18 Nov 2012,
War driving has been around for a very, very long time, however it has been missing a few key things. Mainly leather, Judas Priest and Motorcycles. 'Ghost riders in your LAN' is a talk based around overclocking the wardriving game by introducing gasoline, angle grinders, cheap wifi gear and a build price smaller than your slightly more exorbitant weekend bender. This talk is a collaboration between Security-Assessment.com and Stray Rats Custom Motorcycles. I will be covering the details of how to build a wifi-attack-cycle from ground up - from electronics and cheap-and-cheerful heads up displays to the bike modifications required to mount all the tech and look awesome while terrorizing your local neighborhood TP-LINKs. Ride the metal monster, breathing deauth and fire. Closing in with vengeance broadcasting high. This is the WifiKiller.
17 Nov 2012,
Timing attacks are relatively well known in the shady recesses of the caves I assume cryptographers hide in. However less is known by us security and hacker folk. I intend to rectify this injustice by answering a simple question - Can a timing attack be used on a remote web app to guess a hashed password faster than a simple brute force attack? To this end I have pondered, coded, tested, sweated, cried, pondered some more, tested, cried again and coded until I have the tool to answer the question! Ha! This talk will outline the tool, the technique, and its limitations. They said it couldn't be done, I say watch my talk and find out.
New Zealand OWASP Day 2012
31 Aug 2012,
"Don't roll your own" has been common advice over the past decade; however even when heeding these words, insecure practices and common mistakes lead to glaring security holes. This talk will cover some of the common errors made when implementing applcations based around web frameworks, where to look for vulnerabilities and how to avoid them.
Hack in the Box 2012
23 May 2012,
Roberto Suggi Liverani and Scott Bell
OWASP Wellington, New Zealand Chapter Meeting
20 Sep 2011,