Archive
Archives by Year
All Posts
- A Nifty Initial Access Payload (December 17, 2024)
- Harvesting GitLab Pipeline Secrets (December 3, 2024)
- A Look Back: Insights from Our Managed Bug Bounty Program (November 21, 2024)
- Email, Email on the Wall, Who Sent You, After All? (October 29, 2024)
- Voice Cloning with Deep Learning Models (October 18, 2024)
- COM Cross-Session Activation (October 1, 2024)
- Three-Headed Potato Dog (September 17, 2024)
- From Classroom into Bug Bounty: Investigating Motivational Factors Among Swiss Students (September 6, 2024)
- A Patchdiffing Journey – TP-Link Omada (August 20, 2024)
- SAML Raider Release 2.0.0 (July 2, 2024)
- Introducing Conkeyscan – Confluence Keyword Scanner (June 18, 2024)
- Blockchain / Smart Contract Bugs (June 4, 2024)
- How to become a Hacker (May 21, 2024)
- Bug Bounty: Insights from Our First-hand Experience (May 7, 2024)
- New Burp Extension: JWT-scanner (April 23, 2024)
- Behind The Scenes Of Ransomware Attacks (April 9, 2024)
- Pwn2Own Toronto 2023: Part 5 – The Exploit (March 29, 2024)
- Pwn2Own Toronto 2023: Part 4 – Memory Corruption Analysis (March 28, 2024)
- Pwn2Own Toronto 2023: Part 3 – Exploration (March 27, 2024)
- Pwn2Own Toronto 2023: Part 2 – Exploring the Attack Surface (March 26, 2024)
- Pwn2Own Toronto 2023: Part 1 – How it all started (March 25, 2024)
- Manipulating LLMs – How to confuse ChatGPT (March 12, 2024)
- Luring the Threat: Lessons from ICS Honeypots in Ukraine and Germany (February 27, 2024)
- Microsoft BitLocker Bypasses are Practical (February 13, 2024)
- Device Code Phishing – Add Your Own Sign-In Methods on Entra ID (January 30, 2024)
- Microsoft Teams Covert Channels Research (January 16, 2024)
- Exposing the Scammers: Unmasking the Elaborate Job Offering Scam (December 6, 2023)
- Device Code Phishing – Compass Tooling (October 24, 2023)
- Relaying NTLM to MSSQL (October 10, 2023)
- From MQTT Fundamentals to CVE (September 12, 2023)
- A sneaky attack to your platform (August 22, 2023)
- Lenovo Update Your Privileges (July 19, 2023)
- Securing Connections to your Remote Desktop (June 15, 2023)
- Compiling a Mimikatz Module for Dumping Citrix Credz (April 17, 2023)
- Compass Incident Handling and Forensics Number Crunching (March 16, 2023)
- Level-up your Detection Game (January 25, 2023)
- The Threat, the Fox, and the Sentinel (December 12, 2022)
- Relaying to AD Certificate Services over RPC (November 16, 2022)
- A Symmetric Cipher Ransomware … YES! (November 11, 2022)
- Tutorial on how to Approach Typical DFIR Cases with Velociraptor (October 11, 2022)
- Email spoofing in Office 365 (August 30, 2022)
- Why You Should Implement a Banned Password List (July 28, 2022)
- No Passwords More Problems (June 23, 2022)
- BloodHound Inner Workings & Limitations – Part 3: Session Enumeration Through Remote Registry & Summary (May 25, 2022)
- BloodHound Inner Workings & Limitations – Part 2: Session Enumeration Through NetWkstaUserEnum & NetSessionEnum (May 12, 2022)
- BloodHound Inner Workings & Limitations – Part 1: User Rights Enumeration Through SAMR & GPOLocalGroup (May 2, 2022)
- VPN Appliance Forensics (March 21, 2022)
