Hacker News
- Everything you need to know about hash length extension attacks (2012) http://www.skullsecurity.org/blog/2012/everything-you-need-to-know-about-hash-length-extension-attacks 17 comments
- Battle.net authentication misconceptions http://www.skullsecurity.org/blog/2012/battle-net-authentication-misconceptions 36 comments
- Stuffing Javascript into DNS names http://www.skullsecurity.org/blog/?p=433 7 comments
- Reverse engineering tricks: identifying opaque network protocols https://www.skullsecurity.org/2023/reverse-engineering-tricks-identifying-opaque-network-protocols 9 comments netsec
- Ropasaurusrex: a primer on return-oriented programming http://www.skullsecurity.org/blog/2013/ropasaurusrex-a-primer-on-return-oriented-programming 7 comments netsec
- An update to my blog from last week: a full walkthrough of a padding oracle attack http://www.skullsecurity.org/blog/2013/a-padding-oracle-example 6 comments netsec
- An in-depth look at padding oracle attacks, for average netsec people http://www.skullsecurity.org/blog/2013/padding-oracle-attacks-in-depth 11 comments crypto
- An in-depth look at hash length extension attacks, including a new tool to exploit them http://www.skullsecurity.org/blog/2012/everything-you-need-to-know-about-hash-length-extension-attacks 4 comments netsec
- Using "Git Clone" to get Pwn3D http://www.skullsecurity.org/blog/2012/using-git-clone-to-get-pwn3d 3 comments netsec
- There have been a lot of misconceptions about Battle.net passwords going around, so I wrote a blog to explain (in gruesome detail) how the login works http://www.skullsecurity.org/blog/2012/battle-net-authentication-misconceptions 44 comments netsec
- There have been a lot of misconceptions about Battle.net passwords going around, so I wrote a blog to explain (in gruesome detail) how the login works http://www.skullsecurity.org/blog/2012/battle-net-authentication-misconceptions 82 comments programming
- Detailed analysis of a remote control vulnerability (on my blog) http://www.skullsecurity.org/blog/2011/remote-control-manager-fail 9 comments netsec
- Locks that Can Re-key Themselves? http://www.skullsecurity.org/blog/2011/locks-that-can-re-key-themselves 137 comments technology
- Hacking crappy password resets ( part 1 and 2 ) http://www.skullsecurity.org/blog/ 4 comments netsec
- Lists of leaked passwords. http://www.skullsecurity.org/wiki/index.php/passwords#leaked_passwords 12 comments netsec
- Guy scrapes names, addresses and phone numbers of 100 million facebook users; makes available as 2.8 gig torrent http://www.skullsecurity.org/blog/?p=887 69 comments technology
- I realized that this is a scary privacy issue. I can find the name of pretty much every person on Facebook. http://www.skullsecurity.org/blog/?p=887 28 comments netsec