Defcon 15 again

Even though I missed some of the great presentations at Defcon I had a chance to see quite a few. Here is a brief summary of the most inspiring.

“MQ Jumping” by Martyn Ruks. This was a great presentation of IBM Websphere MQ and some of it’s security problems. Martyn presented a number of ways to remotely own the system of an unhardened MQ installation using some in-house developed tools. He mentioned publishing the python classes and some sample code once he got back. So keep an eye out for that.

“CaffeineMonkey: Automated Collection, Detection and Analysis of Malicious JavaScript” by Daniel Peck and Ben Feinstein. The topic says it all! The tool (CaffeineMonkey) is released under GPL3 and is available here. The talk was pretty impressive especially the parts where malicious javascript was illustrated in graphs showing the amount of times specific function calls were made. This allowed for malicious javascript to be pinpointed by just looking at the graphs.

“HoneyJax (AKA Web Security Monitoring and Intelligence 2.0)” by Dan Hubbard. A very entertaining talk on deployment of bots in web communities which aid in identifying and tracking of malicious code. The audience was introduced to both passive and active bots which were both used in order to collect data in the environment and alert in case of suspicious activity. A talk on a very interesting topic delivered by a great speaker with the right amount of humor.

This entry was posted in cqure.net on by .

About Patrik Karlsson

Patrik Karlsson created cqure.net in 2001 as a way of assisting security professionals around the globe with the necessary tools for improving security in IT-systems. Patrik has developed all of the tools that are published on the site, he also maintains and improves them on a somewhat regular basis.