81 - Reused VMWare exploits & Escaping Azure Container Instances
Some drama with the VMWare bounty program, and then a few straight forward vulnerabilities and a really cool Azure Container Instances escape and takeover.
80 - Escaping the Bhyve, WhatsApp & BrakTooth
A tricky to exploit WhatsApp vulnerability, but still an interesting bug, several Bhyve vulnerabilities, and a named bluetooth vuln (Braktooth)
79 - Takeover a Facebook, SnapChat or JetBrains account
Multiple account takeover vulnerabilities in this episode with three cross-origin communication vulnerabilities in Facebook, an odd OTP endpoint in SnapChat and an open redirect in JetBrains leaking your JWT.
78 - NoSQL Injection, Mobile Misconfigurations and a Wormable Windows Bug
Another short episode this week covering graphql attacks, a couple NoSQL injections, a few misconfigurations and a cool attack to reset monotonic counters on a Mifare card.
From CTFs to Real-Exploitation (Part 3)
Final part of our series on going from the foundations of exploitation development to real-world exploitation. Focusing on the critical skill of discovering and developing your own exploitation strategies in large applications.
From CTFs to Real-Vulnerabilities (Part 2)
From having the foundations of exploit dev you might be wondering how to progress? Well, we argue that you should take some time to learn the basics of vulnerability research.
From CTFs to The Real-World: Overview (Part 1)
So you've played some CTFs and got a handle on this exploit dev stuff. This is the start of a three-part series about making the jump into real-world exploitation.
77 - Cross-browser tracking, frag attacks, & malicious rust macros
A shorter episode, but some really cool vulns none-the-less, from mitigation bypassing on D-Link routers, to a new set of WiFi protocol design flaws.
76 - Fake Vulns, More Valve, and an AWS Cognito issue
Kicking off the week with some awesome vulns, an "almost" padding oracle in Azure Functions, a race-condition in AWS Cognito, some sound engine bugs, and a Foxit Reader Use-after-free.
75 - Defcon Quals, Dead μops, BadAllocs, Wordpress XXE
Big episode this week, with a lot of discussion about CTFs, kernel drama, and Github's exploit policy. Then some really interesting exploit strategies on Tesla and Netgear, along with some simple, yet deadly issues in Wordpress and Composer.