Tech Blog

LEXSS: Bypassing Lexical Parsing Security Controls
An Exploration of JSON Interoperability Vulnerabilities
Bad Pods: Kubernetes Pod Privilege Escalation
Lessons Learned on Brute-forcing RMI-IIOP With RMIScout
Design Considerations for Secure GraphQL APIs
Design Considerations for Secure Cloud Deployment
h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)
Breaking HTTPS in the IoT: Practical Attacks For Reverse Engineers
How to Set Up Your Hardware Lab
RMIScout: Safely and Quickly Brute-Force Java RMI Interfaces for Code Execution