>>> Know what you are doing <<< Works ------------------------------------ | Ettercap Credentials Repository [ Download ] - [ README ] | DefensePro logs visualization tool | v1.0.1 - CLI [ Download ] | v2.0.0 - GUI [ Download ] | => requires ATT Graphic Visualization Library from http://www.graphviz.org/. | DNS Flooder [ Download ] - [ README ] | DCE-RPC Evasion proof-of-concept [ Download ] | HTTP I(D|P)S detection & evasion tools [ Download ] - [ README ] | Packet injection tool [ Download ] - [ README ] | URL mutation [ Download ] - [ README ] | IPS detection [ Download ] - [ README ] | Multi-purpose port knocker [ Download ] - [ README ] | Fake SNMP server module for honeyd [ Download ] - [ README ] | Network, service (HTTP,FTP,SMTP,NNTP,POP3) and HTML pages integrity checking software [ Download ] - [ README ] Papers ----------------------------------- | Web Services Security [ View ] | Mitigating Scanners and Crackers [ View ] | Contourner les I(D|P)S sans rien y connaître [ View ] | How to test an IPS [ View ] | Denial of Service Attacks [ View ] | Covert Channels [ View ] | Concepts and implementation of a security operation center [ View ] Major Technical Conferences ------------------------ | OWASP France 2009 - Attacks on Web Services [ View ] [ POC ] | BlackHat US 2006 - IPS Shortcomings [ View ] | SSTIC 2006 - Contounement des I(D|P)S pout les nuls [ View ] | IT Underground Prague 2006 - Some More DCE-RPC Tips and Tricks [ View ] | CanSecWest 2006 - How to test an IPS [ View ] | RSA 2006 - Encryption Issues [ View ] | Assises de la sécurité 2005 - IPS Mythes et Réalité [ View ] | BlackHat US 2005 - A dirty blackmail story [ View ] Non Technical Talks ------------------------ | OSSIR Bretagne 2008 - Représentation graphique d'événements de sécurité [ View ] | IT Security Summit 2008 - Fighting the Botnet Ecosystem [ View ] | InfoSecurity 2007 - Turning an Intrusion Attempt into a Waterloo disaster [ View ] Publications ----------------------------- | | >> Published in MISC - French Security Magazine [ More ] | #50 - Modèles de sécurité des WAF - July 2010 | #50 - Dossier Jeux en Ligne - July 2010 | #43 - Dossier Web Services - May 2009 | #37 - Dossier Dénis de Services - May 2008 | #34 - Représentation graphique des attaques - November 2007 | HS1 - Outils de scan - November 2007 | #30 - Analyse des botnets - March 2007 | #29 - Les Network Processors - January 2007 | #26 - Comment tester les IPS - July 2006 | #24 - HTTP Smuggling and splitting - March 2006 | #22 - Reporting et procédures de réaction - November 2005 | #22 - Collecte d'informations - November 2005 | #21 - Détecter les équipements en ligne - September 2005 - [ http-ips-detect.pl ] | #19 - Les Dénis de Service réseau - May 2005 | #18 - Canaux cachés (ou furtifs) - March 2005 | #15 - Protocole RADIUS - September 2004 | #15 - Principes de l'authentification - September 2004 | #13 - Méthodes d'analyses de logs - May 2004 | #11 - Utilisation de SNMP (get|set) - January 2004 - [ SNMaP.sh ] [ SNMPoof.pl ] | #10 - Technologies de VPNs - November 2003 | #09 - Le rôle d'un CERT - September 2003 | #09 - Collecte de traces Post-intrusion - September 2003 | #07 - Méthodologies d'audit de sécurité - May 2003 | #07 - Fuite d'informations - May 2003 - [ imgsrc.pl ] | #04 - Les failles du protocole DHCP - November 2002 - [ maraveDHCP.pl ] | #03 - Concept et contournement des IDS – June 2002 | | >> Published in LinuxMag - [ More ] | #HS13 - Définition d’architectures sécurisées – January 2003 | #HS12 - Gestion de logs de firewalls hétérogènes – November 2002 | | >> Books | Maîtrise des risques informatiques - Editions WEKA - [ More ] Other ------------------------------------ | CTO of DenyAll [ Go ] | Reach me : renaud @ domain.name.of.this.web.site | Twitt (for site updates) : http://twitter.com/rbidou