- Weekly penetration tests for agile software – Does it work well? (January 31, 2022)
- A Years Worth of Active Directory Privilege Escalation (December 23, 2021)
- Swiss Cyber Storm 2021 Wrap Up (November 22, 2021)
- Docker Forensics (November 8, 2021)
- SAML Padding Oracle (September 30, 2021)
- Ionic Identity Vault Biometric Authentication Bypass (September 8, 2021)
- Relaying NTLM authentication over RPC again… (August 9, 2021)
- Security Best Practices for On-Premise Environments (June 2, 2021)
- Printer Tricks Episode II – Attack of the Clones (May 11, 2021)
- Straightforward Mobile Forensics (April 20, 2021)
- SAML Raider Release 1.4.0 (March 23, 2021)
- The Good Old DNS Rebinding (February 23, 2021)
- .CH Zone Lookup Tool (January 7, 2021)
- The “Volatility Triage App” for Splunk (November 24, 2020)
- Evading Static Machine Learning Malware Detection Models – Part 2: The Gray-Box Approach (November 10, 2020)
- Burp Extension: Copy Request & Response (October 28, 2020)
- Evading Static Machine Learning Malware Detection Models – Part 1: The Black-Box Approach (October 6, 2020)
- 101 for lateral movement detection (September 1, 2020)
- Make the most out of BloodHound (July 30, 2020)
- Yet Another Froala 0-Day XSS (July 3, 2020)
- Relaying NTLM authentication over RPC (May 14, 2020)
- Reversing a .NET Orcus dropper (April 14, 2020)
- New SMBGhost Vulnerability Affects Modern Windows Systems (March 13, 2020)
- Domain-Join Computers the Proper Way (March 11, 2020)
- Invoice Fraud with Everything the Bag of Tricks Has to Offer (February 25, 2020)
- OWASP – Toronto January 2020 (February 10, 2020)
- Interview with Jim McKay (January 29, 2020)
- Finding Active Directory attack paths using BloodHound (December 9, 2019)
- Challenging Your Forensic Readiness with an Application-Level Ransomware Attack (November 25, 2019)
- Hacking Tools Cheat Sheet (October 28, 2019)
- Introducing Web Vulnerabilities into Native Apps (October 21, 2019)
- There is such thing as a free lunch (October 8, 2019)
- A Smart Card Odyssey (September 23, 2019)
- enOcean Security (September 12, 2019)
- Privilege escalation in Windows Domains (3/3) (August 26, 2019)
- Privilege escalation in Windows Domains (2/3) (August 12, 2019)
- Privilege escalation in Windows Domains (1/3) (July 29, 2019)
- From Open Wi-Fi to WPA3 (July 15, 2019)
- Practical OpenID Connect Pentesting (July 1, 2019)
- Reversing obfuscated passwords (May 23, 2019)
- Swiss QR Code Invoices for Phun and Profit (May 16, 2019)
- On Raising Awareness to Social Engineering Attack (April 29, 2019)
- Investigating Data Leakage via External Storage Devices (April 26, 2019)
- Windows Forensics with Plaso (March 25, 2019)
- XSS worm – A creative use of web application vulnerability (December 21, 2018)
- Substitutable Message Service (October 26, 2018)
- Hidden Inbox Rules in Microsoft Exchange (September 17, 2018)
- Area41 2018 Wrap Up (June 18, 2018)
- Compass at Area41 2018 (May 18, 2018)
- Insomni’hack 2018 Wrap-Up (March 27, 2018)
- Insomni’hack 2018 – guessflag (March 27, 2018)
- Insomni’hack 2018 – vba02-bitminer (March 26, 2018)
- Insomni’hack 2018 – vba01-baby (March 26, 2018)
- Insomni’hack 2018 – vbaby (March 26, 2018)
