A walkthrough for the Secret Phase of the Bomb Lab covered in Open Security Training's Introduction to Reverse Engineering class. Read more.
Crackmes.de has a nice of collection crackmes, fun and educational challenges useful for honing your reversing skills. Looking at the latest submissions section there was a recently published Crackme by nlxx rated at difficulty 2. In this guide I will go over the static analysis based solution to this crackme and explain how to write a key generator. Read more.
A walkthrough for the Mystery Box Buffer Overflow challenge in the Open Security Training - Introductory x86 class. Read more.
It feels like the infosec community in the Bay Area is just getting warmed up toward the end of the year with another quarterly iSec Open Forum. As a small and local security event, it usually hosts novel security topics from local security professionals that may not appear in more mainstream events. After getting to the talks area at the end of a long hall with folks from Dropbox zooming by on their skateboards and razorblades, I found an infosec crowd of about a hundred or so people ready to learn and connect.
Below are my notes from the event: Read more.
The Sprawl is a research and development environment with a focus on information security and hacking culture. The site is split into several categories each containing unique presentation of the above topics.
is the main source for project announcements and site news. It is intentionally kept low volume so as not to distract from the rest of the site.
is a collection of articles covering a wide range of topics related to security. This is the product of my blood, sweat and tears navigating the rough waters of security research; I hope you will enjoy the fruits of my labor.
is a repository of security tools and scripts that rely heavily on topics covered in the research section. Each tool has detailed usage description; however, you might want to reference respective research article for in-depth understanding of its operation.
is a collection of media artifacts covering hacking culture. Currently it includes a few dozen handpicked documentaries and television shows on the subject. In case you are interested the name Simstim comes from William Gibson's The Sprawl trilogy. Simstim is described as a device capable of replaying or live viewing of another person's sensory experience. In a way this project attempts to stimulate your mind with a carefully selected collection of audio and video recordings.
is a historical project to explore events related to the hacking culture and information security such as group formations, important releases, compromises, arrests, etc. Studying the history of the previously mentioned topics is essential when trying to understand where we stand today and possibly glimpse into the future.
The site was designed and developed by Peter Kacherginsky (iphelix).
Unless specified otherwise, all original content on this site is copyright protected and licensed under a CC BY-SA 3.0 license.