Episode 50 - Low-cost Penetration Testing, High Performance Fuzzing and Github RCEs
A lot to cover in this episode, from high performance fuzzing on GPUs, to low-cost pentesters, and APT groups. And, of course many vulns from GitHub RCEs to VMWare Workstation race conditions.Link
Episode 38 - Binary Ninja's Decompiler, git credential leak, cross-platform LPEs
Zoom vuln worth $500k? Probably not... What is worth $500k? Binary Ninja's new decompiler...okay probably not but it is exciting.We've also got some stupid issues and some interesting LPEs this episode.Link
Episode 36 - Zoom-ers, VM Escapes, and Pegasus Resurfaces
First, we talk about Facebook trying to buy some spyware, and then we feast upon a number of Zoom "vulns." Follow that up wtih some interesting vulnerabilities including a hyper-visor Guest-to-host escape, a complicated Safari permissions bypass, and a Gitlab Parser Differential.Link
Episode #29 - A New PWK/OSCP, Election Hacking, Kernel Exploits, and Fuzzing
Is the new OSCP worth-it? Can election apps be made secure? We'll talk about those questions and several kernel exploits and a few cool fuzzing innovations.Link
Episode 19 - What Does The NSA Say?
In this episode we discuss a recent NSA advisory regarding best practices for intercepting TLS traffic. We also take a look at a recent DOM Clobbering (XSS) finding, several VNC exploits, and end with a discussion on fuzzer performance and hardening against power-analysis side channels.Link
Episode 16 - A Bit of everything: 0days, Breaches, Lawsuits, Attacking AI, and some insecure
Episode 15 - NordVPN Again, Snowden, CPDoS, a PHP-RCE, and some console hacking
Episode 14 - Linux Exploits, Secure Credentials, Side-Channels and Election(SDK) hacking
Episode 13 - When your errors have errors...
Episode 12 - Exploits-galore iOS (checkm8), Android, Signal, Whatsapp, PHP and more