I’m not going to insult you by describing the tool Nmap. This is probably the best scanner available on the Internet. Not because it is often used in movies, but just because it does an excellent job! Nmap has plenty of options. So much that reading the Nmap book is
Splitting OSSEC Events in Splunk
When you decide to implement a new software solution, one of the choices you’ll certainly face is: “Commercial vs. free software”. No debate here: you’ve to make the best choice depending on the requirements. They can be technical constraints, budget, support, etc. I’m working with commercial solutions which perform (generally)
A “Google Analytics” for Government Requests?
Google released interesting statistics about the number of requests they received from Governments Agencies around the world. If you offer free services on the Internet, they are (mis)chances that people will try to abuse of them. Google is certainly not the exception with all the services they provide: webmail, web
Message to Web Developers: OWASP Top10 2010 is Out!
If you are not aware of this news, OWASP released yesterday its annual Top-10 Web Application Vulnerability Risks. I won’t list them again here, lot of security bloggers already did it in the next hours following the official press release. Instead, I checked if the news was also relayed by
Attending Security Conferences from a Social Point of View
BlackHat Europe 2010 is already over! I spend good times (who don’t!) and the huge number of canceled flights (due to the ash cloud coming from Island) did not changed my point of view. I successfully escaped from Barcelona with @corelanc0d3r and we were back in Belgium after a mix
BlackHat Briefings Day #2
Second briefings day always in Barcelona. For the first talks of the day, I decided in last minute to change my wishlist. I attended the presentation of Thai Duong and Juliano Rizzo called “Practical crypto attacks against web applications“. Their started from a common error in security: “encryption is not
BlackHat Briefings Day #1
After two days of intensive training with SensePost (“Hacking by Numbers”), the briefings started today. Jeff Moss opened the keynote session with fresh information about the conference. First, the number of registrations increased (+100) compared to the last year. This is a good news! The crisis did not affect the
Belgian Citizens Ready to Sacrifice Some Privacy?
From time to time, surveys reveal human behavior that are scary. On 2008, a survey revealed that woman love chocolate more than password security. I just read another one on a Belgian news website: To stay safe, the Belgian citizen is ready to sacrifice some of his privacy! (Source: rtbf.be
My BlackHat Wishlist
Like I wrote yesterday, the next Black Hat conference will start in less than 2 days now. The two first days will be dedicated to trainings. The briefings (or talks) are scheduled during the two remaining days. The schedule has been published and it’s now time to make some (difficult)
Help Your Laptop to Survive a Security Conference
BlackHat Europe is at our doors! I’ll flight to Barcelona on Sunday evening. Just enough time (amongst other things) to prepare my laptop against the “Jungle”. Today, you can’t attend a security conference without a laptop and some Internet connectivity. To take notes, to visit websites reported during talks, to