Loading ...
Sorry, an error occurred while loading the content.

Hands on Podcasting

Expand Messages
  • Dan Kuykendall
    ... Hash: SHA1 No, this is not some XXX topic! I m trying something a little different on my podcast in that I m trying to create a podcast that can just be
    Message 1 of 4 , Apr 29, 2006
    • 0 Attachment
      -----BEGIN PGP SIGNED MESSAGE-----
      Hash: SHA1

      No, this is not some XXX topic!

      I'm trying something a little different on my podcast in that I'm trying
      to create a podcast that can just be listened to and still be useful,
      but then has hands on exercises that go along with it to add to the
      experience and understanding.
      The topic is hacking websites/webapps. On the surface this is for the
      geeks, but I'm also trying to provide text that you can cut and paste
      into the "Hackme" site so that anyone can see the results and get a real
      world sense of what hackers can actually do.
      I'm pretty sure this is fairly cool stuff that most people will never
      see unless they go to some professionally hosted class by SANS or some
      other security organization.

      For the podcasting, I'm curious if anyone else is doing this kind of
      thing, and in general what things I should do to make this useful to
      both the listener as well as the listener+hands on audiences.

      The first of the "Hands On" series is about SQL Injection, and being
      able to basically log into a website without knowing the password and
      even retrieving other users passwords and information. As you will see
      there are detailed show notes and it goes step by step along the hacking
      process.

      http://www.mightyseek.com/podcasts/hands-on-series-sql-injection

      - --
      Dan Kuykendall (aka Seek3r)
      http://www.mightyseek.com

      In God we trust, all others we virus scan.
      Programmer - an organism that turns coffee into software.
      -----BEGIN PGP SIGNATURE-----
      Version: GnuPG v1.4.3 (MingW32)
      Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

      iD8DBQFEU6zRK8FkGutbdPMRArMkAJ967/Hhz50Aq/+ZuudLiH/9TyT+VgCgkzAQ
      fejl6OB1aM4vznM7OukNOBc=
      =7+uo
      -----END PGP SIGNATURE-----
    • Dan Kuykendall
      ... Hash: SHA1 btw, to put this into perspective. A course that covers this kind of thing can run in the $2000 to $3000 range. Even tho I m doing this all for
      Message 2 of 4 , Apr 29, 2006
      • 0 Attachment
        -----BEGIN PGP SIGNED MESSAGE-----
        Hash: SHA1

        btw, to put this into perspective.

        A course that covers this kind of thing can run in the $2000 to $3000
        range. Even tho I'm doing this all for free, I want to make sure its top
        notch and "works" as a podcast as well as how it works with hands on parts.

        Heres some organizations that do these classes

        http://www.blackhat.com/html/bh-usa-04/train-bh-usa-04-ss.html

        http://www.securityuniversity.net/classes_CEH.php

        http://www.eccouncil.org/EC-Council%20Education/ceh-course-outline.htm

        http://www.netcominfo.com/bootcamps/8031/Certified_Ethical_Hacker_Boot_Camp_training.html?advid=65

        http://www.sans.edu/programs/description/243.php

        http://www.globalknowledge.com/training/course.asp?pageid=9&courseid=979&catid=191&methodid=c&country=United+States&translation=English

        Dan Kuykendall wrote:
        > No, this is not some XXX topic!
        >
        > I'm trying something a little different on my podcast in that I'm trying
        > to create a podcast that can just be listened to and still be useful,
        > but then has hands on exercises that go along with it to add to the
        > experience and understanding.
        > The topic is hacking websites/webapps. On the surface this is for the
        > geeks, but I'm also trying to provide text that you can cut and paste
        > into the "Hackme" site so that anyone can see the results and get a real
        > world sense of what hackers can actually do.
        > I'm pretty sure this is fairly cool stuff that most people will never
        > see unless they go to some professionally hosted class by SANS or some
        > other security organization.
        >
        > For the podcasting, I'm curious if anyone else is doing this kind of
        > thing, and in general what things I should do to make this useful to
        > both the listener as well as the listener+hands on audiences.
        >
        > The first of the "Hands On" series is about SQL Injection, and being
        > able to basically log into a website without knowing the password and
        > even retrieving other users passwords and information. As you will see
        > there are detailed show notes and it goes step by step along the hacking
        > process.
        >
        > http://www.mightyseek.com/podcasts/hands-on-series-sql-injection
        >

