We are very excited to talk to some of the folks at Sensepost. In this interview we will be talking to:
- Charl van der Walt - Director of Service Delivery
- Haroon Meer - Technical Director
- Marco Slaverio - Senior Security Analyst (and author of Squeeza)
Free Tools From Sensepost - Bidihblah, Squeeza, Wikto, and more!
More tools from Sensepost! - BILE is great!
"Its All About Timing" - Blackhat USA 2007 presentation - Don't forget to check out the associated Whitepaper, and the tool "Squeeza".
- Could each of you introduce yourself and describe how you got into the information security field?
- Who is Sensepost and what do you do?
- You have an impressive array of tools and products available on your web site, lets talk about a few:
- Others you want to mention aside from Squeeza?
- Lets talk about Squeeza, which was released this summer at BH 2007. Explain the concept behind timing attacks and how it relates to web application hacking.
- What is the most severe threat to web applications today (aside from your pen test team)?
- What can organizations do to protect themselves and their web applications?
- Most interesting story from a pen test that you can talk about?
- What do you think of the most recent iPhone hacking work done by HD Moore and how would you incorporate that into your testing? Recommendations for defense?
- If Marco and Jeremiah Grossman had a contest to see who could hack into the most web applications, who would win?