More SWARM video fun

[Dave Aitel <dave () immunityinc com>]

When building a large-scale exploitation engine, there's a few major
optimization dials to twiddle. For example, one is "how much state to
store, and where to store it". If you push that dial all the way to "as
little as possible" then you end up with Shodan, which is extremely cost
efficient at large scale scanning for open ports, but finds doing telnet
so expensive they charge extra for it.

But SWARM is not a scanner in that way.  SWARM is optimized for
exploitation and turning the cycle from "having an exploit->doing
something with that exploit" into as fast a cycle as possible. Faster,
ideally, than any coordinated ability to either block such activity (in
the case of offensive use) or take advantage of a vulnerability (in the
case of defensive use).

http://www.immunityinc.com/downloads/swarm-exploitation.mov

-dave



-- 
INFILTRATE - the world's best offensive information security conference.
April 2013 in Miami Beach
www.infiltratecon.com

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave