Author Test

Readable Thrift makes binary Thrift protocol messages easy to work with by converting them to and from a human-friendly format. This makes manual analysis of and tampering with binary format Thrift messages just as easy as working with plaintext protocols like HTTP. The library is implemented in Java, enabling integration…

We’ve published a whitepaper about how we built WiMap, which is a Wi-Fi mapping drone.  The paper includes details of the methods used to create, from parts, a hexacopter capable of being controlled over 3/4G and equipped to perform wireless and infrastructure assessments. We’d love to hear your feedback via…

Andy Davis, NCC Group’s Research Director presented Fuzzing the Easy Way Using Zulu at the 2014 Nullcon conference in Goa, India. The presentation describes how Zulu has been successfully used to discover high profile bugs and details the motivations for developing the tool. Download our slides

This whitepaper details the vulnerability and examines some of the concepts needed for browser exploitation before describing how to construct a working exploit that exits gracefully. Download whitepaper Authored by Katy Winterborn

  Vendor: CyberArkVendor URL: https://www.cyberark.comVersions affected: CyberArk Endpoint Privilege Manager prior to version 10.7Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016Author: Jason CrowderAdvisory URL / CVE Identifier: CVE-2019-9627Risk:…

These slides are from Jason Geffner’s presentation “Exporting Non-Exportable RSA Keys” that he presented at Black Hat Europe in 2011. In this presentation Jason will cover security issues surrounding RSA keys and Digital Certificates. Download presentation To read the white paper that accompanies these slides click here.

Authored by: Riley Hassell Download Whitepaper

We’ve published a whitepaper about how we built WiMap, which is a Wi-Fi mapping drone. The paper includes details of the methods used to create, from parts, a hexacopter capable of being controlled over 3/4G and equipped to perform wireless and infrastructure assessments. We’d love to hear your feedback via…

The security of security software is often taken for granted, and people assume that as it has been developed by a company that knows security it is likely to be secure. However with regards to Security Gateway UIs this is an incorrect assumption, the developers who design code and test the UI…