Timur Yunusov is a Russian security researcher who is skilled in Banking systems security and author of multiple researches in field of application security including "Bruteforce of PHPSESSID", rated in Top Ten Web Hacking Techniques of 2012 by WhiteHat Security and "XML Out-Of-Band" showed at the BlackHat EU 2013. Professional application security researcher.
Saumil Shah is a veteran Black Hat instructor and the founder of Net Square. Saumil is a known speaker and instructor, having regularly presented at conferences like Black Hat, RSA, CanSecWest, 44CON, Hack.lu, Hack-In-The-Box, NoSuchCon, REcon, and others. Saumil has been the co-developer of the "Exploit Laboratory" courses that he teaches all over the world. Saumil graduated with an M.S. in Computer Science from Purdue University and a B.E. in Computer Engineering from Gujarat University.
Josh Pitts (@midnite_runr in Twitter) is the guy who wrote the Backdoor Factory and BDFProxy. He works as pentester and reverse engineer. He began his IT career while serving the Marines working in Signals Intelligence and IT security in the mid to late 90's.
Richard Mitton is a a freelancing British software engineer and part-time beard-grower, now based in Los Angeles. He got started in coding on the 1980's triumph of minimalist engineering, the ZX Spectrum. He is the owner of the blog "codersnotes.com" which has some good technical writings and rants about anything related to computers and that he has given a good review about TempleOS.
Brian 'geeknik' Carpenter is a bug bounty hunter and exploit developer who has more than 15+ CVEs generated by his bug reports to PHP, OpenSSL, FIrefox, etc. He has been listed on Google's Security Hall of Fame multiple times for finding various security bugs on Google web properties.
MaXX (Michel Kaempf ) published Vudo Malloc Tricks in Phrack 57 [29]. The paper could have been sub-titled "How to smash the Heap for fun and profit". The paper documented techniques against libcʼs native Doug Leeʼs malloc and demonstrated the generic unlink() write4 technique against the published vulnerability in sudo-1.6.1-1. MaXXʼs article went on however to document the DLmalloc allocator in great detail.
klog published “The Frame Pointer Overwrite” in Phrack 55 [16]. He showed how to gain execution by using a single byte overwrite to overwrite the last byte of %esp. In some situations this can result in the calling function retrieving its saved EIP from an attacker defined location resulting in altered execution flow.
Crispin Cowan is the security philosopher behind StackGard, the Immunix Linux distro, SubDomain and AppArmor which are said to be respected Linux-based security technologies. He entered the security arena in 1998 at the Seventh USENIX Security Symposium with the StackGuard paper, which introduced stack canaries for buffer overflow protection, a technique now used on nearly all platforms. From 1999 to 2007 he was the founding CTO of Immunix, which was acquired by Novell in 2005 to incorporate AppArmor into SUSE Linux.
Thomas Lopatic published in 1995 a stack overflow exploit for NCSA httpd (NCSA HTTPD 1.3 on WWW server) on HP-UX which was an excellent piece of work, but on an obscure OS and CPU. His posting clearly walked through the steps needed for successful exploitation and included an exploit that creates a file named ʻGOTCHAʼ in the /tmp directory.
Christopher Truncer is a penetration tester and red teamer by profession. He is a co-founder and current developer of the Veil-Framework, a project aimed to bridge the gap between advanced red team and penetration testing toolsets, EyeWitness, Just-Metadata, Egress-Assess, and more. Chris began developing toolsets that are not only designed for the offensive community, but can enhance the defensive community's ability to defend their network as well.