New from Ponemon Institute: The State of Offensive Security in 2023. Read the Report ›
Managing Application Security Risk with Threat Modeling
SmogCloud: Expose Yourself Without Insecurity - Cloud Breach Patterns
Black Hat USA 2020 presentation looks at pragmatic ways to answer vital security questions in your AWS environment.
.Net Roulette Exploiting Insecure Deserialization in Telerik UI
DerpCon 2020 presentation reviews how .NET deserialization works and how to get shells on real applications.
Ham Hacks: Breaking Into the World of Software-Defined Radio
This DerpCon 2020 presentation explores how to find, capture, and reverse-engineer RF signals.
Demystifying Capture the Flags (CTFs)
DerpCon 2020 presentation on CTF formats, the skills they require, and the experience they develop.
Expose Yourself Without Insecurity: Cloud Breach Patterns
Presentation from BSides Atlanta 2020 explores the unprecedented level of exposures in the Cloud and how they can be found.
Subscribe to Bishop Fox's Security Blog
Be first to learn about latest tools, advisories, and findings.
Thank You! You have been subscribed.
Attacking the Data Before the Decision
Presentation from BSides Tampa 2020 explores the vulnerabilities of machine learning systems and how to mitigate them.
How to Write Like It's Your Job
Presentation from BSides San Francisco 2020 offers practical advice for security writers.
ZigDiggity: ZigBee Hacking Toolkit
Presentation from Black Hat USA 2019 reveals an open-source pentest arsenal for Zigbee networks.
Ghost In The Browser - Broad-Scale Espionage With Bitsquatting
Presentation from Kapersky SAS 2019 on an unfortunate side effect to achieving HTTPS everywhere and learn what can be done to mitigate the risk.
Reverse Engineering Mobile Apps
Presentation from BSides Las Vegas 2019 demonstrates the successful exploitation of transit system mobile apps.
Twist & Shout: Ferris Bueller's Guide to Abuse Domain Permutations
Presentation from Sqr00t 2019 explores the ins and outs of domain abuse, and how to prevent it.