Wednesday, 27 April 2016

Getting Started...

OK. Let's get this blog started.

I still don't know exactly what content I'll be posting here or when, but it'll mainly be technical posts about (mainly memory-corruption based) exploits, ways to mitigate them, applied cryptography and reverse-engineering.

There's a lot I want to say on the topic of tackling use-after-free vulnerabilities as a category by altering the system heap, or weirdnesses of the LetsEncrypt ACME protocol that allow attackers to man-in-the-middle certificate generation if you're generating certificates manually; but let's start out gently with a bit of applied cryptography, and make a tamper-proof append-only log.

As ever, if you want to get in touch, hello@capitalalphasecurity,com is the way to go about it.

No comments:

Post a Comment