Pure Hacking to present at Ruxcon 2012 and its inaugural Ruxcon Breakpoint Conference of International Security Experts
Miller's Ruxcon 2012 presentation and demonstration on "Exploiting internal network vulnerabilities via the browser using BeEF Bind" will reveal a new browser attack technique which allows an attacker to pivot through a web browser in order to exploit a victim's internal servers. The Browser Exploitation Framework (BeEF) attack technique, known as “BeEF Bind”, increases the number of potential remote exploits to include many internal service vulnerabilities throughout the corporate network. A live demonstration of this new attack technique will also be included in the presentation. His co-presenter for this session is Michele Orru, a leading researcher on web applications security and related exploitation techniques.
For Ruxcon Breakpoint, a new conference which showcases the work of 14 security experts from around the world, Miller will bring "The Shellcode Lab" to an Australian conference audience for the first time. The training course focuses on writing shellcode to bypass security controls to increase the exploitation success rate. Students are taught how to integrate their shellcode into individual exploits, as well as create Metasploit Exploit Framework (MSF) payload modules. "The Shellcode Lab" has been held at Black Hat USA in 2011 and 2012 with overwhelmingly positive feedback.
For Pure Hacking's Miller, the conference and its preceding Breakpoint showcase is an ideal platform for displaying the Pure Hacking expertise. "The BeEF Bind presentation is
something new and is a new attack technique Australian enterprise needs to better understand to protect themselves into the future."
"I am also looking forward to sharing "The Shellcode Lab" training course with an Australian audience on home ground for the first time," he concluded.
Ty Miller is the Chief Technical Officer at Pure Hacking, who leads their specialist security team and strategy to ensure that Pure Hacking is at the forefront of specialist information security services. Ty specialises in all forms of penetration testing and secure infrastructure design. He runs various security courses for Pure Hacking in both web application and infrastructure security, and performs independent security research.
Ty has run training and performed presentations for various security conferences and clients around the world based on his security research, and is also a co-author of the book Hacking Exposed Linux.
Ty has a deep interest in projects involving reverse engineering and shellcode development, and has worked with numerous companies to address identified risks. Currently Ty is researching the risks associated with “cloud” computing and mobile services platforms available to organisations.
For more information about Ty's presentations:
About Pure Hacking
Pure Hacking is Australia’s leading specialist information security consultancy. As the authoritative source in strategic, application, infrastructure and operational services, Pure Hacking has set the standard for ethical hacking and security consulting since 2002. Simply put, Pure Hacking saves companies from devastating attacks by enabling secure business. www.purehacking.com