EVENTS ARCHIVE

2018.08.07
Camp++ 0x7e2
High-performance web application fingerprinting based on SCM repositories
2018.05.22
Techblog
The curious case of encrypted URL parameters
LINK VIDEOPDF
2018.02.02
Techblog
Snow cannon vs. unique snowflakes — testing registration forms
LINK VIDEOPDF
2018.01.24
SecOps Europe
High-performance web application fingerprinting based on SCM repositories
LINKVIDEO PDF
2018.01.08
Research
Bare Knuckled Antivirus Breaking
LINK VIDEO PDF
2017.12.21
Techblog
Emulating custom crytography with ripr
LINK VIDEOPDF
2017.12.05
Techblog
Conditional DDE
LINK VIDEOPDF
2017.11.18
BSidesVienna
High-performance web application fingerprinting based on SCM repositories
LINKVIDEO PDF
2017.10.20
Hacktivity
Corrupting Ancient Spirits - Penetration Testing Oracle Forms
2017.08.14
Techblog
Notes on McAfee Security Scan Plus RCE (CVE-2017-3897)
LINK VIDEOPDF
2017.07.07
Camp++ 0x7e1
Keys to the kingdom
2017.05.08
Techblog
Fools of Golden Gate
LINK VIDEOPDF
2017.04.06
HEK.SI (Slovenia)
Make It Count – Progressing through Pentesting
LINK VIDEO PDF
2017.02.17
Techblog
Not so unique snowflakes
LINK VIDEOPDF
2017.01.03
Techblog
Beyond detection: exploiting blind SQL injections with Burp Collaborator
LINK VIDEOPDF
2016.11.28
Techblog
An update on MD5 poisoning
LINK VIDEOPDF
2016.08.25
Techblog
Bake your own EXTRABACON
LINK VIDEOPDF
2016.08.23
We were the first to publicly port EXTRABACON to Cisco ASA version 9.2(4)
After sharing a screenshot on Twitter we got coverage from Ars Technica, SecurityWeek, Threatpost and several others.
LINK VIDEO PDF
2016.08.18
Camp++ 0x7e0
Testing stateful web application workflows
2016.06.16
Techblog
Accessing local variables in ProGuarded Android apps
LINK VIDEOPDF
2016.05.13
Techblog
Detecting ImageTragick with Burp Suite Pro
LINK VIDEOPDF
2016.05.06
Techblog
iOS HTTP cache analysis for abusing APIs and forensics
LINK VIDEOPDF
2016.03.11
Research & development
We developed a Burp Suite Pro plugin to detect JSON array issues
LINK VIDEOPDF
2016.02.10
Techblog
You’re not looking at the big picture
LINK VIDEOPDF
2016.01.14
Gold Paper
Testing stateful web application workflows
LINK VIDEOPDF
2015.12.28
Gold Paper
Burp Suite(up) with fancy scanning mechanisms
LINK VIDEOPDF
2015.10.02
Techblog
Proxying nonstandard HTTPS traffic
LINK VIDEOPDF
2015.09.17
Techblog
Finding the salt with SQL inception
LINK VIDEOPDF
2015.08.05
BlackHat USA
We organized the wargame eCSI hacker playground with BalaBit.
LINK VIDEOPDF
2015.06.19
Techblog
Virtual Bank Robbery – In Real Life
LINK VIDEOPDF
2015.06.10
Techblog
Poisonous MD5 – Wolves Among the Sheep
LINK VIDEOPDF
2015.05.27
Gold Paper
Automated Security Testing of Oracle Forms Applications
LINK VIDEOPDF
2015.05.08
Ethical Hacking conference
There’s worse than SSL — it’s hard to get a homebrew protocol right
LINKVIDEO PDF
2015.05.07
CVE-2014-3440
Symantec Critical System Protection RCE (vendor advisory and our blogpost)
LINK VIDEOPDF
2015.04.03
Techblog
The story of a pentester recruitment
LINK VIDEOPDF
2015.01.12
Gold Paper
AIX for Penetration Testers
LINK VIDEOPDF
2015.01.06
Techblog
Code Review on the Cheap
LINK VIDEOPDF
2014.10.03
Techblog
WebLogic undocumented hacking
LINK VIDEOPDF
2014.07.28
Techblog
How to get root access on FireEye OS
LINK VIDEOPDF
2014.07.08
FireEye Operating System (FEOS) Command Injection Vulnerability
We discovered a vulnerability that was fixed in FireEye OS 7.1.
LINKVIDEO PDF
2014.06.25
Techblog
HP-UX 0day local privilege escalation
LINK VIDEOPDF
2014.06.06
Techblog
Trend Micro OfficeScan – A chain of bugs
LINK VIDEOPDF
2014.04.17
Techblog
ISAKMP hacking – How much should we trust our tools?
