Archive

Slides

One Template To Rule 'Em All

By Kostas Lintovois on 11 November 2016

Kostas Lintovois presented "One Template To Rule 'Em All" at T2 2016.

Read more

Blog

AVRop VM: A ROP based M/o/Vfuscator VM on a Harvard device

By Mark Barnes on 3 November 2016

Recently in PoC||GTFO 0x12 Chris Domas demonstrated a minimal Turing complete virtual machine that only implements a mov instruction where the operands for the mov instruction are taken from a data list of memory address and offsets.

Read more

Slides

A Penetration Tester’s Guide to the Azure Cloud

By Apostolis Mastoris on 3 November 2016

The wide adoption and the benefits of cloud computing has led many users and enterprises to move their applications and infrastructure towards the Cloud.

Read more

Slides

Needle: Finding Issues within iOS Applications

By on 3 November 2016

Marco Lancini presented "Needle: Finding Issues within iOS Applications" at OWASP AppSec USA 2016, on Friday the 14th of October 2016.

Read more

Slides

Static Analysis for Code and Infrastructure

By Nick Jones on 25 October 2016

Nick Jones presented "Static Analysis for Code and Infrastructure" at DevSecCon 2016. His talk covered the theory behind a number of the techniques commonly used to analyze applications.

Read more

Blog

A Hybrid Approach to ICS Intrusion Detection

By William Jardine on 21 October 2016

This post is going to introduce SENAMI, a new, hybrid approach to Intrusion Detection for Industrial Control Systems. The post aims to provide a condensed overview of the full paper – SENAMI: Selective Non-Invasive Active Monitoring...

Read more

Blog

Securing the loading of dynamic code

By on 18 October 2016

Reflection in computer science is when a programming language has the ability to inspect and modify itself at runtime. Arguably, it has been around in a crude form since the beginning of programming itself where programmers...

Read more

Slides

Windows Kernel Fuzzing

By Nils on 12 October 2016

Nils presented Windows Kernel Fuzzing at T2.fi 2015.

Read more

Slides

Fuzzing the Windows kernel

By on 12 October 2016

Yong Chuan Koh presented 'Windows kernel fuzzing' HITB GSEC, Singapore on Friday the 26th of August 2016. The session presented a python based fuzzing framework for the Windows kernel that can easily be scaled up and extended.

Read more

Blog

Accessing Internal Fileshares through Exchange ActiveSync

By Adam Rutherford and David Chismon on 7 October 2016

Exchange ActiveSync (EAS) is a protocol for synchronising emails, policies and other items between a messaging server and mobile devices.

Read more

Blog

Popping my DoS Cherry at DerbyCon

By Dave Hartley on 30 September 2016

DerbyCon (https://www.derbycon.com) is a conference that is hosted in Louisville, Kentucky in the US and this year ran from 21st to the 25th of September.

Read more

Blog

H-field electromagnetic sniffing

By on 16 September 2016

IntroductionAll cryptographic operations are processes where data elements must be represented by physical quantities in physical structures such as gates and transmission lines. These physical quantities and structures must necessarily have a time and spatial extent.

Read more