Our Blog
A distinguisher for SHA256 using Bitcoin (mining faster along the way)
Reading time:
~5 min
Posted
by frans
on
16 October 2017
This post assumes a passing familiarity with what a Distinguishing Attack on a cryptographic hash is, as well as the...
Recreating certificates using Apostille
Reading time:
~3 min
Posted
by Rogan Dawes
on
06 October 2017
Sometimes on an engagement, you’d like to construct a believable certificate chain, that you have the matching private keys for....
BlackHat Conference: Z-Wave Security
Reading time:
~1 min
Posted
by behrang
on
19 August 2013
We are publishing the research paper and tool for our BlackHat 2013 USA talk on the Z-Wave proprietary wireless protocol...
Solution for the BlackHat Challenge
Reading time:
~4 min
Posted
by behrang
on
22 June 2012
We had published a network protocol analysis challenge for free entry to our BlackHat 2012 Vegas training courses and received...
BlackHat Challenge
Reading time:
~2 min
Posted
by behrang
on
14 June 2012
This year marks a special anniversary for us at SensePost in that we’ve been training at BlackHat for over a...
Decrypting iPhone Apps
Reading time:
~7 min
Posted
by saurabh
on
24 October 2011
This blog post steps through how to convert encrypted iPhone application bundles into plaintext application bundles that are easier to...
Decrypting Symantec BackupExec passwords
Reading time:
~1 min
Posted
by behrang
on
05 March 2010
BackupExec agent is often among common services found on the internal pen tests. The agent software stores an encrypted “logon...
Two quick links on “how your app got hacked, even though it looked ok”
Reading time:
Less than a minute
Posted
by Haroon Meer
on
05 June 2009
The first one from hacker news, aptly titled “How I Hacked Hacker News (with arc security advisory)” and the 2nd,...
Chris Eng 1 – 0 Verizon DBIR Cover
Reading time:
Less than a minute
Posted
by Haroon Meer
on
28 April 2009
Chris Eng over [at the Veracode blog] documents how he approached, and decoded the info behind the [2009 Verizon Data...