Showing posts with label SOURCE Boston 2009. Show all posts
Showing posts with label SOURCE Boston 2009. Show all posts

Monday, March 16, 2009

Attacking Layer 8: Client-Side Penetration Testing SOURCE Boston Edition

Here's the video from our Client-Side talk at SOURCE Boston 2009



Full Scope Security Attacking Layer 8: Client-Side Penetration Testing SOURCE Boston Edition from FullScopeSecurity on Vimeo.
/
/
5 comments , , ,

Why SOURCE Boston was the best con I've ever been to

You don't have to just take my word for it...

http://g0ne.wordpress.com/2009/03/15/thoughts-on-source-boston/
http://blog.attackresearch.com/?q=node/28

So we just got back from SOURCE Boston. It was by far the best conference I have ever been to from pretty much all perspectives.

Pretty much all the talks were great, I found myself sitting in talks and wishing I had a second me (I wish that quite frequently actually) so I could sit in one of the other talks. Now this happens often a other cons, but this was for the whole con schedule. The SOURCE advisory board picked great talks. The location of the hotel was great, it wasn't too crowded, and the SOURCE organizers totally took care of the speakers with free food and booze (I felt very well taken care of), the securitytwits with free food and booze, and the con-goers with free food and for pay booze but threw a really nice party. It was also extremely cool to get to interact with some of the Original Gangster l0pht guys and all the other con attendees especially the Attack Research guys, the NYSEC guys, and many many others.

I had such a good time that I'm currently trying to scheme a way to pull off FRHACK, BruCon and SOURCE Barcelona in September.

Oh and for shameless self promotion Chris Wysopal gave our client-side talk a nice review:
http://www.veracode.com/blog/2009/03/source-boston-conference-was-a-blast/
/
/
No comments ,

Monday, March 9, 2009

Presentation on Client-Side Attacks at SOURCE Boston

Alright its time for SOURCE Boston!

I'm happy to announce that g0ne and I will be there presenting on:

Attacking Layer 8: Client-Side Penetration Testing

We'll be talking about why you should be allowing your penetration testers to use client-side attacks during their assessments , how to use the metasploit framework to deliver client-side attacks with demos (yes other tools do CS attacks but we're poor), and some remediations for client-side attacks.

It will be an extra special big day because we'll be presenting as Full Scope Security, our new security consultancy. More on that later.

If you're not going to make it to SOURCE, we will also be at Notacon 16-19 April 09
http://www.notacon.org and ChicagoCon 8-9 May 09 http://www.chicagocon.com
/
/
1 comment , , , , , ,
Subscribe to: Comments (Atom)

Copyright 2023 © Carnal0wnage Blog