One of my favorite ways to eat Oreo cookies is to twist the two halves apart, carefully set the filling aside, eat both chocolate halves, and then slowly enjoy the indulgent filling. Without milk, this is by far the best way to fully indulge in both parts of the cookie. But with a glass of …
MobiSec has undergone a major reconstruction and version 2.0 (actually 2.0.1) is now available for download on SourceForge. The popular mobile testing VM platform has been rebuilt on the latest Ubuntu 64-bit LTS. The tools have been modernized through updates and by replacing deprecated tools with better-supported equivalents. The environment has also been trimmed down …
Secure Ideas is very excited to announce their training event for April. We have worked with the Core Group and TrustedSec to create an event that covers a wide variety of training needs. The event is April 6-9th 2015 and will be held at the Palms International Resort. We are in the process of getting …
SQLite is an embedded, open-source, lightweight SQL database engine. The C based library is transactional, self-contained, and highly compact. It’s also fairly easy to implement. It doesn’t require any sort of installation or configuration, and all data is stored locally. This is very differently from a standard Oracle or MySQL database, so don’t make the …
SQLite: the good, the bad, the embedded database Read More »
Mobile devices and applications are everywhere. And we have seen tons of information, guides and what not on how to build successful businesses around the next big mobile application. There is even an article spreading around right now about how somebody learned how to program in 3 days and has released an amazing application. But …
Secure Ideas is excited to announce that Kevin Johnson and James Jardine will be teaching Advance Mobile PenTesting with MobiSec at Blackhat 2014. This course will be offered twice, in two day sessions. In this hands-on, lab driven course students will be taught a methodology and series of techniques used to perform penetration testing of …
Professionally Evil Courses: Advanced Mobile PenTesting with MobiSec Read More »
Secure Ideas is excited to announce that Jason Gillam will be teaching Mobile PenTesting with MobiSec at Charlotte ISSA 10th Annual Infosec Summit. Kevin Johnson, one of the course authors, may be available on the second day. In this hands-on, lab driven course students will be taught a methodology and series of techniques used to perform penetration …
Professionally Evil Courses: Mobile PenTesting with MobiSec Read More »
In July, my daughter, Brenna (11yo) and I presented at the SANS Denver event. She has long wanted to present with me and we both thought this talk was the perfect one to do. In it, we walk through the various privacy concerns mobile applications and devices have. We do this by looking at the …
My Crayons Didn’t Upload My Pictures to the Internet Read More »
In this series of the Professionally Evil Toolkit we will be talking about sqlmap. Sqlmap is an open source penetration testing tool that is written in python. Sqlmap automates the process of detecting/exploiting SQL injection flaws and taking over of database servers. As you might know, SQL injection is ranked number one on the OWASP …
So I just got back from the SANS Mobile Security Summit where I was the chair. The event was a blast and even though I am biased, I think that we had a number of great speakers. This was the second annual summit and I am already looking forward to next years! Now lets review …