OWASP-SF Meeting

The SF chapter of OWASP had a meeting today and it rocked. Alex Stamos from iSEC Partners (whom also hosted the meeting) presented ‘Breaking AJAX Web Applications: Vulns 2.0 in Web 2.0’ and Jeremiah Grossman from WhiteHat Security presented ‘Hacking Intranet Websites from the Outside’. I believe both of these talks were presented at DEFCON earlier this year, but since I was in Hawaii at the time, it was good to see these talks.

After seeing how many security professionals showed up to the meeting, it made me want to create a sf / bay area security group. There have been lots of local security groups popping up recently, like NYSEC, NoVASec and BeanSec. Anyone else interested in this?

PARK(ing) Day

The Rebar group, who are known for turning a parking space into a temporary park were at it again with their PARK(ing) Day. They setup several of these temporary parks around San Francisco today, and I met up with them at their 3rd setup at Mission, between 1st and 2nd. There were lots of curious bystanders around… I wonder how many were there exactly for the event.



I just came back from a week in Dallas. It wasn’t too hot or humid out there, which was nice because the previous week was in the 100s. I stayed at the Hilton Anatole, which is a nice hotel for conventions, but not so nice for business travelers. During my stay, there was a Dallas Cowboys Cheerleaders slumber party, some big foreclosure conference, a Fire-Rescue International conference, and a modeling event.

For restraunts, two places stick out. Panchos Mexican Buffet, and The Alligator Cafe. This was the first time I’ve been to a mexican buffet, and I think it will be my last. The Alligator Cafe was awesome, I had the shrimp and oyster gumbo, and the alligator and chicken jambalaya.

Transportation to the hotel from the airport was via the Super Shuttle. Because its per person, its cheaper to take a taxi if you are with someone else.

The Planet is a big server colocation company in Dallas. I have several servers with them, and I’ve always wanted to see their faciliities. Unfortunately, I was always busy during the day, and I never could setup a tour. Hopefully on my next trip out there I can arrange one.

Bin Toolkit: Environment

I use two different methods for environment. One is for commandline, the other for gui.

For the commandline environment, I have four scripts that do the work.

  • shell.bat – this is the main script you run, which calls env.bat
  • env.bat – this is where you define dir paths you want to include, and it calls setfile.bat with your current path
  • setfile.bat – this script takes the path from env.bat and calls setbin with it, to set the BINDIR
  • setbin – this file contains the ‘set BINDIR’ line

For those that want a gui, I use PStart.

On how I categorize the applications, I have four directories. Internet, Multimedia, Security, and Utils.