Publications

Whitepaper

Hello MS08-067, My Old Friend

This paper aims to guide it's reader towards building a working exploit for MS08-067, specifically targeting 64-bit systems. This was largely motivated due to the lack of known publicly available exploits  against 64-bit machines not patched...

+ read more

Slides

One Template To Rule 'Em All

Kostas Lintovois presented "One Template To Rule 'Em All" at T2 2016.

+ read more

Slides

A Penetration Tester’s Guide to the Azure Cloud

The wide adoption and the benefits of cloud computing has led many users and enterprises to move their applications and infrastructure towards the Cloud.

+ read more

Slides

Needle: Finding Issues within iOS Applications

Marco Lancini presented "Needle: Finding Issues within iOS Applications" at OWASP AppSec USA 2016, on Friday the 14th of October 2016.

+ read more

Slides

Static Analysis for Code and Infrastructure

Nick Jones presented "Static Analysis for Code and Infrastructure" at DevSecCon 2016. His talk covered the theory behind a number of the techniques commonly used to analyze applications.

+ read more

Slides

Windows Kernel Fuzzing

Nils presented Windows Kernel Fuzzing at T2.fi 2015.

+ read more

Slides

Fuzzing the Windows kernel

Yong Chuan Koh presented 'Windows kernel fuzzing' HITB GSEC, Singapore on Friday the 26th of August 2016. The session presented a python based fuzzing framework for the Windows kernel that can easily be scaled up and extended.

+ read more

Slides

Platform Agnostic Kernel Fuzzing

James Loureiro and Georgi Geshev presented 'Platform Agnostic Kernel Fuzzing' at Def Con 24.

+ read more

Publication

Bug hunting with static code analysis

Nick Jones presented "Bug hunting with static code analysis" at BSides London 2016. 

+ read more

Publication

Windows Kernel Exploitation 101: Exploiting CVE-2014-4113

The walkthrough aims to guide the reader through creating code to trigger and exploit CVE-2014-4113. It does this by starting from an Anti-Virus vendor report highlighting when the vulnerability was originally discovered being exploited in the wild.

+ read more

Whitepaper

LoRa Security: Building a secure LoRa solution

Robert Miller presented "LoRa the Explorer - Attacking and Defending LoRa Systems" at Syscan360.This whitepaper provides implementers and developers with an overview of the security features of LoRaWAN, a developer's responsibilities in make a solution secure...

+ read more

Slides

QNX: 99 Problems but a Microkernel ain't one!

Alex Plaskett and Georgi Geshev presented "99 Problems but a Microkernel ain't one!" at BSides NYC and TROOPERS16.

+ read more