Archive for Hackerspace Member Pages

Women in Gaming/Tech

Oct 17, 2013 Comments Off by

(Disclaimer: The views expressed here are entirely my own. They do not reflect the views of my employer, or anyone else. They are mine and mine alone) Every day I am confronted with an overwhelming theme in the snippets of social dialogue of which I peruse. I am probably what Ryon Day would call a [...]

Hackerspace Member Pages Read more

Wake up Geeks: We Won

Sep 02, 2013 Comments Off by

It has been a long time since I have posted on here. If I look back at the posts on this blog, I’ll probably shake my head at old me. However, I needed a venue to talk about something, and this is the best one I have. There has been a lot of discussion in [...]

Hackerspace Member Pages Read more

Six Steps to Having an Awesome Project

Apr 19, 2012 Comments Off by

Hackerspace Charlotte is a great place for people who share an interest in technology and science to meet new people, make contacts, and begin lasting friendships. It is also a great place for people to bring their projects, share their projects and get help with their projects. The projects that people bring to Hackerspace Charlotte [...]

Hackerspace Member Pages Read more

Security-Bsides Austin Texas

Mar 24, 2012 Comments Off by

I am proud to say that my talk has been selected for B-Sides Austin TX this year.  Check out the Abstract below if you’re interested. Name: David Maloney, @thelightcosineTitle: Don’t Pick the lock, steal the key Length: 45 minutes Abstract: You’ve got a problem. You’re running a pentest and the only vulnerable box is some [...]

Hackerspace Member Pages Read more

Some facts on the First State Superannuation Issue

Oct 17, 2011 Comments Off by

Some blogger, has recently written a somewhat uninformed post on the whole Patrick Webster FSS issue. The author seems to be under some misapprehension about how these sorts of things work. Which is cocnerning for someone who claim to be a Web Application Security person, and is taking the pulpit to preach on the issue. [...]

Hackerspace Member Pages Read more

When even Responsible Disclosure Fails

Oct 15, 2011 Comments Off by

Disclaimer: The opinions expressed in this blog are my own, and do not reflect the views of anyone but myself. In the latest incident, Patrick Webster of OSI Security, is under threat of legal action. This threat comes after he disclosed a vulnerability to First State Superannuation . The vulnerability was a case of direct Object Reference. By manipulating [...]

Hackerspace Member Pages Read more

DerbyCon Retrospective

Oct 09, 2011 Comments Off by

Rel1k recently posted his thoughts on how DerbyCon, and I thought I would share my own. I have not exactly made a secret of how I felt about DerbyCon. The speaker lineup was simply amazing. There were very few spots where I didn’t have a talk I wanted to see. I unfortunately had to make some [...]

Hackerspace Member Pages Read more

Update to the Metasploit Exploit Port Wishlist

Oct 09, 2011 Comments Off by

Here is the latest update to the document I have been creating. This is a list of exploits that are in exploit-db but not in Metasploit. This list is generated by referencing the Knowledge Base in QualysGuard. Its accuracy is not guaranteed, but it should serve as a good starting point for anyone interested in porting exploits to Metasploit. Article source: http://cosine-security.blogspot.com/2011/10/update-to-metasploit-exploit-port.html

Hackerspace Member Pages Read more

Dear Mr Haywood, Welcome to 2010

Sep 09, 2011 Comments Off by

There has been some controversy over the recent rise in bug bounty programs. One response was issued by Anthony Haywood, CTO of Idappcom. You can find his article here. I read this article in disbelief at some of the ‘points’ espoused in this article. I will avoid the more mundane trollings  of the article and try to [...]

Hackerspace Member Pages Read more

Metasploit: Dumping Microsoft SQL Server Hashes

Jul 30, 2011 Comments Off by

New module just committed today: auxiliary/scanner/mssql/mssql_hashdump This modules takes given credentials and a port and attempts to log into one or more MSSQL Servers. Once it has logged in it will check to make sure it has sysadmin permissions. Assuming it has the needed permissions it will then grab all of the Database Username and Hashes. While [...]

Hackerspace Member Pages Read more