�ݺ�ߣshows by User: jseidl

�ݺ�ߣshows by User: jseidl / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: jseidl / Fri, 20 Nov 2015 21:08:43 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: jseidl aleph - Malware analysis pipelining for the masses /slideshow/aleph-malware-analysis-pipelining-for-the-masses/55351233 aleph-43-151120210843-lva1-app6892
Analyzing malware and correlating huge databases of samples is a job for few. Big AV companies have their own systems for cataloging and analyzing malware and our goal is to bring that power to the masses through our OpenSource malware analysis pipeline system called Aleph <https: />. Aleph is not restricted to malware since it is artifact-oriented. It was built with no specific file-type in mind but with the possibility to work with any filetype and have plugins to extract information and correlate with other artifacts for further analysis. This makes aleph also very useful in forensics and other types of work. Aleph is a multi-compartmentalized framework. There are sample collectors that will fetch samples from local folders, RSS feeds and IMAP folders (for now). These samples are queued where the sample workers will grab them and apply specific filters depending on it's file type. Those plugins might enrich sample metadata, extract other artifacts and retrofeed into Aleph for further analysis making all the cross-reference chain in place. The plugins may also add some warning flags based on their findings to give the researcher a more digested info than interpreting all the data. All sample data is stored into a ElasticSearch database which makes easy to query and manage it's metadata fields without rebuilding tables and such. All time and date data is UTC and converted on the fly to user's Timezone. We have internationalization and localization fully implemented and Aleph is available currently in English, Brazilian Portuguese and Spanish]]>
Analyzing malware and correlating huge databases of samples is a job for few. Big AV companies have their own systems for cataloging and analyzing malware and our goal is to bring that power to the masses through our OpenSource malware analysis pipeline system called Aleph <https: />. Aleph is not restricted to malware since it is artifact-oriented. It was built with no specific file-type in mind but with the possibility to work with any filetype and have plugins to extract information and correlate with other artifacts for further analysis. This makes aleph also very useful in forensics and other types of work. Aleph is a multi-compartmentalized framework. There are sample collectors that will fetch samples from local folders, RSS feeds and IMAP folders (for now). These samples are queued where the sample workers will grab them and apply specific filters depending on it's file type. Those plugins might enrich sample metadata, extract other artifacts and retrofeed into Aleph for further analysis making all the cross-reference chain in place. The plugins may also add some warning flags based on their findings to give the researcher a more digested info than interpreting all the data. All sample data is stored into a ElasticSearch database which makes easy to query and manage it's metadata fields without rebuilding tables and such. All time and date data is UTC and converted on the fly to user's Timezone. We have internationalization and localization fully implemented and Aleph is available currently in English, Brazilian Portuguese and Spanish]]> Fri, 20 Nov 2015 21:08:43 GMT /slideshow/aleph-malware-analysis-pipelining-for-the-masses/55351233 jseidl@slideshare.net(jseidl) aleph - Malware analysis pipelining for the masses jseidl Analyzing malware and correlating huge databases of samples is a job for few. Big AV companies have their own systems for cataloging and analyzing malware and our goal is to bring that power to the masses through our OpenSource malware analysis pipeline system called Aleph <https: />. Aleph is not restricted to malware since it is artifact-oriented. It was built with no specific file-type in mind but with the possibility to work with any filetype and have plugins to extract information and correlate with other artifacts for further analysis. This makes aleph also very useful in forensics and other types of work. Aleph is a multi-compartmentalized framework. There are sample collectors that will fetch samples from local folders, RSS feeds and IMAP folders (for now). These samples are queued where the sample workers will grab them and apply specific filters depending on it's file type. Those plugins might enrich sample metadata, extract other artifacts and retrofeed into Aleph for further analysis making all the cross-reference chain in place. The plugins may also add some warning flags based on their findings to give the researcher a more digested info than interpreting all the data. All sample data is stored into a ElasticSearch database which makes easy to query and manage it's metadata fields without rebuilding tables and such. All time and date data is UTC and converted on the fly to user's Timezone. We have internationalization and localization fully implemented and Aleph is available currently in English, Brazilian Portuguese and Spanish <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/aleph-43-151120210843-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds" /> Analyzing malware and correlating huge databases of samples is a job for few. Big AV companies have their own systems for cataloging and analyzing malware and our goal is to bring that power to the masses through our OpenSource malware analysis pipeline system called Aleph &lt;https: />. Aleph is not restricted to malware since it is artifact-oriented. It was built with no specific file-type in mind but with the possibility to work with any filetype and have plugins to extract information and correlate with other artifacts for further analysis. This makes aleph also very useful in forensics and other types of work. Aleph is a multi-compartmentalized framework. There are sample collectors that will fetch samples from local folders, RSS feeds and IMAP folders (for now). These samples are queued where the sample workers will grab them and apply specific filters depending on it's file type. Those plugins might enrich sample metadata, extract other artifacts and retrofeed into Aleph for further analysis making all the cross-reference chain in place. The plugins may also add some warning flags based on their findings to give the researcher a more digested info than interpreting all the data. All sample data is stored into a ElasticSearch database which makes easy to query and manage it's metadata fields without rebuilding tables and such. All time and date data is UTC and converted on the fly to user's Timezone. We have internationalization and localization fully implemented and Aleph is available currently in English, Brazilian Portuguese and Spanish

