Monday, September 02, 2013

ForSec Labor Day Blow-out Linkfest

Final link push for the GSD blog before shutting down for the night.

I hope all you ForSec guys and gals have had a restful Labor Day before heading back into the trenches tomorrow.

Here are some links of note to review this week that I picked out.

Richard Bejtlich on His Latest Book, “The Practice of Network Security Monitoring” - M-unition blog

Did It Execute? - M-unition blog post by Mary Singh on incident response.

Anatomy of an ongoing Drive-by-Download campaign - ZScaler ThreatLabZ blog post

Browser Related":

Psst. Your Browser Knows All Your Secrets. - SANS ISC Diary guest post by Sally Vandeven on pulling the crypto keys in a browser.

Cookie Cadger to Identify Cookie Leakage from Applications over An Insecure HTTP Request - Next of Windows

Cookie Cadger - project homepage. From the link:

“Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests.

“Web providers have started stepping up to the plate since Firesheep was released in 2010. Today, most major websites can provide SSL/TLS during all transactions, preventing cookie data from leaking over wired Ethernet or insecure Wi-Fi. But the fact remains that Firesheep was more of a toy than a tool. Cookie Cadger is the first open-source pen-testing tool ever made for intercepting and replaying specific insecure HTTP GET requests into a browser.

“Cookie Cadger is a graphical utility which harnesses the power of the Wireshark suite and Java to provide a fully cross-platform, entirely open-source utility which can monitor wired Ethernet, insecure Wi-Fi, or load a packet capture file for offline analysis.”

Book stuff - Windows Forensic Environment - Brett Shavers teases us again with brief news he continues to develop a standalone WinPE/FE “one-push” builder. Also he has released an early Kindle version of his X-Ways Forensics Practitioner’s Guide. Finally Brett gives recommendations for some other great ForSec reference books in his post.

Sadly, I am embarrassed to confess that I have just rediscovered the SANS Institute: Reading Room.

It appears their Latest 25 Papers RSS link to the page may have some issues as though I can load it in Firefox, trying to use it in a dedicated RSS reader generates an error that it cannot find actual RSS data on the page. Hmm.

Anyhows…since I just found it (again) there are gazillion (or slightly less) new whitepapers for review and reading.

Here are the ones I picked out that looked interesting to my desk operations:

That last link reminded me of the following particular motivational leadership links I keep handy on my blog sidebar:


--Claus Valca

No comments: