A Closer Look at Chrome's Security: Understanding V8

In 2008, Google released a sandbox-oriented browser, that was assembled from several different code libraries from Google and third parties (for instance, it borrowed a rendering machinery from the open-source Webkit layout engine, later changing it to a forked version, Blink). Six years later, Chrome has become the preferred browser ...

more ...

Exploiting the Web in 20 Lessons (Natas)

cyber

Continuing my quest through the Wargames, today I am going to talk about the 20 first levels of Natas, the web exploitation episode.

I divide the exploits into two parts. The first part contains the easy challenges that don't demand much art (and are a bit boring). The second ...

more ...

CSAW CTF 2014 - Forensics 300: "Fluffy No More"

This is the fourth and the last of the forensics challenge in the CSAW CTF 2014 competition. It was much harder than the three before, but it was also much more interesting.

The challenge starts with the following text:

OH NO WE'VE BEEN HACKED!!!!!! -- said the Eye Heart Fluffy ...

more ...