PlunderVolt, Real-World Bug Hunting, Presidents Cup CTF, SockPuppet and more
Day[0] - Un pódcast de dayzerosec
Categorías:
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])
- [00:01:18] Last Episode of the Year
- [00:01:36] Real-World Bug Hunting: A Field Guide to Web Hacking
- [00:11:29] President's Cup
- [00:24:20] Better Password Protections [in Chrome]
- [00:30:18] Apple DMCA's SEP Key
- [00:36:59] Rosita: Towards Automatic Elimination of Power-Analysis Leakage in Ciphers
- [00:48:50] Camouflage: Hardware-assisted CFI for the ARM Linux kernel
- [01:00:37] Binary Planting with the npm CLI
- [01:04:55] Plundervolt
- [01:17:35] Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726)
- [01:24:09] AirDoS: Remotely render any nearby iPhone or iPad unusable
- [01:26:24] Digital Lockpicking - Stealing Keys to the Kingdom (KeyWe Smart Lock)
- [01:31:44] SockPuppet: A Walkthrough of a Kernel Exploit for iOS 12.4
- [01:39:05] Maddie Stone: Whatsup with WhatsApp: A Detailed Walk Through of Reverse Engineering CVE-2019-3568
- [01:46:37] Client-side Vulnerabilities in Commercial VPNs
- [01:54:50] A Technical Review of Connected Toy Security
- [02:07:43] Interactive Buffer Overflow Exploitation