Thursday 24 September 2015

A security tester’s toolkit @DevConnections

Last week I presented my Security Tester’s Toolkit talk or as I subtitled it “How to get arrested by doing stupid stuff!” at IT/DevConnections in Las Vegas.

Here are the list of tools and resources that I used or mentioned and also by request the hardware that I demonstrated during the the talk

Operating Systems
  • Kali Linux – Debian based Linux based penetration testing operating system
Wi-Fi Tools
Attack tools

There are a lot of tools mentioned and demoed in this talk but that is only the tip of the testing toolkit iceberg.

Tuesday 15 September 2015

Website Fuzziness @Devconnections

As this is being posted, I will be just finishing up my session at IT DevConnections on Website Fuzziness. This talk is how to hack your own website to discover potential flaws and vulnerabilities before someone else does.

As promised, here are the resources for the tools that I showed during this talk

Demo sites

These sites can be loaded locally or attacked without permission. You can use them as reference to test your scanners and also to demonstrate to people what should not be done in production systems


The following tools are designed to find cracks in your defenses. Use wisely and do not use against sites that you do not have permission to attack.