BlackHat + Defcon 2011 / Dont Drop the SOAP: Real World Web Service Testing for Web Hackers


Over the years web services have become an integral part of web and mobile applications. From critical business applications like SAP to mobile applications used by millions, web services are becoming more of an attack vector than ever before. Unfortunately, penetration testers haven't kept up with the popularity of web services, recent advancements in web service technology, testing methodologies and tools. In fact, most of the methodologies and tools currently available either don't work properly, are poorly designed or don't fully test for real world web service vulnerabilities. In addition, environments for testing web service tools and attack techniques have been limited to home grown solutions or worse yet, production environments.

In this presentation Tom, Josh and Kevin will discuss the new security issues with web services and release an updated web service testing methodology that will be integrated into the OWASP testing guide, new Metasploit modules and exploits for attacking web services and a open source vulnerable web service for the Samurai-WTF (Web Testing Framework) that can be used by penetration testers to test web service attack tools and techniques.

OWASP AppSec DC 2010 / Hacking SAP BusinessObjects

Rochester Security Summit / Security Immaturity

Source Barcelona 2010 / Hacking SAP BusinessObjects

SANS Pentest Summit 2010 / Goal Oriented Pentesting

OWASP AppSec DC 2009 / Synergy! A World where the tools Communite!

BlackHat 2009 and Defcon 17 / Unmasking You!


Many people and organizations depend upon proxies and numerous other privacy techniques to mask their true identity. The problem is there are often flaws within these technologies.

This talk will demonstrate several of these flaws and as well as weaknesses in well known implementations. There will be several new anti-privacy 0days released.

InfoSec World 2009 / Breaking Browsers

  • Understanding what is unsafe with browsers
  • End-user attacks and what to look for
  • How history files/cache/other files can be plucked even if you have security
  • What to do about cookie files
  • New threats, including picture-in-picture attacks

ShmooCon 2008 / Next Generation Wireless Recon, Visualizing the Airwaves


Harnessing the power of both current solutions and some fancy work in Perl VS. Python, we have created two new methods that allow you to visualize the information from wireless networks and their relationships. This enables us to map wireless APs and represent the data in flexible and unique ways, full of informational goodness. The next generation of wireless recon looks pretty sweet!

LinuxWorld 2006 / Change Management: Dynamic Network Mapping


This presentation will first cover existing network mapping tools along with their limitations. Then I describe our proposed new technique for handling the information from network mapping scans. This information is first stored in a database. Using this technique one is able to extract the information that is most useful about the machines that have been scanned through standard database queries. For example, monitoring services availability and temporal changes becomes straightforward. We come to the conclusion that using such a technique leads to a more effective method of network scanning.