The solver for the Forensics tracks is now available. There are multiple ways to tackle each question and this post only shows one way to get to the answers.
The videos from NorthSec 2016 Conference have been published on our YouTube channel, make sure to check them out!
NorthSec 2016 Pictures, thanks to our talented official photographer Simon Veilleux !
Here are stats from this years edition!
Here is the final podium:
- HACK_TOUTE – 139pts
- RPISEC – 99pts
- SomeRandomName – 92pts
Congratulations to all, that was a very hard #nsec16!
Groups that work to protect human rights and civil liberties around the world are under attack by the many of the same attackers who target industry and government. These groups and organizations have far fewer resources to defend themselves, yet the stakes of the attacks are often much higher. This talk will give an update on the state of affairs, emphasizing two cases drawn from CItizen Lab’s recent work: attacks against the Tibetan community, and the Packrat group in Latin America.
Stumped in a pentest? You tried *everything* and yet have not been able to breach your target?
“Stupid Pentest Tricks” presents several dirty tricks/cheats/ways to compromise your target in *creative ways*!
Improve your ProxMark cloning skills, open doors using a universal RFID card, steal keys (no pickpocketing or impressioning skills needed), improve your phishing game and learn the mindset to cheat in a pentest. All this in a 30 minute talk.
Encryption technology raises unavoidable and ideologically loaded problems for courts—as recent cases like the FBI v Apple debate have bluntly illustrated. This tension has meant a real risk of shortsighted policy decisions that both jeopardize our civil liberties and compromise commercial interests. We all have a stake in the outcome of these debates, but the legal arguments are normally murky… at best.
Judges reason through analogy and metaphor, using conceptual bridges to transition between old and new technologies in the law. But when new technologies inherit old metaphors, they also inherit old rules, models and limitations. So how do courts and lawmakers think about the encrypted machine—and how should they? Continue reading…
This training is designed for Web penetration testers familiar with the Burp Suite Pro auditing tool. Based on the Mastering Burp Suite Pro – 100% hands-on class, this session is expected to go much faster, while covering most problems faced in everyday engagements and significantly enhancing your automation skills. The numerous elaborately designed challenges will guide trainees during these 2 days of intense-but-fun Burp Suite Pro practice. Continue reading…