Subscribe to Hacker Talk and listen to the latest episodes at:

https://anchor.fm/hacker-talk

In this episode of Security Headlines we deep dive into fuzzing with Patrick Ventuzelo.

topics that we cover:

being niched in cyber security

patricks background, doing pentests on telecom networks, doing security research on the android kernel for the french DoD, reverse engineering, development

Zero days in the android kernel

choicing a target when fuzzing

 blackbox and whitebox fuzzing

fuzzing golang projects

fuzzing rust projects

setting up fuzzing enviroments

webassembly security 

fuzzing webassembly

invalid web assembly opcodes

the next generation of browser exploits

javascript runtimes

exploiting webassembly in the browser

fuzzing blockchain applications

how to write a fuzzer

what to look for while fuzzing

fuzzing javascript

writing fuzzers in python

ataris fuzzer for python code

libfuzzer

llvm

analysing code repositories and finding bad patterns

golang built in fuzzing(go-fuzz, fuzzing draft)

fuzzing ethereum solidity smart contracts

fuzz bench by google

fuzzing the android kernel

beacon fuzz

reporting security bugs

github security advisory

favorite security conferences

External links:

https://fuzzinglabs.com/

http://stackoverflow.com/questions/43153964/ddg#43154559

https://www.youtube.com/channel/UCGD1Qt2jgnFRjrfAITGdNfQ

telegram fuzzlab lab

https://googleprojectzero.blogspot.com/2021/01/in-wild-series-chrome-exploits.html

In this episode of Security Headlines, we are joined by Jay Townsend who is 

maintaining several infosec tools such as the harvester and discover.

The harvester is a very popular tool for doing Osint analysis. Tune into this episode 

as we deep dive into Osint, the opensource information gathering realms.

In this episode we cover:  

what is osint and how can we use it?

discover, lee baird

the harvester

dnsrecon

bash

python

backtrack

wifi security, wep

wifi pineapple, bash bunny, hack5

hack the box, try hack me, hack this site.org

sysadmin, ansible

finding passwords in log files

how to apply security hardenings, systemctl hardenings 

running weekly security scans

bug bounties

penetration tests

finding old applications in production

burpsuit

using the harvester 

harvester in kali linux, parrotsec, blackarch and debian

porting the harvester to python 3

screen-shooting websites with the harvester

hidden features in the harvester

fierce dns hacking

dnsrecon

how to perform osint analysis on yourself and others

how to protect yourself against osint attacks

using throw away email addresses

how to use osint during penetration tests

python development

docker

linux firmware, wifi drivers

visual code 

the latest windows exploits

Links:

https://en.wikipedia.org/wiki/PyCharm

https://www.parrotsec.org/

https://github.com/leebaird

https://www.youtube.com/watch?v=F9UZdPokkhw

https://github.com/laramies/theHarvester

https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-workaround-for-windows-10-serioussam-vulnerability/

https://en.wikipedia.org/wiki/Open-source_intelligence

https://twitter.com/jay_townsend1

https://bloodhound.readthedocs.io/en/latest/ 

https://www.ansible.com/

In this episode of Security Headlines, Kolja Weber the creator of flokinet.is joins us. 

In this episode we talk about:

flokinet

internet privacy

german pirate party

internet privacy laws

Iceland

starting an internet service provider

running an internet service provider

ipv4 addresses

adoption of privacy friendly tools

handling abuse requests 

starting an internet service provider

RIPE

denial of service attacks

mitigating denial of service attacks

starting a privacy focused internet service provider

DNS amplification attacks

security

free speech

adoption of https, starttls and dkim

external links:

https://flokinet.is

https://twitter.com/frelsisbaratta

https://www.afrinic.net/

https://ripe.net

https://en.wikipedia.org/wiki/RIPE_NCC

https://en.wikipedia.org/wiki/AFRINIC

https://letsencrypt.org/

https://www.qubes-os.org/

In this episode of Security Headlines, we are joined by Michael Dubell who co-founded Sweden's first student security  

capture the flag team. What is capture the flag and how do you play it? How can you into hacking through the doors of playing  

ctf's?  Michael started playing around with security as a teenager and the journey led him the capture the flag team, known  

as "ChalmersCTF".

Today, Michael is working with security during the day, and during the night he is developing the soon to   

be released "bountrystrike"(which you can find on bountystrike.io) tool.

Tune in as we talk about CTF, and a lot more!

In this episode we cover:  

halo one online

wallhack

war games

hacking on forums

hack this site

over the wire

https://www.hellboundhackers.org/

chalmers  

chalmers CTF

how to start a "capture the flag" team  

organizing capture the flag meetups

beginner ctfs

over the wire  

the capture the flag scene in Sweden  

over the wire  

whitebox pentesting   

bug bounties

automating scanning and automating bug bounties

vulnerability management   

finding bugs in bug bounty programs   

## External links:   

https://github.com/search?q=capture%20the%20flag%20writeups&type=Everything&repo=&langOverride=&start_value=1   

https://github.com/zardus/ctf-tools       

https://ctftime.org     

https://chalmersctf.se/     

https://overthewire.org   

https://twitter.com/StevenVanAcker    

https://bountystrike.io/    

https://dubell.io/   

In this episode of Security Headlines, we are joined by one of the minds behind the OpenBSD project, Antoine Jacoutot.  He is responsible  

for porting over 300 packages into OpenBSD. He is also involved in syspatch which handles security binary upgrades for OpenBSD.  

