Barrow's Latest Posts
This is a pretty fun read on using a polyglot jpeg to bypass CSP leading to a XSS vuln. http://blog.portswigger.net/2016/12/bypassing-csp-using-polyglot-jpegs.html
This looks like it could be really handy if you're doing pentesting on premises. https://samy.pl/poisontap/ it grabs all sorts of useful data. Worth reading through.
Keen Security Lab recently released a brief write-up on multiple security vulnerabilities found in Tesla Model S vehicles. Among them was remote access to a vehicle's CAN (Controller Area Network) bus, allowing them to take control of the vehicle. The Keen Lab team was able to ...more