Our Research

Remote LD_PRELOAD Exploitation

Analysing a vulnerability in all versions of the GoAhead web server < 3.6.5 that allowed for reliable remote code execution via LD_PRELOAD injection.
Read More

Building Hardened Docker Images from Scratch with Kubler

How to use Kubler to build hardened, minimalistic, Docker Images from scratch for better security
Read More

Intro to SDR and RF Signal Analysis

We take a brief look into Radio Frequency (RF) theory, Software Defined Radio (SDR), and visual analysis of various RF signal characteristics. We discover a good methodology for reversing RF signals, along with some simple analysis of some common RF remote devices that might be found around the home.
Read More

Playing with canaries

Analysis of compiler stack canaries and their implementation across various architectures.
Read More

EFF secure messaging scorecard review

We decided to audit libotr to gauge its general maturity. Within several hours we identified a number of insecure coding practice issues and a lack of documentation that were reported. While we didn't find any serious security vulnerabilities, our gut feeling is the code uses enough bad programming constructs to warrant further investigation before getting a tick of approval. This post shares some of our work from the audit, and also some recommendations for software security relevant to the EFF Secure IM Scorecard work.
Read More

Articles Featured In

Interested in talking?

Contact Us