I haven’t blogged or released much research in the last two years. If you care about that, which I doubt you do, then I’m sorry. I’ve been putting all of my energy into Contrast, a completely new way of finding vulnerabilities in applications. Contrast uses instrumentation to add “sensors” to your running JVM, including in [...]
Javasnoop 1.0 final released with new features, bug fixes, performance enhancements, and more.
I’m flying back from Blackhat today where I presented and officially released JavaSnoop, a tool that makes security testing thick Java clients really, really easy. We use some magically awesome instrumentation and bytecode engineering. Despite the fact that those buzzwords were in play, Blackhat thought they’d hedge their bet on me by putting the talk [...]