Analyse et détection de cyber-attaques: Import-Module IncidentDetection


Le 16 octobre dernier nous avons eu l’opportunité de présenter sur le sujet de la détection d’incidents lors de l’Application Security Forum d’Yverdon. Ce sujet, bien que relativement bien connu est encore trop peu utilisé en entreprise où l’on voit principalement le déploiement de défenses périmètriques, d’antivirus ou encore d’IDS.

Continue reading Analyse et détection de cyber-attaques: Import-Module IncidentDetection

Insomni’hack 2013 – Armory level3

This challenge was the last level on the ARM platform. It was a crackme with a stripped binary including a basic anti-debugging trick. Sadly, only one team managed to complete this challenge before the end of Insomni’hack and another wasn’t far from what we discussed later.

Continue reading Insomni’hack 2013 – Armory level3

Insomni’hack 2013 : Money money money

Money Money Money

Even after "The Event", money is still the key to beat your opponents. Our scouts found an old banking server which should contain information about the accounts and the money they contain, but this old computer used to use perforated cards. Our engineers were able to create an interface to use it on modern technology, but they are not able to break the security system to get the data.
Continue reading Insomni’hack 2013 : Money money money

Insomnihack 2013 – Facebookalypse

This challenge was definitely one of the harder web missions and based on a redefined session handler mechanism that was initially discovered in a relatively well-know Firewall brand. It is also very similar to the example you can find on PHP’s own documentation here :

Continue reading Insomnihack 2013 – Facebookalypse