Labs

Take a look at our tools, presentations, and policies.

Network monitoring with nmap

Asset management is a problem we help many of our customers with. What are an organization's assets, and how accurate and up-to-date is this information? Even with a mature asset management program, organizations want some form of validation of their result. From a...
Web Cache Session Hijacking

Web Cache Session Hijacking

In recent years it has become popular to use Content Delivery Networks (CDN) provided by cloud hosting providers. Amazon's CloudFront is an example of a popular CDN. These CDNs can take advantage of HTTP Caching to reduce latency for a global pool of end users. There...

Parsing Binaries with Kaitai Struct

Parsing Binaries with Kaitai Struct

Kaitai Struct is a general-purpose declarative language for describing binary data structures. With it we can parse binary file formats, in-memory data structures, network packets, etc. The target format to be parsed is first described in the Kaitai Struct language (KSY) and then compiled to source files that can be imported as libraries in one […]

Writing a Simple ESP8266-Based Sniffer

Writing a Simple ESP8266-Based Sniffer

In this series of blogposts we will cover advanced, security focused, aspects of the ESP8266 /ESP32 SoCs such as sniffing and injecting 802.11 and bluetooth packets, building proof-of-concept network implant devices, etc. The ESP8266 is a low-cost Wi-Fi capable system-on-chip with full TCP/IP stack produced by Espressif Systems. It features a Tensilica L106 32-bit RISC […]