I attended troopers 09 in munich and it was a wonderful event. There were some very interesting talks. With regards to web application security, Sandro Gauci & Wendel Guglielmetti Henrique gave a talk on Web Application Firewalls. They also demoed a tool which could passively fingerprint around 10 different WAF. The detection is based on features such as “set-cookie” and “server” HTTP response header etc.
The evasion techniques they mentioned were mostly vendor specific.
Michael Kemp ranted about DLP(Data Loss Prevention) software. His main argument was a DLP software was not any different from a root-kit. He also mentioned that antirootkit vendors do not detect DLP softwares even from another vendor and by changing the endpoints of a DLP software an admin could use the DLP softwares as a perfect rootkit.
I enjoyed the password cracking with GPU’s talk. The talk showed different stats to prove GPU is far more effective and “greener” than CPU. I was expecting some cool demos with play stations cracking passwords, but there were no demos
There were some more interesting talks and the videos will be uploaded soon. Thanks To ERNW for hosting such an enjoyable event.