Pwn2Own Miami: Aveva Edge Arbitrary DLL Loading VulnerabilityThis article covers the vulnerability I discovered while researching the Aveva Edge attack surface for Pwn2Own Miami a few years ago. It’s…Aug 1Aug 1
Geography Based Password Lists for enhanced password cracking success.Recently adversary academy was on an internal penetration testing engagement. Internally we typically run things like responder to see what…Jul 11Jul 11
This Cloud is on Fire! Microsoft Azure Site Recovery EoPDiscovering and Exploiting CVE-2024–21364May 13May 13
Clocking into The Network — Attacking KronosTimeclock DevicesOne of the services I’m most excited about at Adversary Academy is our targeted vulnerability research (TVR) program. The challenge I’ve…Sep 27, 2023Sep 27, 2023
No Mud No Lotus: The art of transforming breaches through security improvementIn Buddhist philosophy I often hear the expression “No Mud, No Lotus” this expression aligns with the Buddhist view that life and existence…Mar 9, 20231Mar 9, 20231
Confessions of a bug bounty program managerIn my previous article I wrote about my experiences as a top ranked bug bounty hunter. In this article I will write about my experiences on…Feb 17, 2023Feb 17, 2023
Confessions of a top-ranked bug bounty hunterFrom 2016 to 2017 I was very active in the bug bounty space, working almost exclusively with Synack. My first year doing bug bounties I was…Feb 15, 2023Feb 15, 2023
Patch diffing CVE-2022–21907Our security team does an in-depth analysis of critical security vulnerabilities when they are released on patch Tuesday. This patch…Jan 12, 2022Jan 12, 2022
Root cause analysis on unusual stack writing functions with IDA.A common problem when doing vulnerability research and exploit development is identifying interesting components within binary code. Static…Jan 9, 2022Jan 9, 2022
The Seven Habits of Highly Effective Purple TeamsAs we are approaching the new year I've been thinking about the milestones and achievements that I’ve been able to accomplish both…Jan 2, 2022Jan 2, 2022