Exploitation 12

• What’s in a Name? Writing custom DNS tunnelling protocol, exploiting unexpected AWS Lambda misconfiguration – in a web app Pen test (Part 2) Jun 13, 2024
• What’s in a Name? Writing custom DNS tunnelling protocol, exploiting unexpected AWS Lambda misconfiguration – in a web app Pen test (Part 1) Jun 6, 2024
• Advisory CVE-2023-43042 – IBM Backup Products Superuser Information Disclosure Dec 21, 2023
• Advisory: IDOR in Microsoft Teams Allows for External Tenants to Introduce Malware Jun 21, 2023
• Butting Heads with a Threat Actor on an Engagement Apr 17, 2023
• Car Hacking – Manual Bypass of Modern Rolling Code Implementations Jul 22, 2021
• Pwning Windows Event Logging with YARA rules Sep 4, 2020
• Defending Your Malware Aug 11, 2020
• shad0w Jun 3, 2020
• A Defender’s Guide For Rootkit Detection: Episode 1 – Kernel Drivers Apr 20, 2020
• CVE 2015-7547 glibc getaddrinfo() DNS Vulnerability Mar 7, 2016
• Playing with MS14-060 and MS14-058 [CVE-2014-4113 CVE-2014-4114] : Attacks and Defenses Nov 10, 2014