Tag Archives: attack vector

AppSec: Myths about Obfuscation and Reversing Python

Posted on October 3, 2013 by Simon Roses

Python is an easy and powerful programming language that allows us to write sophisticated programs: Dropbox and BitTorrent are excellent examples. It is common that Python programs are delivered in source code, but in some cases different techniques like obfuscation … Continue reading

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , | 15 Comments

OWASP Top Ten 2013 free workshop

Posted on July 18, 2013 by Simon Roses

Yesterday, July 17th, I taught a free workshop about the OWASP Top Ten 2013 which was published recently that describes the 10 most common vulnerabilities in Web applications. This free workshop is a collaboration between the Catedral de Innovación of … Continue reading

Posted in Security, Technology, Threat Modeling | Tagged , , , , , , | Leave a comment

What’s the point of reporting 0day?

Posted on June 17, 2013 by Simon Roses

In the last weeks the news related to PRISM has not stopped since leaked by Edward Snowden, who worked for Booz Allen Hamilton, a defense contractor for the NSA. One interesting outcome of these leaks is the NSA access to … Continue reading

Posted in Business, Microsoft, Pentest, Security, Technology | Tagged , , , , , , , , , , | Leave a comment

A tale of Government Trojans

Posted on June 5, 2013 by Simon Roses

Sorry, only in Spanish 🙂 — Simon Roses Femerling

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , , , , , | Leave a comment

OSINT + Python = Custom Hacking

Posted on May 15, 2013 by Simon Roses

Last May 10 and 11 the course of Computer Forensic Expert was held in Reus (Spain) by the Asociación Nacional de Tasadores y Peritos Judiciales Informáticos (ANTPJI), which I am member and one of the instructors, where I had the … Continue reading

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , , , , , , | 10 Comments

My 10 Cyber Weapons Tool List

Posted on April 22, 2013 by Simon Roses

Few weeks ago the media did publish that the US Air Force has classified 6 tools as cyber weapons, no doubt a hot topic. For this post I will do the same and put a list of 10 tools that … Continue reading

Posted in Pentest, Security, Technology | Tagged , , , , , , , , , , | 1 Comment

AppSec: Improve your software security with GCC Stack Protector Strong

Posted on April 10, 2013 by Simon Roses

The other day helping out a client to develop secure software it came to my mind that this topic could be of interest to my readers. Obviously this topic is quite wide, but in this article I will focus in … Continue reading

Posted in Pentest, Privacy, Security, Technology, Threat Modeling | Tagged , , , , , , , , | Leave a comment

Medre, AutoCAD Malware: The spy inside the cad

Posted on July 16, 2012 by Simon Roses

Last June a malware that infected AutoCAD for Windows was identified and is responsible for the theft of thousands of documents. AutoCAD is a popular program for 2D and 3D drawings that is used to design all kinds of products, … Continue reading

Posted in Pentest, Security | Tagged , , , , , , , , , | Leave a comment

“Find And Call” Smartphone Malware Analysis

Posted on July 11, 2012 by Simon Roses

[Español] La semana pasada Kaspersky publicó un artículo sobre un nuevo malware que afectaba a iPhone y Android, y esta App estaba disponible en sus mercados oficiales. Al ser el primer malware que aparece en el iPhone Market he pensado … Continue reading

Posted in Hacking, Security, Technology | Tagged , , , , , , , | Leave a comment

Network Intelligence Analysis

Posted on June 20, 2012 by Simon Roses

Analizar tráfico de red es realmente apasionante y para este post he pensado que sería un tema de interés para los lectores. El tráfico aquí analizado es más a modo de hobby cuando estoy en redes públicas/abiertas como hoteles, cafés … Continue reading

Posted in Hacking, Pentest, Security, Technology | Tagged , , , , , , , , , | Leave a comment