB SWF 02/21/2006
34 Adding Modules to a Slax or Backtrack Live CD from Windows
In this video I show how to add patches and extra modules to the Back|track Hacking Live CD using MySlax.
var4.22MB SWF 02/07/2006
33 Anonym.OS: LiveCD with build in Tor Onion routing and Privoxy
Just showing off this cool live CD recently released at ShmooCon 2006. Great for surfing anonymously.
var3.27MB SWF 01/30/2006
32 Make your own VMs with hard drive for free: VMware Player + VMX Builder
In my last video I showed how to use the free VMware Player to boot a Live CD ISOs. This time I'm going to show how to use Robert D. Petruska's VMX Builder to make your own VMs with hard drives (vmdk file) and pretty much any virtual hardware you want.
var1.58MB SWF 01/26/2006
31 Using VMware Player to run Live CDs (Bootable ISOs)
In this video I show how to use the free VMware Player to run Live CDs like Knoppix, Auditor or Bart's PE Builder from an ISO.
var4.50MB SWF 01/20/2006
30 SSH Dynamic Port Forwarding
I set up a quick video tutorial to show how to set up an encrypted tunnel using SSH's dynamic port forwarding (sort of a poor man's VPN) in both Linux and Windows. The tools used are OpenSSH, PuTTY and Firefox, but it should be enough info to allow you to figure out how to set up other clients.
var2.95MB SWF 01/11/2006
29 WMF File Code Execution Vulnerability With Metasploit
This video covers the use of the recent (Jan 2006) WMF file code execution vulnerability with Metasploit. It shows how to shovel a shell back to the attacker with the WMF vulnerability. See Microsoft Security Advisory 912840. Thanks to kn1ghtl0rd, AcidTonic, Electroman and livinded for their help.
var3.71MB SWF 01/02/2006
28 Using VirtualDub and a cheap webcam as a camcorder
I thought this might be of use to those that would like to submit something to Infonomicon TV or Hack TV but lack the cash for a proper MiniDV camcorder.
5:3910.10MB AVI(XVID) 12/15/2005
27 Firewalls with Sarah: Campus Computer Security Series Episode 2
Sarah will tell you a bit about Firewalls and walk you though enabling the built-in firewalls that come with Windows XP and Mac OS X.
2:589.70MB AVI(XVID) 11/16/2005
26 Updates and Patches with Anna: Campus Computer Security Series Episode 1
Anna will walk you though updating your Windows XP or Mac OS X computer.
3:066.40MB AVI(XVID) 11/16/2005
25 Infonomicon TV Ep 7: HP printer hacking, building an old school phone handset for your cell phone, collecting data in RF monitor mode and making cat5 cables 24:41127MB AVI 10/18/2005
24 Metasploit Flash Tutorial var3.23MB SWF 10/12/2005
23 Nmap Video Tutorial 2: Port Scan Boogaloo var13.3MB SWF 10/06/2005
22 Finding Rogue SMB File Shares On Your Network var5.46MB SWF 09/02/2005
21 WiGLE, JiGLE and Google Earth: Mapping out your wardrive var7.38MB SWF 08/02/2005
20 Droop's Box: Simple Pen-test Using Nmap, Nikto, Bugtraq, Nslookup and Other Tools var6.55MB SWF 07/17/2005
19 Fun with Ettercap Filters: The Movie var2.43MB SWF 06/16/2005
18 MAC Bridging with Windows XP and Sniffing (very useful with my Cain/VoIP tutorial below) var1.44MB SWF 06/15/2005
17 Sniffing VoIP Using Cain var1.74MB SWF 05/26/2005
16 Installing Knoppix 3.8 to Your Hard Drive var3.75MB SWF 05/25/2005
15 A Quick and Dirty Intro to Nessus using the Auditor Boot CD var2.81MB SWF 05/24/2005
14 Local Password Cracking Presentation for the
Indiana Higher Education Cybersecurity Summit 2005

(It covers cracking the SAM/Syskey, Cached ADS/Domain Credentials, VNC stored passwords and Windows Protected Storage)
var 5.71MB SWF 04/25/2005
13 Basic Nmap Usage var8.47MB SWF 03/31/2005
12 Cracking Syskey and the SAM on Windows Using Samdump2 and John var2.48MB SWF 03/22/2005
11 Basic Tools for Wardriving var2.80MB SWF 09/20/2004
10 Making The Default XP Interface Look More Like Windows 2000 1:111.56MB SWF 09/17/2004
9 Look for deleted data on the slack space of a disk 1:203.40MB SWF 03/31/2004
8 Recover deleted cookies or other files using Restoration 1:152.12MB SWF 03/18/2004
7 Some of my gear 1:462.93MB AVI 03/17/2004
6 Using NetworkActiv to sniff webpages on a Wi-Fi network 2:001.34MB SWF 03/16/2004
5 Boot from Phlak and run Chkrootkit to detect a compromise 2:251.45MB SWF 03/04/2004
4 Use Brutus to crack a box running telnet 1:231.7MB AVI 03/03/2004
3 Cain to ARP poison and sniff passwords 0:531.7MB AVI 03/02/2004
2 Install VNC Remotely 4:142.90MB AVI09/26/2002
1 Start a session and get interactive commandline access to a remote Windows box 4:205.00MB AVI09/18/2002

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast