Find out about what the iSEC team has been working on; an RSS feed is available here.

Blog Posts

• 03 Aug 2015 » Introducing opinel: Scout2's favorite tool
• 09 Jun 2015 » IAM user management strategy (part 2)
• 21 Apr 2015 » iSEC audit of MediaWiki
• 03 Apr 2015 » Work daily with enforced MFA-protected API access
• 02 Apr 2015 » Use and enforce Multi-Factor Authentication
• 23 Mar 2015 » iSEC reviews SecureDrop
• 03 Mar 2015 » Recognizing and Preventing TOCTOU Whitepaper
• 24 Feb 2015 » IAM user management strategy
• 23 Feb 2015 » Do not use your AWS root account
• 22 Feb 2015 » Announcing the AWS blog post series
• 11 Feb 2015 » CA Alternative Whitepapers
• 09 Feb 2015 » Calculating SQL Permissions
• 27 Jan 2015 » Vulnerability Overview: Ghost (CVE-2015-0235)
• 19 Jan 2015 » Jailbreak, updated and open-sourced
• 29 Oct 2014 » A Simple DLL Injection Utility
• 25 Sep 2014 » Shellshock Advisory
• 04 Sep 2014 » Perfect Forward Security Whitepaper
• 13 Aug 2014 » Tor Browser Research Report Released
• 04 Aug 2014 » ZigTools: An Open Source 802.15.4 Framework
• 09 May 2014 » Tool Release: You'll Never (Ever) Take Me Alive!
• 16 Apr 2014 » DIBF Tool Suite
• 16 Apr 2014 » SSLyze v 0.9 released - Heartbleed edition
• 14 Apr 2014 » iSEC Completes TrueCrypt Audit
• 10 Apr 2014 » Heartbleed (CVE-2014-0160) Advisory
• 01 Apr 2014 » Introducing iSEC's Smart Password Evaluation Service
• 20 Mar 2014 » Cryptopocalypse Reference Paper
• 19 Feb 2014 » AWS environment security assessment with Scout2
• 01 Feb 2014 » iOS certificate pinning code updated for iOS 7
• 07 Jan 2014 » Announcing the Release of RtspFuzzer
• 02 Jan 2014 » iOS 7 tool updates
• 30 Dec 2013 » SSLyze v0.8 released
• 30 Dec 2013 » Fuzzing RTSP to discover an exploitable vulnerability in VLC
• 23 Dec 2013 » iSEC Engages in TrueCrypt Audit
• 17 Dec 2013 » Login Service Security
• 13 Dec 2013 » SSL pinning bypass and other Android tools
• 13 Dec 2013 » Blackbox Android App Analysis with Introspy
• 05 Nov 2013 » Browser Extension Password Managers
• 27 Oct 2013 » Ruxcon 2013 - Introspy Presentation Slides
• 14 Oct 2013 » Working with the Open Technology Fund
• 18 Sep 2013 » iOS Secure State Preservation
• 05 Sep 2013 » Redirecting traffic with dnsRedir.py
• 21 Aug 2013 » Blackbox iOS App Analysis with Introspy
• 21 Aug 2013 » Man-in-the-Middling Non-Proxy Aware Wi-Fi Devices with a Pineapple
• 20 Aug 2013 » iOS SSL Kill Switch v0.5 Released
• 19 Aug 2013 » Black Hat 2013 - Femtocell Presentation Slides, Videos and App
• 14 Aug 2013 » SSLyze v0.7 Released
• 06 Aug 2013 » Black Hat 2013 - Bluetooth Smart Presentation Available
• 06 Aug 2013 » Black Hat 2013 - Cryptopocalypse Presentation Available
• 14 Jun 2013 » Tool Release: PeachFarmer
• 29 Apr 2013 » An Introduction to Authenticated Encryption
• 18 Mar 2013 » Tool Release: YoNTMA
• 21 Feb 2013 » Tool Release: tcpprox
• 19 Feb 2013 » Exploring SSL Pinning on iOS