Research

"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearRE
Research execveat 1y ago 100%
What's your side project of a month?

If you're working on a research or side project, this is your platform to share your findings, roadblocks, breakthroughs, and more. Doesn't matter if it's still a work in progress or has been recently published - all stages of research are welcome. Maybe you're not actively researching, but you're closely following an interesting development in the industry or a certain researcher's work - feel free to share that here too! Or perhaps, you've got an idea for a project or research you wish to undertake, but need resources, collaborators, or simply some guidance - let the community know. Here's a simple guideline to kickstart the conversation: - What's the research about? (Give a brief overview of the project or topic) - Current progress/Findings (If applicable) - Challenges and roadblocks (What issues are you facing or expect to face?) - Help needed (Are you looking for collaborators, resources, advice, etc.?)

2
2
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearRE
Research alphanerd4 2mo ago 71%
Research Guides: Primary Sources: A Research Guide: Open Access
https://umb.libguides.com/PrimarySources/openaccess
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearRE
Research ranok 1y ago 100%
Q2'23 ThinkstScapes Infosec research review
https://s3.eu-west-1.amazonaws.com/www.thinkst.com/thinkstscapes/ThinkstScapes-2023-Q2-lowres.pdf
2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearRE
Research himazawa 1y ago 100%
RowPress: Amplifying Read Disturbance in Modern DRAM Chips
https://people.inf.ethz.ch/omutlu/pub/RowPress_isca23.pdf
2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearRE
Research execveat 1y ago 100%
WWDC23: Passkeys
blog.millerti.me
1
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearRE
Research execveat 1y ago 100%
BChecks (SDL for defining custom scans) available in Burp 2023.6
portswigger.net

It's like nuclei templates I guess, but built into Burp. Only available in the Early Adopter release for now.

1
1
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearRE
Research execveat 1y ago 100%
Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures
https://www.usenix.org/system/files/sec23summer_235-rohlmann-prepub.pdf

OOXML signatures are rendered pretty much useless due to 3 flaws in specification and 2 flaws in implementation. *"The vulnerabilities have been acknowledged by Microsoft. However, Microsoft has decided that the vulnerabilities do not require immediate attention."*

2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearRE
Research execveat 1y ago 100%
CS:GO: From Zero to 0-day
neodyme.io

They've chained 4 logic bugs to achieve RCE in CS:GO, pretty impressive. Valve sucks at communication and bug bounty payouts though.

2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearRE
Research mjh 1y ago 100%
Side projects for May/June 2023 (🔒podcast)
video.infosec.exchange

h/t [@NeonPayload@infosec.pub](https://infosec.pub/u/NeonPayload) for the video. My slipping goal for the past month has been the continued production of a weekly podcast. Nothing long, short form that could be listened to on a train or in the car. The challenge I'm facing head on is how to make it unique. Sure, I can do NPR reading the news but who cares and who is that, what is my target audience. My simple solution so far is to go back and try to find a style and content that people can't get from a dozen different sources on their phone already. Ideas and recommendations appreciated.

1
0