aleph - Malware analysis pipelining for the masses from Jan Seidl

]]> 1760 6 https://cdn.slidesharecdn.com/ss_thumbnails/aleph-43-151120210843-lva1-app6892-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Reducing attack surface on ICS with Windows native solutions /slideshow/reducing-attack-surface-on-ics-with-windows-native-solutions/54217156 reducingattacksurface-151021133016-lva1-app6891
Presentation given at 4SICS conference in Stockholm, Sweden about using Windows built-in solutions like Software Restriciton Policies/App Locker, EMET and other minor things.]]>
Presentation given at 4SICS conference in Stockholm, Sweden about using Windows built-in solutions like Software Restriciton Policies/App Locker, EMET and other minor things.]]> Wed, 21 Oct 2015 13:30:16 GMT /slideshow/reducing-attack-surface-on-ics-with-windows-native-solutions/54217156 jseidl@slideshare.net(jseidl) Reducing attack surface on ICS with Windows native solutions jseidl Presentation given at 4SICS conference in Stockholm, Sweden about using Windows built-in solutions like Software Restriciton Policies/App Locker, EMET and other minor things. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/reducingattacksurface-151021133016-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds" /> Presentation given at 4SICS conference in Stockholm, Sweden about using Windows built-in solutions like Software Restriciton Policies/App Locker, EMET and other minor things.

Reducing attack surface on ICS with Windows native solutions from Jan Seidl

]]> 1608 8 https://cdn.slidesharecdn.com/ss_thumbnails/reducingattacksurface-151021133016-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Catch-me if you can - TOR tricks for bots, shells and general hacking /slideshow/toranddarknets/40469314 toranddarknets-141019215727-conversion-gate01
The TOR network is widely known nowadays but there's plenty of gold in there that is not. This talk is about everything TOR: Popping shells, tunneling tools and commanding your bots over the world's most popular darknet. This presentation was given on October 19th at the 11th H2HC (Hackers 2 Hackers Conference) 2014 at Sao Paulo, Brazil.]]>
The TOR network is widely known nowadays but there's plenty of gold in there that is not. This talk is about everything TOR: Popping shells, tunneling tools and commanding your bots over the world's most popular darknet. This presentation was given on October 19th at the 11th H2HC (Hackers 2 Hackers Conference) 2014 at Sao Paulo, Brazil.]]> Sun, 19 Oct 2014 21:57:27 GMT /slideshow/toranddarknets/40469314 jseidl@slideshare.net(jseidl) Catch-me if you can - TOR tricks for bots, shells and general hacking jseidl The TOR network is widely known nowadays but there's plenty of gold in there that is not. This talk is about everything TOR: Popping shells, tunneling tools and commanding your bots over the world's most popular darknet. This presentation was given on October 19th at the 11th H2HC (Hackers 2 Hackers Conference) 2014 at Sao Paulo, Brazil. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/toranddarknets-141019215727-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds" /> The TOR network is widely known nowadays but there's plenty of gold in there that is not. This talk is about everything TOR: Popping shells, tunneling tools and commanding your bots over the world's most popular darknet. This presentation was given on October 19th at the 11th H2HC (Hackers 2 Hackers Conference) 2014 at Sao Paulo, Brazil.

