What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here:


The Unofficial Burp Extension for
–> Bumpster - github <–

Automated Generation of Proofs of Vulnerability with S2E
–> S2E Docs - github <–

IDA Python Embedded Toolkit – IDAPython scripts for automating analysis of firmware of embedded devices
–> IDAPythonEmbeddedToolkit - github <–

Just drop anything I have now about ASLR bypassing and fixing ;)
–> aslur - github <–

PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
–> PcapXray - github <–

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
–> oletools - github <–

Talks & Knowledge

Optional Chaining may be coming to JavaScript
–> JavaScript Optional Chaining - Dev.To <–

APT Groups and Operations
–> APT Groups and Operations - Google Docs <–

DEF CON 25 - Hanno Bõck - Abusing Certificate Transparency Logs
–> Abusing Certificate Transparency Logs - DefCon <–

OpenCrypto: Unchaining the JavaCard Ecosystem
–> OpenCrypto - BlackHat USA 2017 <–


Large Crypto-Mining Operation Targeting Jenkins CI Servers
–> Crypto-Mining Operation - infosec ISLAND <–

APT37 (Reaper): The Overlooked North Korean Actor
–> APT37 - FireEye <–

Google Discloses Unpatched Vulnerability in Edge Web Browser
–> Edge Web Browser Vuln - Security Week <–

Wikipedia Page Review Reveals Minr Malware
–> Minr Malware - sucuri Blog <–