Our Blog

Orange Cyberdefense at Hacker Summer Camp

Reading time: ~3 min
It’s that time of year again where we head out to the desert, more specifically Las Vegas, for what is...

blackhat_defcon_virtual_vegas_2021.zip

Reading time: ~8 min
Phew! This year’s hacker summer camp is packed with presentations from several hackers across the globe at Orange Cyberdefense. I...

PEAP Relay Attacks with wpa_sycophant

Reading time: ~8 min
Back in 2018, I was interested that MSCHAPv2 and NTLMv1 hashes crack using the same algorithms, and wanting to get...

Abusing GDI Objects for ring0 Primitives Revolution

Reading time: ~21 min
Exploiting MS17-017 EoP Using Color Palettes This post is an accompaniment to the Defcon 25 talk given by Saif. One...

SensePost at BlackHat & Defcon 2017

Reading time: ~2 min
July is our favourite time of year, when thousands descend into Las Vegas for Blackhat/Defcon, or more commonly referred to...

Universal Serial aBUSe

Reading time: ~15 min
Last Saturday, at Defcon 24, we gave a talk entitled “Universal Serial aBUSe: Remote Physical Access Attacks” about some research...

SensePost at Blackhat & Defcon 2016

Reading time: ~2 min
The annual Hacker Summer Camp is nearly upon us, everyone at SensePost is getting ready. This is a brief overview...

Wadi Fuzzer

Reading time: ~18 min
“Operating system facilities, such as the kernel and utility programs, are typically assumed to be reliable. In our recent experiments,...

Improvements in Rogue AP attacks – MANA 1/2

Reading time: ~9 min
At Defcon 22 we presented several improvements in wifi rogue access point attacks. We entitled the talk “Manna from heaven”...

DefCon 22 – Practical Aerial Hacking & Surveillance

Reading time: ~1 min
Hello from Las Vegas! Yesterday (ed: uh, last week, my bad) I gave a talk at DefCon 22 entitled ‘Practical...