Blog Posts
- How I Built An XSS Worm On Atmail
- In the News: A BGP Hijacking Technical Post-Mortem
- An Overview of BGP Hijacking
Slides
- ISC(2) Phoenix - Effectively Operating a Bug Bounty Program [pdf]
- Converge Detroit - Homebrew Censorship Detection by Analysis of BGP Data [pdf]
- CactusCon 2014 - Malware and the Syrian Civil War [pdf]
Vulns
- CVE-2017-11617 - Stored XSS in atmail
- ByREV WP-PICShield - Cross-Site Request Forgery (CSRF)
- Acknowledgement from Duda
Media
- Vice Motherboard - A Roundtable of Hackers Dissects 'Mr. Robot'
- The Intercept - Hit App Sarahah Quietly Uploads Your Address Book
- Forbes - Should You Plug That USB Drive Into Your Computer? (Beware Of Malware)
- eSecurity Planet - Google’s New Disclosure Policy: Helpful, or Who Cares?
Projects
Code
- taki - dns zone transfer waterfalls
- routeviews-py - Python script to record changes in BGP data from routeviews.org