  1. Cum poti deveni membru in echipa DefCamp 2016? Inainte de toate, daca nu stiti despre ce este vorba, DefCamp este o conferinta de securitate it & hacking ce a inceput prin 2011. Ne-am propus mereu sa aducem speakeri cu greutate recunoscuti la nivel international si, pe langa conferinta, sa organizam diverse activitati provocatoare care sa construiasca un eveniment cunoscut si dincolo de granite. Spre exemplu, anul trecut au fost aproximativ 850 de participanti in cele doua zile de conferinta din Bucuresti, participanti ce au venit din aproximativ 30 de tari in Romania. Anul acesta ne dorim sa adunam 1,000 de pasionati de aceasta industrie. In fiecare an am primit un feedback consistent si pozitiv despre concursurile organizate (IoT Village - un loc in care poti testa diverse gadget-uri, App2Own - aplicatii vulnerabile, Hack the Machine - servere vulnerabile, Target John - social engineering etc). Mai mult decat atat, organizarea D-CTF (dctf.def.camp) e o provocare constanta si o experienta incredibila la care anual participa sute de echipe din zeci de tari, ca apoi cele mai bune 10-15 echipe din lume sa vina la Bucuresti si sa castige marile premii. De aceea, anul acesta vom avea o zona mare dedicata concursurilor (denumita Hacking Village - http://def.camp/hacking-village/) devenite deja consacrate (IoT Village, D-CTF, App2Own, HtM, TJ etc.) insa mai mult decat atat vrem sa introducem concursuri noi. Pentru a reusi sa transformam aceasta zona intr-un mediu fun, competitiv, educativ dar si provocator, suntem in cautare de oameni noi cu idei, cu initiativa si dornici de implicare. Un eveniment de aceasta dimensiune nu se face singur, si doar impreuna vom putea sa scoatem capul din nisip. Care sunt beneficiile de a face parte din echipa DefCamp? - ai acces gratuit la conferinta si acces la toate zonele si activitatile - vei avea oportunitatea sa faci schimb de idei cu oameni super smart si deschisi - vei afla cum se organizeaza un eveniment international cu sute de oameni - te vom ajuta sa inveti tot ce trebuie sa stii ca sa nu ai probleme in timpul conferintei - iti vom recunoaste munca depusa printr-o diploma de voluntariat - tricoul oficial al echipei si multe alte mici atentii - on demand: daca ai nevoie de ceva ce nu se regaseste in lista de mai sus, spune-ne, suntem foarte deschisi Exemple de concursuri noi ce ne dorim sa le introducem la DefCamp: - Lock Picking (workshop) - Connected Car Hacking (ex. CAN) - Best Reverser (Reverse Engineering Challenges) - Critical Infrastructure Attack (ex. SCADA/Best Practices etc) - WAF Bypass - Competitive Intelligence (Open Source Intelligence / OSINT) - Red Team vs Blue Team CTF - Drones Hacking - Hardware Hacking Ce cautam? - ne intereseaza responsabilitatea si insusirea lucrurilor promise (daca stii ca nu ai timp/nu esti sigur ca te poti implica cele cateva zile dinainte si din timpul evenimentului, spune-ne asta de la inceput si vom cauta impreuna ceva care sa se potriveasca timpului tau limitat) - sa fii pasionat, sa ai experienta reala (nu diplome & CVs) in zona in care vrei sa te implici - entuziasm, mult entuziasm - sa stii despre DefCamp sau alte evenimente similare din strainatate (toti voluntarii de la DefCamp sunt fosti participanti, unii veterani [cu 5-7 editii in spate], altii mai "juniori") - sa iti placa IT in general si cyber security in particular - te vom ajuta sa iti iei liber cateva zile de la birou, daca seful e neintelegator Cum poti aplica? Pentru propuneri de concursuri, exista acest formular: http://def.camp/hacking-village/#call-for-contests Formularul de voluntariat: http://def.camp/become-a-volunteer/ Daca sunt intrebari, puteti scrie direct aici sau prin PM.