Tune in, as we talk about development, security, programming, OpenBSD and a lot more!

##  Topics that we cover:   

OpenBSD's community

opensource   

rcctl  

init systems  

classic BSD

background daemons in OpenBSD   

OpenBSD desktops in the wild   

companies running OpenBSD

writing shellcode

openup

binary patches in OpenBSD

How OpenBSD handle security issues

how security binary patches are carried out.   

syspatch 

porting software to OpenBSD  

Gnome on OpenBSD   

OpenBSDs future with Amazon AWS

sysmerge  

submitting feature requests to OpenBSD  

tmux 

advice for first-time OpenBSD users   

## External links:   

https://www.OpenBSD.org/errata.html 

https://bsdfrog.org/   

https://twitter.com/ajacoutot

https://OpenBSD.org   

https://gnome.org

https://www.OpenBSD.org/faq/ports/ports.html   

https://man.OpenBSD.org/syspatch

https://man.OpenBSD.org/sysmerge    

https://github.com/ajacoutot    

https://man.OpenBSD.org/rcctl    

In this episode of Security Headlines, we are joined by a great mind in the  

memory security space. A spark was created when Theofilos peaked   

into the realms of security. So he packed his bag and got to the next plane to the US in order to deep-dive more into the security field during  

his studies. He became fascinated by the world of writing exploits  

and "smashing the stack" as we say in the hacking field.  He is a   

brilliant guy when it comes to memory attack and he has co-written a   

solution that solves the stack canary problem.   

We had the chance to sit down with Theofilos Petsios and    

get to hear his view on security, development and a lot more.  

That you can tune into right here:  

Stack canaries is a security mitigation technique that has been widely  

adopted and you will find it in most systems today. But does it really work?  

Topics that we touch upon in this episode:    

Stack canaries   

Address layer space randomization   

Blind Return Oriented Programming (BROP)   

Return Oriented Programming    

Static code analysis    

Rest in peace Andrea Bittau    

security mitigations   

Write Xor Execute(W^X)   

Dynaguard   

Where stack canaries fail and the operating systems approach to it.  

hardening systems  

where the future of security is going  

CVE's over time   

Memory corruption bugs   

builtin security in the compilers    

Security vs Overhead   

Using memory in the Thread-local storage

adoption of security mitigations   

stack clash   

Pin, Intel's dynamic binary instrumentation framework     

Defense Advanced Research Projects Agency   

whitepapers and Proof of concepts    

Fuzzing    

building better security tools    

Cost vs benefit in the security field     

Switching from userspace to kernel space mitigations   

linters    

secure codebases    

formal verifications   

"Stack canaries is just one little stone, one a the beach that keeps getting hit by big waves"

External links

https://twitter.com/theofilospe   

https://www.cs.columbia.edu/~theofilos/files/slides/dynaguard.pdf

https://www.cs.columbia.edu/~theofilos/files/papers/2015/dynaguard.pdf

http://www.scs.stanford.edu/brop/   

http://www.scs.stanford.edu/brop/bittau-brop.pdf   

https://github.com/nettrino/DynaGuard    

https://software.intel.com/content/www/us/en/develop/articles/pin-a-dynamic-binary-instrumentation-tool.html   

https://github.com/nezha-dt/nezha    

https://llvm.org/docs/LibFuzzer.html     

https://github.com/nettrino/vimconf  

https://capsule8.com/blog/millions-of-binaries-later-a-look-into-linux-hardening-in-the-wild/

https://youtu.be/Er44ur7wkXQ?t=44

Jonas Lejon is an amazing mind in the Swedish security world. A   

great entrepreneur, hacker, and security-expert!   

We had the pleasure of talking with him in this episode of Security Headlines.

he wanted to specialize in security so he packed his bag and headed over  

to the capital city to work more in-dept with security.  He wanted to   

go deeper and deeper, so spent his extra hours learning the assembly programming 

and getting into the low-level brain of the computer system.  He managed  

to land a job working for the Swedish version of NSA.  

Jonas now runs his own company called "Triop" and has a lot of fun side  

projects that we dig into.

