0 Responses to “Projects”

Feed for this Entry Trackback Address

  1. No Comments Yet

Leave a Reply

Quotes

"Don't worry about what anybody else is going to do. The best way to predict the future is to invent it. Really smart people with reasonable funding can do just about anything that doesn't violate too many of Newton's Laws!" -- Alan Kay in 1971

My Twitter

My Delicious

RSS My Shared RSS

  • A Remote Cmd Server for Android
    I had the opportunity to get a new phone a few weeks ago, and like everything I get, I sat down with some docs, how-tos, and examples.  The end result is a basic command server that listens  a selected port and  IP address assigned to the device, either the wireless address or the ppp0. There is also a basic GUI that allows the user to input and execute unpr […]
    apridgen
  • Cross-domain search timing
    I've been meaning to fiddle around with timing attacks for a while. I've had various discussions in the past about the significance of login determination attacks (including ones I found myself) and my usual response would be "it's all moot -- the attacker could just use a timing attack". Finally, here's some ammo to support tha […]
    Chris
  • GSoC/Ncrack Presentation
    GSoC/Ncrack Presentation I recently gave a talk at a local linux user group about my involvement with Google Summer of Code 2009 and some of the technical aspects of the project I undertook: Ncrack. The GSoC/Ncrack Presentation slides are a brief overview of the subjects that were discussed during the lecture. I am also glad to say that after some (unrelated […]
    (author unknown)
  • From Static Analysis to 0day Exploit
    Back in September, I finished a presentation I planned on submitting for SecurityTubeCon titled "From Static Analysis to 0day Exploit". But SecurityTubeCon never happened.So, there I was with a full 20 minute presentation and no conference to show it. But after some twittering and skypeing, Marcus from DojoSec decided to pick it up, and it worked o […]
    Jeremy
  • John Nash, A Beautiful Mind, interviewed
    There's a video interview with Nobel prize winning mathematician John Nash, the subject of the Oscar-winning film A Beautiful Mind, over at 3QuarksDaily where he talks about his life, work and mental illness. The film is a quite heavily fictionalised account of Nash's life and he clearly has some disagreements with Sylvia Nasar's award winning […]
    vaughan
  • Ping pong obfuscation
    This is a fun post about a feature I found in IE that allows you to do some crazy obfuscation. I’ll start off with some simple examples:- So here we’re not obfuscating but I’m showing how IE accepts the language attribute and a labelled vbs statement to change the event to allow vbscript instead of javascript. Ok so lets play a little ping pong:- execScript( […]
    Gareth Heyes
  • Vulnérabilités dans les lecteurs PDF : le cas de SumatraPDF
    On pourrait penser, suite à de nombreuses failles affectant Acrobat Reader (voir par exemple l'avis CERTA-2009-AVI-445), qu'il est plus prudent d'utiliser un lecteur alternatif. Sous Windows, les principales alternatives sont Foxit et SumatraPDF, un lecteur de PDF léger et open-source. En pratique, la situation n'est pas aussi tranchée : […]
    Christophe Devine
  • Ekoparty 2009 was a total blast!!
    When i decide to write this review I know it was going to be hard to be impartial on this, but the heck with it!Ekoparty 2009 was a total blast!! Around 500 people got together on the 17 and 18th of September in the cultural center Konex to merry, learn and party a little bit.The conference has a really interesting line-up, some of the most respected researc […]
    Nico Waisman
  • XSS flaws are boring!
    Cross-Site Scripting flaws are quite unexciting from the technical point of view. Don't you think?Most of the time, it is not challenging to look for XSS vulnerabilities since lot of applications do not provide input validation at all against this specific attack. In addition, the application entry points are so copious that it is like to shoot in a cro […]
    Luca Carettoni
  • FBConTroller v2.0 - (Facebook Control Utility) version 2.0
    FBController - The Ultimate Utility to Control Facebook accounts without the Password is now version 2.0Let me clear this again like last time that this utility WON'T hack/crack Facebook accounts.The utility will need biscuits/cookies instead of the password.FBConTroller version 1.0 started with a simple requirement about which I scribbled something her […]
    address-withheld@my.opera.com.invalid (Azim Poonawala)

Blog Stats

  • 12,701 hits