Give us your geeks, your coders, engineers, and scientists...

Your hackers yearning to build and break things.

Wednesday, Dec 17th, 2014
Saturday, Nov 22nd, 2014

Thank you to the CSA group at UTSA for asking me to come and present. Here is a PDF of the slide deck SMT.

Saturday, Nov 15th, 2014

DJ Manilla Ice got himself in da newz overseas for pwn2own. Drop him a line to say congrats: Youtube: http://goo.gl/txQZPL (Japanese)

Sunday, Nov 9th, 2014
November Make it Rain
by Angelo Plus+

We had presentations from vesh, brownbear/ivorywolf, and les (from lescon). Vesh did an example of  the SEH-All-At-Once attack using SMT to create the necessary malicious SEH struct. Les did a les-son on translating from C to assembly, and the pointer garbage that goes along with it. BrownIvoryBearWolf did an examination of spam email headers.  Also, […]

Thursday, Oct 9th, 2014

We had a pretty good line up this time. Steven gave us a preview of his submission to Schmoocon. Dave pointed out some command injection using various stock Perl modules in Linux. vesh gave a talk on the mystery of the urlmon call “FileBearsMarkOfTheWeb” and the safety of using the WinHTTP and Wininet libraries in […]

Thursday, Oct 9th, 2014

So we were interviewed for a segment about password security. I think they missed the point a bit, but media will be media. The real crime was cutting out scriptjunkie’s cutting remarks about password futility, and pointing out that robbing me of my logbook is a good idea since it’s on me AT ALL TIMES. […]

Saturday, Sep 13th, 2014

One of SAHA!’s own was featured in an article in the UK Register. Check it out here: http://www.theregister.co.uk/2014/09/12/phone_scammer_slammer/

Thursday, Sep 11th, 2014

As pointed out in https://twitter.com/grsecurity/status/508354758940581888, there is some new fun in overwriting running executables in the upcoming Ubuntu release. It’s a kernel thing, so other distros are affected, but I’m going with the old standby Ubuntu. (thank you, sadbox for the inotify stuff) I’m just going to post findings, because they mostly speak for themselves. […]

Thursday, Jul 10th, 2014
meanwhile…on SAHA!
by Angelo Plus+

scriptjunkie presented a 0 day in a popular piece of software sam S. presented on a linux variant for Mimikatz vesh presented on process injection brownbear showed off his raspi wap platform

Thursday, Apr 10th, 2014

cruxpot talked about an open source effort, integrating the mighty scriptjunkie’s ambush project, into another platform (details forthcoming, stay tuned) vesh demoed some emulated+arm+freebsd nonsense, seriously f*** that guy he totally sucks, but if you need an arm-freebsd shellcode engine, holla