#devsecops Keep it secret. Keep it ... safe?February 8, 2021What happens after you accidentally leak secrets to a public code repository.Read more Published via www.shhgit.com
#osint #passlo #passwords Analysing over 1M leaked passwords from the UK's biggest companiesMay 21, 2020How do some of the UK's biggest companies fair when it comes to passwords?Read more
#toolkit #devsecops Ahh shhgit!October 17, 2019Finding secrets in open source code in real time.Read more
#passwords #toolkit Effortless password auditsNovember 1, 2018Making it easier to perform regular password audits against an Active Directory environment.Read more
#research Mining Mimecast: brute forcing your way to successMarch 15, 2018Brute forcing Mimecast protect links to disclose private and confidential information.Read more
#research #osint Online stalking: London, Paris, New YorkFebruary 13, 2018Exploiting seemingly innocent data for nefarious purposes.Read more
#research #iot Owning Philips In.Sight IP camerasJanuary 30, 2015Poppin' root shells on Internet-enabled cameras.Read more
#research Yoics: account takeover vulnerabilityJanuary 29, 2015Full account takeover in an IoT cloud provider used by manufacturers such as Cisco and Phillips.Read more
#research Moonpig vulnerabilityJanuary 4, 2015A security flaw in popular greetings card app exposed personal details of 3 million customers.Read more
#research National Express ticket takeoverSeptember 23, 2014Security vulnerability leaking personal details of National Express customersRead more
#research Cerberus anti-theft Android device takeover vulnerabilityDecember 19, 2013Owning Android devices running Cerberus anti-theft software.Read more
#research Funky Pigeon account take overOctober 24, 2013Security vulnerability leaking personal details of Funky Pigeon customersRead more