Infobyte returns to OWASP APPSEC

Each month of 2016 has been an opportunity to grow and learn. We have been working, traveling and presenting Faraday (Our Integrated Multiuser Pentest Environment) around the globe.

November will not be an exception because we are travelling to Montevideo, Uruguay to participate in OWASP APPSEC RIO DE LA PLATA 2016, one of the best application security conferences in Latin America.

Overview

This year the event will take place, December 1st - 2nd, 2016 in Montevideo, Uruguay, bringing together more than 26 qualified speakers and first class experts who will showcase their research and innovative ideas on many topics related to software security.

¡If you go, you will find impressive trainings and talks shared by the best specialists! OWASP APPSEC is a reunion of Latin American leaders of Information Security where they will show advanced trends, making it a very special opportunity to learn and share together.

Our Chief Operating Officer, Martin Tartarelli, and one of our main Security Researchers, Alejandro Parodi, will give the main training on MOBILE SECURITY! ( December 1). In this course, you will be able to see the most-used mobile device attacks (based on OWASP Top 10 Mobile) in a practical format, with demonstrations and technical details to understand each failure and learn how to remedy them. It’s aimed for developers, technicians, security analysts, auditors, students and anyone enthusiastic about software and mobile security.

(Important: This training will offer an image of VirtualBox to carry out the practices, so you should bring your laptop if you want to participate in them).

At the same event, Alejandro also will present a talk on the second day about MOBILE SECURITY WARNINGS. It will be on December 2nd at 8:30 AM.

So, if you will be in Montevideo and love to know the best topics and trends in software security, we hope to see you there, to enjoy this impressive conference.

Montevideo, here we go!

OWASP APPSEC RIO DE LA PLATA 2016

The Best Application Security Conference in Latin America

1st - 2nd December 2016

ANTEL TOWER - MONTEVIDEO ,URUGUAY

appsecriodelaplata.org

Faraday v1.0.20 is here!

A brand new Faraday version is ready! Faraday v1.0.20 (Community, Pro & Corp) is here, bringing more functionality to our GTK interface and other cool new features.

If you've been keeping up with Faraday, on our last release we published a new experimental GTK interface. In this iteration we added several missing features and fixed a lot of small bugs.

You will probably notice the most our new conflict resolution dialog, which improves on our design for QT and highlights the differences between the two conflicting objects, not to mention it requires one less click from you when fixing a conflict.

Conflict resolution dialog in Faraday's GTK interface

Also, you will notice the status bar now displays relevant information about your workspace, so you know exactly where you stand regarding the number of hosts, services and vulnerabilities. Your workflow will also be improved by the new exit command support, which now behaves as you'd expect - if you exit from a tab inside Faraday, the tab will close.

Big new features are exciting, but bug fixes and small add-ons are important too. The terminal now features infinite scrolling and scroll bars, there are more descriptive labels, the sidebar is resizable and you can search for specific workspaces by name.

However, our web UI wasn't left behind, including fixes and improvements in the hosts and services views. Also, in this version we added the report import event to the commands history, so it can be viewed in the dashboard. We believe this feature will enable you to keep track of all the movements in the workspace, so we hope you enjoy it!

Pro & Corp changes:

• Fixed a bug in report creation - removed relative paths in the generation script so it can be run from another directory

Community, Pro & Corp changes:

• Fixed bugs in plugins: Acunetix - Nmap - Nikto 
  
• Removed description from Hosts list in web UI
• Fixed sort in Hosts list in web UI
• Fixed ports sorting in Host view in web UI
• Added search link for OS in Hosts list in web UI
• Removed description from Services list in web UI
• Added version to Services list in web UI
• Modified false values in Hosts list in web UI
• Added search links in Services list in web UI
• Added scrollbar in Gtk Terminal
• Added workspace status in Gtk interface
• Added conflict resolution support for the Gtk interface
• Added search entry for workspaces in Gtk
• Added support for 'exit' command inside Faraday's Gtk terminal
• Improved handling of uncaught exceptions in Gtk interface
• Improved text formatting in Gtk's log console
• Fixed several small bugs in Faraday GTK
• Added support for resize workspace bar
• Added a quote for imported reports in web UI
• Added support for a new type of report in Qualysguard plugin

We hope you enjoy it, and let us know if you have any questions or comments.

https://www.faradaysec.com/
https://github.com/infobyte/faraday
https://twitter.com/faradaysec

Divide and conquer: modern collaborative pentesting Training in Shakacon VI

Hi everybody! Wondering what neat course to take in mid-june?

Join us in Shakacon for this cutting edge training.

We aim to introduce each attendee to the most crucial pentesting phases, collaborative work caveats and well known attack vectors, applying organizational techniques that increase efficiency and work throughput in cooperative environments.
To sum up we'll have a short real-life scenario where we'll compare diverse tools and techniques in order to compare penetration testing engagement tools vs Interactive Penetration Environments like Faraday

Finding cumbersome to scale your team while maintaining a good level of throughput and quality? Are you duplicating efforts while pentesting?


We'll be waiting for you!
Join by clicking here

When: June 22, 2014
Where: Shakacon VI - Honolulu, Hawaii

Come for this one day training, we'll also run the two day version of this training on the Eko Party.