Tool Talk: Unredacter

In our fourth edition of the Tool Talk series, we dive into Unredacter, a tool created by Dan Petro, Lead Researcher at Bishop Fox, that takes redacted pixelized text and reverses it back to its original text.

Did you know that popular text-redaction techniques can be reversed to reveal the original message? If you need to keep sensitive text and data hidden from prying virtual eyes – blurring, swirling, fuzzing, and pixelation may not be as safe as you think.

As featured in Dark Reading, Tech Radar, The Register, and many more – our fourth Tool Talk focuses on Unredacter, an open-source tool written by our own Bishop Fox Lead Researcher, Dan Petro.

Register to learn why pixelation is a no-good, bad, insecure, surefire way to get sensitive data leaked! In our fourth edition, we deep dive into the topic of redaction, exploring:

  • The basics of Unredacter – what it is and how it works
  • Why it is tricky to beat redaction
  • How to make sure redacted text is hidden
  • A demo showcasing the tool in action
Dan Petro Headshot

About the speaker, Dan Petro

Senior Security Engineer

As a senior security engineer for the Bishop Fox Capability Development team, Dan builds hacker tools, focusing on attack surface discovery. Dan has extensive experience with application penetration testing (static and dynamic), product security reviews, network penetration testing (external and internal), and cryptographic analysis. He has presented at several Black Hats and DEF CONs on topics such as hacking smart safes, hijacking Google Chromecasts, and weaponizing AI. Dan holds both a Bachelor of Science and a Master of Science in Computer Science from Arizona State University.

More by Dan
Joe sechman

About the speaker, Joe Sechman

AVP of R&D at Bishop Fox

Joe is a Bishop Fox alumnus. Over his career, Joe has amassed many security certifications, delivered several presentations, and has co-authored multiple industry publications with groups such as ISC2, ISACA, ASIS, HP, and IEEE.

Additionally, Joe is a prolific inventor with nine granted patents in the fields of dynamic and runtime application security testing, attack surface enumeration, and coverage (U.S. Patents 10,699,017, 10,515,219, 10,516,692, 10,515,220, 10,423,793, 9,846,781, 10,650,148, 10,587,641, and 11,057,395). Prior to joining Bishop Fox, Joe held leadership positions with companies such as Cobalt Labs, HP Fortify, Royal Philips, and Sunera LLC (now Focal Point Data Risk). Earlier in his career, Joe served as the lead penetration tester within SPI Labs at SPI Dynamics where he cut his teeth alongside some of the best and brightest application security industry professionals. Joe received his Bachelor of Business Administration degree in Management Information Systems from the Terry College of Business - University of Georgia.
More by Joe

Extend Your Knowledge

Check out these related resources.

Adversarial Controls Testing Datasheet preview with purple background.
Datasheet

Adversarial Controls Testing Datasheet

Learn how Adversarial Controls Testing uses an attack-based approach mapped to the MITRE ATT&CK framework to determine the effectiveness of your email/phishing, endpoint, and network security controls.

Learn More
2024 Q3 DIGITAL DS Cosmos Service Now Tile
Datasheet

Cosmos for ServiceNow Datasheet

Learn how to effortlessly sync validated exposures from the Cosmos portal into your ServiceNow environment to streamline vulnerability management and remediate dangerous exposures before attackers can exploit them.
Learn More
Mockup of Bishop Fox's Guide to DORA Threat-Led Pen Testing
Guide

FAQ Guide: Acquiring DORA Threat-Led Penetration Testing

Bishop Fox’s comprehensive DORA FAQ guide walks you through everything you need to know about fulfilling these critical requirements. This resource is a must-have for financial institutions looking to stay ahead of DORA’s complex compliance landscape.

Learn More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.