LINK VIDEOPDF
2014.04.04
Techblog
Quick and dirty Android binary XML edits
LINK VIDEOPDF
2014.03.31
Techblog
OWASP Top 10 is overrated
LINK VIDEOPDF
2014.03.14
Techblog
SNMP trap?
LINK VIDEOPDF
2014.03.07
Techblog
Sanitizing input with regex considered harmful
LINK VIDEOPDF
2014.02.27
Techblog
From Read to Domain Admin – Abusing Symantec Backup Exec with Frida
LINK VIDEOPDF
2014.02.20
Techblog
Testing websites using ASP.NET Forms Authentication with Burp Suite
LINK VIDEOPDF
2014.02.09
Techblog
JDB tricks to hack Java Debug Wire
LINK VIDEOPDF
2014.01.31
Techblog
Compressed file upload and command execution
LINK VIDEOPDF
2014.01.23
Techblog
Banging 3G rocks
LINK VIDEOPDF
2014.01.13
Techblog
How did I find the Apple Remote Desktop bug? – CVE-2013-5135
LINK VIDEOPDF
2014.01.10
Techblog
Duncan – Expensive injections
LINK VIDEOPDF
2014.01.06
Techblog
WAF bypass made easy
LINK VIDEOPDF
2013.12.17
Techblog
Plesk panel decryption
LINK VIDEOPDF
2013.12.05
Silent Signal techblog
Silent Signal has launched its techblog
LINK VIDEOPDF
2013.10.24
Apple Remote Desktop Format String Vulnerability
We discovered CVE-2013-5135 that was fixed in Apple Remote Desktop 3.7.
LINK VIDEOPDF
2013.10.11
Hacktivity 2013
Heureka - The suspicious thing is that it's not suspicious
2013.09.28
CampZer0
Abusing the IPC of Android apps for fun and profit
LINK VIDEOPDF
2013.07.22
Oracle Web Determinations XML injection
Details of a vulnerability fixed by Oracle in the July 2013. Critical Patch Update.
LINK VIDEOPDF
2013.05.29
Ghost in the Shell Control Box
Walkthrough of the wargame we created together with BalaBit IT-Security
LINK VIDEO PDF
2013.05.09
Ethical Hacking conference
Antivirus out of the blue - Shady sides of CloudAV
LINK VIDEOPDF
2013.02.20
Paper
From write to root on AIX
LINKVIDEO PDF
2012.10.13
Hacktivity 2012
USB = Universal Security Bug?
2012.10.04
Budapest Conference on Cyberspace
Child soldiers of the modern age (előadás), Children on the internet (workshop)
LINKVIDEOPDF
2012.05.17
SYM12-006
We reported security issues in Symantec Web Gateway via Beyond Security SSD
LINK VIDEOPDF
2012.02.06
Professional qualifications
Since February 6, 2012, all our penetration testers have GIAC Web Application Penetration Tester qualification, in addition to Offensive Security Certified Professional certification they already had.
LINKVIDEOPDF
2011.09.17
Hacktivity 2011
Hardware hacking for fun and profit
LINKVIDEO PDF
2011.09.07
Budapest New Tech Meetup
XSS 2.0
LINK VIDEO PDF
2011.07.07
AID-070611
Aruba Networks fixed a Cross Site Scripting vulnerability we discovered in ArubaOS and AirWave Administration Web Interfaces
2011.07.02
Paper
Story of a Client-Side Attack
LINKVIDEO PDF
2011.02.11
CVE-2010-4323
ZCM TFTPD Remote Code Execution Security Vulnerability
LINK VIDEOPDF
2011.01.19
Professional qualifications
Since January 19, 2001, all our penetration testers are Offensive Security Certified Professionals
LINKVIDEOPDF
2011.01.10
CVE-2011-0264
Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager
LINK VIDEOPDF
2011.01.10
CVE-2011-0263
HP OpenView Network Node Manager ovas.exe Remote Code Execution Vulnerability
LINK VIDEOPDF
2010.12.15
CVE-2010-4113
Hewlett-Packard Power Manager Administration Web Server Remote Code Execution Vulnerability
LINK VIDEOPDF
2010.12.03
Hacktivity 2010 Capture-the-Flag
Solution of the Capture-the-Flag game we made
LINK VIDEO PDF
2010.09.18
Hacktivity 2010
“I run a Linux server, so we're secure” (talk), Metasploit Workshop, Buffer Overflow Workshop
LINK VIDEOPDF
2010.06.19
Offensive-Security “How Strong is Your Fu? for Charity”
Our team finished 5th on the competition of 102 contestants organized by Offensive Security
LINKVIDEOPDF
2010.05.08
Offensive-Security “How Strong is Your Fu?”
Our team finished 3rd on the competition of more than 1000 contestants organized by Offensive Security
LINKVIDEOPDF
2009.10.11
Ethical Hacking conference
Surviving the theatre of war on the web
LINKVIDEO PDF