Tuesday, August 31, 2010

Join the ESET Challenge!

This year ESET is ekoparty's Gold Sponsor and they will be offering an unique training: "Modern Malware Reverse Engineering" with Joan Calvet as the instructor.

Would you like to access to an amazing discount for the training? If you do, this is your opportunity: ESET Challenge!

ESET Challenge is a multiple levels crackme challenge, the higher score you obtained the better chances you will have of accessing to the discount.


Don't miss this incredible opportunity!

Monday, August 30, 2010

Talks of ekoparty 2010 are published!

Already available, the list of the 23 selected talks to be presented at the sixth edition of the ekoparty Security Conference, the largest technical Security Conference of Latin America.

Official list:

- Chema Alonso - Pentesting Driven by FOCA
- Cedric Blancher - Hacking, an activity of Public interest?
- Nicolas Bareli - Sandboxing based on SECCOM for Linux kernel
- Cesar Cerrudo - Token Kidnapping\'s Revenge
- Cesar Cerrudo - History 0days, Disclosing y otras yerbas
- Claudio Criscione - Virtually Pwned: Pentesting VMware
- Giovanni Cruz - Atacking VoIP…a paradise!
- Nicolas Economou - 2x1 Microsoft Bugs: 'Virtual PC hyper-hole-visor' + 'Windows Creation Vulnerability (MS10-048)'
- Gary Golomb - Network-based detection of PE structural anomalies and linker characteristics
- Michael Hudson - Wrong Way, the true story of a Black Hat
- Barnaby Jack - Jackpotting Automated Teller Machines
- Leando Meiners & Diego Sor - WPA Migration Mode: WEP is back to haunt you...
- Eric Monti - iPhone Rootkit? There's an App for That!
- Mariano Nuñez Di Croce - SAP Backdoors: A ghost at the heart of your business
- Hernan Ochoa & Agustin Arzubel - Understanding the Win SMB NTLM Weak Nonce Vulnerability
- Hernan Ochoa -Transferring files on isolated remote desktop environments
- Deviant Ollam - Distinguishing Lockpicks: Raking vs Lifting vs Jiggling and More
- Alfredo Ortega & Oren Isacson - Exploiting Digital Cameras
- Andres Riancho & Lucas Apa - Web Application Security Payloads
- Juliano Rizzo & Thai Duong - Padding Oracles Everywhere
- Pablo Sole - Hanging on a ROPe
- Roelf Temmingh - Your life online: No more secrets Marty
- Chris Valasek - Understanding the Low Fragmentation Heap: From Allocation to Exploitation

We'd also like to thank the selection committee, which had the difficult task of evaluating the technical level of each of the presentations. The committee members:
- Cesar Cerrudo (Argeniss)
- Sebastian "topo" Muñiz (Independent Security Researcher)
- Gera Richarte (CORE)
- Juliano Rizzo (Netifera)
- Nicolas Waisman (Immunity)

Those interested in attending the sixth edition of the ekoparty, can not miss the opportunity to sign up for one of 11 highly technical trainings that will be presented on 13, 14, 15 of September.

See you there!

Wednesday, August 25, 2010

Do you need help with your trip to ekoparty?

ekoparty created an alliance with avantrip.com, thinking of all the participants from Latin America and the world, who are planning to travel on 16 and September 17 to Buenos Aires.

If you need to consult on flights, hotels, or any other type of tourist advice, contact the avantrip.com at (+5411) 4556 6444 or via e-mail to: ekoparty@avantrip.com.

Mention that you call to attend the Conference ekoparty Security and access to significant discounts!!

Also you have available a list of cheap hotels and hostels at the following address::

Do not miss the opportunity to attend the largest technical security information conference in Latin America's ! It is only once a year ... :)

Tuesday, August 17, 2010

TRAINING:Cracking & Anti-cracking Introduction

Core Security, a company dedicated to IT Security investigation, presents an unique training in LatinAmerica:"Cracking & Anti-Cracking Introduction".

Check here for further information.

- Introduction, basic concepts, tools usage, PE header, win32.
- Techniques for: string references, serial fishing, api cracking.
- Patchers and loaders, VB cracking, delphi
- Virtual Machine Languages:.Net, PECode, Java
- Unpacking and Anti Debugging Techniques.
- Basic Keygenning.

- Get to know the main used tools for eliminate protections applied in Software (privative and non-privative)
- Learn how to prevent those techniques and which tools use for it.

- Basic level of assembler interpretation.



INSTRUCTOR: Ricardo Narvaja
Exploit Writer SSr at Core security. Founder of the mail list rackslatinos, which has been dedicated for more than a decade to the investigation of protections and reverse engineering. He has written innumerable amount of cracking and reversing tutorials, translated to the most important languages.

Member of WE group at Core for more than 3 years and has been in cracking area for 7 years. Interested in know how the software proctections work, how to break and how to improve them. He feels pleasure when share his knowlegde with the community by writing documentation.

INSTRUCTOR: Ariel Coronel
Currently he is part of the Exploit writing team at Core Security. He began with cracking activities 8 year ago, when his curiosity about software protection took him to start his investigations. He has coordinated investigation groups in RE area. He also had a forum called CrackNFO.

Wednesday, August 11, 2010

Registration is now Open for ekoparty 2010

Registration is now open for ekoparty 2010!

