03 November 2020 Show Notes 51 - A Look at OSEP, Hacking Metasploit, and the Legal Risks of Research 00:01:06 Cybersecurity as we know it will be 'a thing of the past in the next decade,' says Cloudflare's COO 00:05:51 A Researcher’s Guide to Some Legal Risks of Security Research 00:10:57 Exploit Developer Spotlight: The Story of PlayBit 00:17:25 New Pentesting Course: PEN-300 (OSEP) Additional Links: https://www.offensive-security.com/awe-osee/ 00:28:20 Vulnonym: Stop the Naming Madness! Additional Links: https://twitter.com/vulnonym 00:30:55 DeFuzz: Deep Learning Guided Directed Fuzzing 00:59:32 NAT Slipstreaming 01:08:10 GitLab CVE-2020-13294 01:13:17 Attacking Roku sticks for fun and profit 01:16:48 Tiki Wiki - Authentication Bypass [CVE-2020-15906] 01:20:12 Metasploit framework template command injection - CVE-2020-7384 01:23:43 Wormable remote code execution in Alien Swarm 01:29:50 Pulse Connect Secure - RCE via Uncontrolled Gzip Extraction [CVE-2020-8260] 01:32:55 The story of three CVE's in Ubuntu Desktop 01:41:31 CVE-2020-16939: Windows Group Policy DACL Overwrite Privilege Escalation 01:46:36 Windows Kernel cng.sys pool-based buffer overflow 01:54:21 Vector35 releases all Binary Ninja core architecture plugins 01:55:33 How Debuggers Work: Getting and Setting x86 Registers, Part 1 01:56:12 CodeQL U-Boot Challenge (C/C++) 01:59:14 Fundamentals of Software Exploitation