Security Blog

FindSecBugs officially an OWASP project

Over the years, Find Security Bugs – or FindSecBugs in short – has evolved from a limited static-analysis tool to one with solid coverage of bug patterns. In this post, we will present the latest milestone from the project: arrival in the OWASP family, some figures and details regarding its new release.

read more

Drugs, Guns, Fake documents, Hitmen… What I expected and much more!

This is the continuity of my first blog post How I Indexed the Darknet and Pastebin During My First University Internship. The GoSecure Torscraper was developed about 1 year ago. Due to a few issues, the entirety of the project was dockerized to simplify the installation procedure (~4-8 lines instead of 4 pages of documentation) and to automate the whole scraping process.

read more

Fuzzing Closed Source PDF Viewers

This blog post covers typical problems which arise when fuzzing closed source PDF viewers and possible approaches to these problems. Hereby it focuses on both: Input-Minimization and Non-Terminating programs. The approaches were found and implemented as part of my master thesis which I have written at TU Darmstadt, Germany in cooperation with Fraunhofer SIT.

read more

Categories

Pin It on Pinterest