- Insomni’hack 2018 – Authentication Service (March 26, 2018)
- Insomni’hack 2018 – PHuck (March 26, 2018)
- Insomni’hack 2018 – Conference (March 26, 2018)
- No need to break in, use the backdoor (February 23, 2018)
- How to lose money with cryptocurrencies (January 16, 2018)
- Write-up: BlackAlps Y-NOT-CTF (November 17, 2017)
- Hardwear.io 2017 (September 18, 2017)
- BlackHat 2017 & DefCon 25 (September 6, 2017)
- Wrap-up: Hack-Lab 2017 #6 (August 23, 2017)
- Wrap-up: Hack-Lab 2017 #5 (July 28, 2017)
- Hello Roger! A new way to spoof a caller id (July 7, 2017)
- About TLS Perfect Forward Secrecy and Session Resumption (June 29, 2017)
- Forensic Readiness (June 13, 2017)
- Wrap-up: Hack-Lab 2017 #4 (June 2, 2017)
- JWT Burp Extension (May 12, 2017)
- BFH Exploiting & Defense Course (May 9, 2017)
- Wrap-up: Hack-Lab 2017 #3 (May 2, 2017)
- IoT WiFi Module – Dump the Data (April 26, 2017)
- Fun at Insomni’hack (March 31, 2017)
- Write-up: Capscii (March 31, 2017)
- Write-up: The Great Continuation (March 31, 2017)
- Write-up: Who’s your daddy? (March 31, 2017)
- Write-up: Smarttomcat2 (March 31, 2017)
- Write-up: Secr3tMgr (March 31, 2017)
- SharePoint: Collaboration vs. XSS (March 27, 2017)
- SharePoint: How to collaborate with external parties? (March 17, 2017)
- Wrap-up: Hack-Lab 2017#2 (February 21, 2017)
- Hacking-Lab @ CodeMash 2017 (February 7, 2017)
- How to reduce the threat from third-party includes (February 1, 2017)
- Wrap-up: Hack-Lab 2017#1 (January 23, 2017)
- IoT (in)security (January 12, 2017)
- Blackout: Wenn Hacker den Strom abschalten (January 2, 2017)
- ASP.NET Core 5-RC1 HTTP Header Injection Vulnerability (December 21, 2016)
- SAMLRequest Support for SAML Raider (November 4, 2016)
- Bypassing Content-Security-Policy with DNS prefetching (October 25, 2016)
- Android 7.0 Security Features: Direct Boot (October 18, 2016)
- Making of Compass bIOTech v1.0 (September 30, 2016)
- Black Hat USA 2016 / DEF CON 24 (September 5, 2016)
- Software Defined Radio (SDR) and Decoding On-off Keying (OOK) (September 1, 2016)
- Exchange Forensics (August 18, 2016)
- Cross-Site Scripting (July 6, 2016)
- Content-Security-Policy: misconfigurations and bypasses (June 22, 2016)
- APT Detection & Network Analysis (June 1, 2016)
- Windows Phone – Security State of the Art? (April 1, 2016)
- Compass Security nominated by Prix SVC (February 17, 2016)
- Presentation on SAML 2.0 Security Research (January 5, 2016)
- Subresource Integrity HTML Attribute (December 28, 2015)
- Come’n’Hack Day 2015 (December 17, 2015)
- What is a “Fake President Fraud” and how to Protect Your Company (December 10, 2015)
- DCF77 Zeitsignal Manipulation (November 23, 2015)
- Black Hat USA 2015 – part 2 (November 3, 2015)
- Black Hat USA 2015 – part 1 (October 22, 2015)
- Compass Security at CYBSEC15 in Yverdon-les-Bains (October 13, 2015)
- Aftermath of the Netgear Advisory Disclosure (October 9, 2015)
- Authentication Bypass in Netgear WNR1000v4 Router (October 9, 2015)
- SAML SP Authentication Bypass Vulnerability in nevisAuth (September 21, 2015)
- Excuse me, where is the best site of the city? After the DOM, just turn right! (September 16, 2015)
- Wie stiehlt man KMU-Geheimnisse? (September 1, 2015)
