Young hacker smiling

We hack your software

zero false positives

Attacking Applications, APIs, Mobile Apps Servers, Networks, IoT Devices
ICS: Industrial Control System
SOC: Security Operations Center

Pythia and supplicant in the Oracle of Delphi

The Oracle of Code

About code as data

“Most programs are too large to understand in complete detail”. This was written in the 80’s.[1] Imagine the situation today. Hence the need for automated tools to aid in the process of analyzing code. The solution, according to Oege de Moor from Semmle, is obvious: treat code as …



Person playing chess against a robotic arm

Will machines replace us?

Automatic detection vs manual detection

More than 20 years have passed since Garry Kasparov, the chess world champion, was defeated by Deep Blue, the supercomputer designed by IBM. For many people, that event was proof that machines had managed to exceed human intelligence [1]. This believe raised many doubts and concerns regarding technological advance, that …



Infinite Monkey Theorem

The infinite monkey fuzzer

Fuzz testing using American Fuzzy Lop

In our last entry, we argued that fuzzing is both “dumb” and surprising. In this article, we’ll continue exploring the possibilities of fuzzing. This time though, we’ll focus on desktop application fuzzing, specifically UNIX applications written in C. When developing in C, you usually have to handle memory …



Service status - Terms of Use