We have actively involved in security related research since 1996. During this time, we have identified vulnerabilities in both software and technology.
The list below highlights some of our research and findings:.
- ARP Spoofing (2000)
- AS/400 Security (2001-2002)
- Mozilla Shell Exploit (2003)
- Host Firewall Exploitation (2004)
- RFID Hacking (2005)
- Phishing Payloads (2006)
- OWASP LiveCD (2006)
- Phishing Framework Development (2007)
- Advanced phishing payloads (2008)
- SmartPhone Email Security (2009)
- Email Security Appliance Security (2009)
- Email Client Exploitation (2009)
- Hosted Email Security Research
- (2009)
- Email Security in the "Cloud" (2009)
- Onsite Social Engineering Techniques/ Impersonation (2010)
this section inlcudes focused research in the following areas (email clients, smartphone email, email appliances, email in the cloud, and managed email hosting security)
| Desktop Email Security Controls | This document compares the current security controls found within desktop clients to identify email based attacks. |
| Smartphone Email Security Comparision | This document compares popular smartphone email security protection. |
| Multi-Vendor Email Security Research | This document describes how major vendor email solutions performed to identify targeted spear-phishing attacks. |
Physical Security Research:
- Identify Camera Protection
- Measuring vistor policies/protection
- "Smash and Grab"
- Planting Bugging devices
- Recon and covert entry
Email Attack Payload Research:
- Credential Harvesting
- Browser Hacking
- 2-Factor Token Hacking
- Recon attacks
- User tracking techniques
- XSS/CRSF Attacks