Latest Posts

The prompt has become an annoyance but, fortunately, blocking it is simple. I will first describe how it can be easily blocked using a custom …

I'm Back

October 23, 2024

It has been a long time since I updated the website or posted something but things will be different from now on. There are still …

If you have been watching the news recently, you might have heard about the "Aurora" exploit. The exploit was used to compromise systems at Google, …

There is an unpatched vulnerability in the latest and earlier versions of Adobe Reader and Acrobat. I've added to the software section a program that …

Adobe Reader Exploit

November 23, 2009

I've added to the software section an exploit I wrote in the past that targets a vulnerability in Adobe Reader via the web to execute …

An unpatched vulnerability in an ActiveX control (Microsoft Office Web Components) used by Internet Explorer is being actively exploited. My version of the exploit can …

An unpatched vulnerability in an ActiveX control (Microsoft MPEG2TuneRequest) used by Internet Explorer is being actively exploited. I've written my version of the exploit in …

A critical vulnerability in several versions of Internet Explorer is being actively exploited. The vulnerability has not been patched yet by Microsoft, which means that …

Python Wrapper for VMware

December 01, 2008

I posted a Python wrapper called vmpy that can be used to control a virtual machine directly from Python. The wrapper can be found here.

DLL Injection

November 09, 2008

I posted a tool called DLLInjector that can inject a DLL of your choosing into a running process. The tool can be found here.

Facebook Phish

January 03, 2008

You will then be redirected to the real login page on Facebook. Here is a screenshot of the fraudulent site: This might tell us that …

Storm and Fast Flux in Action

December 24, 2007

By simply clicking on the link and visiting the page, your system can get compromised as it will try to exploit vulnerabilities in the browser …

Social Phishing

November 06, 2007

Check out this very cool paper. It shows how the information posted by people on social networking websites like MySpace, Facebook, etc. can be used …