How much Cyber Insurance Do You Need, or Do You Need it at All?

Executives and the board face difficult decisions to determine whether cyber insurance is worth the spend and what limit to buy. Quantifying the financial costs of potential cyber incidents provides objective grounding for decision-making and reduces reliance on gut feeling, fear or intuition. However, cyber risk assessments usually don’t quantify the financial cost to the […]

Read more

Keyspace Reduction in Mechanical Locks

This quick-moving talk will cover techniques for reducing the range of combinations or keys you need to attack to successfully open a lock. There will be some math…but I’m not particularly good at math so it definitely won’t get complicated. We will cover a number of fun topics like decoding combination locks, figuring out how […]

Read more

Weapons of a Pentester – 2018 Edition

In this session Nick will demonstrate and review a list of physical and digital tools used by professional pentesters and red teams in the industry.

Read more

Extending Your Incident Response Capabilities with Sysmon

This presentation will introduce attendees to the free Sysinternals tool, Sysmon. Are you an incident responder? SOC analyst? Does your job require you to work with Windows event logs? Do you need to reconstruct attacker timelines? We will look at the Sysmon tool and compare its outputs to standard EVT logs Look at how Sysmon […]

Read more

Heimdall: Vulnerable Host Discovery and Lifecycle Monitoring Toolkit

Heimdall assumes that when a new vulnerability is disclosed, and an exploit goes public, criminals build scanners in order to detect the machines reachable on the internet which are affected by the new vulnerability. If these machines are found and compromised, they are often used by criminals for other activities (C&C panel, redirect to cloned […]

Read more

Angad: A Malware Detection Framework Using Multi-Dimensional Visualization

Angad is a framework to automate classification of an unlabeled malware dataset using multi-dimensional modelling. The input dataset is analyzed to collect various attributes which are then arranged in several feature vectors. These vectors are individually visualized, indexed and then queried for each new input file. Matching vectors are labelled as per their AV detection […]

Read more

Malboxes: Make Malware Analysis More Accessible

Malware is everywhere. Every organization has been infected by malware to some extent. Yet, most don’t have the expertise on staff to know if they are being targeted or if they are hit with mass-spreading malware. Knowing the difference is vital for a proper response plan. This is where Malboxes comes in. It is a […]

Read more

Elytron: Next-Generation Security for Java Servers

Elytron is a set of Java APIs and SPIs for application server security. Although it was developed to unify security across the WildFly application server, Elytron is an open-source, standalone library that can theoretically be used in other Java server environments. Within WildFly, Elytron has replaced the combination of PicketBox and the Java Authentication and […]

Read more

Metasploit Community: Tips, Tricks and What’s New

Let’s talk Metasploit! Come learn how the community is building tools that work not just for the single user, but for the whole team. Jeffrey will begin the presentation by discussing basic usage and capabilities, and then explore the roads less traveled as well as some new paths currently being explored in Metasploit Framework. Audience members will […]

Read more

TLS Tools for Blue Teams

TLS can cause problems for security teams, breaking TLS or ignoring TLS are common modus operandi, both are flawed and expose organizations to weaknesses. This session focusses on the management of TLS from a blue team perspective, without either ignoring or breaking TLS implementations. We will discuss specific tooling, FingerPrinTLS and TLSProxy will be the […]

Read more

Weapons of a Pentester

In this session Nick will demonstrate and review a list of physical and digital tools used by professional pentesters and red teams in the industry. Tools that will be demonstrated and showcased include: Metasploit (Exploit Framework) BeEF (Browser Exploitation Framework) Physical lock testing (Lock pick set – Snap gun, and lock pick card) Hak5 – […]

Read more

Security Training in a (Virtual) Box

We have designed a virtual training environment that allows the user to step through the quintessential phases of an attack: reconnaissance, scanning and enumeration, gaining access, maintaining access, and covering tracks. Licensed for reuse under Creative Commons, the materials can immediately be used for education and training purposes by attendees. We focus on what can be expected from […]

Read more

NOAH: Uncover the Evil Within! Respond Immediately by Collecting All the Artifacts Agentlessly

Imagine the moment when you realize that a malicious threat actor has compromised your network and is currently going through your confidential information. Faced with this dreadful scenario, you initiate an Incident Response. We have built an open source Incident Response framework based on PowerShell to help security investigation responders gather a vast number of […]

Read more

Extending BloodHound for Red Teamers

BloodHound has changed how red and blue teams approach risk in Active Directory environments. The interface is slick, the install is painless enough considering the dependencies, and the pre-built analytics deliver actionable intelligence. BloodHound provides the foundational elements – a reliable backend, a means for ingesting, querying, and displaying data – for users to extend […]

Read more

Chkrootkit: Eating APTs at Breakfast Since 1997

Chkrootkit will be 20 years old in 2017! The first Chkrootkit release was in 1997 and was written by my friend Klaus (CERT.br team) and I. Chkrootkit is a suite of posix shell scripts and tools written in ansi C, intended to run smoothly in virtually all Unix environments without dependencies. It is able to detect several rootkits, […]

Read more
Subscribe to the Sector Blog
Enter your contact information below to have future blog posts delivered directly to your inbox!
Fields marked with an * are required