Research

• Lessons Learned from SSH Credential Honeypots (04 Sep 2020)
• CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry (23 Aug 2019)
• Playing with the Gigastone Media Streamer Plus (28 Jan 2018)
• [CVE-2017-17704] Broken Cryptography in iStar Ultra & IP ACM by Software House (18 Dec 2017)
• [CVE-2014-5204] Wordpress nonce Issues (10 Sep 2014)
• CVE-2014-4182 & CVE-2014-4183: XSS & XSRF in Wordpress 'Diagnostic Tool' Plugin (04 Jul 2014)