• Mental Models
• Books Digest 2021
• Links Digest 2021
• Hacking With Ml
• Innovation Is Nonlinear
• Thoughts On Zero Trust
• Zero Trust Security
• 10 Rules From Books
• Bbh Scale
• Time And Money
• Writing Good Bug Bounty Reports
• Bug Bounty Tips
• Jobs Of Tomorrow
• It Has Been A While
• Landing Proxify
• Fuzzing Xml And Json Pt 1
• You And Your Research
• Well Websecurify Runs On The Iphone
• Stuxnet
• Having Fun With Beef The Browser Exploitation Framework
• Coldfusion Directory Traversal Faq Cve 2010 2861
• 1st European Edition Of Hitb Coming Up
• Hacking Linksys Ip Cameras Pt 6
• Dnsmap V030 Is Now Out
• Old School Remote Command Execution Vulnerabilities On Avaya Intuity Audix Lx
• Skydive
• Free Web Application Security Testing Tool
• Of Sec Cons And Magstripe Gift Cards
• Cve 2009 1151 Phpmyadmin Remote Code Execution Proof Of Concept
• Hacking Linksys Ip Cameras Pt 5
• Breaking Into A Home With An Iphone
• Extensions At War
• Exploit Sweatshop
• Jeriko Group And Source Code Repository
• Hacking Linksys Ip Cameras Pt 4
• Hacking Linksys Ip Cameras Pt 3
• Hacking Linksys Ip Cameras Pt 2
• Hacking Linksys Ip Cameras Pt 1
• Exploit Development Framework Design
• Even More Xss Worms
• Tools Of Trade
• More Penetration Testing Goodness With Jeriko
• On Security Buzzwords
• Security Buzzword Generator
• Confidence 2009 Coming Up Soon
• Codez Are Up
• It Is Persistence
• You Dont Need The Ultimate Pen Testing Framework
• New Version Of Dnsmap Out
• Trapping Http Requests And Responses With Python
• Python Ssl Mitm Proxy And More
• Identity Theft Attacks
• Submit Your Top Web Hacking Techniques For 2008
• Twitters Security Is So Poor
• Deep Inspection Of Online Personas
• Messing With Web Filtering Gateways
• Happy New 2009
• Thoughts On The Certificate Authority Attack Presented At Ccc
• Hijacking Innocent Frames
• Firefox Malware
• The Agile Hacking Project
• Even More Advanced Clickjacking
• Gmail Security Flaw
• Bring Back The Attack To The Api
• Gnucitizen In 2005
• 6000 Members On Hoh
• Harder Better Faster Stronger The Malware
• We Need Better Web Tools
• The Cloud Is Not That Insecure
• Back From The Cons
• Facebook Worms And Rss Feeds Hacking The Web20 Way And Beyond
• Wp Blogsecurify
• Script Kiddies
• Frame Injection Fun
• Compliance
• More Advanced Clickjacking Ui Redress Attacks
• Security Certifications
• Landing Secapps
• Simple Universal Authentication System
• Social Media Security
• New Technique To Perform Universal Website Hijacking
• Audio From Black Hat Usa 2008
• The Quicktime Vulnerability Overview
• Details Of The Quicktime Vulnerability
• My Bh Las Vegas Slides
• Rethinking The Desktop Model
• Google Chrome
• Lets Fix The Web
• Clouds And The Distorted Notion Of Direct Control
• Viva La Defcon
• Targeted
• More On Gifars And Other Dangerous Attacks
• Gifars And Other Issues
• My Black Hat Talk
• Hoh 5001 Members And Growing
• Black Hat Las Vegas Baby
• Pareto Principle In The Informtion Security Industry
• Pwnie Award Nominee
• Professional Soldier
• The Way Of Logic Into Dans Dns Flaw
• Owi Yet Another Anonymous Point Of Attack
• Landing Blogsecurify
• Google And Wildcard Domains
• Owasp Europe 2008 Ghent
• Risk 2008 Oslo
• Fear
• Virtualizations
• Most Attractive Targets Saas
• Dumping The Admin Password Of The Bt Home Hub Pt 2
• Dumping The Admin Password Of The Bt Home Hub
• Promo Videos
• Tomorrows Malware
• Confidence 2008
• Ghost Busters
• Agile Hacking A Homegrown Telnet Based Portscanner
• Conspiracy
• The Public Perception Of The Image Of Hackers
• Quicktime 0day For Vista And Xp
• Hitb Dubai 2008
• Black Hat Europe 2008
• There Is No Spoon
• Reverse Shell With Bash
• Default Key Algorithm In Thomson And Bt Home Hub Routers
• Content Injection Hack The Hacker
• Hidden
• Target Profiling With Windows
