SANS Penetration Testing: Author - eskoudis

What's the Deal with Mobile Device Passcodes and Biometrics? (Part 1 of 2)

By Lee Neely Introduction Mobile device administrators and end users need to be more cognizant of the risks of allowing unauthorized access to their smartphones and take steps to raise the bar on accessing those devices to mitigate those risks. This is part one of two articles on securing mobile device access. In this article, … Continue reading What's the Deal with Mobile Device Passcodes and Biometrics? (Part 1 of 2)


2015 SANS Pen Test HackFest Twitter Contest

Hey folks... check this out! We're delighted to announce a Twitter-based contest here with a fantastic prize. And, participating in this one is really easy. On November 16th through 23rd, SANS will be running our third annual Pen Test HackFest Summit and Training event in Washington DC. We throw everything we've got into this extra … Continue reading 2015 SANS Pen Test HackFest Twitter Contest


DNS Anomaly Analysis Tips: Did you put a new cover sheet on that DDD report?

By Chris Crowley "What is a DDD report?" you're wondering. That's my pet name for a Daily DNS Delta. You see, human beings are creatures of habit. Some have excellent habits, some have gross habits, some actually wear habits, but whatever works for you, we all are creatures of habit. We can use this feature … Continue reading DNS Anomaly Analysis Tips: Did you put a new cover sheet on that DDD report?


Modifying Android Apps: A SEC575 Hands-on Exercise, Part 2

By Joshua Wright Introduction In the last installment of this article, we looked at the IsItDown application, and how it is designed not to run in the Android Emulator, and to include a super-annoying banner ad. We showed how the Apktool utility can be used to decompile an Android APK file, and how we can … Continue reading Modifying Android Apps: A SEC575 Hands-on Exercise, Part 2


Modifying Android Apps: A SEC575 Hands-on Exercise, Part 1

By Joshua Wright Introduction As a security professional, I'm called on to evaluate the security of Android applications on a regular basis. This evaluation process usually takes on one of two forms: Evaluate app security from an end-user perspective Evaluate app security from a publisher perspective While there is a lot of overlap between the … Continue reading Modifying Android Apps: A SEC575 Hands-on Exercise, Part 1