Practical LLM Security As large language models (LLMs) become increasingly integrated into various applications, the security standards for these integrations have not kept pace. Much of the current security research tends to focus on either 1) the social harms and biases associated with LLMs, along with content moderation issues, or 2) the LLMs themselves, often Read More …
Category: InforSecTV
This is the main page for the video channels I will build under this
Conference Video – Threat Hunting Within Organizations Andrew Case
These are the videos from B Sides Tampa 2015
Moran Cerf – Moth GrandSLAM winning story
Moran Cerf – Moth GrandSLAM winning story
Conference Video – Deep Web – what to do and what not to do
Presented at the Cysinfo 9th Quarterly Meetup on 19th November 2016 at Bangalore Presentation Link
Malware TV – Automatically Extracting Obfuscated Strings from Malware
The FireEye Labs Obfuscated String Solver (FLOSS) is an open-source tool that automatically detects, extracts, and decodes obfuscated strings in Windows Portable Executable (PE) files. Malware analysts, forensic investigators, and incident responders can use FLOSS to quickly extract sensitive strings to identify indicators of compromise (IOCs). Malware authors encode strings in their programs to hide Read More …
Conference Video – Defending Against Power Shell Attacks
Dutch Power Shell User Group – 3rd Power Shell Saturday 2017-04-08
Hacker TV – What Is An XXE Attack?
XML files can incorporate inline references to other documents. Unsafe treatment of external references allows an attacker to probe your file system for sensitive information – an XML External Entity (XXE) attack.
Conference Video – Invoke-Obfuscation: PowerShell obFUsk8tion
Power Shell has increasingly become the de facto standard for penetration testers and hackers alike. It enables attackers to “live off the land” by using a Microsoft-signed binary that can execute remote code entirely in memory while bypassing both A/V and application whitelisting solutions. Today’s detection techniques monitor for certain strings in powershell.exe’s command-line arguments. Read More …
Conference Video – Win32 Exploit Development With Mona and the MSF Framework
In this talk, Corelanc0d3r and Nullthreat will walk the audience through the process of writing exploits for Win32 User Land, while elaborating on the subtleties of writing effective and reliable exploits that bypass common memory protections. Using a number of example exploits, they will demonstrate how the various functions available in mona.py, the Corelan Team Read More …
Conference Video – Dirty Red Team tricks
Let’s time travel to 2003 with today’s tools and own everything. This talk takes you inside the red teams at the North East and Mid Atlantic Collegiate Cyber Defense competition events. Raphael Mudge, the developer of the Armitage Metasploit GUI, will guide you on this journey. You will learn how to automate Metasploit, nmap, and Read More …