I recently bought a new printer at home, so my wife could print coupons without manually attaching to my office printer each time (Thanks coupons.com and all the other shady sites that require spyware-like software to print coupons, and often don’t support network printers). I ended up picking …

A buddy of mine, Mulitia, and I were talking about 0-days, and he mentioned finding one in Hex-Chat, a popular IRC client. It was super low severity, but still neat. If you entered “/server " followed by 20,000 random characters, the application died. I decided to try to make a working …

I’m a customer of Hover for my domain name needs. However, that will be changing because I don’t believe that they take issues seriously.

The first security issue

I was browsing their site, looking for a new domain, and being the constant tinkerer I am, I entered a single quote into the …

I have been working as a security consultant for a few months now, and one finding that is on almost every webserver I come across, is the lack of an HSTS (HTTP Strict Transport Security) implementation. This is understandable, since HSTS is still fairly new. In fact, before starting at Accuvant, I …

I’ve read a ton of articles on bypassing Antivirus software when trying to run shellcode on machines. There’s just a ton available. These are just a few examples:

• http://dev.metasploit.com/redmine/projects/framework/wiki/Using_a_Custom_Executable_to_Bypass_AV …