Thursday, September 22, 2011

Opinion: The Age of Artisanal Engineering

Andrew Huang posts an interesting essay on some potential (and exciting) ramifications of the deceleration of Moore's Law and the future shift towards incremental innovation over wholesale moves to entirely new hardware generations.

Thursday, September 15, 2011

Hack3rCon II Presentation: Lurking in the Shadows

Tim Tomes and Mark Baggett


"Lurking in the Shadows"

In the past, hackers and pen testers have used various techniques to hide the presence of tools and information on compromised systems. Techniques such as alternate data streams in Windows, and directories with common names in Linux, have been basic implementations of such techniques. The addition of Shadow Copies to modern Windows operating systems provides us with yet another opportunity to conceal information on remote systems. This talk will discuss the history of concealing data within operating systems and new techniques and tools for doing so in modern Windows implementations.


Tim Tomes (LaNMaSteR53) is a Senior Enterprise Security Consultant for Accuvant Labs and security blogger for who specializes in penetration testing, web application assessments, and Python tool development. A former officer in the U.S. Army and 10 year veteran, Tim spent 3 years as the Senior Red Team Leader for the Army Red Team and was the principle designer of the Army's 1st CyberTraining program.

Twitter: @LaNMaSteR53

Mark Baggett (Mark Baggett) is the Technical Advisor to the DoD for the SANS Institute, an instructor for SANS, and a security blogger for Mark is the owner and operator of In Depth Defense Inc, a private consulting firm that specializes in penetration testing and incident response.

Twitter: @MarkBaggett

Wednesday, September 14, 2011

Book Review: Metasploit The Penetration Tester's Guide

SlashDot has posted a review of Hack3rcon II Speaker and all around Good Guy Dave Kennedy's new book Metasploit The Penetration Tester's Guide.

Check out the Review Here

Buy the book from Amazon Here

Sunday, September 4, 2011

Network King of the Hill (NetKotH) Challenge Returns To Hack3rCon

Network King of the Hill (NetKotH) will be returning to Hack3rCon this year. The rules are the same as last years challenge:

w/dvdrom (unless you already have Backtrack 4 installed on your
computer OR OS of your choice.)
***Depending on how many participants we have, you may need to provide
a cat5 cable. Wireless will be available but not recommended ;-)


1. The teams will be given IPs to web servers with vulnerabilities to
attack, their goal is to deface the front page on each. Expect there to be a
Linux and a Windows box, and maybe some surprises. J The IPs for this
game are: Linux Windows Wildcard

Versions will be switching during the game.

2. Teams try to put up their own defacement, take down other people's
defacement, and lock down the box to keep others teams out. The teams name
must be in the tag when they deface the site for the scoring
system to register it, but they can change the page however they like.

3. Once per minute (more or less) the scoring software will see who
currently owns the site, and score it.

4. Referees will work as a blue team to occasionally step in and change
things on the target IPs. Fix the defacement, patch, roll back changes,
switch Operating Systems, etc, just to even the playing field and make
things interesting.


1. Only penetrate the hosts at the given IPs, not the scoring box
( or other contestant's boxes.

2. DoS and network routing/traffic attacks are allowed, even on the
traffic coming to and from contestants and the scoring box.

3. Stay on the NetKotH network while attacking.

4. Martin and Adrian may change other rules at will.

Prize: TBA

Jon Schipp has been selected as a presenter for Hack3rCon II

The 304Geeks are pleased to announce Hack3rCon 2010 NetKoH winner and Black Badge holder Jon Schipp has been selected as a presenter for Hack3rCon II.

Saturday, September 3, 2011

The Hack3rCon Speakers presentations and bios page has been updated

Go to and click on the Speakers link. Presenters this year include: Dave Kennedy (ReL1k), Adrian Crenshaw (Irongeek), Martin Bos (purehate), Borris Sverdlik (JadedSecurity), Joshua Perrymon (Packetfocus), Jon Schipp, Tim Tomes, Mark Baggett, Brian Martin, Keith Pachulski, @grecs, Chris Silvers, Pat McCoy, Charlie Vedaa, James Macgregor Watson, and Gus Fritschie, Jonathan Claudius.

Presentation titles include: “Your Perimiter Sucks”, “Knowing What's Under Your Hood: Implementing a Network Monitoring System”, "Lurking in the Shadows", “Presentation Title: How to Win Followers and Influence Friends: Hacking Twitter to Boost Your Security Career”, "Hook, Line and Syncer: A Liar for Hire’s Ultimate Tackle Box", "F*** the Penetration Testing Execution Standard (PTES)", "Online Time of Crime", and "Hijacking: Repairing Broken Communication Channels".

A portion of the #Hack3rCon proceeds will go to benefit Hackers for Charity:

Thursday, September 1, 2011

Hack3rCon II Musical Guests

The 304Geeks are pleased to announce special musical guest for Hack3rCon will be DJ Siberia, DJ Bloodlossgirl, and Dual Core.

Security breach on

Security breach on
See the site for details