- IP-Box – Why a 4 digit passcode is still a bad idea (August 4, 2015)
- Hacklab Q2 – NoSQL mischief (July 27, 2015)
- SAML Burp Extension (July 24, 2015)
- Netzwerktraffic und APT Analyse (July 2, 2015)
- Presentation about Windows Phone 8.1 (June 24, 2015)
- XSLT Security and Server Side Request Forgery (June 18, 2015)
- Exchange 2013 – Spot the Security Features (March 4, 2015)
- IPv6 Secure Neighbor Discovery (SeND) (January 30, 2015)
- Aktuelle Security Trainings (January 23, 2015)
- Vom Domäne Benutzer zum Domäne Administrator (exploit MS14-068) (December 8, 2014)
- Presentation at BSidesVienna (November 27, 2014)
- Keep your secrets really secret (November 26, 2014)
- Challenges in Log Management (October 29, 2014)
- Forensic Investigation Kurs in Bern (October 21, 2014)
- Security Advisories for SAP BusinessObjects Explorer and neuroML (October 10, 2014)
- Disabling Viewstate’s MAC: why you deserve having now a broken ASP.NET web application (September 24, 2014)
- APT Detection Engine based on Splunk (September 9, 2014)
- BurpSentinel on Darknet (September 8, 2014)
- Blackhat and DEF CON USA 2014 (August 27, 2014)
- Compass Mitarbeiter erneut ausgezeichnet (July 30, 2014)
- iPhone & iPad Security Kurs in Bern (July 18, 2014)
- Release of Smart Meter Security Controls Whitepaper at Hack in Paris 2014 (June 27, 2014)
- Compass Area 41 attendance (June 13, 2014)
- OWASP Switzerland – SSL/TLS Talk (April 11, 2014)
- Calculating RSA private keys from its public counterpart (March 24, 2014)
- Lync – Missing Security Features (February 20, 2014)
- Lync – Privacy Configuration (January 31, 2014)
- Lync – Top 5 Security Issues (January 16, 2014)
- Advisories regarding Leed and Secure Entry Server (SES) (December 18, 2013)
- Compass SSL/TLS recommendations (November 27, 2013)
- SuisseID-basierte Authentisierung mit Apple OS X (November 12, 2013)
- ASFWS slides and OWASP meeting tomorrow (October 21, 2013)
- Compass Security at ASFWS in Yverdon-les-Bains (October 8, 2013)
- Introduction to Windows Exploits (October 1, 2013)
- Bypass File Download Restrictions in Content Filters (September 30, 2013)
- Microsoft Security Bulletin MS13-067 – Critical (September 11, 2013)
- RHUL Information Security Group (ISG) Weekend Conference (September 9, 2013)
- Black Hat USA 2013 (August 27, 2013)
- Access control in Windows (August 23, 2013)
- Embedded devices and cell phone flash memory acquisition using JTAG (August 8, 2013)
- OpenSSH authentication with SuisseID (July 22, 2013)
- OpenSSH enables true Multi Factor Authentication (July 4, 2013)
- Compass Crew Member Speaking at Black Hat USA (June 3, 2013)
- Lean Risk Assessment based on OCTAVE Allegro (April 9, 2013)
- XSS – The never ending story (March 7, 2013)
- Advanced Metering Infrastructure Architecture and Components (February 28, 2013)
- The Metering Infrastructure (February 20, 2013)
- Compass Security eröffnet Niederlassung in Berlin (February 6, 2013)
- Why does Compass Security recommend HSTS? (February 4, 2013)
- Grid, gridder, smart grid (January 28, 2013)
- Impact of IIS 7.5 Service Accounts for file system audits (January 21, 2013)
- Introduction to the Electrical Grid (January 14, 2013)
