Our published works
Over the years, we published technical papers, security tools and advisories public to share our insights into security exposure with the security community and the public in general better understand their security exposure.
- Liferay XXE vulnerability in OpenID authentication: Liferay was making use of an outdated and vulnerable library for its OpenID support which opened it up to XML External Entities. References: Liferay Security Hall of Fame, LPS-58014
- Client-side cross site scripting in Juniper VPN SSL solution: The Juniper VPN SSL system was found to be vulnerable to a client-side cross site scripting vulnerability. References: CVE-2013-5649
- Applicure dotDefender 4.0 administrative interface cross site scripting: Attackers can use a stored cross site scripting flaw within the dotDefender to control the WAF remotely.
- Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities: Profense 2.4 was found vulnerable to multiple security issues: a bypass in the positive model and one in the negative model, as well as a static / default password in the administrative interface.
- OpenX multiple vulnerabilities: OpenX 2.6.4 was found vulnerable to multiple vulnerabilities, most notably SQL injection and Cross Site Scripting security flaws.
- Apple’s Mail.app stores your S/MIME encrypted emails in clear text: Apple Mail.app does not store S/MIME encrypted emails securely in the Drafts directory on server.
- Surf Jacking “HTTPS will not save you”: Attackers exploiting this vulnerability are able to hijack an HTTP session even when the victim and the attacker’s connection is encrypted using SSL or TLS.
- The Extended HTML Form Attack Revisited: A generic security flaw which affects various web browsers such as Internet Explorer, Opera and Safari. This vulnerability allows attackers to launch Cross Site Scripting attacks by making use of non-HTTP protocols.
Open source and Free Tools
- Storming SIP Security: An article published in the 02/08 issue of Hakin9. Why IP Phone Systems are the new target. How VoIP systems can be broken into or simply abused for Toll Fraud. What you can do to prevent this.
- When best intentions go wrong: Debian OpenSSL vulnerability and how it affects the solutions that we (security professionals) recommend. Published on (IN)Secure Magazine.
- Closing a can of worms: Tackling the assumption that network traffic cannot be intercepted or modified during transit. Published on (IN)Secure Magazine.
- How security can hurt us: The more you spend on security does not necessarily equal more security. Published on (IN)Secure Magazine
Notable blog posts
- Kamailio World 2016 - 9 Years Of Friendly Scanning And Vicious SIP (video)
- HackPra 2013 - Webapp Exploit Payloads tools built for & during the job (video)
- Bsides London 2012 - Escalating privileges on common webapps (video)
- Hack in the Box Malaysia 2011 - VoIP Security workshop: Attacking CUCM
- IIT’s RTC Conference and Expo 2011 - Practical Fraud Attacks on VoIP Systems
- SECURE 2011 Poland - Attacks on VoIP (Workshop)
- AstriCon 2010 Washington DC - Just how vulnerable is your VoIP system?
- Hackcon Norway 2010
- Hackito Ergo Sum France 2010 - Attacking VoIP; attacks and the attackers
- Troopers 2009 - The Truth about Web Application Firewalls (video)
- Shakacon 2009 - Web Application Firewalls: What the vendors do not want you to know
- OWASP Europe 2009 - Web Application Firewalls
- Ph-neutral 2009 - Web Application Firewalls
- BruCON Belgium 2009 - VoIP pentesting workshop
- Hack.lu Luxembourg 2009 - VoIP pentesting workshop
- CONFidence Krakow 2009 - Scanning the Intertubes for VOIP (pdf)
- SEC-T Sweden 2009 - Scanning the Intertubes for VOIP (video)