-
A service which stores credentials for websites that a team/company has a single login for, and allows team-members to use the service without knowing the password (like proxy with persistent cookies for login). This may include “modules” for certain websites that handle login on the website automatically.
-
Fuzz scripting languages’ scripts using AFL++ to instrument actual in-script functions.
-
Some type of “fake symbol insertion” into binary files so when they’re debugged, incorrect code is shown.
-
Talk about how multibillion dollar companies are being taken over by children
-
Discuss movie posters history
-
Invent an IPv6 blocklist algorithm that works for hosting and residential
-
On being “"”arrested””” in 2013, 2014, 2024, and thoughts on police priorities and goals
-
Create a page that tracks BA members now/then.
-
CSPT CSP spec
-
Slack watcher, similar to LDAP
-
Javascript security
-
Okta phishing (disabling FastPass script check)
-
Helicopter story.
-
Gixy-ng blog
-
Bug Bounty Post
-
Github bug ($500 bounty wtf)
-
LDAP Fuzzing
-
gaasandrecheck-http-api -
ReDoS linter
-
About how the fake security research at DEFCON, and how it should be celebrated.