Security Vulnerabilities

/Security Vulnerabilities

Week 40 In Review – 2015

Events Related

Derbycon 2015 Videos –

Black Hat USA 2015 –

Louisville Infosec 2015 Videos –

Thoughts on my very first DerbyCon (which won’t be my last) –
One you hang around in infosec for a little while, you learn that each of the major cons have their own reputation, their own mini-scene. This one’s got […]

Week 39 In Review – 2015

Events Related

The CIA Campaign to Steal Apple’s Secrets –
The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics.


Reversing Mobile Traffic Lights –
I wanted to have a look at the signal. I once heard […]

Week 38 In Review – 2015

Events Related

Black Hat USA 2015 Course Review – Adaptive Red Team Tactics from Veris Group –
Black Hat has something for everyone (across the defensive and offensive spectrum) and after considerable delibaration I decided to register for Adaptive Red Team Tactics from Veris Group. This is an interesting team in that a lot of the core members […]

Week 37 In Review – 2015

Events Related

44CON –

BSides Augusta 2015 Videos –
Videos from the BSides Augusta conference.


Satellite Turla: APT Command and Control in the Sky –
When you are an APT group, you need to deal with many different problems. One of them, and perhaps the biggest, is the constant seizure and takedown of domains and servers used for command-and-control […]

Week 36 In Review – 2015

Events Related

Chaos Communication Camp 2015 –


microchips –


WPSploit –
This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool.

armory-pass –
Password manager for USB Armory

Sleepy Puppy –
Sleepy Puppy is a cross-site scripting (XSS) payload management framework which simplifies the ability to capture, manage, and track […]

Week 35 In Review – 2015


Black Hat 2015 Wrap Up – Part I –
This year, Black Hat (BH) 2015 came, as it usually does, with major security flaws and some “dojos” aside from the major android vulnerabilities we were exposed to and other types of security issues that are much less talked about, but still expose serious problems.


Funtenna – […]

Week 34 In Review – 2015

Events Related

This year marked the 23rd DefCon, the hacker conference that began as an informal gathering for hackers to meet in person and party in the desert.

Imploding Barrels and Other Highlights From Hackfest DefCon –
I spent the week with over 20,000 hackers in Las Vegas — here’s what I saw –
Here is how […]

Week 33 In Review – 2015

Events Related

Kaminsky Creates Clickjacking-Killer –
Renowned security expert Dan Kaminsky here this week unveiled his latest project: a solution to eradicate so-called clickjacking attacks that plague the Web.

9th USENIX Workshop on Offensive Technologies –

Black Hat USA 2015 Highlights –
The 18th annual Black Hat USA conference gathered thousands of professionals, researchers and enthusiasts to discuss […]

Week 32 In Review – 2015

Events Related

Black Hat USA 2015

From The Black Hat Keynote Stage: Jennifer Granick –
Recap of Black Hat 2015, Day 1 –

DEF CON 23 (2015)

DEFCON Talk Slides –
DEF CON 23 presentations/Speaker & Workshop Materials –


Certifi-gate: Hundreds of Millions of Android Devices Could Be Pwned –
Check Point today released details about Certifi-gate, a […]

Week 31 In Review – 2015

Events Related

Infiltrate 2015 –

BSides Cincinnati 2015 Videos –

BSides Las Vegas 2015 Videos –


Workshop2015 –
radare2 framework


Releasing jsfunfuzz and DOMFuzz –
Today I’m releasing two fuzzers: jsfunfuzz, which tests JavaScript engines, and DOMFuzz, which tests layout and DOM APIs.

The popular hacker Samy Kamkar has presented a new gadget that could be exploited to hacks GM […]