@straight_blast is a penetration tester based in US and Hong Konger,
he is passionate over CTF and pwnables, and is a core member of VXRL for years.
Back to August 10, 2018
VXRL Team joined DEFCON 26 and organized the chip-off village
Introduction Video:
https://www.youtube.com/watch?v=qIKst7cHsn8g
Originally published at https://www.vxrl.hk on August 10, 2018.
@straight_blast is a penetration tester based in US and Hong Konger,
he is passionate over CTF and pwnables, and is a core member of VXRL for years.
The blog could be found from this URL
Originally published at https://www.vxrl.hk on May 1, 2018.
Vulnerabilities discovery can be challenging for novice. In our talk, we will share the steps(and failure) we went through from beginner until finding 2 apple safari CVE (CVE-2019–8678,CVE-2019–8685)
In the first part of our talk, we will walkthrough some of the trick we used for target enumeration and corpus collection. Then ,we will share the steps we made to get the 2 CVE with public fuzzer. Lastly, we will go through the root cause analysis of these bugs and demonstrate how we do it for beginners.
Did you enjoy this post? Want to find out more about us? Contact us
Originally published at https://www.vxrl.hk on July 23, 2020.