I’m writing this article on my path of becoming a better researcher on IoT devices. My goal was to create a portable device that I could use to scan BLE (aka Bluetooth Low Energy) devices and improve future tasks – like pentesting IoT for clients. Disclaimer: No harm or malicious activities have been done to… Continue reading BLE Driving 101
Year: 2017
Using UART to connect to a chinese IP cam
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things-exploitation/index.html Student ID: IoTE- 766 Following my interest in going deeper on IoT – specially on hardware hacking, I grabbed a chinese IP cam – Loftek and started checking its internals. I already had researched the web… Continue reading Using UART to connect to a chinese IP cam
Together we’re strong
A few months ago, me and Luis had the idea to help the firefighters (true heroes) with a donation that could make their job more secure. More than 210 thousand hectares of forest burned in Portugal only this year so this was the right thing to do. After talking with João we thought about bringing… Continue reading Together we’re strong
BSides Lisbon 2017 was awesome
BSides Lisbon 2017 was great \o/ It was my second BSides Lisbon (both as a speaker) and it’s amazing that the organization keeps improving this con. It had awesome talks, and with the help of my great friend Duarte – we hosted a mini lockpicking village which had a great success. I didn’t saw as… Continue reading BSides Lisbon 2017 was awesome
Guess who’s coming to BSides Lisbon 2017?
… you’re right! This guy 🙂 After my presentation last year, I decided to submit again a talk to the best infosec event in Portugal – BSides Lisbon. My talk GTFO Mr. User will be about: In this talk, the author will present real case scenarios (aka hacking to PoC) showing the danger of large… Continue reading Guess who’s coming to BSides Lisbon 2017?
My notes on Hacking BLE – list of resources
In the last few weeks I went for a drive into the Bluetooth Low Energy (aka BLE) topic. There are many articles on the web on “how to hack BLE” and stuff like that, so this is just a compilation of the things I wrote on my notepad and my decision of sharing it with… Continue reading My notes on Hacking BLE – list of resources
Checkmarx Security Research Team latest work
CSRT latest work and news: Evenbrite Security Wall of Fame Go programming SCP Remotely Exploitable Flaws Found in Popular IP Cameras Trump Website Hacked: Subdomain Takeover Defaces Fundraising Site More to come really soon… 🙂 Having fun hacking!
Speaker at C-Days 2017
I was invited by AP2SI to represent them in this year C-Days event. I talked about “Hacking for fun and profit – bounty style” and the room was packed. It was a pretty cool event specially because I was able to join a couple of friends to trade some new ideas.
Why working in application security makes me a better man?
In the last couple of years I was blessed with a good job at application security that made my life much easier. Above all things, I now have more opportunities to help others and provide my family and friends with small things that makes a lot of difference. Sometimes just being happy that day will… Continue reading Why working in application security makes me a better man?
Meter HTML5 XSS filter bypass
I was playing around with some new HTML5 features and noticed a funny one. Meter gives you a cool progress bar on-the-fly – https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meter Immediately I thought about using it to bypass some WRONG blacklist tags XSS filter and add a event to it: [code]<meter onmouseover="alert(1)"[/code] You can check it on https://jsfiddle.net/btksfbbx/ Nowadays this doesn’t… Continue reading Meter HTML5 XSS filter bypass