        Yahoo! Groups Links








        - --
        Dan Kuykendall (aka Seek3r)
        http://www.mightyseek.com

        In God we trust, all others we virus scan.
        Programmer - an organism that turns coffee into software.
        -----BEGIN PGP SIGNATURE-----
        Version: GnuPG v1.4.3 (MingW32)
        Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

        iD8DBQFEU7F1K8FkGutbdPMRAuOOAKCCGs7l3ENkKB35/LG+2Q7N/SknkACfXPy+
        e0HiR66YjJQNdlNk9Fj85kI=
        =DKMf
        -----END PGP SIGNATURE-----
      • Dan Kuykendall
        Figured I would go ahead and pimp my podcast again since this Hands on Series is still a new concept and Im really interesting in seeing how well I can do
        Message 3 of 4 , Jul 29, 2006
        • 0 Attachment
          Figured I would go ahead and pimp my podcast again since this "Hands on
          Series" is still a new concept and Im really interesting in seeing how
          well I can do it.

          The idea is that I do a podcast recording, but I do it so that you fully
          benefit by being at the computer and following along with the show notes
          and hackme site.
          I provide nice cut and paste strings to use while your following along
          and get to see the results of hacking a website for yourself.

          http://www.mightyseek.com/category/podcasts/hands-on-series/

          Anyone else doing something similar?
          Any thoughts on how I can improve my end result?

          --
          Dan Kuykendall (aka Seek3r)
          http://www.mightyseek.com

          In God we trust, all others we virus scan.
          Programmer - an organism that turns coffee into software.


          [Non-text portions of this message have been removed]
        • Martin McKeay
          If you re at all curious about computer security and some of the tricks the bad guys are using to attack your sites, Dan s stuff is great! Dan walks you
          Message 4 of 4 , Jul 29, 2006
          • 0 Attachment
            If you're at all curious about computer security and some of the
            tricks the bad guys are using to attack your sites, Dan's stuff is
            great! Dan walks you through trying real Cross-Site Scripting (XSS)
            attacks on his own servers.

            This is the real thing, with the code laid out for you to see and he
            explains how the attacks work. I have yet to see any other podcast do
            something even similar to what he's done.

            Martin
            (Yes, Dan's a friend of mine, but that doesn't negate anything I've said above)

            --
            Martin McKeay, CISSP, CCNA
            The Network Security Podcast
            http://www.mckeay.net/
            http://podcastroundtable.com/
            http://www.securityroundtable.com/
            http://www.computerworld.com/blogs/mckeay
            YIM: mmckeay@...
            916-231-9479

            On 7/29/06, Dan Kuykendall <dan@...> wrote:
            > Figured I would go ahead and pimp my podcast again since this "Hands on
            > Series" is still a new concept and Im really interesting in seeing how
            > well I can do it.
            >
            > The idea is that I do a podcast recording, but I do it so that you fully
            > benefit by being at the computer and following along with the show notes
            > and hackme site.
            > I provide nice cut and paste strings to use while your following along
            > and get to see the results of hacking a website for yourself.
            >
            > http://www.mightyseek.com/category/podcasts/hands-on-series/
            >
            > Anyone else doing something similar?
            > Any thoughts on how I can improve my end result?
            >
            > --
            > Dan Kuykendall (aka Seek3r)
            > http://www.mightyseek.com
            >
            > In God we trust, all others we virus scan.
            > Programmer - an organism that turns coffee into software.
            >
            >
            > [Non-text portions of this message have been removed]
            >
            >
            >
            >
            > Yahoo! Groups Links
            >
            >
            >
            >
            >
            >
            >
            >
          Your message has been successfully submitted and would be delivered to recipients shortly.