Note: These are writeups for the exercise for a previous version of my Exploit Development class that I’m not releasing for free. They assume that you have read Chapters 16–19 of Penetration Testing: A Hands-On Introduction to Hacking Version 1 or equivalent.

So far we have had plenty of room for our shellcode after the SEH overwrite or at a register, but this will not always be the case. Many exploit developers go straight for the egghunter (discussed in the next post), but in some cases it may not be necessary. …

Image for post
Image for post
Photo Credit: Bloomberg

On October 30, 2019, I spoke at Bloomberg’s Sooner Than You Think conference on the How to Prevent a Data Breach panel with CrowdStrike Co-Founder and CEO George Kurtz, Equifax CISO Jamil Farshchi, and moderator William Turton, a cybersecurity reporter at Bloomberg. It made for an interesting discussion with the varying viewpoints from a preventative technology vendor, an industry professional tasked with cleaning up the aftermath of one of the most famous breaches in history, and me, that weird hacker girl. Video of the panel is below:

Naturally the first question was to the tune of “Is it even…

In the first edition of Penetration Testing: A Hands-On Introduction to Hacking, you looked at specific examples of vulnerabilities. My goal was to cover as many classes of issues as possible, though of course I could not cover every possible issue you might encounter on your pentests. As you continue your penetration testing career, you will need to take what you have learned and be able to generalize it to other similar issues you run into. Today you will look at an example of default/guessable credentials that I see often on my tests, Apache Tomcat Administrative GUI Access. …

I started my career doing security research. I guess technically I had a government red team job before that, but to really get where I wanted to go in the industry I did some research, gave some talks, and went from there. But for the past couple of years I’ve mainly been focusing on building my consulting practice, commercializing my mobile security research, and build a product startup. So I haven’t had as much time for research as I would have liked. With the release of our first pro product Dagah I’ve made a resolution to change that.

I’ve decided…

Image for post
Image for post
A diverse group of people I work with.

Once upon a time, I was doing an on-site penetration test as part of a group that included an organizer of, let’s just say a conference I’ve recently said some things about to reporters. He had a committee CFP review call one evening, and I thought it might be amusing and/or enlightening to sit in the corner and listen in. The organizer in question agreed to let me listen in as long as I never told a soul. Oops, I guess I’m breaking that vow now. I believe he honestly thought that listening in to this highly ordered and professional…

[Note: This was originally my acceptance speech for the Women’s Society for Cyberjutsu Pentest Ninja award in 2015. In light of what’s been going on in infosec lately, it seemed timely to turn it into a blog post.]

Image for post
Image for post

I have a confession to make. I’m part of the problem. When I see a woman at a cybersecurity conference I assume they are just there as someone’s date. This is loathsome! It bothers me a great deal when someone asks me who I’m there with when I’m the conference keynoter. Ultimately it comes down to simple pattern recognition. …

Image for post
Image for post

I’m in something of a unique position to comment on Cybersecurity and business, having spent the entirety of my professional life working in Cybersecurity and also being first a small business owner and now in addition a startup founder. Despite years of working with clients on their Cybersecurity issues, it wasn’t until I found myself running an albeit Cybersecurity focused startup that I really understood the difficulty at hand. To put it quite simply when your laptop or phone pops up a notification that there’s a security update available and you have customers who need the new version of your…

Georgia Weidman

Founder of Shevirah and Bulb Security. Author of Penetration Testing: A Hands-On Introduction to Hacking. Fellow at New America. Professor at Tulane and UMUC.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store