Here again, after two really succesful days in London. BlackHat Europe ended up with really good fealings, with new friends and contacts, with many presents from the event, and more knowledge.
During my time there, I tried to capture the most importand aspects of the event, to able to constract them in a mini-documentary, that it can pass you the spirit and for you to be able to feel it, despite you weren’t there.
The conclusion of the event is that it was a really good start in the security events for me, and I hope that it is the first of many to come. Finally, I want to tell you that I met Jeff Moss (the founder of BlackHat and DefCon events) in person, and we had a really good talk. His tweet after our talk was the following:
Hope to enjoy my video. Feel free to commend, like, dislike and subscribe to my channel.
As you already know, because of my early work on Cr0w’s Place, and your support of course, I have the opportunity to work in some of the biggest education providers in the security sector. One of them is Hakin9 Media SP. with whom I am starting a new four week course tomorrow, in the subject of Web Application Hacking, and specifically in DataStore attacks and Advanced SQL Injection. You can find my course here.
My intentions are not to phish for clients. It is a really advanced topic, that not anyone can attend. But if you are up to Security and Hacking and you have some knowledge in SQL Injection, you can find this really helpful.
To continue, I want to tell you that I am preparing a vlog for the upcoming BlackHat event, that I will attend in November. I want to call anyone that will attend too, to communicate me, and scheduled a meeting in the event. I will happy to meet all of you, and present you in my BlackHat videos.
Feel free to contact me with any contact way available. 🙂
In this tutorial for Cr0w’s Place we are going to see how to generate a wordlist / dictionary file in Kali Linux, with a different tool, called CUPP. The difference is that this tool uses questions related to the victim, to produce a personalized wordlist for him/her. It is a really useful and effective tool, and it has also been shown in Mr. Robot series.
CUPP is a very powerful tool that creates a wordlist specifically for a person. CUPP is cross platform and written in Python. CUPP asks us questions about the target (name, wife’s name, pet’s name…) and then creates a password based on the keywords we entered.
To install it, go to a folder with a terminal window and type:
git clone https://github.com/Mebus/cupp.git
After this, and into the newly created cupp folder, we start the program like this:
- -h this menu
- -i Interactive questions for user password profiling
- -w Use this option to profile existing dictionary, or WyD.pl output to make some pwnsauce 🙂
- -l Download huge wordlists from repository
- -a Parse default usernames and passwords directly from Alecto DB. Project Alecto uses purified databases of Phenoelit and CIRT which where merged and enhanced.
- -v Version of the program
If you like my job please Subscribe.
Thank You For Watching.:)
As you already know, I have started to be more active these last years in the field of security. I am not just an enthusiast, but I work and study for this field. The purpose of this post isn’t to present you my resume, but to start something new.
All these years I work alone. I write, test, and learn alone. I have also, compete in some CTFs alone, with random teams, from forums and Reddit. But I want to end this now. I want to create a team, and start to compete, wherever it is possible, develop-learn-share knowledge together, and start something new, that will offer not only to us, but hopefully to everyone.
I don’t know the name, I don’t know how many people we will be, but I want people with passion for the Security sector. Passion for computer hacking, developing, programming, penetration testing etc. I don’t want the guy that studies I.T. and goes to work just to live. Let’s create something extraordinary!
I will be happy to hear and speak with you. I am based in Greece, but I don’t thing that I want to restrict it here, so everyone is welcome. Feel free to ask me anything in any of the contact ways that you may find in this blog.
Previously, we talked about the process I followed to get awarded with a student scholarship on BlackHat Europe 2016. As I told you, I followed the application process and I answered the required questions, as I showed you in part 1.
In this post, I will show you the acceptance email that I received in my inbox, ~40 days after my application.
Congratulations, you have been awarded a complimentary Student Scholarship to attend Black Hat Europe 2016 in London. Black Hat Europe is the most technical and relevant global information security event in the world. For more than 19 years, Black Hat has provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. This is an outstanding opportunity for students to learn from and network with some of the most talented researchers and practitioners working in InfoSec today.
Event: Black Hat Europe Briefings
Date: November 3 and November 4, 2016
Location: Business Design Centre, London
Requirements: In order to register for your complimentary Student Pass, you must meet the following requirements:
- Must be at least 18 years old at the time of the event
- Must provide copy of verifiable proof of full-time academic status at an accredited college or university (copy of class schedule or syllabus)
- Must provide copy of valid and current college/university ID card
- You must be able to provide your own travel to and accommodations in London —these are not included
- Submit your materials on or before September 30, 2016.
Please reply to this email with the required information and we will set up your registration. If you have any questions or need any more information, please contact us at email@example.com
Congratulations on your nomination, and we hope you will be able to join us at Black Hat Europe this year.
The Black Hat Team
The email came from the address firstname.lastname@example.org.
As I mentioned in my previous post, I recently got awarded with a complimentary Student Scholarship to attend Black Hat Europe 2016 in London. Of course they do not search for all the qualified students in the world, but you as a student have to apply for the scholarship and after a review from their side, be accepted or rejected.
The application form is hosted here and consists of several questions. I will now provide you the answers I gave to the application form, but of course if you decide to apply, give your own answers, as my answers have been recorded and you will immediately disqualified.
I have to thank many people for this opportunity, and for the state that I’ve reached until now, but I will not do it publicly. Keep in mind that all the above are property of the Cr0w’s Place and Thomas Sermpinis, and their use is prohibited. They have been uploaded for educational purposes only. Thank you and I wish good luck to every contestant.
BlackHat Europe 2016 is taking place in London, 1-4 November 2016. I will be happy to meet you there.
Long time since our last talk. I have to say sorry, but I am pretty busy those last months. I graduated in my bachelors, I started a Masters degree and many more.
The thing I want to talk you about today, is a new course that I instruct, which has to do with Android Malware Analysis. It has started 2 weeks ago and it will continue for 2 weeks more, but don’t worry, it’s self paced. You can start it whenever you want, it will be online for a long time. You can find it in eForensics magazine, in this link.
I hope that you will like it, if you decide to start it. Feel free to ask me anything, before you start, or during your course time.
Another interesting thing about Cr0w’s Place is that I will attend the BlackHat Europe conference in November. I will cover most of the things that I will see there and if some of you attend too, I will be happy to meet and talk with you.