whitehat

Timur Yunusov

IRL Name: 
Timur Yunusov
Biography: 

Timur Yunusov is a Russian security researcher who is skilled in Banking systems security and author of multiple researches in field of application security including "Bruteforce of PHPSESSID", rated in Top Ten Web Hacking Techniques of 2012 by WhiteHat Security and "XML Out-Of-Band" showed at the BlackHat EU 2013. Professional application security researcher.

Pictures: 
References

Saumil Shah

IRL Name: 
Saumil Shah
Biography: 

Saumil Shah is a veteran Black Hat instructor and the founder of Net Square. Saumil is a known speaker and instructor, having regularly presented at conferences like Black Hat, RSA, CanSecWest, 44CON, Hack.lu, Hack-In-The-Box, NoSuchCon, REcon, and others. Saumil has been the co-developer of the "Exploit Laboratory" courses that he teaches all over the world. Saumil graduated with an M.S. in Computer Science from Purdue University and a B.E. in Computer Engineering from Gujarat University.

Pictures: 
References

Josh Pitts

IRL Name: 
Josh Pitts
Biography: 

Josh Pitts (@midnite_runr in Twitter) is the guy who wrote the Backdoor Factory and BDFProxy. He works as pentester and reverse engineer. He began his IT career while serving the Marines working in Signals Intelligence and IT security in the mid to late 90's.

Pictures: 
References

Richard Mitton

IRL Name: 
Richard Mitton
Biography: 

Richard Mitton is a a freelancing British software engineer and part-time beard-grower, now based in Los Angeles. He got started in coding on the 1980's triumph of minimalist engineering, the ZX Spectrum. He is the owner of the blog "codersnotes.com" which has some good technical writings and rants about anything related to computers and that he has given a good review about TempleOS.

References

geeknik

IRL Name: 
Brian Carpenter
Biography: 

Brian 'geeknik' Carpenter is a bug bounty hunter and exploit developer who has more than 15+ CVEs generated by his bug reports to PHP, OpenSSL, FIrefox, etc. He has been listed on Google's Security Hall of Fame multiple times for finding various security bugs on Google web properties.

Pictures: 
References

MaXX

IRL Name: 
Michel Kaempf
Biography: 

MaXX (Michel Kaempf ) published Vudo Malloc Tricks in Phrack 57 [29]. The paper could have been sub-titled "How to smash the Heap for fun and profit". The paper documented techniques against libcʼs native Doug Leeʼs malloc and demonstrated the generic unlink() write4 technique against the published vulnerability in sudo-1.6.1-1. MaXXʼs article went on however to document the DLmalloc allocator in great detail.

References

klog

Biography: 

klog published “The Frame Pointer Overwrite” in Phrack 55 [16]. He showed how to gain execution by using a single byte overwrite to overwrite the last byte of %esp. In some situations this can result in the calling function retrieving its saved EIP from an attacker defined location resulting in altered execution flow.

References

Crispin Cowan

IRL Name: 
Crispin Cowan
Biography: 

Crispin Cowan is the security philosopher behind StackGard, the Immunix Linux distro, SubDomain and AppArmor which are said to be respected Linux-based security technologies. He entered the security arena in 1998 at the Seventh USENIX Security Symposium with the StackGuard paper, which introduced stack canaries for buffer overflow protection, a technique now used on nearly all platforms. From 1999 to 2007 he was the founding CTO of Immunix, which was acquired by Novell in 2005 to incorporate AppArmor into SUSE Linux.

Pictures: 
References

Thomas Lopatic

IRL Name: 
Thomas Lopatic
Biography: 

Thomas Lopatic published in 1995 a stack overflow exploit for NCSA httpd (NCSA HTTPD 1.3 on WWW server) on HP-UX which was an excellent piece of work, but on an obscure OS and CPU. His posting clearly walked through the steps needed for successful exploitation and included an exploit that creates a file named ʻGOTCHAʼ in the /tmp directory.

Pictures: 
References

Christopher Truncer

IRL Name: 
Christopher Truncer
Biography: 

Christopher Truncer is a penetration tester and red teamer by profession. He is a co-founder and current developer of the Veil-Framework, a project aimed to bridge the gap between advanced red team and penetration testing toolsets, EyeWitness, Just-Metadata, Egress-Assess, and more. Chris began developing toolsets that are not only designed for the offensive community, but can enhance the defensive community's ability to defend their network as well.

References
Syndicate content