Don't miss the opportunity to assist to ekoparty Security Conference, the biggest technical conference about security information of LatinAmerica

In this edition, we are bringing the best trainings of the world, in a accessible and moderate price and in one place, don't lose the opportunity to train your self with the most recognized instructors on the planet.

ekoparty 2010 is reloaded, you won't want to miss it!

Cracking Wi-Fi, for real

Cedric Blancher, one of the wireless guru presents one of the most looked trainings for ekoparty assistants:"Cracking Wi-Fi, for real.

Click here for further information.

Cracking Wi-Fi, for real

Wi-Fi cracking has been around for many years. Tons of tutorials can be found on the net. However, most of them don't focus on the only thing that matters: how things are really working and what is really happening behind the tools. That is the gap this training is intended to fill.
This two days training will describe in depth the process of pentesting Wi-Fi networks, for little profit maybe and fun for sure. We will discuss WEP vulnerabilities and how to exploit them, WPA PSK cracking, understand how the tools work, what they do, when and how to use them for the best results. We will also discuss attacking open networks such as hotspots, and play with the traffic.

This training aims at bringing students to proficiency in pentesting Wi-Fi networks. This includes a deep understanding of Wi-Fi protocols, security mechanisms and associated vulnerabilities.
They will learn a methodology and how to use the required tools to fully achieve their attacks. The training will cover a wide range of tools, including Python programming using Scapy Wi-Fi capabilities.



Students will be given:
- Slides for the training
- Hands-on exercises cheat-sheets
- Backtrack live CDROM

0. Introduction to 802.11
1. WEP overview
2. WPA overview
3. Attack tools
4. Attacks pre-requisites
5. Basic WEP and WPA cracking
6. Handling specific situations
7. Playing with open networks
8. Introduction to Scapy for Wi-Fi
9. Conclusion

TRAINER: Cedric Blancher
Cedric is a senior researcher at EADS Computer Security Research Lab near Paris. He is working on network security and has been focusing more specifically on wireless security. He has been authoring articles and presentation worldwide on that topic, and has written Wifitap, a traffic injection based attack tool for Wi-Fi, along with PoCs tools for disrupting Wi-fi network traffic.

Using Network Forensics for Incident Response and Malware Analysis

NetWitness, one of the worldwide leaders on network forensics analysis, incident response and information leak monitoring, brings a very innovating training in these fields.

Click here for further information.

Using Network Forensics for Incident Response and Malware Analysis

Through classroom instruction and practical hands-on exercises, this two-part workshop will teach you how to conduct basic and in-depth network forensic investigations to monitor and defend your agency’s network against advanced network attack methodologies, and find the roots of external and internal security problems in the network data. Nation-sponsored and criminal attackers have moved away from direct attacks on network perimeters, and are focusing their efforts on application layer attacks. Part one of this two-part course provides the valuable knowledge needed to improve your incident response process by creating “situational awareness” within your incident response team, including the ability to expose covert network communications channels, detect of data leakage, discovery zero-day malware, and find other unauthorized network activity and advanced threats. At the end of this workshop, attendees will leave better equipped to identify and respond to advanced network attack activity, perform in-depth network-based investigations and analysis, continuously analyze the status of critical security controls, lower risk and save time and resources by resolving network security problems more quickly, and properly preserve evidence to assist management or law enforcement.



Part 1: Introduction to Network Forensics
This hands-on lab is an introduction to Network Forensics. Designed for the incident responder, computer forensics practitioner, or fraud investigator, who has a need to learn how to perform basic network forensics work, this session covers current adversary attack methodologies and tools, network investigative and technical threat analysis best practices, and chain of custody requirements and evidentiary standards. This lab also provides the attendee with a working knowledge and experience with tools such as NetWitness Investigator Freeware, WinPCAP, TCPDump, Wireshark and others. The lab uses sample data obtained from actual commercial and U.S. government cases and the students will be asked to perform incident and forensic analysis and make judgments regarding the detailed problems associated with the specific cases presented.

Part 2: Advanced Network Forensics
This hands-on lab is the follow up to Introduction to Network Forensics. Designed for the incident responder, computer forensics expert, fraud investigator, or auditor who has a good working knowledge and experience with tools such WinPCAP, TCPDump, Wireshark and NetWitness Investigator (Freeware Edition), attendees will perform in depth studies of specific hands on cases of beacon Trojans, BotNets, and zero day malware attacks; learn to recognize obfuscated JavaScript and other malware; understand how to recognize non-standard network traffic operating over standard TCP and UDP ports; learn scripting techniques to build network and application layer rules to mine data forensically in real time. The lab uses sample data obtained from actual commercial and U.S. government cases and the students will be asked to perform forensic analysis and make judgments regarding the detailed problems associated with the specific cases presented.

INSTRUCTOR: Gabe Martinez
Gabe Martinez, Vice President, Customer Success, NetWitness Corporation
With over 13 years in the security industry, Gabe has designed, implemented security solutions and performed risk assessments for every major vertical globally. Gabe is in charge of customer success at NetWitness, the world leader in network forensics and advanced threat analysis. Gabe also has over five years consulting and implementing ArcSight and was a founding member of the Solution Team and Customer Success Organization at ArcSight.

Ray Carney, Manager, NetWitness University, NetWitness Corporation
Ray brings 15 years experience designing and delivering Information Security solutions to Global 1000 and Government organizations internationally, with a proven track record leading teams through all phases of the Information Security process, including audit and review, design and implementation, and development of custom software components. Prior to NetWitness, Mr. Carney held senior technical positions at Decurity, Splunk and ArcSight.