On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Content provided by Black Hat / CMP and Jeff Moss. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Black Hat / CMP and Jeff Moss or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
Ejovi Nuwere and Mikko Varpiola: The Art of SIP fuzzing and Vulnerabilities Found in VoIP
MP3•Episode home
Manage episode 155121496 series 1146744
Content provided by Black Hat / CMP and Jeff Moss. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Black Hat / CMP and Jeff Moss or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
This presentation will cover SIP and VoIP related automated fuzzing techniques. Using real world vulnerabilities and audit engagements we will give a technical understanding of this emerging technology and its common attack vectors. The techniques discussed in this talk will not only be limited to SIP but will apply to methodical audit approaches for fuzzing text based protocols which can be more complex then fuzzing binary protocols. This talk will include: * 0 day vulnerabilities (or one day) * Example fuzzing scripts * Proof of concept code Ejovi Nuwere is the founder of SecurityLab Technologies. Nuwere gained media attention and international recognition for his highly publicized security audit of Japan's National ID system--JukiNet. Nuwere is the Chief Technology Officer of SecurityLab Technologies where he heads the companies VoIP security auditing group. He currently lives in Boston and is working on his second book, Practical Penetration Testing (O'Reilly). Mikko Varpiola is the head of test tool development at Codenomicon. His specific area of expertise is in anomaly design - e.g. what to feed into software to make it fail. Before Codenomicon he worked as a researcher in the acclaimed PROTOS project at Oulu University Secure Programming Group (OUSPG).
…
continue reading
61 episodes
Ejovi Nuwere and Mikko Varpiola: The Art of SIP fuzzing and Vulnerabilities Found in VoIP
Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference
MP3•Episode home
Manage episode 155121496 series 1146744
Content provided by Black Hat / CMP and Jeff Moss. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Black Hat / CMP and Jeff Moss or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
This presentation will cover SIP and VoIP related automated fuzzing techniques. Using real world vulnerabilities and audit engagements we will give a technical understanding of this emerging technology and its common attack vectors. The techniques discussed in this talk will not only be limited to SIP but will apply to methodical audit approaches for fuzzing text based protocols which can be more complex then fuzzing binary protocols. This talk will include: * 0 day vulnerabilities (or one day) * Example fuzzing scripts * Proof of concept code Ejovi Nuwere is the founder of SecurityLab Technologies. Nuwere gained media attention and international recognition for his highly publicized security audit of Japan's National ID system--JukiNet. Nuwere is the Chief Technology Officer of SecurityLab Technologies where he heads the companies VoIP security auditing group. He currently lives in Boston and is working on his second book, Practical Penetration Testing (O'Reilly). Mikko Varpiola is the head of test tool development at Codenomicon. His specific area of expertise is in anomaly design - e.g. what to feed into software to make it fail. Before Codenomicon he worked as a researcher in the acclaimed PROTOS project at Oulu University Secure Programming Group (OUSPG).
…
continue reading
61 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.