Compass Security Blog

Offensive Defense

Page 2 of 2

Presentation at BSidesVienna

On the last Saturday the 22nd of November, I attended BSidesVienna 2014 to deliver a talk about BurpSentinel. This tool is a Burp Suite extension giving better control over semi-automated requests sent to a given web application page. The presentation also covered aspects on automated Cross-Site Scripting and SQL injection detection. Despite talking early in the day (10 am), […]

Continue reading

Introduction to Windows Exploits

As part of the Compass research week, I dived into Windows exploit development. Conclusion is, that the basic exploiting principles from unix also apply on Windows. The biggest difference is the availability of much more advanced security tools, primarily debuggers and system analysis utilities, and some additional attack vectors like SEH. Also different versions of […]

Continue reading

Newer posts »