• Kiosk Hacking When There Is Nothing Else Left
• Reviewing Practical Php Exploitation Techniques
• Darknets
• Zyxel Gateways Vulnerability Research Part 2
• The Computer Misused Act
• What Is Black Pr
• Black Hat Europe 2008 Amsterdam
• Openid Provides A Better Security Model
• The 10000 Sites Js Malware Source Code Leaked
• The State Of Wifi Security
• Agile Hacking
• Gnucitizen On Pauldotcom
• Exploring The Unknown Scanning The Internet Via Snmp
• Hitb Dubai 2008 We Cant Wait
• Router Hacking Is For Schoolgirls Or The Csrf Of Death
• Holes In Embedded Devices Authentication Bypass Pt 4
• Extreme Search Engine Hacking
• Cross Site File Upload Attacks
• Wifi Infestations Viral Wardriving
• Social Networks Evil Twin Attacks
• Reconsidering The Side Jacking Attack
• 30mins Introductionary Presentation On Client Side Security
• Holes In Embedded Devices Authentication Bypass Pt 3
• Holes In Embedded Devices Authentication Bypass Pt 2
• Holes In Embedded Devices Authentication Bypass Pt 1
• The Pownce Worm
• Total Surveillance Made Easy With Voip Phones
• Wifi Ownage
• Javascript Global Namespace Pollution
• Holes In Embedded Devices Desynchronized Service Acting As Backdoor
• Router Hacking Challenge
• Hijacking Openid Enabled Accounts
• Hacking Video Surveillance Networks
• Holes In Embedded Devices Ip Based Session Management
• Holes In Embedded Devices Binary State Session Management
• Dhcpmdns Injection Issues
• R00ting Public Wifi Networks Dhcp Name Poisoning Attacks
• Name Mdns Poisoning Attacks Inside The Lan
• Call Jacking Phreaking The Bt Home Hub
• Upnp The Saga Continues
• Vulnerabilities In Skype
• Flash Upnp Attack Faq
• Hacking The Interwebs
• Steal His Wi Fi
• Bt Home Flub Pwnin The Bt Home Hub 5
• Hacking With Upnp Universal Plug And Play
• All Your Metadata Are Belong To Us
• Google Hacking For Penetration Testers Second Edition
• A Must Read Brief Testimony Of Our Disclosure Experience
• Google_py
• The Orkut Xss Worm
• Security Common Sense
• Bulletproof Rich Content Filters
• General Purpose Fuzzer_py
• Unveiling Shoulder Skimming
• Security And Hacking Scene In London
• Owning Outlook Web Access Owa Users
• Flash Cookie Object Tracking
• System Hacking From The Browser The Python Style
• The Value Of Automated Security Tests
• Geo Tracking Online Personas
• Step One Become An Insider
• Airport Kiosks Security
• Network Communication Api Editors Draft
• Csrf Demystified
• Persistent Xss And Csrf On Wireless G Adsl Gateway With Speedbooster Wag54gs
• Owasp Usa 2007 Appsec Conference
• Strategic Geoip Hacking And Tv Streaming Theft
• Java Jar Attacks And Features
• Severe Xss In Google And Others Due To The Jar Protocol Issues
• Tomorrows Trojan Peddlers
• Bt Home Flub Pwnin The Bt Home Hub 4
• Web Mayhem Firefoxs Jar Protocol Issues
• Asx Plus Clickonce Dangerous Combination
• Content Disposition Hacking
• Bugs In The Browser Firefoxs Data Url Scheme Vulnerability
• Snippets Of Defense Ptiv
• Joe Walker On Web Application Security
• Mozilla Prism Not There Yet
• Hacking Without 0days Drive By Java
• Web Client Fuzzer_py
• Bt Home Flub Pwnin The Bt Home Hub 3
• Snippets Of Defense Ptiii
• Geo Tracking Mobile Phones
• Bt Home Flub Pwnin The Bt Home Hub 2
• Browser Rootkits
• Clear
• Snippets Of Defense Ptii
• Strategic Hacking Geoip
• 0day Hacking Secured Citrix From Outside
• Remote Desktop Command Fixation Attacks
• Bt Home Flub Pwnin The Bt Home Hub
• Snippets Of Defense Pti
• Google_js
• Hacking Citrix The Forceful Way
• Citrix Owning The Legitimate Backdoor
• Owning Big Brother Hollywood Style Exploits Included
• Google Gmail E Mail Hijack Technique
• Google Urchin Password Theft Madness
• 0day Pdf Pwns Windows
• Backdooring Windows Media Files
• Ie Pwns Secondlife
• 0day Quicktime Pwns Firefox
• Rain Of Minus Transactions
