Our Blog

thumbscr-ews – a python EWS tool

Reading time: ~6 min
Something I have found myself doing more and more often is using Exchange Web Services (EWS) to bypass 2FA. I...

Release the hounds! Snoopy 2.0

Reading time: ~5 min
Friday the 13th seemed like as good a date as any to release Snoopy 2.0 (aka snoopy-ng). For those in...

A software level analysis of TrustZone OS and Trustlets in Samsung Galaxy Phone

Reading time: ~15 min
Introduction: New types of mobile applications based on Trusted Execution Environments (TEE) and most notably ARM TrustZone micro-kernels are emerging which...

Google Docs XSS – no bounty today

Reading time: ~3 min
A few days ago, during one of those nights with the baby crying at 2:00 am and the only thing...

Snoopy Release

Reading time: ~4 min
We blogged a little while back about the Snoopy demonstration given at 44Con London. A similar talk was given at...

Hacking Online Auctions – UnCon && ITWeb talk

Reading time: ~2 min
I gave an updated version of my ‘Hacking Online Auctions’ talk at UnCon in London last week. The talk gave...

BlackHat 2011 Presentation

Reading time: Less than a minute
On this past Thursday we spoke at BlackHat USA on Python Pickle. In the presentation, we covered approaches for implementing...

Playing with Python Pickle #3

Reading time: ~8 min
[This is the third in a series of posts on Pickle. Link to part one and two.] Thanks for stopping...

Playing with Python Pickle #2

Reading time: ~12 min
[This is the second in a series of posts on Pickle. Link to part one.] In the previous post I...

Playing with Python Pickle #1

Reading time: ~6 min
In our recent memcached investigations (a blog post is still in the wings) we came across numerous caches storing serialized...