Poly - isisblogs.poly.edu - NYU Poly ISIS Lab
General Information:
Latest News:
CraSH 15 Jul 2013 | 06:04 pm
July 5-7 Brooklynt Overflow participated in SIGINT CTF hosted by the good folks over at CCCAC in Germany. Despite the fact that Brooklynt Overflow is not always the most effective team during the summ...
PHP strip_tags not a complete protection against XSS (Repost From Archive) 3 Jul 2013 | 05:18 am
“PHP strip_tags not a complete protection against XSS” was originally written by Dan Guido when he was a student in the ISIS Lab. On August 13th .mario, a high-profile member of the sla.ckers.org foru...
Writing an XSS Worm 6 Jun 2013 | 06:01 am
This was done while interning at Gotham Digital Science and the original blog post can be found here: http://blog.gdssecurity.com/labs/2013/5/8/writing-an-xss-worm.html User privacy is an increasingly...
Oh Compiler, You so Crazy… 6 May 2013 | 09:00 am
For Hack Night, Nitin and I set about teaching students how to read and write x86 assembly. I was tasked with teaching students how to write x86. Naturally, being short on time I decided to cheat by ...
You Can’t Stop The Ropasaurus Rex PlaidCTF 2013 24 Apr 2013 | 08:49 pm
This past weekend, April 19th 2013 in the year of our lord, Brooklynt Overflow assembled to partake in the spectacle of pwning known as PlaidCTF. I’m particularly fond of PlaidCTF because it is the fi...
Hardware Hacking Week Recap 12 Apr 2013 | 08:18 am
If you were busy in Cancun over spring break, you missed out on our hardware hacking workshop in the ISIS lab! Hardware hacking is an important area of security research because while vulnerabilities ...
UCSB iCTF 2013: Water Write-Up 11 Apr 2013 | 11:18 pm
Introduction Last month, Brooklynt Overflow competed in the UCSB iCTF competition. Unlike some of the other competitions we’ve been playing in lately, this was an attack/defense style competition in w...
We Solved Security! 1 Apr 2013 | 09:01 am
The ISIS Lab has teamed up with Microsoft, Google, Adobe, and Carnegie Mellon University Cylab to fix security. Our distributed static binary analysis whitebox fuzzing sandbox has found all the bugs ...
Clang does not compile with stack cookies by default. 11 Mar 2013 | 11:22 pm
Just a bit of warning about clang. By the default state the clang compiler does not install stack cookie checks to its function calls. Given a simple function that managers buffers: a binary compiled ...
Clang does not compile with stack cookies by default. 11 Mar 2013 | 11:22 pm
Just a bit of warning about clang. By the default state the clang compiler does not install stack cookie checks to its function calls. Given a simple function that managers buffers: a binary compiled ...