We are finishing putting the final touches on our presentations for next week. Saffron, which will be demoed at Blackhat and Defcon, is in good working order. The results are amazing and we hope you'll be able to make our talk. If you can't feel free to catch us around the conference.
Covert Debugging: Circumventing Software Armoring Techniques is on Thursday at 10am in the Augustus 1+2 Ballroom. We'll be giving the same talk, although somewhat shorter at Defcon on Friday at 2pm in the Track 1 speaking area.
Valsmith and HD Moore will also be giving their Tactical Exploitation talk at 1:45pm on Wednesday in the Tiberius Ballroom 3+4+7+8 and again at Defcon on Friday at 4pm in the Track 1 speaking area.
Valsmith and Delchi will speak on Malware Secrets at Defcon, 11am on Saturday in the Track 2 speaking area.
We hope to see you there!
Thanks to Delchi for organizing this.
I made some modifications to the searching engine. I've reworked the search system and backend SQL queries so they are a bit faster. Specifically you'll the new "Thorough" option on the query interface. If you select this searches will take longer but will get more results.
We've created this page to hopefully help answer some of the most common questions we receive. If your question isn't answered here please feel free to contact us.
What's the criteria for a top-post on your page?
We look for a couple of things. The first is a good post with good technical content. The second thing we look for is relevance to a particular threat that is making the rounds. Many people and leading organizations read this site for up to the date analysis and news. Make your post look well-thought out and professional, and we'll let you know.
The new version of Offensive Computing is now up and running. If you notice any errors, please contact us as soon as possible so we can fix them ASAP. Bear with us if there are any service outages.
Let me take this time to thank all of our beta testers for helping to find more bugs. Thanks!
Any ways to upload a non-executable file?
Offensive Computing team members will be speaking at both Blackhat 2007 and Defcon 15 in Las Vegas Nevada. Danny Quist (Chamuco) and Valsmith will be giving a talk title Covert Debugging: Circumventing Software Armoring Techniques. This is research we've been working on to automatically and generically unpack software.
HD Moore and Valsmith will be presenting a talk called Tactical Exploitation at Blackhat 2007. It will detail methods for penetrating non-standard methods of network penetration and should be very interesting.
We'll be around for both conferences so be sure to find us and say hello!
But I wonder, last year we presented a talk at Defcon called "Hacking Malware" which talked about bypassing security features in malicious binaries. Would this be illegal in Germany? How do you do incident response / forensics and analysis under those types of laws?
Does this mean in Germany someone can hack into a computer and not worry about being analyzed because the tools to do so are illegal?
This article covers what's going on right now in antiforensics and there are some good interview questions with our friend Vinnie Liu.
Read it and fear.
Interesting article :)