Archives

HITB LAB: When Sh*t’s on Fire: Digital Crisis Simulation

This workshop is a live digital crisis simulation game. Attendees are split into teams and roleplay a typical telco CERT. They have to deal with an escalating high-stakes incident that put them under pressure. They have to use strategic and analytical skills to solve the crisis, while keeping the company running and the executive board […]

HITB LAB: Advanced Chip Level Analysis

Today software based analysis is very common but hardware just growing up. It is very effective and efficient to dig out vulnerabilities from the chip level but hardware analysis always seems difficult and involves higher costs while using advanced equipment and skills like soldering, chip on/off or even in-circuit system programming. During the workshop, I […]

HITB LAB: Fuzzing File System Implementations to Uncover Security Bugs

Vulnerability research and especially “fuzz-testing” has become an ever-growing field recently. Finding (exploitable) vulnerabilities and developing effective countermeasures are an essential result from analyzing the inner workings and general system internals of complex systems. File systems are no exception to this and are an often overlooked component on both the attacker and defender side. A […]