This was my first presentation of my talk “Ducky-in-the-Middle: Injecting Keystrokes into Plaintext Protocols”. If you want to catch this live, I’ll be presenting as Bsides Denver, NolaCon, and DEF CON: Packet Hacking Village. Update: NolaCon Presentation
n00py Blog- Exploiting Genuitec Secure Delivery Center (SDC) < Version 5.4.7 (Local File Inclusion)
- Popping shells on Splunk
- Dark Tip: Avoiding SSL Inspection on Palo Alto Firewalls
- The Dangers of Client Probing on Palo Alto Firewalls
- Bypassing Duo Two-Factor Authentication (Fail Open)
- Executing Meterpreter in Memory on Windows 10 and Bypassing AntiVirus (Part 2)
- Executing Meterpreter in Memory on Windows 10 and Bypassing AntiVirus
- Ducky-in-the-middle: Injecting keystrokes into plaintext protocols
- Microsoft Word upload to Stored XSS
- Exploiting complex XSS payloads in a constrained parameter