  2. Salut, ma numesc Mihai Ionut si in ultimele luni am lucrat la doua aplicatii de securitate - WaveCrypt si CyberFROST. WaveCrypt este o aplicatie de criptare (AES) si autentificare pe baza de sunet ce iti permite sa criptezi fisiere folosind un input audio (poti inregistra chiar direct din aplicatie), un cantec stocat pe CD etc sau un clip de pe YouTube (pur si simplu selectezi o secventa de timp, momentan este setata la 5 sec, apoi formatul este convertit in wave, apoi se prelucreaza pentru a obtine cheia) . Ideea centrala este sa poti avea o cheie de criptare de care nu trebuie sa ai grija, avand posibilitatea de a o obtine cand ai nevoie de ea. Evident, sunt constient de bresele mare de securitate ce apar (de ex: studierea traficului web in momentul in care utilizatorul acceseaza yt pentru a-si obtine cheia)chiar daca aceasta este setata la 5 secunde, este destul de usor spargerea acesteia folosind brute force. In urma unui audit de securitate, aplicatia a fost calificata ca "Security by obscurity" - e sigur atat timp cat nu divulgi detalii ale algoritmului. Am creat-o mai mut din curiozitate, plus ca am invatat destul de mult, nu doar partea de criptografie dar si elementele de editare si sintetizare a sunetelor (formatul wave nu este comprimat etc). Aplicatia am scris-o in Java iar modulul online in Python. CyberFROST este o aplicatie de securitate a registrului Windows OS, in cloud. Ideea centrala este ca atat timp cat esti connectat la aplicatie, poti oricand descarca o copie sigura, functionala, curata, de la ceilalti utilizatori. Deasemenea, se pot crea setari personalizate astfel incat sa ajute utilizatorii in a scapa de virusi (de ex dezactivarea driverelor de internet sau modificari asupra UAC etc). Aplicatia am scris-o in Python si in principiu accesez intrarile din registru direct - am facut o lista cu intrarile cel mai des afectate si, la modificarea neautorizata, ai posibilitatea de a reveni la una din configuratiile puse la dispozitie de comunitate. E un fel de System Restore online, cu avantajul comunicarii directe si cooperarii intre utilizatori. Am lucrat doar la componenta offline CyberFROST, trebuie sa mai acumulez cunostinte pentru a putea conecta efectiv utilizatorii intre ei. M-am uitat putin pe forum si mi-a placut mult initiativa voastra, felicitari. Daca aveti sugestii sau pareri legate de proiectele pe care vi le-am prezentat, puteti lasa un comentariu la acest post. Multumesc.
  3. Thread-ul principal cu anunturi & noutati despre DefCamp 2016! Primul anunt e in urmatorul post.
  4. Salut, Dell angajeaza pe mai multe pozitii. O lista completa o gasiti aici: https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/search/3792178 Cateva job-uri selectate: - Principal Consultant, Penetration Testing - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/principal-consultant-penetration-testing-75285 - Information Security Risk Management Advisor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/information-security-risk-management-advisor-78526 - Java Software Development Sr. Analyst - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/java-software-development-sr-analyst-80439 - Java Software Development Advisor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/java-software-development-advisor-79300 - Senior Security Specialist - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/senior-security-specialist-77371 - Network Security - Firewall Auditor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/network-security-firewall-auditor-75062 - Junior Linux Admin - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/junior-linux-admin-81076 - Level 2 Technical Support Analyst - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/level-2-technical-support-analyst-81957 - Windows System Administrator - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/windows-system-administrator-82417 - Software Testing Engineer - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/software-testing-engineer-82376 - Software Testing Jr. Engineer - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/software-testing-jr-engineer-82386 - McAfee ESM Security Advisor - https://dell.referrals.selectminds.com/via/IonutP-5o7x6X/jobs/mcafee-esm-security-advisor-81648 Note: 1. Link-urile sunt cu referral, aceasta e procedura interna de recomandare. Avantajul e ca totul se rezolva mult mai repede si va pot ajuta cu ce informatii aveti nevoie despre o anumita pozitie. 2. Nu cred ca se poate lucra remote, trebuie sa fiti in Bucuresti. Exista totusi posibilitatea de a se lucra (din cand in cand) de acasa, pentru anumite pozitii (program de noapte de exemplu) poate chiar mereu. Daca aveti o intrebare imi puteti trimite un PM. // Nytro
