Since the April 14th leak of the Equation Group’s hacking tools, I have been busy testing (and decompiling / reversing) the tools, understanding and documenting
Category: Research
How (not) to break your (EC)DSA
During an internal project pertaining to automated cryptographic testing, we discovered that many implementations don’t respect standard specifications, especially signature algorithms. Let us take a
Hunting for Vulnerabilities in Signal – Part 3
Previous posts (part1 and part2) by Markus Vervier (@marver) and myself (@veorq) were about the Java code base and the Android client, now we’ll discuss
Angr management: first steps and limitations
Introduction Last summer I took some time to finally learn about Z3 as I was solving some crackme (see Using Z3 to solve crackme) but in
Drones – A hacker’s playground
Unmanned Aerial Vehicles (UAVs) offer new perspectives, both from a civilian and a military standpoint; yet, they present vulnerabilities having the potential to lead to
A perspective on the state of the SSLiverse as of early 2016
tl;dr; Most studies about SSL tend to use SSL information retrieved by DNS domain names. This article provides an overview of the SSLiverse when SSL