Nosey Parker RegEx: A Positive Community Response
On December 7, 2022, Praetorian Labs released a regular expression-based (RegEx) version of our Nosey Parker secrets scanning tool (see press release). This version improves on two primary pain points the community has historically encountered with other secrets scanning tools. First, Nosey Parker RegEx offers the fastest secrets scanning capability on the market–100 gigabytes of […]
Lessons from ATT&CKcon 2.0 and SANS Purple Team Summit
In this post, I’ll be going over how I draw value from conferences and the lessons learned, as well as planned projects Praetorian has going into the end of 2019 and start of 2020.
Engineering Efficiency and Continuous Improvement in Security Services
Highlight is a simple utility that creates an image from a text stream, automatically draw boxes around user defined content and automatically blurs sensitive content.
Sometimes we have a text stream, such as the output of a configuration file, and we want to include that as an image into a document. At the same time, we might want to highlight a particular string of text that’s found and we might want to hide other details that might contain things such as passwords. We could use a screen capture utility and then proceed with marking up the image. This leads to inconsistent boxes around text and certainly does not lend itself to automation.
With this utility, the entire process can be automated.
Engineer Spotlight: Cory Duplantis and the 2015 SANS Holiday Hack Write-up
As an engineer, solving puzzles is part of everyday life. Any new challenge, whether it be learning a new exploitation technique or seeing a new embedded architecture for the first time, is simply another puzzle that I can learn how to solve in time. It is that mindset of always being curious and wanting to explore and apply new concepts that is utilized everyday at Praetorian. This mindset is also my default when approaching capture the flag (CTF) puzzles such as the CounterHack HolidayHack from this past year. As an internal penetration tester at Praetorian, I don’t usually dabble in the web spaces frequently, so the web challenges from the HolidayHack were a great opportunity to brush off the old web knowledge and maybe add a new web technique to the ever growing bag o’ tricks.
Introducing the New ROTA Tech Challenge
Hello everyone! I first want to introduce myself, my name is Anthony Marquez and I am the newest member of Praetorian’s technical team. I’m excited to join a group of such bright individuals and work with a company that values the promotion of thought leadership and realizes the importance of allowing their employees to take on interesting side projects. I hope to be contributing to several blog posts in the future. For my first post I wanted to talk about one of the first side projects that I recently completed here at Praetorian —ROTA.
Twitter’s Charlie Miller is Coming to Austin ISSA to Discuss iOS Security
Praetorian is excited to be a platinum sponsor for the upcoming ISSA Chapter Meeting on Wednesday, November 7 from 11:00am to 3:00pm at St. Edwards Professional Education Center. The event will feature the famous/infamous security researcher Charlie Miller.
Praetorian sponsors 2012 Boston Application Security Conference (BASC)
Praetorian is excited to sponsor and attend the upcoming 2012 Boston Application Security Conference (BASC). The Boston Application Security Conference (BASC) will be held Saturday, Oct. 13, from 10 a.m. – 6:30 p.m. at Microsoft’s New England Research & Development Center at One Memorial Drive, Cambridge. Admission to the BASC is free but registration is required for breakfast, lunch, and the evening social time.
Black Hat USA 2012 (Jabra Edition)
Hey everyone! This week the whole security industry will be in Las Vegas for BlackHat 2012, BSidesLV and Defcon. As I have done for the past few years, I will be teaching Pentesting with Perl at BlackHat. Pentesting with Perl is a course for anyone that has previously coded in nearly any language but wants to learn how to automate some of the common tasks that need to be performed during a pentest. The major change for this year is the course length, which was moved to two days based on feedback from students. The new schedule will make the class much more enjoyable since there will be more time for things like peer-programming, in-depth discussions of materials as well as code walks (by me and the students). People learn best by doing and that is exactly what this class is all about! Again, I’m really looking forward to seeing everyone in Las Vegas this week. I’m always available on Twitter (@Jabra). Feel free to ping me if you would like to meetup. Lastly, if you’re interest in our Puzzles, our next challenge is already underway. Come and find me if you want to try it out firsthand. See you in Vegas! – Jabra