  5. The HatDBG is A pure Powershell win32 debugging abstraction class.The goal of this project is to make a powershell debugger. This is exclusively for educational purposes. URL: https://github.com/enddo/HatDBG Enumerate Threads #Use PID for attach debugger $result = attach -dwpid 5920 if([bool] $result) { $list = enumerate_threads foreach ($thread in $list){ $thread_context = get_thread_context -thread_id $thread write-host ("[+] Dumping register for thread ID: 0x{0,0:x}" -f $thread) write-host ("[+] EIP: 0x{0,0:x}" -f $thread_context.Eip) write-host ("[+] ESP: 0x{0,0:x}" -f $thread_context.Esp) write-host ("[+] EBP: 0x{0,0:x}" -f $thread_context.Ebp) write-host ("[+] EAX: 0x{0,0:x}" -f $thread_context.Eax) write-host ("[+] EBX: 0x{0,0:x}" -f $thread_context.Ebx) write-host ("[+] ECX: 0x{0,0:x}" -f $thread_context.Ecx) write-host ("[+] EDX: 0x{0,0:x}" -f $thread_context.Edx) write-host "[+] END DUMP" } $result = detach } Output [*] Debugger Attached to PID 5920 [+] Dumping register for thread ID: 0xb14 [+] EIP: 0x75ca4d9c [+] ESP: 0x53f610 [+] EBP: 0x53f628 [+] EAX: 0x4d3 [+] EBX: 0x0 [+] ECX: 0x0 [+] EDX: 0x0 [+] END DUMP [+] Dumping register for thread ID: 0x1834 [+] EIP: 0x77e08c0c [+] ESP: 0x31dfb70 [+] EBP: 0x31dfbe0 [+] EAX: 0xf5a280 [+] EBX: 0x2be8c7c [+] ECX: 0x0 [+] EDX: 0x0 [+] END DUMP [+] Dumping register for thread ID: 0x1770 [+] EIP: 0x77e0919c [+] ESP: 0x32df5a8 [+] EBP: 0x32df738 [+] EAX: 0x0 [+] EBX: 0x0 [+] ECX: 0x0 [+] EDX: 0x0 [+] END DUMP [+] Dumping register for thread ID: 0x1784 [+] EIP: 0x77e08c0c [+] ESP: 0x4defc14 [+] EBP: 0x4defc84 [+] EAX: 0xf5a280 [+] EBX: 0x3e8 [+] ECX: 0x0 [+] EDX: 0x0 [+] END DUMP [+] Dumping register for thread ID: 0x133c [+] EIP: 0x77e0919c [+] ESP: 0x500f7f0 [+] EBP: 0x500f980 [+] EAX: 0x103 [+] EBX: 0x0 [+] ECX: 0x0 [+] EDX: 0x0 [+] END DUMP [+] Dumping register for thread ID: 0x1718 [+] EIP: 0x77e08c0c [+] ESP: 0x778fb9c [+] EBP: 0x778fc0c [+] EAX: 0x0 [+] EBX: 0xcc0008 [+] ECX: 0x0 [+] EDX: 0x0 [+] END DUMP [+] Dumping register for thread ID: 0x23b8 [+] EIP: 0x77e0aef0 [+] ESP: 0x2dcf850 [+] EBP: 0x0 [+] EAX: 0x77e41300 [+] EBX: 0x0 [+] ECX: 0x0 [+] EDX: 0x0 [+] END DUMP [*] Finished debugging. Get Debug Event Code $dwpid = Read-Host "Enter the PID of the Process to attach to" attach -dwpid $dwpid run detach Output Enter the PID of the Process to attach to: : 3168 [*] Debugger Attached to PID 3168 [+] Event Code: 3 Thread ID: 5056 [+] Event Code: 6 Thread ID: 5056 [+] Event Code: 2 Thread ID: 8340 [+] Event Code: 2 Thread ID: 10020 [+] Event Code: 2 Thread ID: 4788 [+] Event Code: 2 Thread ID: 7572 [+] Event Code: 2 Thread ID: 128 [+] Event Code: 2 Thread ID: 7760 [+] Event Code: 2 Thread ID: 9552 [+] Event Code: 2 Thread ID: 4676 [+] Event Code: 2 Thread ID: 4516 [+] Event Code: 2 Thread ID: 8704 [+] Event Code: 2 Thread ID: 6016 [+] Event Code: 2 Thread ID: 8556 [+] Event Code: 2 Thread ID: 8968 [+] Event Code: 2 Thread ID: 8204 [+] Event Code: 2 Thread ID: 5444 Set Breakpoint $dwpid = Read-Host "Enter the PID of the Process to attach to" attach -dwpid $dwpid $address = func_resolve -dll "msvcrt.dll" -func "printf" bp_set -address $address run detach Output Enter the PID of the Process to attach to: 4644 [*] Debugger Attached to PID 4644 [*] Set Breakpoint at 0x00116046 [+] Event Code: 3 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 2 Thread ID: 3268 [+] Event Code: 2 Thread ID: 9864 [+] Event Code: 2 Thread ID: 9700 [+] Event Code: 2 Thread ID: 6600 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 6 Thread ID: 7740 [+] Event Code: 2 Thread ID: 7288 [+] Event Code: 1 Thread ID: 7288 [+] Exception address: 0x00116046 [+] Event Code: 4 Thread ID: 7288