• How To Make Money With Xss
• Owasp Day 2007
• For My Next Trick Hacking Web20
• Searching For Evil
• I Dont Think That You Understand Firefox3 Vulnerable By Design
• Openid A Security Story
• Identity 20 Security
• Hamster Plus Hotspot Equals Web 20 Meltdown Not
• Facebook Homepage Source Code Probably Leaked
• On Browser Security Restrictions
• Web20 Is Not Ajax
• Constructive Chaos
• Automated Web Foo Or Fud
• Introducing Technika Security Framework
• Congratulation Youve Been Nominated For A Pwnie Award
• Friendly Ajax Xss Worm For Wordpress
• Full Disclosure
• U R Insecure How Uri Exploits Are Changing The Webappsec Landscape
• Interview With Xs Snipers
• Attack Of The Url Vulnerabilities
• Firefox Could Also Be Used As The Entry Point
• Bid 24856 Flash Player Swf Vulnerability
• Exploiting The Iphone
• Snoop Onto Them As They Snoop Onto Us
• Javascript Xss Scanner
• Yahoo Site Explorer Spider
• The New Dawn Of Filter Evasion
• Security Tool Controversy
• Attacking Password Recovery Facilities
• Co Authoring Google Hacking For Penetration Testers Volume 2
• Ad Jacking Xssing For Fun And Profit
• Landing Securlscom
• Open Source Documentary On Net Neutrality
• One Drop On A Spider Web
• Xss Worms And Mitigation Controls
• About The Power Of Google
• Xss Attacks Cross Site Scripting Exploits And Defence
• A Brief History Of Myspace
• Does What Happens In The Facebook Stay In The Facebook
• Mpack The Movie
• The Generic Xss Worm
• Client Side Security
• Client Side Sql Injection Attacks
• Ghdb
• 6th Owasp Conference
• Zero Degrees Of Seperation
• Do We Really Need A Security Industry
• Social Networks Mayhem
• Changes In The British Computer Misuse Act
• Xss Attacks Book Preview
• Persistent Csrf And The Hotlink Hell
• Why Httponly Wont Protect You
• Application Layer Anti Virusfirewall
• Firebug Goes Evil
• Username Enumeration Vulnerabilities
• Big Fish
• Preventing Csrf
• Zombiemap
• Sex Candies And Bookmarklet Exploits
• Vbscript To Rule Ie
• Owasp
• Noscript Hscan
• Hscan Redux
• Author Of The Xss Book
• Browser Focus Rip
• Playing In Large
• The Shadow
• Technika
• Javascript Remoting Dangers
• Wormx
• What Happens To Your Computer If You Mispell Googlecom
• Atom 2
• Csrf Ing Blogger Classic
• Google Search Results Poisoning
• How To Write Ajax Worms Theoretical Point Of View
• Xss Prelude
• Universal Pdf Xss After Party
• Danger Danger Danger
• The Year Of 2007
• Secure Code Through Frameworks
• Backdooring Images
• Backframe 2x Sneak Preview
• Myspace Quicktime Worm Follow Up
• Cross Site Request Forgery
• Sploiter Splog
• The Attack Of The Tiny Urls
• Web Pages From Hell 2
• Automated Xss Detection
• The 0xss Credo
• Xss Shell And Something More
• Introducing Backweb
• Backframe
• A Bag Full Of Tricks
• Attackapi 08 Is Out
• Traversing The Web
• Maluc On Javascript Worms
• Thoughts On Jsping
• Javascript Spider
• Google Search Api Worms 3
• Google Search Api Worms 2
• Persistent Bi Directional Communication Channels
• Javascript Attack Channel
• Introducing Xssdb
• Xssdb
• Self Contained Xss Attacks
• Backdooring Mp3 Files
• Google Search Api Worms
• Web Pages From Hell
• Cross Context Scripting With Sage
• Backdooring Quicktime Movies
• Backdooring Flash Objects Receipt
• Backdooring Flash Objects
• Backdooring Web Pages
• Attackapi
• Security Vs Accessibility
• Fex Enables Firefox Extension Scanner
• Javascript Authorization Forcer
• Javascript Visited Link Scanner
• Javascript Address Info
• Xssing The Lan 4
• Xssing The Lan 3
• Xssing The Lan 2
• Xssing The Lan
• Javascript Port Scanner
• Wsdl Digest 200606
• Rdf Is Fun
• Jython Shell
• Using The Infocrobes Package
• Ws Discovery
• Introduction To Intrusion Detection Systems
• Windows Defence And Attacks
• Infocrobes
• Exegesis Of Virtual Hosts Hacking
• Massive Enumeration Toolset