Author Archives: Simon Roses

OWASP Top Ten 2013 free workshop

Yesterday, July 17th, I taught a free workshop about the OWASP Top Ten 2013 which was published recently that describes the 10 most common vulnerabilities in Web applications. This free workshop is a collaboration between the Catedral de Innovación of … Continue reading

Posted in Security, Technology, Threat Modeling | Tagged , , , , , , | Leave a comment

A Spanish startup selected by the DARPA Cyber Fast Track (CFT)

The security landscape changed in August 2011 at the Black Hat Conference when the legendary hacker of the L0pht Peiter “Mudge” Zatko presented the new program Cyber Fast Track (CFT) (DARPA-PA-11-52) from DARPA (Defense Advanced Research Projects Agency of the … Continue reading

Posted in Business, Pentest, Security, Technology | Tagged , , , , , | Leave a comment

What’s the point of reporting 0day?

In the last weeks the news related to PRISM has not stopped since leaked by Edward Snowden, who worked for Booz Allen Hamilton, a defense contractor for the NSA. One interesting outcome of these leaks is the NSA access to … Continue reading

Posted in Business, Microsoft, Pentest, Security, Technology | Tagged , , , , , , , , , , | Leave a comment

A tale of Government Trojans

Sorry, only in Spanish 🙂 — Simon Roses Femerling

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , , , , , | Leave a comment

AppSec: Build Rooted Detection in your App

For various reasons many Apps need to detect if the phone has been “rooted” and in this article will see different techniques for this purpose. Since it is common to see this type of questions in development forums, I thought … Continue reading

Posted in Pentest, Privacy, Security, Technology, Threat Modeling | Tagged , , , , , , , | Leave a comment

OSINT + Python = Custom Hacking

Last May 10 and 11 the course of Computer Forensic Expert was held in Reus (Spain) by the Asociación Nacional de Tasadores y Peritos Judiciales Informáticos (ANTPJI), which I am member and one of the instructors, where I had the … Continue reading

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , , , , , , | 10 Comments

My 10 Cyber Weapons Tool List

Few weeks ago the media did publish that the US Air Force has classified 6 tools as cyber weapons, no doubt a hot topic. For this post I will do the same and put a list of 10 tools that … Continue reading

Posted in Pentest, Security, Technology | Tagged , , , , , , , , , , | 1 Comment

AppSec: Improve your software security with GCC Stack Protector Strong

The other day helping out a client to develop secure software it came to my mind that this topic could be of interest to my readers. Obviously this topic is quite wide, but in this article I will focus in … Continue reading

Posted in Pentest, Privacy, Security, Technology, Threat Modeling | Tagged , , , , , , , , | Leave a comment

Book Review: The IDA Pro Book, 2nd edition

If you like reverse engineering and want to learn all the secrets of IDA Pro, this is your book. This work written by Chris Eagle, a top expert on the subject, reveals the power of the best tool for reverse … Continue reading

Posted in Books, Pentest, Security, Technology | Tagged , , , , , , | Leave a comment

Back to Black Hat Europe and my talk on Anti-Theft

Last Thursday 14 and Friday 15 March the Conference Black Hat Europe was held in the great city of Amsterdam, a mandatory event for cyber security experts. For second year running I presented on R&D outlining the security posture of … Continue reading

Posted in Conference, Pentest, Security, Technology | Tagged , , , , , , , , , | Leave a comment