Orange

Original link: http://blog.orange.tw/2023/08/2023-webconf-the-evolution-of-web-security.html TL;DR for Hackers & Researchers: this is a more conceptual talk for web developers. All are in Mandarin but you could check the slides here if interested. I haven’t blogged for a long time, so I will record my speech at WebConf 2023 this time. It is probably to classify the evolution […]

Original link: http://blog.orange.tw/2022/10/proxyrelay-a-new-attack-surface-on-ms-exchange-part-4.html This is a cross-post blog from DEVCORE. You can check the series on: A New Attack Surface on MS Exchange Part 1 – ProxyLogon! A New Attack Surface on MS Exchange Part 2 – ProxyOracle! A New Attack Surface on MS Exchange Part 3 – ProxyShell! A New Attack Surface on MS

Original link: http://blog.orange.tw/2022/08/lets-dance-in-the-cache-destabilizing-hash-table-on-microsoft-iis.html Hi, this is my fifth time speaking at Black Hat USA and DEFCON. You can get the slide copy and video there: Let’s Dance in the Cache – Destabilizing Hash Table on Microsoft IIS (slides) Let’s Dance in the Cache – Destabilizing Hash Table on Microsoft IIS (video – TBD) As the