Search results
  1. 5 Dec 2019

    Slides for and my talk on fuzzing at are now available:

  2. 27 Nov 2019

    My final presentation of HTTP Desync Attacks will be at Black Hat Europe next week. New content includes a novel desync technique, major automation improvements, a defensive case-study, and updated bounty figures

  3. 6 Dec 2019
  4. 6 Dec 2019

    That’s a wrap: The best hacks from Black Hat Europe 2019 //

    Show this thread
  5. Next up... I want to be James Kettle when I grow up. He's singlehandedly made appsec sexy again after years of hardly any decent research. This little trick will make the bug bounty scene go mad.

    Show this thread
  6. 4 Dec 2019

    It was an honor to present our research at . Thanks everyone for attending. It was a pleasure to see the interest of the community and we promise to keep the progress going. For everyone who missed the talk:

  7. 3 Dec 2019

    0.55 is finally out, just in time for ! Main changes: olevba += SLK file parser and XLM macro extraction, VBA stomping detection More info: How to install/update: pip install -U oletools

  8. 4 Dec 2019

    Representing at 2019. So glad to be attending this. It was a good Day1. Looking forward for tomorrow as well.

  9. 5 Dec 2019

    Security engineer Mohammed Aldoub () discusses Barq – a post-exploitation framework for performing attacks on running AWS infrastructure

  10. 5 Dec 2019

    Thanks to all of the 2019 Arsenal Presenters, Attendees and of course the Team for a great showing of open-source tools!

  11. 5 Dec 2019

    Final slides of my presentation yesterday at Black Hat Europe 2019, about malicious VBA macros and recent advances in the attack & defence sides: Featuring /olevba, ViperMonkey, MacroRaptor, EvilClippy

  12. The security industry needs more people with breadth of knowledge. – at ExCeL London

  13. Want to chat about Industrial Control Systems? See you in the attendee lounge on level 3 at 4.30pm! Don’t be late, it’s going to be a short 20 minutes lightning feature! ⁦

  14. 4 Dec 2019

    Great talk by and on fuzzing at scale with ClusterFuzz.

  15. 4 Dec 2019

    I'm sure when I look back at Black Hat Europe 2019, one of my favorite moments will be "That time cosplayed as China." 😂

  16. 20 Nov 2019

    Presenting our research "iOS on QEMU" at this December! Will talk about the journey we went through to get an unpatched iOS kernel to boot on QEMU running an interactive bash shell with a full kernel debugger attached.

  17. 4 Dec 2019

    Interesting presentation on fuzzing at scale with Google’s ClusterFuzz

  18. 6 Dec 2019

    Slides and material from our talk on attacking container build systems from are now online: And so is Terrier, the CI-oriented container integrity verification tool (mainly due to the amazing effort of the ):

  19. If you deployed Windows Hello for Business, you should definitely read Microsoft's Security Advisory ADV190026. And I am not saying it just because I reported that issue and had a talk about it at Black Hat Europe. 😉

  20. 23 Dec 2019

    I am excited to present my vulnerability research this Saturday at ! I will show three different RCEs that I discovered on Ruckus Wireless access points. I hope check for updates often :)

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.