RPDscan (Remmina Password Decrypt Scanner) is a tool to find and decrypt saved passwords in Remmina RDP configurations. Continue reading
Some bugs are so simple and so elegant that you wonder how it is possible that no one has found them until now. Those are my favorites. They are simple, they do not involve memory corruption and most of the time they do not even need an advanced exploit code to abuse it. Stéphane Chazelas’ Bash bug is one of these bugs. Continue reading
Presentation on system level vulnerabilities (as given at BT’s SnoopCon 2014). Continue reading
Rather than representing a definitive guide, this document represents a review of the specific security issues identified during Portcullis Computer Security Ltd’s recent research into System V shared memory segments and their usage. Continue reading
smaSHeM is a System V shared memory segment manipulator. Continue reading
Presentation on system level vulnerabilities (as given at 44CON 2013). Continue reading
UNIXSocketScanner is a UNIX domain socket scanner. Continue reading
Presentation on auditing and bug hunting on AIX (as given at 44CON 2012). Continue reading
Presentation on exploiting linkers based on my paper (as given at Uncon 0×12 and CRESTCon 2010). Continue reading
SSHatter is a perl script to perform brute force attacks on SSH. Continue reading