Catch-me if you can - TOR tricks for bots, shells and general hacking from Jan Seidl

]]> 4545 6 https://cdn.slidesharecdn.com/ss_thumbnails/toranddarknets-141019215727-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 NSA-Proof communications (mostly) /slideshow/fisl-2014-nsaproofcommunications/34647725 fisl2014nsaproofcommunications-140513203051-phpapp02
A brief overview about digital privacy, why and how can you be spied on/have your data stolen, how to protect and how to have a safer approach to data sharing. This presentation was given on May at FISL (Forum Internacional do Software Livre) 2014 at Porto Alegre, Brazil. Presentation video (pt_BR): https://www.youtube.com/watch?v=gHuUnm0zckg]]>
A brief overview about digital privacy, why and how can you be spied on/have your data stolen, how to protect and how to have a safer approach to data sharing. This presentation was given on May at FISL (Forum Internacional do Software Livre) 2014 at Porto Alegre, Brazil. Presentation video (pt_BR): https://www.youtube.com/watch?v=gHuUnm0zckg]]> Tue, 13 May 2014 20:30:51 GMT /slideshow/fisl-2014-nsaproofcommunications/34647725 jseidl@slideshare.net(jseidl) NSA-Proof communications (mostly) jseidl A brief overview about digital privacy, why and how can you be spied on/have your data stolen, how to protect and how to have a safer approach to data sharing. This presentation was given on May at FISL (Forum Internacional do Software Livre) 2014 at Porto Alegre, Brazil. Presentation video (pt_BR): https://www.youtube.com/watch?v=gHuUnm0zckg <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/fisl2014nsaproofcommunications-140513203051-phpapp02-thumbnail.jpg?width=120&height=120&fit=bounds" /> A brief overview about digital privacy, why and how can you be spied on/have your data stolen, how to protect and how to have a safer approach to data sharing. This presentation was given on May at FISL (Forum Internacional do Software Livre) 2014 at Porto Alegre, Brazil. Presentation video (pt_BR): https://www.youtube.com/watch?v=gHuUnm0zckg

NSA-Proof communications (mostly) from Jan Seidl

]]> 4704 5 https://cdn.slidesharecdn.com/ss_thumbnails/fisl2014nsaproofcommunications-140513203051-phpapp02-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Super Effective Denial of Service Attacks /slideshow/latinoware-2013-supereffectivedosattacks/27257984 latinoware2013supereffectivedosattacks-131016121615-phpapp01
Talk given on October 16th at Latinoware 2013 - Foz do Iguaçu - Brazil This talk gave an introduction on denial of service attacks, going trough attacks in layer 3 to layer 7, introduced the concept of using load-balancing software for attacks with multiple IPs (Jericho Attack) and introduced the GoldenEye tool written in python and Android (Java), as well as a brief introduction to mitigate layer 7 denial-of-service attacks on most popular webservers. Presentation Video (pt_BR) @ FISL 2014: https://www.youtube.com/watch?v=ozk0HiMjVNY]]>
Talk given on October 16th at Latinoware 2013 - Foz do Iguaçu - Brazil This talk gave an introduction on denial of service attacks, going trough attacks in layer 3 to layer 7, introduced the concept of using load-balancing software for attacks with multiple IPs (Jericho Attack) and introduced the GoldenEye tool written in python and Android (Java), as well as a brief introduction to mitigate layer 7 denial-of-service attacks on most popular webservers. Presentation Video (pt_BR) @ FISL 2014: https://www.youtube.com/watch?v=ozk0HiMjVNY]]> Wed, 16 Oct 2013 12:16:15 GMT /slideshow/latinoware-2013-supereffectivedosattacks/27257984 jseidl@slideshare.net(jseidl) Super Effective Denial of Service Attacks jseidl Talk given on October 16th at Latinoware 2013 - Foz do Iguaçu - Brazil This talk gave an introduction on denial of service attacks, going trough attacks in layer 3 to layer 7, introduced the concept of using load-balancing software for attacks with multiple IPs (Jericho Attack) and introduced the GoldenEye tool written in python and Android (Java), as well as a brief introduction to mitigate layer 7 denial-of-service attacks on most popular webservers. Presentation Video (pt_BR) @ FISL 2014: https://www.youtube.com/watch?v=ozk0HiMjVNY <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/latinoware2013supereffectivedosattacks-131016121615-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /> Talk given on October 16th at Latinoware 2013 - Foz do Iguaçu - Brazil This talk gave an introduction on denial of service attacks, going trough attacks in layer 3 to layer 7, introduced the concept of using load-balancing software for attacks with multiple IPs (Jericho Attack) and introduced the GoldenEye tool written in python and Android (Java), as well as a brief introduction to mitigate layer 7 denial-of-service attacks on most popular webservers. Presentation Video (pt_BR) @ FISL 2014: https://www.youtube.com/watch?v=ozk0HiMjVNY

