People opposed to releasing offensive security research, I have a serious question. What end state do you want to achieve? What is success? - no one does offensive security research? - no one publishes offsec? - offsec posted publicly is illegal? - offsec cannot be free? - other?
-
-
I am the same. But part of it for me was that I got to publish new offensive security tools and research. Without that I’d be... I don’t know, but I wouldn’t be the grugq.
-
Just spitballing but you almost want a CFI like solution at the API and process tree level. Problem is, therein lies the death of general purpose computing.
- 3 more replies
New conversation -
-
-
I'm also not in the "Stop the tools" camp and I think it's worth pointing out that a large number of defensive tools either began as, or are at least purposed regularly as, offensive tools.
-
<snark>I've already started a lobby to stop defence intelligence sharing of IOCs, more than happy to add the stopping the trade in Defensive Security Tools (DST) to my orgs mission.</snark>
- 1 more reply
New conversation -
-
-
I'm here today because I saw something
@lcamtuf wrote on Bugtraq and it opened my mind, if it wasn't for Bugtraq and FullDisclosure I wouldn't be doing what I'm doing nowThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
100% agree. I'm not in the stop the tools camp though :).
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I went off down rabbit hole, but I can attribute my work today to learning from the output of folks like LSD, TESO and ADM - that and mopping up ILOVEYOU were formative experiences that sent me off down path and resulted in a first proper security job in a bank's UNIX secops team
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
This is so real.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
This Tweet is unavailable.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.