spl0it.org

OWASP BASC 2010 / Hacking SAP BusinessObjects

• Slides
• Demo Notes
• Metasploit Axis2 Deployer Exploit (Upload Exec) via REST Modules

OWASP AppSec DC 2010 / Hacking SAP BusinessObjects

• Slides
• Demo Notes
• Added to Metasploit 11/15
• Video: Coming Soon

Rochester Security Summit / Security Immaturity

• Slides
• Video

Source Barcelona 2010 / Hacking SAP BusinessObjects

• Slides
• DEMO (Upload Web Service to run calc.exe)

SANS Pentest Summit 2010 / Goal Oriented Pentesting

• Slides

OWASP AppSec DC 2009 / Synergy! A World where the tools Communite!

• Slides

BlackHat 2009 and Defcon 17 / Unmasking You!

• Slides
• Defcon Video
• Demos:
• Metasploit Autopwn (via BeEF)
• Malicious Metasploit Applet (via BeEF)
• Visited URLs (Alexa Top 500)
• Virtualization Detection
• Disabling Safebrowsing
• SMBenum (Software Detection)
• Detecting Browser Plugins

Many people and organizations depend upon proxies and numerous other privacy techniques to mask their true identity. The problem is there are often flaws within these technologies.

This talk will demonstrate several of these flaws and as well as weaknesses in well known implementations. There will be several new anti-privacy 0days released.

InfoSec World 2009 / Breaking Browsers

• Slides
• Demos:
• Self Signed Java Applet
• Metasploit Adobe UtilPrintf Exploit
• Firefox Keylogger
• MS09-002 Exploit via BeEF
• Firefox Keylogger
• Metasploit XML Corruption Exploit
• Clickjacking

• Understanding what is unsafe with browsers
• End-user attacks and what to look for
• How history files/cache/other files can be plucked even if you have security
• What to do about cookie files
• New threats, including picture-in-picture attacks

ShmooCon 2008 / Next Generation Wireless Recon, Visualizing the Airwaves

• Slides

Harnessing the power of both current solutions and some fancy work in Perl VS. Python, we have created two new methods that allow you to visualize the information from wireless networks and their relationships. This enables us to map wireless APs and represent the data in flexible and unique ways, full of informational goodness. The next generation of wireless recon looks pretty sweet!

LinuxWorld 2006 / Change Management: Dynamic Network Mapping

• Slides

This presentation will first cover existing network mapping tools along with their limitations. Then I describe our proposed new technique for handling the information from network mapping scans. This information is first stored in a database. Using this technique one is able to extract the information that is most useful about the machines that have been scanned through standard database queries. For example, monitoring services availability and temporal changes becomes straightforward. We come to the conclusion that using such a technique leads to a more effective method of network scanning.