Home page logo
dailydave logo
Daily Dave Mailing List

This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

List Archives


Latest Posts

The path Dave Aitel (Aug 19)
Kit Dale likes to say he doesn't train particular BJJ moves per se, so
much as a chain of moves that go from one side of the game to another.
For example, an escape, then a transition to top position, then a pass,
then a submission. Those of us in the infosec world would recognize this
as an "Attack Chain".

And we like to do this with our exploit releases too. That way it's not
like you get just an exploit that will maybe get...

Reminder: CFP closes next week for PacSec.jp in Tokyo Nov12-13 Dragos Ruiu (Aug 19)
Next week we will begin the reviews and collation of talk submissions for

Send your submissions to secwest14 [at] pacsec.jp . details on the site.



Volatility 2.4 is now available! Andrew Case (Aug 13)
The Volatility Team is happy to announce that Volatility 2.4 is now
available! It adds support for Windows 8, 8.1, 2012, and 2012 R2 memory
dumps, Mac OS X Mavericks (up to 10.9.4), and Linux kernels up to 3.16.
New plugins include the ability to extract cached Truecrypt passphrases
and master keys from Windows and Linux memory dumps, investigate Mac
user activity (such as pulling their contact database, calendar items,
PGP encrypted mails, OTR...

Re: Black Hat keynote Charisse Castagnoli (Aug 13)
Classic Mr. Dan Geer

I scored lots of BH cred sharing Dan's early Project Athena days..

Great to see/hear you.

Charisse Castagnoli
please excuse misspellings ( is that the correct way to spell misspelling? )

Re: Black Hat keynote Thomas Lim (Aug 13)
Hi Dan

i like your keynote. It was a good speech especially the idea of
government buying up 0days. However why limit this purchasing
prerogative only to the US government?

Thank you
Thomas Lim

Re: The evolution of Threat Intelligence Dominique Brezinski (Aug 13)
I humbly point you at my BH presentation from 2004 on anomaly detection and
granular automated response: https://www.youtube.com/watch?v=YTy8z7Wcc0M

living the long view and leading our organizations along that path. But
some have.

Detection without response is useless. Response requires reasoning, and
that is what scares many people about automated response. Some degree of
reasoning can be automated, and that is really the next frontier. We...

Re: The evolution of Threat Intelligence Andre Gironda (Aug 12)
SWARM = Speed + Intelligence? "Just add additional VMs to the micro-cloud"

services-consulting-overview.shtml :
Consulting Overview, App Vuln Analysis, Process Review, Source Code
Analysis, Exploit Development and Reverse Engineering, Consultants, etc

Sorry, Dave, I can't find the products or services on your website that
cover apoptosis, data destruction, minimization of important irregular
assets, sub-microsecond level reactive...

Re: The evolution of Threat Intelligence Ali-Reza Anghaie (Aug 12)
As much as many organizations won't want to admit it - I think you're
dead on right. TI is about context and action - not specifics. Right
now "product" TI systems are trying to cram in more ~specifics~ which
just elevates the barrier to entry for use.

Instead, as you suggest, all the context you need is 'What' and 'What
to do NOW' .. the rest doesn't matter to 99% of organizations. AND, if

SAINTCON - The Intermountain West - Security Conference Troy Jessup (Aug 12)

SAINTCON is a Network Security Conference held in Utah each October.

We have expanded significantly in the past couple years, and now have people attending from all over the country.
SAINTCON offers the benefits of many larger conferences, with a more hands-on approach. We focus on training,
instruction, and skills building in all areas of security.

I you are in the Intermountain West, or have interest in attending from...

The evolution of Threat Intelligence Dave Aitel (Aug 12)

I did a dry run of a talk I did last week and it's now up for your
viewing pleasure/pain. :>


Black Hat keynote dan (Aug 12)
Of possible interest, the full text of my keynote to Black Hat last week.

Cybersecurity as Realpolitik



nullcon CFP is open nullcon (Aug 12)
Dear Security Gurus,

6th year | CFP opens on 6th Aug 2014 | conference on 6th Feb 2015.

Welcome to nullcon 666! Bring out the beast in you.

we are happy to open the CFP. Time to tickle your gray cells and
submit your research.
Training: 4th-5th Feb 2015
Conference: 6th-7th Feb 2015

CFP 666
Website - http://nullcon.net

Submit under any of the below options
Papers (40 mins - 1 hr)

DEEP PANDA + INNUENDO = Better Modeling of Your Real Threat Dave Aitel (Jul 24)

In the above video Pete talks about how you would emulate the DEEP PANDA
threat with INNUENDO. Sometimes people ask how INNUENDO is different from
the current generation of penetration testing tools, and examples like this
are what we like to demo to show where our thinking is going. Basically
it's less about "how do I get in" and more about "How do I stay in?" Those
turn out to be very...

Re: Security Paleontology - The Jurassic Park rule Dennis Groves (Jul 18)
Data is IT Security, and you are correct it has to be protected and
to date it seems this has not been done well, if at all.

However, Information Security is about protecting the VALUE created by
the data for both the business and its customers. Businesses are
trading on the /value creation/ not the data. That value is usually
unique to the business, and the business is able to do something
faster, cheaper, at scale, bespoke or whatever for the...

Re: Security Paleontology - The Jurassic Park rule Rafal ( Wh1t3Rabbit) Los (Jul 18)
Wolfgang - this is both great and scary at the same time. People are historically horrible at managing passwords... so
now we're going to a system where payment is determined by something we're bad at keeping secret? In theory this is a
good idea, except for the password part. If they can figure out a way to make the *authentication* more 'secure' then I
think it's a leap forward.

Thinking about it more, am I wrong...

More Lists

Dozens of other network security lists are archived at SecLists.Org.

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]