AboutNovember 13, 2020Tambien in EspañolCVEsCVE-2017-11774 - Microsoft Outlook: RCECVE-2017-17405 -Ruby FTP: RCECVE-2018-11235 - Git: RCECVE-2018-16873 - Golang (go get): RCECVE-2019-0561 - Microsoft Word: Information disclosureCVE-2019-13139 - Docker: Command Injection to RCECVE-2020-25695 - Postgresql: restricted sandbox escape and Privilege escalationCVE-2021-40153 - Squashfs: file write outside of targetTalksBotconf 2013Slides: https://www.botconf.eu/wp-content/uploads/2013/08/09-EtienneStalmans.pdfVideo: https://www.dailymotion.com/video/x1bj6h0Defcon 2015Video: https://www.youtube.com/watch?v=jnBhb6DiP2kTroopers 2017Slides: https://www.slideshare.net/sensepost/ruler-and-liniaal-troopers-17Video: https://www.youtube.com/watch?v=tuc8cwOAAcAEkoParty 2017Video: https://www.youtube.com/watch?v=-P02vn9oPB4DevSecCon Boston 2018Slides and demos: https://github.com/cji/talks/tree/master/DevSecConBoston2018Brucon 2018Slides and demos: https://github.com/cji/talks/tree/master/BruCON2018Video: https://www.youtube.com/watch?v=QPCI69vKN04Troopers 2019Slides, demos and other content: https://github.com/staaldraad/troopers19/Video: https://www.youtube.com/watch?v=hUhXulSelUQBlack Hat Europe 2019Video: https://youtu.be/g6dtjtYOw2wPapersA framework for DNS based detection and mitigation of malware infections on a networkReal-time distributed malicious traffic monitoring for honeypots and network telescopesGeo-spatial autocorrelation as a metric for the detection of fast-flux botnet domainsSpatial Statistics as a Metric for Detecting Botnet C2 ServersAn exploratory framework for non-aggressive response to hostile network trafficRemote fingerprinting and multisensor data fusionA Framework for DNS Based Detection of Botnets at the ISP LevelAn Exploratory Framework for Extrusion DetectionMaster Thesis