Home
clearbluejar
Cancel

Introducing CVE North Stars

TL;DR - CVE North Stars is a tutorial that introduces a method to kickstart vulnerability research by treating CVEs as North Stars in vulnerability discovery and comprehension. Background Thi...

From NtObjectManager to PetitPotam

TL;DR - Windows RPC enumeration, discovery, and auditing via NtObjectManager. We will audit the vulnerable RPC interfaces that lead to PetitPotam, discover how they have changed over the past year,...

A Survey of Windows RPC Discovery Tools

TL;DR A survey of Windows Remote Procedure Call discovery tools and an attempt to understand how open source tools discover RPC servers, interfaces, and procedures. Windows RPC has been a black bo...

Mining Google Chrome CVE data

TL;DR - The Google Chrome Releases blog provides CVE data one liners containing all the information needed to create a rich CVE data source. Google Chrome CVEs are plentiful and provide informat...

Introducing CVE Markdown Charts - Part 1

TL;DR - CVE Markdown Charts - Your InfoSec reports will now write themselves… After writing several InfoSec reports and researching CVEs, I discovered a means to create dynamic charts that help ...

These Are Your First Steps

Hello World Saying hello to the world with a first post. I have seen several slick github.io pages leveraging Jekyll to create modern blogs and websites that look great with seemingly little ove...