1. JWT, OAuth, and Algorithm Choices

    Implementing systems that securely authenticate users and authorize their activities within applications can involve multiple interactions that cross trust boundaries. When applications are written in…Read More

  2. Meltdown and Spectre. Oh My!

    Introduction Meltdown and Spectre. Oh My! There have been a lot of new terms floating around the internet these last few days: Meltdown, Spectre, etc... What does it all mean? In this post, I will exp…Read More

  3. Android 7 Cellular MiTM

    Performing security assessments of complex systems sometimes requires some technical gymnastics to "man-in-the-middle" (MITM) communications between components. MITM techniques are essential for obser…Read More

  4. Proxying WBXML Services

    A very typical security assessment and penetration test for Carve involves a device, multiple RF communications interfaces (cellular, WiFi, Bluetooth, ZigBee, some mutant 802.15.4 based stack, etc.) a…Read More

  5. Shell Escapes

    If you own a consumer-grade network router then you have likely used a web browser to configure the router and set up your network. For commercial and industrial applications networking devices typica…Read More

  6. MiTM using Golang, meet Timmy

    This post is an introduction to Timmy (Tiny evil man in the middle). There are a lot of MiTM tools used to assess software that communicates via TCP/IP. They all have a few basic ingredients, but of…Read More

  7. Wear’s the MITM?

    Recently, we needed to man-in-the-middle TLS traffic coming from an Android Wear application. On a regular Android app, this would be an easy thing to do, but we started to run into trouble pretty qui…Read More

  8. Securing M2M Gateways

    There are a staggering number of M2M gateways on the market. In some cases, gateways are designed and marketed for specific use-cases, such as in-vehicle connectivity and fleet management, sensor data…Read More