w00tsec
W 00 Tsec Blogspot. embedded device & webapp hacking.
Read W00tsec.blogspot.com news digest here: view the latest W 00 Tsec Blogspot articles and content updates right away or get to their most visited pages. W00tsec.blogspot.com is not yet rated by Alexa and its traffic estimate is unavailable. It seems that W 00 Tsec Blogspot content is notably popular in USA. We haven’t detected security issues or inappropriate content on W00tsec.blogspot.com and thus you can safely use it. W00tsec.blogspot.com is hosted with Google LLC (United States) and its basic language is English.
Content verdict: Safe
Website availability: Live
Language: English
Last check:
-
N/A
Visitors daily -
N/A
Pageviews daily -
N/A
Google PR -
N/A
Alexa rank
Best pages on W00tsec.blogspot.com
-
embedded device & webapp hacking
-
w00tsec: Binwally: Directory tree diff tool using Fuzzy Hashing
For this post, I'll discuss about the concept of directory tree and binary diffing and how it could be used to find potential vulnerabilitie...
-
w00tsec: Extracting RAW pictures from memory dumps
Introduction Earlier today, while reading my Twitter timeline, I saw some Infosec folks discussing about scripts/tools to identify RAW pic...
W00tsec.blogspot.com news digest
-
5 years
Abusing MySQL LOCAL INFILE to read client files
Recently, I was playing the VolgaCTF 2018 CTF with my teammates from TheGoonies and we came across an interesting Web challenge that we didn't manage to solve during the competition. The following day, I read the write-up and learned a cool technique...
-
7 years
LuaBot: Malware targeting cable modems
During mid-2015 I disclosed some vulnerabilities affecting multiple ARRIS cable modems. I wrote a blogpost about ARRIS' nested backdoor and detailed some my cable modem research during the 2015 edition from NullByte Security Conference.
CERT/CC released the Vulnerability Note VU#419568 and it got lots of media coverage. I did not provide any POC's during that time because I was pretty sure that those vulnerabilities were easily wormable... And guess what? Someone is actively exploiting... -
8 years
0CTF 2016 Write Up: Monkey (Web 4)
The Chinese 0CTF took place on March 12-13 and it was yet another fun CTF. I played with my teammates from TheGoonies and we were ranked #48.
I found the Web task "Monkey" particularly interesting: I solved it with the help from my friend @danilonc, but it took way longer than it should because of some **Spoiler Alert** DNS glitches. According to the scoreboard status, approximately 35 teams... -
8 years
ARRIS Cable Modem has a Backdoor in the Backdoor
A couple of months ago, some friends invited me to give a talk at NullByte Security Conference. I started to study about some embedded device junk hacking hot topics and decided to talk about cable modem security. Braden Thomas keynoted at Infiltrate...
Domain history
| Web host: | Google LLC |
| Registrar: | MarkMonitor Inc. |
| Registrant: | Google LLC |
| Updated: | June 29, 2023 |
| Expires: | July 31, 2024 |
| Created: | July 31, 2000 |
Whois record
Safety scores
Trustworthiness
ExcellentChild safety
N/A
