DerbyCon V Unity

At this moment I am sitting at PWM waiting for my plane to Louisville, KY where in a few days DerbyCon V will be starting. Wednesday and Thursday of this week I will be in Chris Hadnagy's Advanced OSINT training course with DerbyCon kicking off Friday.

I didn't post anything regarding DEF CON this year as I had planned to do as I was completely distracted by personal matters that came up and didn't feel much like writing or doing much else.

For the most part all ...


Knowing When to Let Go of a Project

I just had to do something I really didn't want to do, but after deliberating with it for a while and taking a realistic look at my time, I knew I had to.

I had to let someone know that I would be unable to work on their project. Now this was paid work and not just a volunteer effort or work on an open source project. Originally, I said that I could do it and we worked out a tentative schedule for when I would start and when ...


Inclusiveness at Conferences

Earlier this morning a conversation started on Twitter about the family vibes at cons and feeling left out and whether someone belongs or not. I just wanted to point out a few things based on my own experience at various cons over the last few years.

It is important to remember that whenever you have a large enough group, cliques will form. Despite the best intentions of any con organizer, it can be hard, if not impossible, to keep the open vibe at a con. There is alot of talk ...


Thoughts on the Forever Lock

The Forever Lock was introduced back in April by LockMan28 as an "unpickable lock". It quickly picked up a lot of steam being featured on Digg, The Telegraph, Business Insider and other places.

I never paid it much attention until I was out drinking with a friend and he brought it up. Whenever I hear something is unpickable, unbreakable, or any other unsomething marketing term, I only roll my eyes. With my involvment in TOOOL, I have had the opportunity to see quite a few amazing openings and attacks ...


Review: Gray Hat Python

I really liked this book. If you are new to fuzzing, exploit development or Immunity Debugger or IDA Pro this book will be worth your time to check out. But, if you are already familiar with these topics, this book would be too introductory for you and I would probably skip it.

This book covers quite a bit of ground in its 181 pages. From debuggers, and fuzzers to emulation, each topic is introduced well enough that you will have good base knowledge to continue on from where the book ...


Interesting Presentations

These are links to various presentations that I have seen and enjoyed for one reason or another.


Attending Hope X!

It is official!

I will be attending HOPE X this July with the TOOOL gang. Earlier this year I had thought about attending since it is in New York City and is an easy drive from where I live. However, I had decided not to since it can be difficult with child care and getting time etc., especially when I will be on the road a good deal in August for BSidesLV and DEF CON.

However, the PWM-TOOOL chapter was asked if we could assist with the TOOOL setup and ...


Boston Code Camp 21

Earlier today, I presented at Boston Code Camp 21 on "Hacking Your Own Website". In the presentation, I took the audience through a demonstration of my approach to using BurpSuite to enumerate a website and to find potential exploitation points. I also briefly went into some of the other functionality that Burp offers such as the Intruder and Repeater tools. I also briefly demonstrated the scanner. My thought was that they would most likely be using the free version for a bit before purchasing a license (if at all), so ...


First system that I coded on

The other day on Twitter, Jon Hudson (@the_solutioneer), asked the following question


Happy Thanksgiving!

This year was a very low key Thanksgiving and I am very ok with that. I hate to travel during holidays. It doesn't matter if it is just down the road or across the country. I would rather stay home and relax with those closest with me. I've never been a big holiday person. I don't get excited when it is Thanksgiving, Christmas or Halloween (well maybe Halloween). To me, holidays are a chance for me to relax and celebrate in my own ways. By doing things ...