2024-04-23 |
Hacking Exchange from the Outside In |
Brandon Perry |
|
2022-11-01 |
Symbolic Triage: Making the Best of a Good Situation |
Jordan Whitehead |
|
2022-08-23 |
Part 1: Ransomware – To Pay or Not to Pay |
Bill Carver |
|
2022-07-12 |
Researching Crestron WinCE Devices |
Brandon Perry |
|
2022-03-29 |
Veni, MIDI, Vici — Conquering CVE-2022-22657 and CVE-2022-22664 |
Brandon Perry |
|
2022-01-06 |
Unauthenticated Remote Code Execution Chain in SysAid ITIL -- CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974 |
Brandon Perry |
|
2021-10-29 |
Exploring Unified Diagnostic Services with uds-zoo |
Atredis Partners |
|
2021-08-19 |
Sophos UTM Preauth RCE: A Deep Dive into CVE-2020-25223 |
Justin Kennedy |
|
2021-05-21 |
Le Zeek, C’est Chic: Using an NSM for Offense |
Atredis Partners |
|
2021-05-06 |
CVE-2021-32030: ASUS GT-AC2900 Authentication Bypass |
Atredis Partners |
|
2021-04-27 |
NANDcromancy: Live Swapping NAND Flash |
Atredis Partners |
|
2021-04-16 |
QEMU and U: Whole-system tracing with QEMU customization |
Jordan Whitehead |
|
2020-12-07 |
Authenticated RCE in Pydio (Forever-Day) -- CVE-2020-28913 |
Brandon Perry |
|
2020-11-18 |
A Watch, a Virtual Machine, and Broken Abstractions |
Dionysus Blazakis |
|
2020-01-27 |
Flamingo Captures Credentials |
Atredis Partners |
|
2019-08-28 |
Use the Source, Luke |
Shawn Moyer |
|
2019-05-08 |
CVE-2019-4061: Harvesting Data from BigFix Relay Servers |
Atredis Partners |
|
2019-05-08 |
CVE-2019-5513: Information Leaks in VMWare Horizon |
Atredis Partners |
|
2019-05-08 |
CVE-2018-7117: A Somewhat Accidental XSS in HPE iLO |
Atredis Partners |
|
2019-05-08 |
Fun with SolarWinds Orion Cryptography |
Atredis Partners |
|
2019-05-08 |
Revolving Door Pentesting |
Shawn Moyer |
|
2019-05-08 |
CVE-2018-0952: Privilege Escalation Vulnerability in Windows Standard Collector Service |
Ryan Hanson |
|
2019-05-08 |
GE Healthcare MAC 5500 Vulnerabilities |
Atredis Partners |
|
2019-05-08 |
Escalating Privileges with CylancePROTECT |
Ryan Hanson |
|