Wow, what a trip! I just had the opportunity to not only live out a childhood dream of attending DEF CON, but I even had the privilege to be able to present at the DEF CON Recon Village! Talk about achievement unlocked!

If you’ve been following along on twitter, you might be aware that I’ve been working on a security automation framework with regards to bug bounty hunting; to increase our agility, automate the boring bits, and let us JustHackThings. It’s something that our team (@anshuman_bh, @mhmdiaa, and myself) have been calling BountyMachine.

It’s no secret in the security/pentest/bug bounty…

TSS will be representing in the Las Vegas area for #HackerSummerCamp this year, with a few of our team members speaking at the various InfoSec conventions throughout the week. Drop by our talks or find us somewhere among the sea of InfoSec people and say hi!

The Art of Business Warfare

Red Teams are designed to penetrate security in a real world test of effectiveness of security controls, policy, technology and infrastructure. Red Teams view security from an adversary perspective in order to simulate realistic attack scenarios that enable an organisation as a whole to prepare and protect against both simply and sophisticated threats. Red…

I tend to dive down rabbit holes a lot, and given the cost of context switching and memory deteriorating over time, sometimes the state I build up in my mind gets lost between the chances I get to dive in. These ‘linkdump’ posts are an attempt to collate at least some of that state in a way that I can hopefully restore to my brain at a later point.

This time around I was inspired to look into USB reverse engineering, protocol analyis, hardware hacking, and what would be involved in implementing custom drivers for arbitrary hardware. …

Imagine a world driven by the strive for progress, improvement and innovation, rather than fuelled by corporate greed. Ideas and breakthroughs are shared freely and openly. Where instead of multiple separate entities having to expend the same effort to unlock the same benefits time and time again, locking them away inside their own corporate silos to ration out to the masses at overly inflated costs; we co-create that benefit, shared freely, and greatly accelerate the pace of innovation for everyone.

Imagine a world where instead of relying on these isolated silos of knowledge, portioned out by ‘experts’ (and never knowing…

I tend to dive down rabbit holes a lot, and given the cost of context switching and memory deteriorating over time, sometimes the state I build up in my mind gets lost between the chances I get to dive in. These ‘linkdump’ posts are an attempt to collate at least some of that state in a way that I can hopefully restore to my brain at a later point.

This time around I was inspired to look into Red/Infrared light therapy, originally motivated by some Bulletproof blog posts/talk (1, 2, etc), and the cost of the Joovv light panels. …

Earlier this year I spent some time delving into Atlassian Confluence to see if I could dig up any bugs that had slipped through the cracks. I wasn’t really expecting to turn up much, but I was super excited and surprised when I managed to find an issue within the RSS feed plugin leading to Cross-Site Scripting (XSS) (Twitter: 1, 2; LinkedIn: 1, 2; BugCrowd: 1, 2).

Thanks to Atlassian and BugCrowd for running an awesome bug bounty program and giving researchers the opportunity to hack things, make the internet safer, AND get rewarded while doing so!

The CVE

CVE-2017–16856: The RSS…

Recently I had the opportunity to present at a few local security meetups, and one international security conference.

At the start of 2017, I set a loose goal in the back of my mind that I would like to “get out there more” and “speak about the things I do”. Little did I know at the time that this would actually eventuate; leading to me having a pile of great experiences, and meeting some really cool and talented people!

TL;DR

SecTalks Canberra (November 14th, 2017; Canberra, Australia)

• “Hack FaaSter: Leveraging Docker and OpenFaaS for fun and offensive (security) profit.”
• Slides, workshop…

I was playing around with the top challenge on the CTF at SecTalks the other night, and thought I’d do a quick writeup of some of the techniques required; for future reference, and to help others to learn.

Hack the gibso.. Website

To start off, we were given a URL to a website that looked like a pretty standard sort of blog. Features included things like account registration/login, avatar upload, messaging between users, search, posts (not by a standard account), comments on posts (standard account), showing online users, etc. And the administrator was online.. interesting.

Poking around at things, I discovered that the messaging…