Florence Broderick ElevenPaths announced its new strategic alliances in the third Security Day In the third Security Day the new alliance with Fortinet and ElevenPaths’s new product integrations with Check Point and Spamina solutions to evolve their technologies were presented. Madrid, 26th May....
Florence Broderick Telefónica and ElevenPaths extends its cybersecurity offering to the IoT environment Telefónica and ElevenPaths present at MWC the first technology for detecting and analysing threats Telefónica and ElevenPaths will present at Mobile World Congress, that begins on 22nd February in Barcelona ,...
Florence Broderick Faast already detects "Logjam": Imperfect Forward Secrecy Faast teams have been working all day long to add a new plugin to our list of detected vulnerabilities. There has been found a new security problem in TLS...
Florence Broderick PhpMyAdmin fixes a XSS detected by ElevenPaths (CVE-2014-9219) On November 28th, while our Faast team was developing an intrusion module for PhpMyAdmin MySQL manager, we detected a new cross site scripting vulnerability not known so far in this...
Florence Broderick Heartbleed plugin, ready for FaasT There is a lot of good information about Hearbleed out there, there is little more to add. It is a extremely serious vulnerability, that has shaken the internet from...
Florence Broderick Information leakages found in Google and Yahoo! (found with FaasT) A few weeks ago, Manuel Fernández, developer and security auditor in Eleven Paths, found some DS_Store files served by some Google URLs while testing FaasT. Google awarded the discovery...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick Quick and dirty shellcode to binary python script https://google-code-prettify.googlecode.com/svn/loader/run_prettify.js If you work with exploits and shellcode, you already know what shellcode is and how to deal with it. Sometimes it comes with exploits in C, Perl, Python…...