In this episode we also cover:    

Micro blogging  

building search engines 

bloggz dot se

Getting over 20K users within a few weeks

Twitter in the early days  

Building Sweden's biggest micro-blogging platform

testing in production   

WordPress Security   

bug bounties

Finding security holes in Zoom

writing about encryption and security

fuzzing

Hacking Bluetooth    

ISOC-SE

the swedish top level domains .se and .nu 

the internet in Sweden     

beatboxing 

pentesting   

enumerating existing users based on validation time 

updated, security by default systems   

network logging   

Programming   

leaving python 2

Customizing Kali linux  

Time-of-check to time-of-use attacks 

writing exploits 

## External links: 

https://triop.se   

https://kryptera.se    

https://web.archive.org/web/20081102073248/http://bloggz.se/     

https://web.archive.org/web/20110630210858/http://bloggy.se/   

https://en.wikipedia.org/wiki/Memcached     

https://wpsec.com/    

https://utvbloggen.se/    

https://se.linkedin.com/in/jonaslejon    

https://www.youtube.com/channel/UCI49rLPi_Lbbux5eo8ewLKA     

https://en.wikipedia.org/wiki/Dave_Aitel     

https://github.com/SofianeHamlaoui/Spike-Fuzzer     

https://isoc.se/     

https://internetstiftelsen.se/en/     

https://www.netnod.se/     

https://en.wikipedia.org/wiki/Kali_Linux     

https://en.wikipedia.org/wiki/Arcade_Fire     

https://en.wikipedia.org/wiki/Time-of-check_to_time-of-use     

https://github.com/juliocesarfort/public-pentesting-reports     

https://www.hackerone.com/     

https://www.bugcrowd.com/     

https://twitter.com/jonasl     

In this episode of Security Headlines, we are joined by one of Gothenburg's security evangelist, Mr Johan Rydberg Moller.

Johan is the cofounder of Gothenburg's own security conference *Security Fest*, sakerhetspodcasten - the first swedish security   

podcast, hacker, explorer, and musician.  We get to hear the tale of how Johan got sucked into the world of hacking, that   

has been his home for a lot of years now, as well as adventures with publicly disclosing security holes in some of   

sweden's biggest websites.  This and a lot more in this episode of Security Headlines:   

## In this episode we cover:     

learning web security when web security was a new thing

Reporting security vulnerabilities.  

life as a web developer. 

finding security holes in the top 100 websites in Sweden.   

PHP security

cofounding assured

starting the "security fest" conference   

tattooing the conference logo

starting the first Swedish security podcast

pentesting

gothenburg

owasp

web caching attacks

## External links          

https://twitter.com/JohanRMoller   

https://securityfest.com   

https://sec-t.org   

https://www.assured.se/     

https://securitywithoutborders.org/blog.html      

https://portswigger.net/burp     

https://portswigger.net/research     

https://www.youtube.com/watch?v=zP4b3pw94s0    

https://www.theverge.com/2020/3/24/21192830/apple-safari-intelligent-tracking-privacy-full-third-party-cookie-blocking   

https://soundcloud.com/johanrm   

https://www.dagensmedia.se/medier/digitalt/soderhavet-kritiseras-for-sakerhetshal-6176181   

https://sakerhetspodcasten.se/lyssna/   

https://owasp.org/www-chapter-gothenburg/   

In this episode we are Joined by the developer, hacker and Code Siren founder Eijah.

We walk down a road of 2 hours of honest conversation about Development, Morals,    

working with McAfee, Hacking, Motivation, Mental Health, Security and a lot more! 

Eija, an advocate for privacy and individual rights, quit a well paid job at rockstar games to start on a    

journey pursuing what he loved. He went on a journey with the goal of creating technology that   

enhance personal liberty and freedom.  The journey has had its bumps in the road but he as continued  

marching forward, despite various problems.  Today, Eijah runs a software company called CodeSiren.

Working on revolutionary technology

In this episode we cover:  

hacker spirit, engineer, tinkerer

C++, Java

Max payne 3, Red Dead Redemption, grand theft auto 5

programming for the love of it

game developer,

Working at rockstar, life at rockstar

life as a developer

hacking blueray and finding the blueray device keys

Large code bases, code maintenance, clean modular code

your code is your documentation

Xbox360 vs Playstation 3

The failures of VPN companies, selling people's private companies.  

Drinking pints, in Edinburgh

Starting and developing demonsaw

file sharing

privacy

traffic obfuscation and traffic subterfuge, bypassing deep packet inspection

great firewall of china

Surveillance

Privacy

Cryptography

Censorship

John Mcafee

Being a senior programmer

"My greatness stems from not having achieved what I am here to achieve" - Eijah

## External links:    

https://twitter.com/demon_saw     

https://codesiren.com     

https://demonsaw.com     

https://en.wikipedia.org/wiki/Commodore_VIC-20    

https://darknetdiaries.com/episode/16/    

https://en.wikipedia.org/wiki/Advanced_Encryption_Standard    

https://en.wikipedia.org/wiki/CPU_time    

https://forum.doom9.org/     

https://www.reddit.com/domain/forum.doom9.org/        

https://en.wikipedia.org/wiki/Hackers_(film)      

https://en.wikipedia.org/wiki/Dunning-Kruger_effect       

https://en.wikipedia.org/wiki/Impostor_syndrome     

https://en.wikipedia.org/wiki/Allocator_(C%2B%2B)     

https://en.wikipedia.org/wiki/PlayStation_technical_specifications    

https://www.nextplatform.com/2019/01/24/unified-memory-the-final-piece-of-the-gpu-programming-puzzle/     

https://www.youtube.com/watch?v=lTngMxmymX4     

https://www.youtube.com/watch?v=fMfQQoHHLBA    

https://steelpantherrocks.com/     

https://www.youtube.com/watch?v=WjElZ-O9EpM