Posts by Bálint Varga-Perke

• Engineering WCF Hacks
• Fuzzy Snapshots of Firefox IPC
• Adding XCOFF Support to Ghidra with Kaitai Struct
• Abusing JWT public keys without the public key
• Unexpected Deserialization pt.1 - JMS
• Uninitialized Memory Disclosures in Web Applications
• Self-defenseless - Exploring Kaspersky’s local attack surface
• Drop-by-Drop: Bleeding through libvips
• Bare Knuckled Antivirus Breaking
• Emulating custom crytography with ripr
• Conditional DDE
• Notes on McAfee Security Scan Plus RCE (CVE-2017-3897)
• Fools of Golden Gate
• An update on MD5 poisoning
• Bake your own EXTRABACON
• Finding the salt with SQL inception
• Poisonous MD5 - Wolves Among the Sheep
• Testing Oracle Forms
• CVE-2014-3440 - Symantec Critical System Protection Remote Code Execution
• Code Review on the Cheap
• Trend Micro OfficeScan - A chain of bugs
• OWASP Top 10 is overrated
• From Read to Domain Admin - Abusing Symantec Backup Exec with Frida
• JDB tricks to hack Java Debug Wire
• Banging 3G rocks
• Duncan - Expensive injections