  6. German police have carried out a series of raids, targeting people suspected of posting hate content on social media. The co-ordinated raids on 60 addresses were the first time the authorities had acted on this issue in such a way. The aim is to tackle what police called "a substantial rise in verbal radicalism".Typical crimes included "glorification of Nazism [and] xenophobic, anti-Semitic and other right-wing extremism", they said. http://www.bbc.co.uk/news/technology-36804363 @aelius -
  7. Internship - Security Solutions - Rotating Shifts - SecureWorks Internship - Security Solutions - Rotating Shifts - SecureWorks Bucharest, Romania SecureWorks is a global leader in providing intelligence-driven information security solutions. We play an important role, as no organization in the world is immune from cyberattacks and the nature of the attack is changing every day. Internet security is a problem that will never be solved. Unlike point products that address a specific technology issue, we attack the problem holistically by analyzing threat actor tactics, techniques and procedures, and develop solutions using best-of-breed technologies to protect our clients. We are one of the best in the world at understanding the threat. In short, we give our clients an early warning capability. SecureWorks was founded in 1999 and headquartered in Atlanta, Ga., with offices in all the major security markets around the globe. We have more than 2,000 team members, and partner with more than 4,200 clients in 59 countries to keep the bad guys out of their networks. We've been consistently recognized by industry analysts, readers' polls and as a leader in the Gartner Magic Quadrant for managed security services, worldwide. Key Responsibilities Are you interested to start a career in Information Security? Then Dell SecureWorks is where you want to start! We are looking for passionate people that want to join our battle to protect our customers from Cybercrime. In this role you will be given a chance to learn from professionals that focus on providing the best cybersecurity services for the our clients. You will enjoy a multicultural, diverse and dynamic experience, during this 3 months contract, having the possibility to become a permanent employee. This role implies a rotating shift schedule of 12/24 -12/48 with the intial training period in regular business hours schedule (8 h/day). Your core focus will be: - Learn what security operations mean for all the SOC roles (Infosec, Vulnerability Management, Penetration Testing, Security Risk Management, Data Loss Prevention) - Get accustomed with some of the most complex security systems deployed on the customers served in SecureWorks Romania - Learn the SecureWorks culture and meet our local and global specialists As a managed security provider, SecureWorks expects its employees to understand and apply commonly known security practices and possess a working knowledge of applicable industry controls such as NIST 800-53. Employees will be expected to acknowledge their security responsibilities in writing prior to gaining access to company systems. Employees will be required to maintain a working knowledge of local security policies and execute general controls as assigned. Essential Requirements - You are passionate about the IT and Networking industry - You want to develop your Information Security skills - You are analytical and security focused - You like to spot trends and big picture - You have prioritization skills, sense of urgency - You communicate well to build relationship and trust - You are fluent in English. Desirable Requirements - Ideally recent graduate or final year student in a technically focused University - Basic knowledge of IT Security - Any IT certifications are a plus (CCNA, CompTIA Security+) SecureWorks is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: SecureWorks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at SecureWorks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. SecureWorks will not tolerate discrimination or harassment based on any of these characteristics. SecureWorks encourages applicants of all ages. 16000J94 http://dell.referrals.selectminds.com/jobs/internship-security-solutions-secureworks-92325
