Thursday, August 28, 2008

SANS Forensics Blog is up!

Okay, you heard it here first!  

SANS has created a new blog on digital forensics, and yours truly is the first poster.

SANS has chosen a team of about 25 contributors to provide the latest news, tips, and techniques on the topic of forensics.  There are some great posts on the way, so enjoy!

Tuesday, August 26, 2008

PenTest at the Alamo!

Last year I took my kids to San Antonio for some fall heat, killer whales, and our first visit to The Alamo. I eventually had to be dragged away from the Bowie knife collection (note to wives: it's a guy thing).

Now I'm ready to go back. Not because I need more time with whales or knives, but because SANS San Antonio (Nov 8-13), will be featuring the new SEC560 Network Penetration and Ethical Hacking class.

I have heard fantastic things about this new class. The courseware author, Ed Skoudis, apparently pulled out all the stops putting this one together. And, for Ed, that's really saying something.

The class is being taught by Jim Shewmaker. Shew is a great instructor, and it should be a rockin' fun time. Also on site will be Tanya Baccam (Oracle-security-guru-extraordinaire) and Jonathan Ham. I assisted Jonathan with the Google Hacking class in San Diego last year, and it was an excellent class... with attendees from the NSA to keep things extra interesting.

Think about it... when it's cold in November, you could be eating chips and salsa, drinking margaritas, and honing your pen testing skills-- what could be better than that!

Ah... finally an exploit framework I can sink my teeth into

Call me a curmudgeon, but I just cannot make myself learn Ruby. I know I should, and I know this "on rails" stuff is really cool, but days are short and I still haven't invented that cloning machine. So, I was excited when I heard that Francisco Amato at InfoByte Security had released evilgrade -- with support for writing modules in perl. This is perl, I know this!.

Also cool is the IOS-like command line interface. I must admit I prefer bash or tcsh, but IOS is plenty familiar and easy to settle into.

Francisco has a very useful readme file posted as well as an impressive video demonstration.

Check it out. :-)