Anestis Bechtsoudis » Presentations http://bechtsoudis.com Driven by Passion for Challenges Tue, 01 Jul 2014 12:30:55 +0000 en-US hourly 1 http://wordpress.org/?v=3.9.2 WeBaCoo Tool: Keeping your web shell under the mainstream radars http://bechtsoudis.com/2012/03/21/webacoo-tool-keeping-your-web-shell-under-the-mainstream-radars/#utm_source=rss&utm_medium=rss&utm_campaign=webacoo-tool-keeping-your-web-shell-under-the-mainstream-radars http://bechtsoudis.com/2012/03/21/webacoo-tool-keeping-your-web-shell-under-the-mainstream-radars/#comments Wed, 21 Mar 2012 19:09:29 +0000 http://bechtsoudis.com/?p=1261 The past two weeks I conducted two presentations on the WeBaCoo tool. First one at 3rd unauthorized security meeting (11 March 2012) and the second at Patra’s Linux User Group meetup (20 March 2012).

Presentations did not focus solely on the WeBaCoo tool and its features. Critical topics around web shell implementation and communication techniques were discussed, focusing on how to maintain a stealth behavior. Both events were followed by a custom web hacking challenge for fun and learn.

I had a great time in both events and I would like to thank the organizing committees behind the scenes and people who attended the presentations. It’s pleasant to see that people started to get concern about security issues and actively participate in relevant events.

 

Presentations can be downloaded from the following links:

Unauthorized (.pdf 1.1MB)

PLUG (.pdf 1.1MB)

 

 

A. Bechtsoudis

]]>
http://bechtsoudis.com/2012/03/21/webacoo-tool-keeping-your-web-shell-under-the-mainstream-radars/feed/ 0
ICT Security Basics – Demystifying the Sec puzzle http://bechtsoudis.com/2011/11/30/ict-security-basics-demystifying-the-sec-puzzle/#utm_source=rss&utm_medium=rss&utm_campaign=ict-security-basics-demystifying-the-sec-puzzle http://bechtsoudis.com/2011/11/30/ict-security-basics-demystifying-the-sec-puzzle/#comments Wed, 30 Nov 2011 20:24:32 +0000 http://bechtsoudis.com/?p=1007 At 24 November 2011, I was invited to make an introductory presentation about Information and Network Security at 4th Student Guru Patra’s branch meetup. Τhank to Erikos Alkalai for the invitation and congratulations to all the branch support team for their great work.

Knowing that the audience was mainly consisted of undergraduate students attending their first years at university and with no prior contact with information and computer security issues, the presentation focused on the basic theory and some practical issues that a computer engineer must know. The theoretic part was followed by a half-hour live hacking demo, presenting trivial ways followed by an attacker to compromise a main server system.

 

The presentation can be downloaded from here:

Presentation (.pdf 480KB)

 

 

 

A. Bechtsoudis

]]>
http://bechtsoudis.com/2011/11/30/ict-security-basics-demystifying-the-sec-puzzle/feed/ 0
Network Penetration Testing http://bechtsoudis.com/2011/11/26/network-penetration-testing/#utm_source=rss&utm_medium=rss&utm_campaign=network-penetration-testing http://bechtsoudis.com/2011/11/26/network-penetration-testing/#comments Fri, 25 Nov 2011 23:21:01 +0000 http://bechtsoudis.com/?p=912 Keynote speaker at Athena Summer School 2011 entitled “Aiming at Higher Network Security Levels through extensive Penetration Testing“. An introductory address highlighting the modern security complexity while focusing on real proactive security policies through penetration tests. The presentation was followed by a live demo hacking Cisco devices in a virtual lab.

