PHP Authors: Liz McMillan, Carmen Gonzalez, Hovhannes Avoyan, Lori MacVittie, Trevor Parsons

Related Topics: PHP

PHP: Blog Feed Post

Living at Shmoocon

The conference itself was a great time

Well, I'm in Washington DC following the aftermath of Shmoocon 2010. Despite me being an avid security/hacker con goer, this was my first.

Let me start by saying that "aftermath" is no exaggeration. Between the 24+ inches of snow and the crazy antics one can only find at a hacker convention, aftermath may even be a weak term. Due to the snow, the city shut down... all forms of life ceased to exist and the president was driving a monster truck around town. Okay, not really, but me and my fellow Americans have been stuck in the hotel and DC for the past 3 days with basically no place to go.

The conference itself was a great time. I always enjoy meeting a bunch of different people, and seeing familiar faces from other cons like DEFCON, which I try to attend as much as possible since first speaking there in 2007.

On to some more technical stuff... in my opinion the most exciting application to come out of Shmoocon this year was Airdrop-ng. Airdrop-ng will be becoming another part of the Aircrack-ng suite of tools. It's purpose is to deauthenticate clients from wireless access points. Not only will it deauthenticate them, it will also keep them deauth'd

And the cool part about the whole thing was the ability to write rules on what to deny/allow access to. I think it will be a great tool and will be useful in penetration test type scenarios where rogue access points are in the scope of exploitation.

Some other talks I really enjoyed were the FireTalks. 15 minute blurb type talks that get down to the point of the talk and just the details - my favorite. Two that stuck out were the Social Engineering Toolkit presentation by Dave Kennedy and the SHODAN for Penetration Testers talk by Michael Schearer. The Social Engineering Toolkit is basically a tool that will assist in Social Engineering type attacks - phishing, e-mails, etc.. SHODAN is a machine search engine - it fingerprints headers from millions of IPs and puts them in a database for searching. Both of these tools are very useful and fun to toy around with. I would recommend picking up these slides after they've been published.

In closing, I also picked up some physical hacking skills when I was here and honed my lockpicking skills a bit.
Overall a great time and something I will look forward to returning to. Hopefully with less snow.

Speaking of less snow... I hope I can get out of DC sometime today...

Read the original blog entry...

More Stories By Hurricane Labs

Christina O’Neill has been working in the information security field for 3 years. She is a board member for the Northern Ohio InfraGard Members Alliance and a committee member for the Information Security Summit, a conference held once a year for information security and physical security professionals.

IoT & Smart Cities Stories
While the focus and objectives of IoT initiatives are many and diverse, they all share a few common attributes, and one of those is the network. Commonly, that network includes the Internet, over which there isn't any real control for performance and availability. Or is there? The current state of the art for Big Data analytics, as applied to network telemetry, offers new opportunities for improving and assuring operational integrity. In his session at @ThingsExpo, Jim Frey, Vice President of S...
Rodrigo Coutinho is part of OutSystems' founders' team and currently the Head of Product Design. He provides a cross-functional role where he supports Product Management in defining the positioning and direction of the Agile Platform, while at the same time promoting model-based development and new techniques to deliver applications in the cloud.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settl...
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in ...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secu...
Rafay enables developers to automate the distribution, operations, cross-region scaling and lifecycle management of containerized microservices across public and private clouds, and service provider networks. Rafay's platform is built around foundational elements that together deliver an optimal abstraction layer across disparate infrastructure, making it easy for developers to scale and operate applications across any number of locations or regions. Consumed as a service, Rafay's platform elimi...
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
In today's enterprise, digital transformation represents organizational change even more so than technology change, as customer preferences and behavior drive end-to-end transformation across lines of business as well as IT. To capitalize on the ubiquitous disruption driving this transformation, companies must be able to innovate at an increasingly rapid pace.