Friday, May 21, 2010

Head to Blackhat and Defcon 18

I will head to Last Vegas to speak on two topics:
1. The power of Chinese Security - I will partner with Jake and Jon to give a fruitful and comprehensive session from censorship to bypassing techniques.

2. Another session will be held in Blackhat and Defcon. I will work with Val and Colin about China malware, attack and hacker culture analysis.

Censorship content is quite well-prepared and it's time to analyse more China-made malware and I am sure you all should enjoy it.

Again, I do feel happy to meet you all up there.

Thursday, October 30, 2008

OWASP AppSec Asia Conference 2008, Taipei

I feel very pleasure to be invited and attend to the AppSec conference. Wayne from Amorize and his team made every efforts from preparing, organizing to implementing this conference. There were over 1200 attendees in this conference. Even it is not for profit and Wayne needs to get big money from his pocket for this conference. I am not going to just say "It is a good job", in fact, I am deeply touched and respecting enthusiasm and passion from him and his team.

Meanwhile, our OWASP chapter leaders in Asia Pacific region could gather together and discuss our ideas and how we promote OWASP APAC and its future directions. The meeting lasted 3 hours and it was very fruitful and constructive. (Be frank, the meeting room like those Chinese politican meeting room)

In addition, I could meet different chapter leaders, speakers and professionals and you could find their sessions from the conference page.http://www.owasp.org/index.php/OWASP_AppSec_Asia_2008. Meanwhile, you should find their professional profiles.

Moreover, I am thankful to all of you to attend to my session about Metasploit and Meterpreter. As HD Moore and his team are very brilliant to establish the exploitation framework. I do want to introduce it to you guys about its powerand automation. At the same, apart from the tools, audience could know once the server is exploited, what should the penetration testersor attackers do to make post exploitation and cover their tracks? It is helpful to people to reference if theirapplications/systems are being pentested as well.

I believe some slides will be published to there. At the same time, I have linked with some blogs/research site from them and here you are:Wayne Huanghttp://www.armorize.com/corpweb/en/about/armorize_teamhttp://www.armorize.com/

Robert Hansenhttp://www.sectheory.comhttp://ha.ckers.org/

Steven Adairhttp://www.shadowserver.org/wiki/

Tim Basshttp://www.thecepblog.com/2008/10/14/owasp-appsec-asia-2008-taiwan/

Let us keep our passion rolling for OWASP AppSec Conference!

Tuesday, October 21, 2008

DarkFloyd@MS TechEd 2008, Hong Kong

It is very interesting and my first time to present at TechEd. Meanwhile, I have a few interesting findings:

1. I used Mac Book and exploited their browser with tools from BackTrack. Meanwhile, when I was on the stage, I suggest MS should adopt kinds of multiple virtual workspace engage in MAC OS 10.5.

2. Many people wants to see exploits and penetration test on MS product.

3. Someone told me my session could be included in the conference is strange.

You could find my slides from SEC354 from Day 1:
http://www.microsoft.com/hk/technet/teched2008/agenda.aspx

Hope you guys enjoy my session ;-)

Dark Floyd

Wednesday, October 01, 2008

Saturday, September 20, 2008

PISA Journal (Issue 8, 2008) is released!

We have various good writers in this issue for iSCSI security.

Meanwhile, I have written an article about Blackhat and DefCon 2008 experience. In addition, I have interviewed several security gurus in this planet like Mati Aharoni from Offensive Security.

You could find it from here:
http://www.pisa.org.hk/publication/journal/index.htm

EnJoY!

Dark Floyd

Saturday, August 30, 2008

Wireless and Bluetooth Hacking@Hong Kong Police HQ

It's my pleasure to demo and present at there for fellows from Technology Crime Division in Police Force.
http://news.cnet.com/5208-1024_3-0.html?forumID=1&threadID=3370&messageID=18600&start=-1

"Learn how to exploit before defense." -- Dark Floyd

Monday, November 13, 2006