Dailydave mailing list archives
Mike Bailey's Flash presentation is good.
From: dave <dave () immunityinc com>
Date: Tue, 09 Mar 2010 11:08:20 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 People in the web application security space are often more into "scanners" than people finding memory corruption bugs. I'm not sure what the root cause is there - perhaps the set of bug classes that are useful in web applications includes an abnormally large number of automatable possibilities? Perhaps it's just a sign of the immaturity of the field in general. But web application hacking can be as complex as a CLOUDBURST style memory corruption bug. For example, Mike Bailey's BH DC 2010 presentation has a 20-step ownage of gmail which is particularly good. http://www.blackhat.com/presentations/bh-dc-10/Bailey_Mike/BlackHat-DC-2010-Bailey-Neat-New-Ridiculous-flash-hacks-slides.pdf The fun stuff usually happens at the intersection of assumptions. - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkuWcnQACgkQtehAhL0ghepHLACfdvvmP/gIcjyZcVZoB8Algy5K ae4An278a5KS72fl9J+B/fpLIg+qH6ae =E3Hb -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Mike Bailey's Flash presentation is good. dave (Mar 09)
- Re: Mike Bailey's Flash presentation is good. Florian Weimer (Mar 09)