NTP as a covert channel
Security Audit of the Android Steam Authenticator App
Retest Digidentity
Security analysis ECU Aprillia RSV4-1000
Security analysis of the Airconsole mini
Device driver security
SkyBell HD smart doorbell security analysis
Behavior of APT-Groups
Password managers and their vulnerabilities
A security analysis of decommissioned Ziggo modems
Endomondo Application Security
Defeating ransomware by instruction monitoring
Exploiting Broadcom’s Wi-Fi Stack
Eavesdropping with an optical microphone (laser).
Testing current good practices for wiping Android devices and improve weak points.
Extracting valuable data from dead Android devices.
Eavesdropping on and decrypting of GSM communication using readily available low-cost hardware and free open-source software in practice.
Implementing Mimikatz compatible output options (MS crash dump) in DMA physical memory dump tools (e.g.
Inception).
Identity how wide-spread
clickjacking is (by checking missing counter measures) and implement an advanced example to show the impact of such an attack.
Development BadUSB-alike attacks for the
USB Armory.
Shedding a light on publicly known TEMPEST attacks.
Modern Honeypot Network assessment.
EvilSSD Project.
SNMPv3 Covert channels.
Canon EOS 6D security evaluation.
Reviewing the procedures of Port Knocking.
Exploiting Wi-Fi SD cards
Heartbleed: how widespread is it?
OS3 Network Security Assessment
Looking back at Grsecurity
Weak key cracking of Android applications
GPS-based user tracking using mobile
TLS assessment SMTP
Keyboard acoustics
Firmware access control
Web Application Firewalls Evaluation and Analysis
Test the Effectiveness of the EMET
Comparing the detection rates of freely available attacks using free IDSs
Automated Deployment of Secure Services
Beyond the puppet
PGP good practice
Testing the effectiveness of GCC security flags in Debian 6.0
IPv6 host discovery
ASLR in modern operating systems
A Survey on Return-Oriented Programming
Security evaluation of out-of-band management devices
Attacking Android's pattern & PIN lock
Secretly retrieving mobile device clipboard content
Testing the effectiveness of the Enhanced Mitigation Experience Toolkit
Analysis and replication of 433
MHz device communication
Outdated Web Applications: Weakness Detection & Protection
ACARS and ADS-B: sniffing sensitive data and spoofing messages
Comparing real-life IPv4 and IPv6 network security policies
A penetration test of the Pogoplug in-home storage appliance
OS3 Network Segmentation
Bypassing a network proxy with authentication using covert channels
Analysis of the Ziggo TV application
Grindr Application Security
Security Analysis of GoPro Cameras
Security analysis of a wirelessly controlled gate
Database SQL Injections Detection & Protection: database firewalling
Detecting known IPv4 exploits over IPv6
Assessing the security of the ‘E-Thermostaat’ system
Metasploit Over Firewire Ownage
Analysis of Google’s 2-step Verification
Eavesdropping on and decrypting of GSM communication using readily available low-cost hardware and free open-source software in practice
Monitoring smartphone malware infections in the wild
Personal Data Collection of Android Applications
The network security of client-server iPhone applications
TCP Established Flooding
A comparison of real-life IPv4 and IPv6 network (IPv4 versus IPV6 filtering on the same system)
Beating Metasploit with Snort (automatically generate Snort rules from Metasploit Framework payloads)
Database Hardening
Sniffing and hijacking printer jobs
FireWire Attacks Revisited
Multiplexing Covert Channels
Analysis of TCP/IP backend of RFID access system
Penetration testing of open wireless access points
Post exploit activity detection (how to detect that a system is hacked?)
Hardened keyboard driver (how to detect a hardware PS/2 key logger?)
Detecting gateways in a simple way (how to detect unauthorized internet gateways in your corporate network?)
iPhoneBankingApps (checking the footprint of iPhone banking apps)
RFID (content analysis of RFID cards)
Covert channels (testing covert channels in the field)
Network traffic analysis for Windows binaries (reconstructing Windows EXEs using an IDS and checking for malware and certificates)
CoverDroid (implementing covert channels on an Android smart phone)
Passive application version monitoring (passively check for outdated / unknown software versions using network and IDS logs)