CVE-2019-6726: Arbitrary File Deletion in WP fastest Cache <= 0.8.9.0
In this blogpost I will explain the details of CVE-2019-6726 - an arbitrary file deletion bug in the WP Fastest Cache wordpress plugin that I discovered last year. Overview The
Just another security blog
An example why NAT is NOT security
Sometimes I hear that network address translation (NAT) is considered a security feature. Unforunately, this is not necessarily true and I will try to demonstrate why with a practical example:
Performance of Iodine over DNS-over-HTTPS
Iodine is a DNS-tunnel that can be used to send TCP traffic encapsulated in DNS queries. Sometimes, this helps to bypass captive portals or otherwise restricted networks. In this blogpost
CVE-2019-1000032: Memory corruption / DoS in nanosvg
This is finally the first 0day-like blogpost about a memory corruption/DoS issue that I have discovered in nanosvg by fuzzing it with AFL. UPDATE: After my request for updating
Dockerized Tor Onion Services with Vanity v3 Tor Addresses
I'm currently taking Prof. Florian Tschorch's Network Security class and we had a lecture covering Tor and Onion services. A couple of years ago, I operated