Georgi Guninski Retires

Georgi Guninski sent an email to Full Disclosure today, claiming that he will be retiring from the public security scene. Pre-meditating the question of why, he writes, if one needs to ask for a reason: got old, got somewhat tired. Georgi has made excellent contributions to the security community for some time now. He has […]

AVs prove less-effective

Last year I started working on the Web Backdoor Compilation (WBC). The idea behind the project was the following: A tool to aid penetration testers and web developers with security testing document management applications. Recently I made a pre-v2 release of the tool, which has received even more feedback then the previous version and the […]

Getting Certified (Part II): Security Certs

Well what about security certifications? There are useful guides to certifications at about.com and dmiessler.com. Arguably, the better internationally known certifications listed are CISSP and SCNP. One recent addition into this arena is the Certified Ethical Hacker (CEH). Their course outline provides a very good background on what you should know as a security tester. […]

Adobe Universal XSS

Discussion In September pdp and I did some really fun work involving backdooring PDF files. It opened alot of eyes and some back accounts in getting it fixed. Now Stefano Di Paola and Giorgio Fedon have found a way to perform universal XSS attacks on systems with Adobe Reader and Professional installed. Affected Versions According […]

Michael Daw Anthology

michaeldaw.org is pleased to announce the first “Michael Daw Anthology” award. Download Spotify Premium Apk here For those of you curious, anthology is a collection of published works. The original idea behind the michaeldaw.org website was to build stories upon a fictional hacking icon named, Michael Daw, as well as to host other security related […]