Tag Archive

DeepSec 2017 Talk: How To Hide Your Browser 0-days: Free Offense And Defense Tips Included – Zoltan Balazs

Published on October 9, 2017 By sanna

There is a famous thought experiment described in the book A Treatise Concerning the Principles of Human Knowledge. It deals with the possibility of unperceived existence; for example does a falling tree in the forest make a sound when no one is around to hear it? Given the many reports and mentions about zero-day exploits, […]

DeepSec Video: Yes, Now YOU Can Patch That Vulnerability Too!

Published on January 24, 2016 By René Pfeiffer

Once you got software, you most probably got yourself some decent bugs. Software vulnerabilities are everywhere. They come with the code. Managing patches and changes is they way of handling these weaknesses. At DeepSec 2015 Mitja Kolsek spoke about a new way of addressing vulnerabilities: „Software vulnerabilities are likely the biggest problem of information security, […]

DeepSec 2013 Talk: Auditing Virtual Appliances – An Untapped Source Of 0-days

Published on November 4, 2013 By René Pfeiffer

System administrators and information security researcher often have to deal with appliances. Almost every organisation and company has a couple of magical black boxes sitting around. Usually they are connected to the network, and they do important stuff (such as filtering things, checking content, and the like). In the old days testing these appliances for […]

DeepSec 2012 Workshop: The Exploit Laboratory – Advanced Edition

Published on September 30, 2012 By René Pfeiffer

Offensive security is a term often used in combination with defence, attack (obviously), understanding how systems fail and the ever popular „cyberwar“. Exploiting operating systems and applications is the best way to illustrate security weaknesses (it doesn’t matter if your opponents or pentesters illustrate this, you have a problem either way, and you should know […]

DeepSec 2012 Talk: Breaking SAP Portal

Published on September 27, 2012 By René Pfeiffer

SAP products are very widespread in the corporate world. A lot of enterprises run SAP software for a whole variety of purposes. Since enterprises feature many levels of interconnection, there is also a great deal of exposing going on. Usually you do this by means of using portals. The term „portal“ is a trigger for […]