Even though I missed some of the great presentations at Defcon I had a chance to see quite a few. Here is a brief summary of the most inspiring.

“MQ Jumping” by Martyn Ruks. This was a great presentation of IBM Websphere MQ and some of it’s security problems. Martyn presented a number of ways to remotely own the system of an unhardened MQ installation using some in-house developed tools. He mentioned publishing the python classes and some sample code once he got back. So keep an eye out for that.

“CaffeineMonkey: Automated Collection, Detection and Analysis of Malicious JavaScript” by Daniel Peck and Ben Feinstein. The topic says it all! The tool (CaffeineMonkey) is released under GPL3 and is available here. The talk was pretty impressive especially the parts where malicious javascript was illustrated in graphs showing the amount of times specific function calls were made. This allowed for malicious javascript to be pinpointed by just looking at the graphs.

“HoneyJax (AKA Web Security Monitoring and Intelligence 2.0)” by Dan Hubbard. A very entertaining talk on deployment of bots in web communities which aid in identifying and tracking of malicious code. The audience was introduced to both passive and active bots which were both used in order to collect data in the environment and alert in case of suspicious activity. A talk on a very interesting topic delivered by a great speaker with the right amount of humor.

This entry was posted on Wednesday, August 8th, 2007 at 9:30 pm and is filed under cqure.net. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.