Emmanuel.Law

So apparently @claudiocontin and I will be presenting at both BlackHat Arsenal and Defcon Demolabs. Come for our preso if you are in Vegas then! https://www.blackhat.com/us-19/arsenal/schedule/index.html#ghost-in-the-browser-backdooring-with-shadow-workers-16989 …

Accomplishment unlocked ;) #kiwicon @claudiocontinhttps://twitter.com/IAmMandatory/status/1063667132758728704 …

Here's my post on Hunting for hidden parameters within PHP built-in functions using @fridadotre . Been a while since I blogged, thought I'll start off with a simple post. http://www.libnex.org/blog/huntingforhiddenparameterswithinphpbuilt-infunctionsusingfrida …

Time to get off my lazy ass and start writing blog articles again...

Am on the way to @WEareTROOPERS ..halfway there. Another 13hrs flight to go. Excited to be presenting this year!

Thanks for having me @kiwicon . Have a well deserved break!

Good job @GracieNoLag ...very well done! @GinMorgWireless @CHCon_nz

Phew... #Ruxcon talk over... Glad it went well.. @kiwicon and @CHCon_nz next.. #timetotakeabreak

Stoked be presenting on PHP Internals exploitation @ruxcon this weekend. Mad rush to finish preparing slides!

Finally finished my writeup on PHP Mem-read via gdImageRotate. POC attached: http://www.libnex.org/blog/exploitingcve-2016-1903memoryreadviagdimagerotateinterpolated …

PHP 7.0.2 fixed 2 vulns I reported: Heap BOF in escapshellcmds and Mem read via gdImageRotate. Exploit code and write up to follow soon.