  8. Mergi la Bucuresti la facultate. Este foarte aproape de Pitesti si ai de unde alege.
  9. Am făcut eu primul an acolo. Nu faci mare lucru. Majoritatea profesorilor sunt foarte slab pregătiți în comparație cu cei de la Unibuc cel puțin. În afară de ceva baze de date, logică și ceva cu grafuri nu prea faci mare lucru. Te sfătuiesc să o urmezi DOAR dacă ești o persoană autodidactă, ești pasionat și înveți singur. Altfel o să ieși cam o mare plantă de acolo. Nu mai zic că la POO a fost o situație penibilă, în care proful era angajat și nici nu prea trecea pe la cursuri, iar la examen ne-a dat Java, C# și C++ în condițiile în care noi făcusem doar vreo 3-4 ore de laborator (că la restul nu a venit) și acolo am făcut (doar el făcea) puțin Java. Nici la Unibuc nu e mare lucru, dar cu siguranță sunt oameni mult mai pregătiți și dacă ai ceva întrebări măcar ai cu cine discuta. Baftă!
  10. SecureWorks - Penetration Tester Sr./Principal - UK/EU Remote (de pe forumurile lui OffSec) SecureWorks - Penetration Tester Sr./Principal Location: Remote Based - UK preferred (EU considered) Schedule: Full-time SecureWorks is looking to hire a number of consultants to join their growing penetration team in the UK (EU location considered). The Penetration Testing Consultant supports the Security and Risk Consulting, Technical Testing team, by applying information security threat intelligence to identify and exploit vulnerabilities within our clients’ environments. A successful candidate will have experience in goal-based network/infrastructure penetration testing and post-exploit, and not only have experience in vulnerability/web scanning tools as penetration testing. Required area of focus: - Network penetration testing Additional desired areas of focus, one or more of the following: - Web application testing; Wireless penetration testing; Mobile application testing; Social engineering; Physical security; Red Teaming Role Responsibilities: - Conduct goal-based penetration testing and document findings for client remediation in the form of briefings and reports - Maintain working knowledge of advanced threat actor tactics, techniques and procedures, and emulate that TTP to assess vulnerability and risk - Perform proactive research to identify and understand new threats, vulnerabilities, and exploits - Document and present new testing techniques to internal and external teams - Manage testing engagements as the project lead, including coordinating multi-consultant engagement teams - Candidates must be located in Europe and willing to travel domestically and internationally up to 50%. We promote the use of a remote testing appliance to help reduce the amount of travel. Benefits: - Training: Generous, dedicated budget per person, which allows you to attend most training courses available on the market. - InfoSec community: SecureWorks’ employees and SecureWorks as a company want to be involved in the InfoSec community, and as such promote attendance to conferences. Just this year, our UK team attends Bsides London, Bsides Manchester, BlackHat/DefCon Las Vegas, 44CON and DerbyCon. Furthermore, financial incentives are in place to promote speaking to conferences or teaching classes. - WFH: This is a remote office position, so we want you to be comfortable. We provide a budget to get a decent chair, desk and any office supplies you require, along with two 24" monitors, keyboard, mouse and docking station (Dell equipment) to avoid bending over a small laptop screen. Requirements: - If you are reading this post, you are an OSCP holder and therefore likely have the technical skills we are looking for. You will join a global team of many OSCP holders (as it’s a job requirement to possess OSCP by the end of this year) to discuss your next attack vector. - 5+ years of total professional experience in information security or related field - 2+ years of experience performing or leading technical testing engagements/projects - Strong time management skills, self-directed, with the ability to meet verbal and written deadlines. - Strong technical communication skills, both written and verbal, with the ability to explain technical security concepts to executive stakeholders in business language. Certifications: - Required certifications must include one of the following: CHECK Team Member (CTM) or CHECK Team Lead (CTL); CREST Registered Tester (CRT) or Crest Certified Tester (CCT); TIGER Qualified Security Tester (QSTM); CREST Certified Simulated Attack Specialist (CCSAS); CREST Certified Simulated Attack Manager (CCSAM) - Required clearances: SC or DV with no restrictions - Desired certifications: OSCP; OSCE; GPEN; GWAPT; GXPN http://dell.referrals.selectminds.com/jobs/principal-consultant-penetration-testing-secureworks-90603?et=1U1rtRHJt
  11. Ce operatii faci pe alea 45M entries ? Recomand sa citesti asta : http://stackoverflow.com/questions/9702643/mysql-vs-mongodb-1000-reads la primul comentariu
  12. Am crezut că generația aia de proști wannabe s-a stins odată cu noi când am început să ne maturizăm. Văd că ne vin ăștia cu forțe proaspete din urmă.
