Friday, March 20, 2009

DC405 Presentation

On Friday I gave a talk to OKC's DC405 group on Metasploit and reverse tunneling out of strict network environments using PassiveX payloads. Unfortunately, we ended up without an available projector, so I gave the presentation by having everyone load it up on their laptops, using this blog and twitter to kick out links. :)

All in all, it was a great group and spawned an impressive discussion afterwards. Thanks #dc405 for letting me come be a part of the group!

"Advances in HTTP encapsulated payloads
Or, a Young Metasploit User's Illustrated Primer"


Link: DC405 - HTTP Encapsulated Payloads

Thursday, March 5, 2009

Common Info Security Weaknesses

Today I gave a presentation to the Oklahoma City ISACA chapter titled "Common Enterprise Security Weaknesses", which was a semi-random collection of observations from penetration tests in the OK, TX, and KS markets. Just in case anyone's interested, here's a link:

Common Information Security Weaknesses (pdf)