The 3-Way

Subverting ML Detections for Fun and Profit

Secrets of DNS

Snort & OpenAppID: How to Build an Open Source Next Generation Firewall

GET A Grip on Your Hustle: Glassdoor Exfil Toolkit

DNS-Based Authentication of Named Entities (DANE): Can we fix our broken CA model?

Exploiting Browsers Like A Boss w/ WhiteLightning!

Real World Intrusion Response

Application Whitelisting: Be Careful Where The Silver Bullet Is Aimed

Making Mongo Cry-Attacking NoSQL for Pen Testers

Step On In, The Waters Fine!

Give me your data! Obtaining sensitive data without breaking in

Third Party Code: FIX ALL THE THINGS

Just What The Doctor Ordered?

Powershell Drink the Kool-Aid

powercat

Macro Malware Lives! -- Putting the sexy back into MS-Office document macros

Girl… Fault Interrupted

Surviving until Dawn

A Bug or Malware? Catastrophic consequences either way.

It’s Not Easy Being Purple

Control Flow Graph Based Virus Scanning

Ok -- so you’ve been pwned -- now what?

Everybody gets clickjacked: Hard knock lessons on bug bounties

Are you a Beefeater -- focused on protecting your crown jewels?