Congrats, good job

Very nice giveaway!

Interesting starting points, I'm hoping to install similar habits where I work one day.

Question: do you get a lot of response on those 'Lunch and hack' sessions? I'm curious to see what amount of developers can actually be intrigued by these topics.

Merry Christmas and happy holidays to all of EHN. May 2011 be as educational and as fun as this year was :-)

Well deserved!

Thanks for the awesome amount of lines written to the both of you

Glad to see the explanation of whether or not you need to be an experienced web developer for pentesting and how far you have to go in it, I've been wondering about that for a while myself. It's pretty hard to be an expert developer AND an experienced all-around pentester at the same time. There is just too much to see.

And how come that every time I read a post from Sil, I feel like standing in front of Everest with nothing but my motivation driving me upwards :p
Nah just kidding, but thanks Sil for taking the time to explain so much.

That's it for praising EHN today, back to work now for me ^^

Agreed It's on my wish-list for sure.

Nice review, congrats on passing!

Again a very helpful review, kicking cert-ass there Kris.
Thanks!

Awesome review Kris, thanks a lot and congrats!

Yeah m8 I was However, since Anquilas is my general nickname, I wanted to get rid of it for more professional stuff like security ;-)

Maybe I should put a 'formerly known as Anquilas' line in my sig ^^

Allow me to comment on a few Belgium - specific things m8

There isn't one in Belgium afaik, not in the Dutch speaking part anywayz. I think there is one in the French speaking part that has the option of network security.

In theory true, but that's not how it's generally graded here. The result far outweighs what you have learned/researched, at least it was in my college.
But I guess that that's what I'm getting at in my previous post: find a subject (tool, paper, whatever), which satisfies your teachers but still forces you to learn tons.

I just wish there was a uni here that had stuff like 'Ethical Hacking' as a major, like they do in the UK. Quite jealous.

Hi Maxicore and welcome to EHN!

First of all: I am very happy to see a fellow Belgian on this forum

I had a similar situation like you two years ago. I pushed a bit here and there and finally got a thesis where I needed to make a couple of useful tools based on Nmap, Snort and the likes. I learned a lot from that.

In general I can say:
If it's a practical thesis -> do something with a well known open-source tool. Create a couple of Nmap scripts for a specific security problem, or a Metasploit module.
You can always take a look at the Google Summer of Code projects (Google it in case you never heared of it), and see if you can get some inspiration there. Hell, maybe you can combine that program with your thesis and actually get paid

If it's more a write-everything-down thesis, you can talk about hot topics in security. Dissect Stuxnet for example, or write about social engineering. Or mobile security (specific on one OS or not).

Just a couple of thoughts, nothing specific. And be warned: I'm not an expert at any of this at all, merely a beginner. But I think I'm saying: surf around a couple of blogs, and certainly this site, and inspiration should rain down from the heavens

If you have more specific demands on your thesis, feel free to say so. Feel fee to PM me with questions as well. The Belgian world of security is small, so it's fun to know everyone in the game here

Cheers!

Synq

Muchos congrats Equin3x!

Yep, definitely a few awesome talks between those.
Thanks for the link!