Free THA Webinar – Session Manipulation: Sneaky Web App Compromises

February 23, 2011

A little last minute, but the next Free THA Webinar is NEXT WEEK! Mike Murray will be giving a talk on the subject of Session Manipulation, titled “Sneaky Web App Compromises.”

Mike explains:

“HTTP was originally designed to be a simple, stateless protocol that married a single request with a single response. Now, decades after its original design, the web has expanded to use HTTP to provide rich application functionality that includes detailed cross-request session-keeping. Unfortunately (or fortunately for the skilled attacker), most of this session and state-keeping functionality has been bolted on to the original protocols. And, as with much in the security landscape, features that aren’t designed in to a system often end up having design issues that can be exploited. Join The Hacker Academy’s lead instructor Mike Murray as he walks you through the basics of HTTP Session Manipulation attacks and what can be done with them.”

When: Thursday, March 3rd, 2011
Time: 2PM EST
Length: 1 Hour
Where: Online
Cost: Free
To join us for this 1 hour free webinar, Click Here!

As a note about last webinar’s recording: we will be releasing it, we just had some technical difficulties that have delayed the release a bit. Sorry for the inconvenience.

Note: if you’ve previously signed up for our webinars, there is no need to sign up again – you will have already received an invite via email.

Posted by rmurray | Filed Under Webinar | Leave a Comment 

Mike Murray to make Feb. 24th, 2011 PaulDotCom Security Weekly appearance!

February 17, 2011

That’s right – you heard correctly…Mike Murray will be joining the folks at PaulDotCom for their Security Weekly podcast on Thursday, February 24th, 2011.

Mike has been invited to share his thoughts regarding social engineering; PaulDotCom episode guide explains:

Mike Murray is a Managing Partner of MAD Security, LLC, where he leads engagements to help corporate and government customers understand and protect their security organization and is also responsible for the advanced curriculum at The Hacker Academy. Mike is here to convince YOU that the most important system to focus on in information security is the human and organizational system

For those of you who maybe don’t know of PaulDotCom:

PaulDotCom Security weekly‘s mission is to provide free content within the subject matter of IT security news, vulnerabilities, hacking, and research. We strive to use new technologies to reach a wider audience across the globe to teach people how to grow, learn, and be security ninjas. The mixture of technical content and entertainment will continue to set a new standard for podcasting and Internet TV.

For more information on the particular episode Mike will be appearing on, just head over to the PaulDotCom Wiki for Episode 232.

Don’t miss out on this killer webcast – join Mike and PaulDotCom on Feb. 24th and head over to the Live section of PaulDotCom.

Cheers,

The Hacker Academy Team

Posted by rmurray | Filed Under Media | Leave a Comment 

New content, BSides San Fran, and RSA!

February 14, 2011

Holy cow! It’s BSides San Fran and RSA this week and we are totally excited.

Just as a last minute reminder – Managing Partner of THA Aaron Cohen will be speaking today at BSides on “Selling Security Without Selling Your Soul”. Details below:

Bsides San Francisco 2011
Zeum: San Francisco’s Children’s Museum
221 Fourth Street, San Francisco, CA
Day 1, February 14th, 2011
Aaron’s time-slot: 11 – 11:45 am PT
Cost: FREEEEEEEEE!
RSVP here!

Also – Aaron and Mike Murray will also be making rounds at RSA San Fran, as well. If you see them, be sure to stop them and chat – we LOVE chatting with everyone. Hopefully we’ll see you there :)

As some of our members noticed last week, we also released a new Module by Jeremy Conway regarding Brute Force: Hydra and Medusa. Our members will also see a small flurry of new content over the next few weeks as well – keep an eye out.

Cheers,

The Hacker Academy Team

Posted by rmurray | Filed Under Conference, THA Content | Leave a Comment 

Aaron Speaks at BSides San Fran

February 8, 2011

With the excitement surrounding the upcoming BSides San Francisco 2011, we’re doubly excited to announce that our very own Aaron Cohen will be speaking.

Aaron will be speaking on the topic of “Selling Security Without Selling Your Soul”. Aaron explains:

“Most people don’t ‘get’ security, and it’s hard to convince them of what they need…manager, executive, boss or client prospect. We constantly try to persuade people with our ideas, sometimes they take it, but usually they leave it. Whether or not someone buys security has nothing to do with whether they need it or not, it has to do with whether they think they need it, and that is our job as a sales professional. In this talk we will discuss and show real world examples as to how to be effective in different sales scenarios, which is important for those that want to win business, consulting gigs, project funding and in some cases keep your job.”

If you’ve seen Aaron speak before, or by chance have seen any of the public news appearances by Aaron – you’ll know how much of a treat it is to watch him present. If you haven’t seen him before, here’s your chance :) .

Bsides San Francisco 2011
Zeum: San Francisco’s Children’s Museum
221 Fourth Street, San Francisco, CA
Day 1, February 14th, 2011
Aaron’s time-slot: 11 – 11:45 am
Cost: FREEEEEEEEE!
RSVP here!

Come check out BSides in San Fran this year – it’s going to be a blast. And while you’re there, don’t miss Aaron – you won’t regret it.

Cheers,
The Hacker Academy Team

Posted by rmurray | Filed Under Conference | Leave a Comment 

Brand New Cutting Edge Module: sqlNinja

February 1, 2011

There’s a new Cutting Edge module by Jeremy Conway up for our members to learn from and play with. In this new module, Jeremy covers the use of sqlNinja during penetration testing.

Jeremy explains:

In this module of The Hacker Academy you will learn a good deal about network penetration testing. As we know network pen testing can be done as either a “black box” or “white box” exercise, in either case the process is much the same although the level of access given to us is different. This module will teach you how to analyze for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This module will go in depth on different network penetration testing tools, methodologies and fundamentals needed in order to perform a network penetration test.

Awesome stuff by Jeremy!

Remember, if you’re interested in becoming a member, hop by our membership page for more info.

Cheers,

The Hacker Academy Team

Posted by rmurray | Filed Under THA Content | Leave a Comment 

Follow us on Facebook!
Follow us on Twitter!
Sign up for our E-mail List!

What they're saying:

Latest Blog Posts