Chimay-Red
This post outlines and presents the rediscovery, vulnerability analysis and exploitation of a zero-day vulnerability that was originally discovered and exploited by the CIA's "Engineering Development Group".
Astana
Frank's book, [Astana: Architecture, Myth & Destiny] proposed an interesting challenge: the first person to find the hidden message wins a $30,000 trip to Astana and $5,000 USD.
CTF Team as a Training Resource
Five years ago, when we started Seekintoo, I never imagined we would be developing a rather extensive training program for on-boarding Threat Hunters and Penetration Testers. Well, we've been working on that for the past few months and I have some thoughts about the CTF participation that organically became a
LabyREnth 2017 - 3D Maze Writeup
LabyREnth's second annual CTF's programming track contained an interesting challenge: solve a 3D maze that will attempt to "cheat".
DIY Smart Home Security? Meh..
In the course of research on a smart-alarm system; I Identified six important issues that can be used to bypass or disable different aspects of the alarm system. Five of them by attacking the radio network the alarm system uses, and one via the traditional IP based network.
Advanced DNS Analysis with ArcSight
Extending the functionality of ArcSight connectors to analyze DNS requests.