I was asked about sites that help people learn to hack, and/or present hackable applications, virtual machines and websites. The kind people over at twitter were helpful enough to post their favorites. Here is a consolidated list as well as a link to the tweet, lots of other good suggestions in there too. http://overthewire.org/wargames/ http://overthewire.org/wargames/… Continue reading Learn to hack?
Here are my slides (as video) from blackhat 2018 talk. **Note there is no audio – runtime is about 11:40 Mainframe-[zOS]-Reverse-Engineering-and-Exploit-Development
Well – I’m pretty excited about this! blackhat 2018 Briefing – MAINFRAME [Z/OS] REVERSE ENGINEERING AND EXPLOIT DEVELOPMENT
Had a few people ask for the actual presentation, so here you are! SHARE 2018 Keynote PPTX (95 Mb)
I’d been asked a few times recently for the code that generates the ICHDEX01 RACF masking exit. If you recall, this was the pre-DES (and long pre-KDFAES) algorithm that RACF used to store its passwords. (If you want more detail about this as the other algorithms, see my presentation from SHARE 2016) The algorithm, through… Continue reading RACF masking algorithm, unmasked
Watch this space. https://www.evilmainframe.com
An interview I gave regarding the state of mainframe security. Pt. 1. Mainframes, An Overlooked Cyber Attack Target: Part One
Well – the time has come to start doing what I love to do full time. I couldn’t be happier to announce that I’m working with RSM Partners, Ltd to help bring their amazing mainframe services, security & software business to North America. This is going to be a great challenge and a great opportunity.… Continue reading New job – Doing what I love
Next week at SHARE – San Jose, I’m giving a talk on ransomware on z/OS. I’ve been asked multiple times if I thought ransomware could happen on Z, is it possible: Unequivocally yes. Come see this talk and watch a live demonstration of how this might work. If you are responsible for mainframe security, work for a company… Continue reading Is that ransomware on your mainframe?
This is a co-presentation I did with Brian Marshall and Mark Wilson. My slides are the last few, where I demonstrate 3 distinct exploits on the mainframe. First, off-the-shelf Java with Jboss. Second, TN3270 SSL MITM (using SETn3270 – thx to @mainframed767) and then use the stolen creds in a mainframe Metasploit module to get… Continue reading SHARE 2016 Atlanta – Presentation – Mainframe exploits