 

The presentation can be downloaded from here:

Presentation (.pdf 1.0MB)

A. Bechtsoudis

]]>
http://bechtsoudis.com/2011/11/26/network-penetration-testing/feed/ 0
Introduction to Side Channel Attacks http://bechtsoudis.com/2011/03/31/introduction-to-side-channel-attacks/#utm_source=rss&utm_medium=rss&utm_campaign=introduction-to-side-channel-attacks http://bechtsoudis.com/2011/03/31/introduction-to-side-channel-attacks/#comments Thu, 31 Mar 2011 13:12:38 +0000 http://bechtsoudis.com/?p=160 At 30 March 2011, i made an introductory presentation of Side Channel Attacks to the PLUG community. Most PLUG’s members are software designers and they are not familiar with the science of cryptography. Through my presentation i tried to inform them about the side channel leakage that we have when cryptographic primitives are implemented in physical devices (smart card, dedicated hardware etc). After a short introduction to cryptography & cryptanalysis, i presented the Side Channel Attacks classes and some basic attack scenarios. The most important part that i tried to highlight, is that in order to protect from these kind of attacks, software, hardware & protocol designers must work together in order to achieve the best possible results. That’s way it is important for a software designer to have a basic knowledge for this kind of cryptanalytic attacks.

 

The presentation includes:

  1. Introduction to IT state-of-the art and cryptography
  2. Cryptanalysis goals and approaches
  3. Side Channel Attack Scenarios
  4. Software & Hardware countermeasures
  5. End up with some conclusions and highlights

 

The presentation can be downloaded from here:

Presentation (.pdf 643KB)

 

 

A. Bechtsoudis

]]>
http://bechtsoudis.com/2011/03/31/introduction-to-side-channel-attacks/feed/ 0
Cache Based Side Channel Attacks http://bechtsoudis.com/2011/03/26/cache-based-side-channel-attacks/#utm_source=rss&utm_medium=rss&utm_campaign=cache-based-side-channel-attacks http://bechtsoudis.com/2011/03/26/cache-based-side-channel-attacks/#comments Sat, 26 Mar 2011 14:03:27 +0000 http://bechtsoudis.com/?p=76 During the 2nd semester of 2010, i was attending the course “Advanced Computer Architecture“, under the teaching of Dr. G. Keramidas. For the course requirements, i decided to make a short presentation about Side Channel Attacks in Cache implementations. After the appropriate introduction and theory, i presented two different cache based side channel attacks and how to prevent from them. The prevention techniques proposed by Z. Wang & R. B. Lee in their publication “New Cache Designs for Thwarting Software Cache-based Side Channel Attacks“.

The presentation includes:

  • Introduction to Cryptography & Modern Cryptanalysis through Side-Channel Attacks
  • Define the Thread & Attacks Model
  • Proposed prevention models
  • Evaluation of the propositions
  • Conclusions

 

The presentation can be downloaded from here:

Presentation (.ppt 2,43 MB)

 

A. Bechtsoudis

]]>
http://bechtsoudis.com/2011/03/26/cache-based-side-channel-attacks/feed/ 0
Hardware Side of Cryptography http://bechtsoudis.com/2011/03/26/hardware-side-of-cryptography/#utm_source=rss&utm_medium=rss&utm_campaign=hardware-side-of-cryptography http://bechtsoudis.com/2011/03/26/hardware-side-of-cryptography/#comments Sat, 26 Mar 2011 01:46:15 +0000 http://bechtsoudis.com/?p=17 In December 2010, on behalf of the undergraduate course of VLSI design (below the teaching of Professor G. Alexiou), i make a presentation about cryptography & hardware. It is a short and basic presentation of the aspects of cryptography that a modern hardware designer should consider when developing a cryptographic module.

 

The presentation includes:

  • Introduction: Shifting to embedded devices – need for security
  • State of the art in cryptography field
  • Software vs. Hardware Solutions
  • Reconfigurable Hardware Solutions
  • Conclusions

 

The presentation can be downloaded from here:

Presentation (.ppt 1,54 MB)

 

A. Bechtsoudis

]]>
http://bechtsoudis.com/2011/03/26/hardware-side-of-cryptography/feed/ 0