We have scheduled our first training course for our new year, Hacking By Numbers – “Extended” Edition – for October 6-10th . The course runs for a full 5 days in Pretoria, South Africa. The HBN...

Introducing [http://www.reddit.com/r/ReverseEngineering/] (like its name suggests, a reddit thats all about Code RE..)

[Solve mazes with Photoshop (or gimp)] i must confess that while i understand the logic of flood-fill doing a depth first search and therefor doing the lifting for u, my gimp skills are second...

By now everyone knows that John McCain’s running mate Sarah Palin had her yahoo email account hacked. I guess a presidential candidate using yahoo for govt. related email was about as shocking as...

Gegroet just a quick note on VM. Google is now offering Google Blog Search Beta and I thought it interesting to see who is blogging on vulnerability management.Some of the output includes: i)...

Good news to all the blah’ers out there! The BETA version of BiDiBLAH 2 is available for download here. As you probably know, [a real quick and easy] registration is required, and version 2 of...

The full videos from the OWASP NYC Conf have been posted. At least one BlackHat re-run, but some look well worth the watching.. Most people can grab the videos and slide decks [here],...

EC2 is now out of beta, and supports windows based ANI’s. [Big Day for EC2] EC2 blows my mind, and from a bazillion miles away, i was truly surprised the Amazon got the jump on Google/MSFT/Apple/*...

When you blog a link to poetry: [The man watching] is a poem by Rainer Maria Rilke, that i picked up from a talk by Tim Oreilly during his [recent talk] where he chided the audience for focusing...

Slides from the latest Hack in the Box conference [are available] [SensePost slides are listed as owing / not there yet] SensePosters can grab a local copy [here]

For those writing apps for the iPhone, you have a good chance of bumping into the highly annoying preflighting application error: Ralf Rottmann of [24100.net] has a [pretty comprehensive post on...

Anyone who was around for Defcon-10 will have an opinion on the infamous Gobbles-Silvio-UnixTerrorist talk in which mail spools where published and everyone was slammed [1] According to mumble on...

As a Christmas special we have scheduled an additional training course, Hacking By Numbers – Extended Edition (Bootcamp) in Pretoria, South Africa on November 24-28th. The course runs for a full 5...

Wired magazine has covered the DNSGate saga with full dramatic details like: “never, ever repeat what you just told me over a cell phone“. Its a quick read, and worth it for the classic line: “The...

A couple of months back SensePost were asked by a prominent South African media company to assist in the selection of content and speakers for an upcoming information security conference called...

Our good friend Anthony Olivier has launched his “IT Security Pubcast“. So far 2 episodes are online, with episode #2 including our very own, ever quotable Charl van der Walt. Check it out..

While i normally find “Linux ported to run on your [nintendo/toaster/foo] stories only academically interesting, i think the thought of Linux running on 1st Gen, 2nd Gen iPhones (and iPod Touch) a...

Microsoft has posted selected videos of the latest BlueHat talks [here]. It’s pretty cool that they are now releasing these videos to the planet.. You get to see Matt Miller (skape), Scott Charney...

The latest version of Wikto (2.1) is available for download here. New features include time anomaly reporting and easier access to findings. A few bugfixes have also been made (thanx to some...

I wanted to remind folk that the CFP for the ITWeb Security Summit closes on 26 Jan 2009. You can check it out at http://www.itweb.co.za/events/securitysummit/2009/. Local (ZA) should please make...

I got contacted the other day (via LinkedIn actually, which is a 1st for me) about a PCI conference some folks are trying to organize here in Johannesburg in January next year. I don’t really know...

The last few weeks have brought some fairly interesting predictions for 2009 to bear in CSO Magazine columns. Two recent articles caught my eye from a penetration testing perspective. In the...

(aka 2 completely unrelated topics) You can grab a free copy of the Hackin9 magazine [here] And you can view the speakers list for Ted09 [here]… /mh

(an open source web crawling and screen scraping framework written in Python..) i promised deels i wld stay off the interwebs for a few days, which means my quick stops are filling up my bookmarks...

or maybe not… The twitters informed me that Singe uncovered a case of brand plagiarism!!!1! -snip- -snip- So lets review.. the logo looks shockingly the same they no doubt, behind closed doors...

Those pesky hackers! Alex Sotirov (of heap feng shui fame, famous for breaking everything from Vista, to web browsers, to facebook) and Jacob Applebaum (of cold-boot attack fame, and more...

This is an old post, regurgitated because it yielded some spirited discussion. Apparantly headhunters are being told to avoid World of Warcraft players:...

We often get asked by students of our Hacking By Numbers courses if the course environments or at least the VMWare images are available after the training is over. As a result we’ve started to...

Interesting post on cost/benefit analysis of hacker and hooker attacks…. behrang

So… Black Hat DC is rushing at us like a speeding big… speeding thing. This is just a friendly a reminder about the show (Hyatt Regency Crystal City • February 16-19). We have two courses on offer...