Super Effective Denial of Service Attacks from Jan Seidl

]]> 8022 6 https://cdn.slidesharecdn.com/ss_thumbnails/latinoware2013supereffectivedosattacks-131016121615-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 SCADA hacking industrial-scale fun /slideshow/scada-hacking-industrialscalefun/26902805 scadahacking-industrial-scale-fun-131005215950-phpapp01
�ݺ�ߣs for the presentation about SCADA hacking given on Hackers 2 Hackers Conference 10th edition at São Paulo, Brazil Demo videos: - Wago 0day DOS: https://www.youtube.com/watch?v=ACMJmXy4hSg - Modbus Replay: https://www.youtube.com/watch?v=1pfZDiUUQHQ Presentation Video (pt_BR) - https://www.youtube.com/watch?v=R1snsQ_WS9Y]]>
�ݺ�ߣs for the presentation about SCADA hacking given on Hackers 2 Hackers Conference 10th edition at São Paulo, Brazil Demo videos: - Wago 0day DOS: https://www.youtube.com/watch?v=ACMJmXy4hSg - Modbus Replay: https://www.youtube.com/watch?v=1pfZDiUUQHQ Presentation Video (pt_BR) - https://www.youtube.com/watch?v=R1snsQ_WS9Y]]> Sat, 05 Oct 2013 21:59:50 GMT /slideshow/scada-hacking-industrialscalefun/26902805 jseidl@slideshare.net(jseidl) SCADA hacking industrial-scale fun jseidl �ݺ�ߣs for the presentation about SCADA hacking given on Hackers 2 Hackers Conference 10th edition at São Paulo, Brazil Demo videos: - Wago 0day DOS: https://www.youtube.com/watch?v=ACMJmXy4hSg - Modbus Replay: https://www.youtube.com/watch?v=1pfZDiUUQHQ Presentation Video (pt_BR) - https://www.youtube.com/watch?v=R1snsQ_WS9Y <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/scadahacking-industrial-scale-fun-131005215950-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /> �ݺ�ߣs for the presentation about SCADA hacking given on Hackers 2 Hackers Conference 10th edition at São Paulo, Brazil Demo videos: - Wago 0day DOS: https://www.youtube.com/watch?v=ACMJmXy4hSg - Modbus Replay: https://www.youtube.com/watch?v=1pfZDiUUQHQ Presentation Video (pt_BR) - https://www.youtube.com/watch?v=R1snsQ_WS9Y

SCADA hacking industrial-scale fun from Jan Seidl

]]> 22518 11 https://cdn.slidesharecdn.com/ss_thumbnails/scadahacking-industrial-scale-fun-131005215950-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Jericho Attack Technique /jseidl/slides-the-jerichoattackperspective slidesthejerichoattackperspective-130915121311-phpapp02
This is my presentation held at Vale Security Conference on September 14th 2013 about multiplexing attacks through TOR exit-nodes and SOCKS/HTTPs proxies]]>
This is my presentation held at Vale Security Conference on September 14th 2013 about multiplexing attacks through TOR exit-nodes and SOCKS/HTTPs proxies]]> Sun, 15 Sep 2013 12:13:11 GMT /jseidl/slides-the-jerichoattackperspective jseidl@slideshare.net(jseidl) Jericho Attack Technique jseidl This is my presentation held at Vale Security Conference on September 14th 2013 about multiplexing attacks through TOR exit-nodes and SOCKS/HTTPs proxies <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/slidesthejerichoattackperspective-130915121311-phpapp02-thumbnail.jpg?width=120&height=120&fit=bounds" /> This is my presentation held at Vale Security Conference on September 14th 2013 about multiplexing attacks through TOR exit-nodes and SOCKS/HTTPs proxies

Jericho Attack Technique from Jan Seidl

]]> 6513 3 https://cdn.slidesharecdn.com/ss_thumbnails/slidesthejerichoattackperspective-130915121311-phpapp02-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://cdn.slidesharecdn.com/profile-photo-jseidl-48x48.jpg?cb=1522920627 A Brazilian extreme Information Security professional, Unix Addict and opensource lover. wroot.org https://cdn.slidesharecdn.com/ss_thumbnails/aleph-43-151120210843-lva1-app6892-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/aleph-malware-analysis-pipelining-for-the-masses/55351233 aleph - Malware analys... https://cdn.slidesharecdn.com/ss_thumbnails/reducingattacksurface-151021133016-lva1-app6891-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/reducing-attack-surface-on-ics-with-windows-native-solutions/54217156 Reducing attack surfac... https://cdn.slidesharecdn.com/ss_thumbnails/toranddarknets-141019215727-conversion-gate01-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/toranddarknets/40469314 Catch-me if you can - ...