Workshops & Training

Presentation from OWASP AppSec California 2019 offers up dirty tricks to optimize the hunt for security exposures.

Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox.

At risk of appearing like mad scientists, reveling in our latest unholy creation, we proudly introduce you to DeepHack: the open-source hacking AI. This bot learns how to break into web applications using a neural network, trial-and-error, and a frightening disregard for humankind.

We’ve taken a MythBusters-style approach to testing the effectiveness of a variety of drone defense solutions, pitting them against our DangerDrone. Videos demonstrating the results should be almost as fun for you to watch as they were for us to produce. Expect to witness epic aerial battles against an assortment of drone defense types.

Defeating net-based drone defense products by using a protective chicken wire bubble would defeat the majority of net drone defensive products which rely on the net getting caught in the propellers to take down the drone.

Defeating net-based drone defense products by using a protective chicken wire bubble: The SKYNET 12 gauge shotgun shells blew a hole right through our chicken wire protective cage.

At risk of appearing like mad scientists, reveling in our latest unholy creation, we proudly introduce you to DeepHack: the open-source hacking AI. This bot learns how to break into web applications using a neural network, trial-and-error, and a frightening disregard for humankind.

This presentation picks up the subtle art of search engine hacking at the current state and discusses why these techniques fail. We will then reveal several new search engine hacking techniques that have resulted in remarkable breakthroughs against both Google and Bing.

According to our research, 98 percent of the internet is not protected against email spoofing, which is a relatively easy problem to solve. If you’re concerned that your domain may be vulnerable to spoofing, check out SpoofCheck, our tool that diagnoses web and email domains.

Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox. She handles great!

Some quick live footage of flying the Danger Drone, a free penetration testing platform from Bishop Fox. She handles great!

“Super Smash Bros: Melee.” – Furrowed brows, pain in your thumbs, trash talk your Mom would blush to hear. What started as a fun coding project in response to a simple dare grew into an obsession that encompassed the wombo-combo of hacking disciplines including binary reverse engineering, AI research, and programming.

CVE-2016-1764, fixed by Apple in March of 2016, is an application-layer bug that leads to the remote disclosure of all message content and attachments in plaintext by exploiting the OS X Messages client.

It is unlikely when a bug affects almost every CDN and it becomes vulnerable, but when this happens the possibilities are endless and potentially disastrous. This is a story of exploit development with fascinating consequences.

Have you ever attended an RFID hacking presentation and walked away with more questions than answers? This talk will finally provide practical guidance for penetration testers on hacking High Frequency (HF - 13.56 MHz) and Ultra-High Frequency (UHF – 840-960 MHz).

It’s possible for a thief to plug a USB drive into Brink’s CompuSafe Galileo, automate hacking the safe, and steal the cash inside. Our video explains this exploit in under 60 seconds.