- Risks of DOM Based XSS due to “unsafe” JavaScript functions (January 7, 2013)
- ASFWS – Cybercrime to Information Warfare & “Cyberwar”: a hacker’s perspective (December 24, 2012)
- ASFWS – SuisseID talk (December 22, 2012)
- ASFWS – OAuth: un protocole d’autorisation qui authentifie? (December 21, 2012)
- ASFWS – Node.js Security – Old vulnerabilities in new dresses (December 12, 2012)
- ASFWS – Hash-flooding DoS reloaded: attacks and defenses (December 10, 2012)
- ASFWS – Keynote 2 – From Pay-TV to cyber security (December 7, 2012)
- ASFWS – A critical analysis of Dropbox software security (December 5, 2012)
- ASFWS – Bee Ware WAF (December 3, 2012)
- ASFWS – OPA (November 30, 2012)
- ASFWS – Mimikatz (November 29, 2012)
- ASFWS – Obfuscator, ou comment durcir un code source ou un binaire contre le reverse-engineering (November 28, 2012)
- ASFWS – Keynote 1 – Gestion opérationnelle de la sécurité logicielle sur la plateforme Facebook (November 27, 2012)
- Day 1 of ASFWS – Introduction (November 26, 2012)
- Blackhat USA 2012 (November 16, 2012)
- Jailbreak detection – curse or blessing? (November 16, 2012)
- Windows Phone 8 – An iPhone Alternative for Business? (November 15, 2012)
- Dangerous Sudoers Entries – PART 5: Recapitulation (October 29, 2012)
- Dangerous Sudoers Entries – PART 4: Wildcards (October 22, 2012)
- Dangerous Sudoers Entries – PART 3: Permissions (October 15, 2012)
- Dangerous Sudoers Entries – PART 2: Insecure Functionality (October 8, 2012)
- Dangerous Sudoers Entries – PART 1: Command Execution (October 1, 2012)
- Secure XML Parser Configuration (August 17, 2012)
- AntiSamy to face XSS and XXE (August 8, 2012)
- Samba Exploit Development Presentation (July 9, 2012)
- Digicomp Hacking Day 2012 (June 15, 2012)
- ISSS Zürcher Tagung 2012 – Pentesting Erfahrungen (June 15, 2012)
- nevisProxy Advisory Release (June 14, 2012)
- Österreich sucht die besten Hacker! (June 1, 2012)
- NEW: FileBox Client for Microsoft Windows (May 25, 2012)
- Mobile Banking Sicherheit – Interview DRS1 Espresso (May 18, 2012)
- Ein Nachmittag beim TVO (May 11, 2012)
- OWASP 2012 Online Competition (May 7, 2012)
- Exploit credentials stored in Windows Group Policy Preferences (April 24, 2012)
- March Hacking-Lab News 2012 (March 29, 2012)
- Next Beer-Talk in June 7th, 2012 (March 28, 2012)
- OWASP Apache Struts2 Security Challenge in Hacking-Lab (March 15, 2012)
- Reversing in God Mode (March 5, 2012)
- JBoss 7.1 Web Server Hardening (February 23, 2012)
- Nächster Compass BeerTalk am Donnerstag 01.03.2012 (February 17, 2012)
- New Security Enhancing HTTP Headers (January 31, 2012)
- ISSS St.Galler Tagung 2012 – iPhone (In)Security in an Enterprise env (January 26, 2012)
- BeanShell puts Java Application Servers at Risk (January 26, 2012)
- Retrospective about cache snooping (January 23, 2012)
- Research über die Netkit-Telnetd Schwachstelle (January 16, 2012)
- Simulated Industrial Espionage with the Pwnie Express Device (January 11, 2012)
- Blogilo Forensics (January 9, 2012)
- Tech-Talk am Watchguard Event (January 9, 2012)
- Xmas 2011 Hacking-Lab Challenge (December 23, 2011)
- Forensic and iPhone Training (December 21, 2011)