Didier Stevens

Tuesday 30 January 2007

XORSearch V1.1.0

Filed under: My Software — Didier Stevens @ 8:49

I’ve updated XORSearch:

  • It will list all occurences of the search string, not only the first occurence
  • Added a switch to make the search case insensitive
  • Prints only printable characters (unprintable characters are replaced by a dot)
  • Limits the output string to 50 characters by default (can be changed)

Monday 22 January 2007

Listening to security podcasts earns (ISC)² CPE credits

Filed under: Certification — Didier Stevens @ 10:55

Now that I’m a CISSP, I’m required to perform continuing education during a 3-year certification cycle to become recertified. The term “CPE” is an acronym for “Continuing Professional Education” points. I’ve to earn 120 CPE credits.

I read on this page that Pod Casts (notice the spelling) are mentioned as an activity that earn CPE credits. I checked with ISC² to see if listening to security podcasts like “The Security Catalist” is a valid CPE activity. And they confirmed that it is a valid CPE activity.

I gave them “The Security Catalist” as an example because “Santa“, the host, is a CISSP Lead Instructor and I exchanged some e-mails with him about this. He has also mentioned in his last podcast that listening to his podcast earns CPE credits.

I listen to a lot of podcasts, many of them are IT security related:

  • The Silver Bullet Security Podcast
  • CyberSpeak Podcast
  • PaulDotCom Security Weekly
  • SploitCast
  • A Day in the Life of an Information Security Investigator
  • Security Now!
  • Binary Revolution Radio
  • The Security Catalist

I started submitting CPE credits for every hour I listen to security podcasts: I have a spreadsheet were I keep a list of every episode I listened to, with the duration of the podcast (I selected three podcasts I listen to, I don’t want to do this administration for all the podcasts). And then every few months, I submit CPEs equal to the total number of hours per podcast. I don’t submit individual episodes, because some of them are less than 1 hour.

And I also keep the actual mp3 file, because in case of an ISC² audit, I have to provide proof that I listened to the podcasts. I decided to keep the mp3 file, because I read that for books you read and submit as CPE credits, one of the accepted proofs in case of an audit is keeping the book you read and show that you have it.

Monday 15 January 2007


Filed under: My Software — Didier Stevens @ 11:44

Last week I needed to create some test files of different lengths, and as usual, I made a simple command-line program to fulfill this need.


I’ve added FileGen to my Software page.


Monday 8 January 2007

USBVirusScan v1.3.0

Filed under: My Software — Didier Stevens @ 15:34

I noticed that USBVirusScan will also trigger when a network drive is mounted (Map Network Drive, or net use …).



This new version ignores mounting of network drives.

Blog at WordPress.com.